ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam PT0-002 All Questions

View all questions & answers for the PT0-002 exam
Go to Exam

Exam PT0-002 topic 1 question 369 discussion

Actual exam question from CompTIA's PT0-002
Question #: 369
Topic #: 1
[All PT0-002 Questions]

A company developed a new web application to allow its customers to submit loan applications. A penetration tester is reviewing the application and discovers that the application was developed in ASP and used MSSQL for its back-end database. Using the application's search form, the penetration tester inputs the following code in the search input field:

IMG SRC=vbscript:msgbox("Vulnerable_to_Attack");>originalAttribute="SRC"originalPath="vbscript;msgbox ("Vulnerable_to_Attack ");>"

When the tester checks the submit button on the search form, the web browser returns a pop-up windows that displays "Vulnerable_to_Attack." Which of the following vulnerabilities did the tester discover in the web application?

  • A. SQL injection
  • B. Command injection
  • C. Cross-site request forgery
  • D. Cross-site scripting
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by BlackSkullz at Nov. 15, 2024, 4:52 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
BlackSkullz
5 months, 3 weeks ago
Selected Answer: D
D. Cross-Site Scripting The tester inserted a script into the website that was then promptly executed in his browser
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago