Username: 
Password: 
Restrict session to IP 
Questions  |  score: 4  |  4.59 6.83 6.02 |  Solved By 729 People  |  136481 views  |  since Aug 27, 2010 - 21:54:28

Yourself PHP (PHP, Exploit, XSS)

Yourself PHP
Your mission is to inject <script>alert(1);</script> into this script, and make it popup a javascript alert.
The checkit() function tests your injected string for a few static solutions.
Please try to use as less characters as possible and inject the exact same string as above.

Note: This challenge is simulated, and does only check for a few static solutions.
The real XSS flaw got silently fixed, because of security concerns. Thanks noother!
So even if you inject the right code, it will not execute anymore.
Username:
© 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021, 2022, 2023 and 2024 by Gizmore and Kender