lang:

PHP

regex:

(echo|print|print_r|exit|die|printf|vprintf).*?\s*\$_((POST|GET)\[.*?\]|SERVER\[.?(REQUEST_URI|QUERY_STRING))

description:

User controlled input direct to output, possible cross-site scripting.
tags:
xss cross-site scripting cwe-79
results