agentsteal

Array: http://www.hawkenterprises.org/dev/phpsearchpro/admin/index.php?search_text[] Cross Site Scripting: There is Cross Site Scripting on http://www.hawkenterprises.org/dev/phpsearchpro/admin/editlisting.php if the fields contain code. Cross Site Scripting: There is Cross Site Scripting on http://www.hawkenterprises.org/dev/phpsearchpro/entryform.php if the fields contain code. Full Path Disclosure: http://www.hawkenterprises.org/dev/phpsearchpro/generatedata.php Full Path Disclosure: http://www.hawkenterprises.org/dev/phpsearchpro/index.php Full Path Disclosure: http://www.hawkenterprises.org/dev/phpsearchpro/admin/editlisting.php Full Path Disclosure: http://www.hawkenterprises.org/dev/phpsearchpro/search.php Full Path Disclosure: http://www.hawkenterprises.org/dev/phpsearchpro/admin/search.php PHP Source Code Disclosure: http://www.hawkenterprises.org/dev/phpsearchpro/phpsearchpro.zip PHP Source Code Disclosure: http://www.hawkenterprises.org/dev/phpsearchpro/results_stub.tpl PHP Source Code Disclosure: http://www.hawkenterprises.org/dev/phpsearchpro/admin/results.tpl SQL Dump: http://www.hawkenterprises.org/dev/phpsearchpro/database.sql SQL Dump: http://www.hawkenterprises.org/dev/phpsearchpro/admin/search.php SQL Dump: http://www.hawkenterprises.org/dev/phpsearchpro/phpsearchpro.zip SQL Dump: http://www.hawkenterprises.org/dev/phpsearchpro/results.php?search_text SQL Dump: http://www.hawkenterprises.org/dev/phpsearchpro/search.php SQL Dump: There is an SQL Dump on http://www.hawkenterprises.org/dev/phpsearchpro/admin/editlisting.php if you submit the form. SQL Dump: http://www.hawkenterprises.org/dev/phpsearchpro/index.php SQL Dump: http://www.hawkenterprises.org/dev/phpsearchpro/admin/editlisting.php SQL Dump: http://www.hawkenterprises.org/dev/phpsearchpro/dbcreds.php SQL Dump: http://www.hawkenterprises.org/dev/phpsearchpro/generatedata.php SQL Dump: There is an SQL Dump on http://www.hawkenterprises.org/dev/phpsearchpro/entryform.php if you submit the form. User Enumeration: http://www.hawkenterprises.org/~gerra0 User Enumeration: http://www.hawkenterprises.org/~nobody

Cross Site Scripting: There is Cross Site Scripting if the message contains </textarea>code.

Cross Site Scripting: http://www.bjjnews.org/TUF/pagetest.php?page=1<marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.bjjnews.org/TUF/index.php?page=1<marquee><h1>vulnerable</marquee> Full Path Disclosure: http://www.bjjnews.org/TUF/library/closedb.php Full Path Disclosure: http://www.bjjnews.org/TUF/library/opendb.php Full Path Disclosure: http://www.bjjnews.org/TUF/admin/index.php Full Path Disclosure: http://www.bjjnews.org/TUF/index.php?page[] Full Path Disclosure: http://www.bjjnews.org/TUF/pagetest.php?page[] Log: http://www.bjjnews.org/TUF/images/WS_FTP.LOG Log: http://www.bjjnews.org/TUF/images/thumbs/WS_FTP.LOG User Enumeration: http://www.bjjnews.org/~bjjnews User Enumeration: http://www.bjjnews.org/~nobody User Enumeration: http://www.bjjnews.org/~root

CAPTCHA: The solution for the CAPTCHA is on the page. SQL Error: http://76.98.141.11/game/index.php?act=profile&id=1' SQL Injection: http://76.98.141.11/game/index.php?act=profile&id=16 AND 1=1 http://76.98.141.11/game/index.php?act=profile&id=16 AND 1=2

Cross Site Scripting: http://www.rent-that-home.com/basicsearch.php/"><marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.rent-that-home.com/search.php/"><marquee><h1>vulnerable</marquee> Cross Site Scripting: There is Cross Site Scripting on http://www.rent-that-home.com/forgot.php if the username contains code. Drop Down Menu: If you edit the drop down menus on http://www.rent-that-home.com/ you can submit arbitrary values. Drop Down Menu: If you edit the drop down menus on http://www.rent-that-home.com/advanced.php you can submit arbitrary values. Drop Down Menu: If you edit the drop down menus on http://www.rent-that-home.com/basic.php you can submit arbitrary values. Full Path Disclosure: http://www.rent-that-home.com/search.php?p=' Full Path Disclosure: http://www.rent-that-home.com/test.php Full Path Disclosure: http://www.rent-that-home.com/includes.php SQL Error: http://www.rent-that-home.com/search.php?page User Enumeration: http://www.rent-that-home.com/~rentwil0 User Enumeration: http://www.rent-that-home.com/~root User Enumeration: http://www.rent-that-home.com/~nobody

