# BWVS-WriteUPs
# 关于BWVS
BWVS是一个开源的web漏洞靶场.
# 漏洞
| ID | 漏洞名字 | 漏洞类型 | 漏洞位置 | 参考链接 |
|---|---|---|---|---|
| 1 | SQL联合查询注入 | SQL注入漏洞 | /user/logCheck.php 、/user/updateName.php | http://www.jianshu.com/p/399881e79b1f (opens new window) |
| 2 | SQL搜索型注入 | SQL注入漏洞 | /search.php | |
| 3 | SQL报错型注入 | SQL注入漏洞 | /messageSub.php 、/user/updateName.php | http://vinc.top/2017/04/06/ (opens new window) |
| 4 | SQL数字型注入 | SQL注入漏洞 | /bug/sql_injection/sql_num.php | http://blog.csdn.net/wizardforcel/article/details/ (opens new window) |
| 5 | SQL字符型注入 | SQL注入漏洞 | /bug/sql_injection/sql_string.php | https://www.cnblogs.com/zaki-Gui/p/5719920.html (opens new window) |
| 6 | SQL基于时间的盲注 | SQL注入漏洞 | /user/updatePass.php | |
| 7 | SQL逻辑注入 | SQL注入漏洞 | /admin/logCheack.php | http://blog.csdn.net/greyfreedom/article/details/4 (opens new window) |
| 8 | SQL搜索型注入2 | SQL注入漏洞 | /bug/sql_injection/sql_search.php | http://blog.csdn.net/cnbird2008/article/details/77 (opens new window) |
| 9 | 反射型 XSS | XSS漏洞 | /bug/xss/reflect_xss.php | http://www.freebuf.com/articles/web/42727.html (opens new window) |
| 10 | 存储型 XSS | XSS漏洞 | /bug/xss/stored_xss.php | http://www.freebuf.com/articles/web/42727.html (opens new window) |
| 11 | demo型 XSS | XSS漏洞 | /bug/xss/dom_xss.php | http://www.freebuf.com/articles/web/42727.html (opens new window) |
| 12 | demo型 XSS 2 | XSS漏洞 | /search.php | http://www.freebuf.com/articles/web/42727.html (opens new window) |
| 13 | 反射型 XSS 2 | XSS漏洞 | /search.php | http://www.freebuf.com/articles/web/42727.html (opens new window) |
| 14 | 存储型 XSS 2 | XSS漏洞 | /message.php | http://www.freebuf.com/articles/web/42727.html (opens new window) |
| 15 | 暴力破解 | 其他 | /user/login.php 、/admin/logCheack.php | |
| 16 | PHP远程命令执行漏洞 | 命令执行漏洞 | /ping.php、/bug/code_exec/exec.php | https://www.cnblogs.com/xiaozi/p/7831529.html (opens new window) |
| 17 | 本地文件包含漏洞 | 文件包含漏洞 | /Info.php | |
| 18 | 任意文件包含漏洞 | 文件包含漏洞 | /bug/file_include/any_include.php | http://blog.csdn.net/hitwangpeng/article/details/4 (opens new window) |
| 19 | 任意代码读取漏洞 | 文件包含漏洞 | /Info.php、/bug/others/file_read.php | http://blog.csdn.net/hitwangpeng/article/details/4 (opens new window) |
| 20 | 目录限制文件包含 | 文件包含漏洞 | /bug/file_include/include_1.php | |
| 21 | 修改任意用户密码漏洞 | 逻辑错误漏洞 | /user/updatePass.php | |
| 22 | Session劫持漏洞 | Session劫持漏洞 | /user/updateName.php | |
| 23 | Apache文件解析漏洞 | 上传漏洞 | /user/updeteAvatar.php | |
| 24 | 任意文件上传漏洞 | 上传漏洞 | /bug/file_upload/any_upload.php | |
| 25 | JS限制文件上传 | 上传漏洞 | /bug/file_upload/upload_js.php | |
| 26 | MIME限制文件上传 | 上传漏洞 | /bug/file_upload/upload_mime.php | |
| 27 | 扩展名限制文件上传 | 上传漏洞 | /bug/file_upload/upload_name.php | |
| 28 | 内容限制文件上传 | 上传漏洞 | /bug/file_upload/upload_content.php | |
| 29 | 任意代码执行 | 代码执行漏洞 | /bug/code_exec/code.php | |
| 30 | ssrf | SSRF漏洞 | /bug/ssrf/ssrf.php | |
| 31 | 无验证码爆破 | 其他 | /bug/others/baopo.php | http://blog.csdn.net/ls1120704214/article/details/ (opens new window) |
| 32 | 源码泄漏 | 其他 | /bug/Source_code/code1 | |
| 33 | 本地文件包含漏洞2 | 文件包含漏洞 | /bug/file_include2 | |
| 34 | php://input伪协议 | 协议 | /bug/phpinput | http://www.cnblogs.com/LittleHann/p/3665062.html (opens new window) |
| 35 | php://filter伪协议 | 协议 | /bug/xieyi/filter | http://www.cnblogs.com/LittleHann/p/3665062.html (opens new window) |
| 36 | data://伪协议 | 协议 | /bug/xieyi/data | http://www.cnblogs.com/LittleHann/p/3665062.html (opens new window) |
| 37 | phar://伪协议1 | 协议 | /bug/xieyi/phar1/include.php | http://www.cnblogs.com/LittleHann/p/3665062.html (opens new window) |
| 38 | phar://伪协议2 | 协议 | /bug/xieyi/phar2 | http://www.cnblogs.com/LittleHann/p/3665062.html (opens new window) |
| 39 | sql盲注 | SQL注入漏洞 | /bug/sql_injection/sqli_blind | |
| 40 | strcmp | PHP | /bug/php/md5.php | |
| 41 | 弱类型 | PHP | /bug/php/code.php | https://www.cnblogs.com/Mrsm1th/p/6745532.html (opens new window) |