Total impact: 36<br/>
Affected tags: xss, csrf, id, rfe, sqli, lfi<br/>
<br/>
Variable: COOKIE.handl_url_base | Value: https://hostedvillas.com/search/%E5%A6%82%E4%BD%95%E5%85%8B%E6%9C%8D%E2%80%9C%E7%BC%BA%E5%BF%83%E7%9C%BC%E2%80%9D%E7%9A%84%E9%97%AE%E9%A2%98%E3%80%90www.richdady.cn%E3%80%91%E2%88%9A%E8%BD%ACihbwel%E6%BD%98dEM/feed/rss2<br/>
Impact: 8 | Tags: xss, csrf, id, rfe<br/>
Description: Detects halfwidth/fullwidth encoded unicode HTML breaking attempts | Tags: xss, csrf | ID: 13<br/>
Description: Detects nullbytes and other dangerous characters | Tags: id, rfe, xss | ID: 39<br/>
<br/>
Variable: COOKIE.user_agent | Value: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)<br/>
Impact: 12 | Tags: sqli, id, lfi<br/>
Description: Detects classic SQL injection probings 1/2 | Tags: sqli, id, lfi | ID: 42<br/>
Description: Detects classic SQL injection probings 2/2 | Tags: sqli, id, lfi | ID: 43<br/>
<br/>
Variable: COOKIE.handl_landing_page | Value: https://hostedvillas.com/search/%E5%A6%82%E4%BD%95%E5%85%8B%E6%9C%8D%E2%80%9C%E7%BC%BA%E5%BF%83%E7%9C%BC%E2%80%9D%E7%9A%84%E9%97%AE%E9%A2%98%E3%80%90www.richdady.cn%E3%80%91%E2%88%9A%E8%BD%ACihbwel%E6%BD%98dEM/feed/rss2<br/>
Impact: 8 | Tags: xss, csrf, id, rfe<br/>
Description: Detects halfwidth/fullwidth encoded unicode HTML breaking attempts | Tags: xss, csrf | ID: 13<br/>
Description: Detects nullbytes and other dangerous characters | Tags: id, rfe, xss | ID: 39<br/>
<br/>
Variable: COOKIE.handl_url | Value: https://hostedvillas.com/search/%E5%A6%82%E4%BD%95%E5%85%8B%E6%9C%8D%E2%80%9C%E7%BC%BA%E5%BF%83%E7%9C%BC%E2%80%9D%E7%9A%84%E9%97%AE%E9%A2%98%E3%80%90www.richdady.cn%E3%80%91%E2%88%9A%E8%BD%ACihbwel%E6%BD%98dEM/feed/rss2<br/>
Impact: 8 | Tags: xss, csrf, id, rfe<br/>
Description: Detects halfwidth/fullwidth encoded unicode HTML breaking attempts | Tags: xss, csrf | ID: 13<br/>
Description: Detects nullbytes and other dangerous characters | Tags: id, rfe, xss | ID: 39<br/>
<br/>