Array: http://www.versatilebb.com/demo/index.php?target=viewforum&select[] Cross Site Scripting: http://www.versatilebb.com/demo/index.php/"><marquee><h1>vulnerable</marquee> Cross Site Scripting: There is Cross Site Scripting if a post contains ">code. Cross Site Scripting: There is Cross Site Scripting in the profile if the fields contain ">code. Full Path Disclosure: http://www.versatilebb.com/demo/index.php?target[] Full Path Disclosure: http://www.versatilebb.com/demo/dereferrer.php?url[] URL Inclusion: http://www.versatilebb.com/demo/dereferrer.php?url=google.com User Enumeration: http://www.versatilebb.com/~root User Enumeration: http://www.versatilebb.com/~versatil

Cross Site Scripting: http://www.shopwisely.org/save.php?totalRows_newdeals=1<marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.shopwisely.org/save.php?"><marquee><h1>vulnerable</marquee> Full Path Disclosure: http://www.shopwisely.org/save.php?pageNum_newdeals[] Full Path Disclosure: http://www.shopwisely.org/~awemptyn Full Path Disclosure: http://www.shopwisely.org/save.php?totalRows_newdeals[] SQL Error: http://www.shopwisely.org/save.php?pageNum_newdeals=-1 User Enumeration: http://www.shopwisely.org/~awemptyn User Enumeration: http://www.shopwisely.org/~root

Array: http://www.independentmillwall.com/prediction/userinfo.php?user[] Includes Directory: http://www.independentmillwall.com/prediction/include/ Insecure Cookie: You shouldn't put the username in the cookie. User Enumeration: http://www.independentmillwall.com/~nobody User Enumeration: http://www.independentmillwall.com/~root

Full Path Disclosure: http://www.valid.gr/worldcalendar/include/Copy_of_calendar_variables.php Full Path Disclosure: http://www.valid.gr/worldcalendar/include/calendar_variables.php Full Path Disclosure: http://www.valid.gr/worldcalendar/include/category_masterlist.php Full Path Disclosure: http://www.valid.gr/worldcalendar/include/category_masterprint.php Full Path Disclosure: http://www.valid.gr/worldcalendar/include/category_variables.php Full Path Disclosure: http://www.valid.gr/worldcalendar/include/customer_masterlist.php Full Path Disclosure: http://www.valid.gr/worldcalendar/include/customer_masterprint.php Full Path Disclosure: http://www.valid.gr/worldcalendar/include/customer_statistics_variables.php Full Path Disclosure: http://www.valid.gr/worldcalendar/include/customer_variables.php Full Path Disclosure: http://www.valid.gr/worldcalendar/include/daily_variables.php Full Path Disclosure: http://www.valid.gr/worldcalendar/include/dbcommon.php Full Path Disclosure: http://www.valid.gr/worldcalendar/include/edit_calendar_variables.php Full Path Disclosure: http://www.valid.gr/worldcalendar/include/functions.php Full Path Disclosure: http://www.valid.gr/worldcalendar/include/globals_variables.php Full Path Disclosure: http://www.valid.gr/worldcalendar/include/howto_variables.php Full Path Disclosure: http://www.valid.gr/worldcalendar/include/monthly_variables.php Full Path Disclosure: http://www.valid.gr/worldcalendar/include/task_statistics_variables.php Full Path Disclosure: http://www.valid.gr/worldcalendar/include/users_variables.php Full Path Disclosure: http://www.valid.gr/worldcalendar/include/weekly_variables.php Full Path Disclosure: http://www.valid.gr/worldcalendar/include/yearly_variables.php Full Path Disclosure: http://www.valid.gr/worldcalendar/include/%c1%ed%f4%df%e3%f1%e1%f6%ef%20%e1%f0%fc%20dbcommon.php Includes Directory: http://www.valid.gr/worldcalendar/include/ Insecure Cookie: You shouldn't put the password in the cookie. Insecure Cookie: You shouldn't put the username in the cookie. SQL Error: http://www.valid.gr/worldcalendar/include/errors.xml User Enumeration: http://www.valid.gr/~root User Enumeration: http://www.valid.gr/~validgr

Cross Site Scripting: There is Cross Site Scripting when you log in if your username contains '>code. Cross Site Scripting: There is Cross Site Scripting when you register if your username contains '>code. Cross Site Scripting: There is Cross Site Scripting if the Expect header contains code.

Array: http://www.XXXXXXXX/faq.php?r[] Array: http://www.XXXXXXXX/register.php?r[] Array: http://www.XXXXXXXX/index.php?r[] Array: http://www.XXXXXXXX/profile.php?r[] Array: http://www.XXXXXXXX/credits.php?r[] Array: http://www.XXXXXXXX/login.php?r[] Array: http://www.XXXXXXXX/tos.php?r[] Array: http://www.XXXXXXXX/history.php?r[] Array: http://www.XXXXXXXX/advertise.php?r[] Array: http://www.XXXXXXXX/logout.php?r[] Array: http://www.XXXXXXXX/about.php?r[] Array: http://www.XXXXXXXX/contact.php?r[] Array: http://www.XXXXXXXX/surf.php?r[] Array: http://www.XXXXXXXX/privacy.php?r[] Array: http://www.XXXXXXXX/recoverpwd.php?r[] Array: http://www.XXXXXXXX/members.php?r[] Array: http://www.XXXXXXXX/messenger.php?r[] Array: http://www.XXXXXXXX/referals.php?r[] Array: http://www.XXXXXXXX/convert.php?r[] Array: http://www.XXXXXXXX/upgrade.php?r[] Array: http://www.XXXXXXXX/contest.php?r[] Array: http://www.XXXXXXXX/news.php?r[] Array: http://www.XXXXXXXX/banners.php?r[] Cross Site Scripting: http://www.XXXXXXXX/convert.php?convert=cash&poname=paypal<marquee><h1>vulnerable</marquee> Cross Site Scripting: There is Cross Site Scripting when you register if the fields contain code. Cross Site Scripting: There is Cross Site Scripting when you log in if the fields contain code. DOS: http://www.XXXXXXXX/logout.php/ DOS: http://www.XXXXXXXX/chkudtsess.php/ DOS: http://www.XXXXXXXX/chkudtsess_du.php/ DOS: http://www.XXXXXXXX/members.php/ DOS: http://www.XXXXXXXX/profile.php/ DOS: http://www.XXXXXXXX/history.php/ DOS: http://www.XXXXXXXX/messenger.php/ DOS: http://www.XXXXXXXX/referals.php/ DOS: http://www.XXXXXXXX/convert.php/ DOS: http://www.XXXXXXXX/upgrade.php/ DOS: http://www.XXXXXXXX/contest.php/ DOS: http://www.XXXXXXXX/news.php/ DOS: http://www.XXXXXXXX/banners.php/ DOS: http://www.XXXXXXXX/advertise.php/ DOS: http://www.XXXXXXXX/credits.php/ Full Path Disclosure: http://www.XXXXXXXX/viewp.php?ad=\ Full Path Disclosure: There is Full Path Disclosure on http://www.XXXXXXXX/upgrade.php if you submit the form. Insecure Cookie: You shouldn't put the username in the cookie. User Enumeration: http://www.XXXXXXXX/~buddypon User Enumeration: http://www.XXXXXXXX/~root

Cross Site Scripting: http://www.movetophp.com/test.php?<marquee><h1>vulnerable</marquee> Full Path Disclosure: http://www.movetophp.com/test.php

Cross Site Scripting: The image upload is vulnerable to Cross Site Scripting. User Enumeration: http://pics.windsorfamilyfarm.com/~nobody User Enumeration: http://pics.windsorfamilyfarm.com/~root

Admin Access: Anyone can get your username and password with the PHP Source Code Disclosure. Directory Transversal: There is Directory Transversal if the url field contains ../ Full Path Disclosure: http://scripts.loado.com/pagegrabber/contentgrabber.php Full Path Disclosure: There is Full Path Disclosure if the url field contains an invalid value. PHP Source Code Disclosure: There is PHP Source Code Disclosure if the url field contains ../file.php. User Enumeration: http://scripts.loado.com/~admin User Enumeration: http://scripts.loado.com/~ld1 User Enumeration: http://scripts.loado.com/~nobody User Enumeration: http://scripts.loado.com/~root

Array: http://www.iupgbsa.info/profile.php?user[] Cross Site Scripting: http://www.iupgbsa.info/forgotpassword.php/"><marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.iupgbsa.info/index.php/"><marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.iupgbsa.info/profile.php?user="><marquee><h1>vulnerable</marquee> User Enumeration: http://www.iupgbsa.info/~admin User Enumeration: http://www.iupgbsa.info/~iupgbsa User Enumeration: http://www.iupgbsa.info/~root