ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v13 All Questions

View all questions & answers for the 312-50v13 exam
Go to Exam

Exam 312-50v13 topic 1 question 280 discussion

Actual exam question from ECCouncil's 312-50v13
Question #: 280
Topic #: 1
[All 312-50v13 Questions]

Which of the following web vulnerabilities would an attacker be attempting to exploit if they delivered the following input?

  • A. SQLi
  • B. XXE
  • C. XXS
  • D. IDOR
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by NikoTomas at March 27, 2025, 8:34 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
KnightHeart
1 month, 1 week ago
Selected Answer: B
XXE (XML External Entity Injection) Payload Structure: The input uses an XML DOCTYPE declaration to define an external entity (trustme) that references a local file (file:///etc/passwd). This is a classic XXE attack pattern. Exploitation Mechanism: When an XML parser processes this payload, it fetches the specified file (e.g., /etc/passwd on Unix systems) and embeds its content in the response. XXE allows attackers to read local files, execute remote requests, or perform server-side XML processing attacks. Relevance to Payload: The use of !ENTITY and SYSTEM directives within a DOCTYPE block is definitive of XXE exploitation.
upvoted 1 times
...
e30b32d
1 month, 1 week ago
Selected Answer: B
XML External Entity attack is that can occur when a misconfigured XML parser allows applications to parse XML input from an unreliable source.
upvoted 1 times
...
e30b32d
1 month, 1 week ago
Selected Answer: B
keyword Entity - XML External Entity Injection (XXE)
upvoted 1 times
...
NikoTomas
3 months, 1 week ago
Selected Answer: B
Correction --> B), mistakenly choose C) below
upvoted 1 times
...
NikoTomas
3 months, 1 week ago
Selected Answer: C
Answer: B) - XXE = eXternal XML Entity = injecting executable parts into XML structures (SOAP / Web Services, etc..)
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel