Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmasmnth

A company developed a new web application to allow its customers to submit loan applications.

  1. Home
  2. CompTIA
  3. PenTest+
  4. PT0-002
  5. PT0-002 Questions
  6. CompTIA PenTest+ Certification Exam Practice Questions

A company developed a new web application to allow its customers to submit loan applications. A penetration tester is reviewing the application and discovers that the application was developed in ASP and used MSSQL for its back-end database. Using the application's search form, the penetration tester inputs the following code in the search input field:

IMG SRC=vbscript:msgbox ("Vulnerable_to_Attack") ; >originalAttribute="SRC"originalPath="vbscript;msgbox ("Vulnerable_to_Attack ") ;>"

When the tester checks the submit button on the search form, the web browser returns a pop-up windows that displays "Vulnerable_to_Attack." Which of the following vulnerabilities did the tester discover in the web application?

A.

SQL injection

B.

Command injection

C.

Cross-site request forgery

D.

Cross-site scripting

CompTIA PT0-002 View All Questions

CompTIA PT0-002 Summary

  • Vendor: CompTIA
  • Product: PT0-002
  • Update on: Sep 6, 2025
  • Questions: 464
Price: $52.5  $149.99
Buy Now PT0-002 PDF + Testing Engine Pack
Next
A penetration tester is performing an assessment of an application that allows users to upload...
Which of the following tools would be the best to use to intercept an HTTP...
Previous

Payments We Accept

Your purchase with ExamsVCE is safe and fast. Your products will be available for immediate download after your payment has been received.
The ExamsVCE website is protected by 256-bit SSL from McAfee, the leader in online security.

examsvce payment method

Contact Us

Copyright © 2013-2025 examsvce.com. All Rights Reserved
mcafee secure

TESTED 06 Sep 2025