fakerrr

icon indicating a website link http://www.nogamenolife.online/

Results 4 issues of fakerrr

请教下在同步信息的里面,rr取反时间戳取出来的不是负数吗?

18 comment

![image](https://cloud.githubusercontent.com/assets/15666994/13916761/753a091a-ef97-11e5-8923-fcec3a6638ab.png) 我~int(time.time())取到的是-的时间戳,但是我现在看到我这边网页上提交的payload里是rr: 1731091250这个,请问这1731091250怎么来的?

question

Stored-XSS Vulnerability Found in System setting -> site setting-> POSTdata:site_logo

1、Login the backstage http://127.0.0.1/admin/index.php 2、Go to System setting->site setting ![image](https://user-images.githubusercontent.com/15666994/50943855-05cfd780-14c9-11e9-8e00-b40a1f142b1e.png) 3、add the following payload to the third textbox,and submit。 payload:site_logo=images/logo.gif" onmouseover="alert(1) ![image](https://user-images.githubusercontent.com/15666994/50943823-e46eeb80-14c8-11e9-979f-63470e4fb630.png) And move your mouse on the third textbook...

Stored-XSS Vulnerability Found in System setting -> site setting-> POSTdata:site_domain

1、Login the backstage http://127.0.0.1/admin/index.php 2、Go to System setting->site setting ![image](https://user-images.githubusercontent.com/15666994/50943601-1cc1fa00-14c8-11e9-90fd-5deea9ac430d.png) 3、add the following payload to the second textbox,and submit。 payload:site_domain=http://www.dilicms.com/" onmouseover="alert(1) ![image](https://user-images.githubusercontent.com/15666994/50943449-7ece2f80-14c7-11e9-8959-0024fa14fed8.png) And move your mouse on the second textbook...

Stored-XSS Vulnerability Found in System setting -> site setting-> POSTdata:site_name

1、Login the backstage http://127.0.0.1/admin/index.php 2、Go to System setting->site setting ![image](https://user-images.githubusercontent.com/15666994/50942525-f4380100-14c3-11e9-9075-70a4294ceaba.png) 3、add the following payload to the first textbox,and submit。 payload:site_name=DiliCMS'"/>alert(1) ![image](https://user-images.githubusercontent.com/15666994/50942636-5133b700-14c4-11e9-8684-77976343944e.png) And then Stored-XSS triggered