linuxpl-test / 2 years, 6 months ago | Download | Plaintext | Odpowiedz | 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
- Nikto v2.03/2.04
---------------------------------------------------------------------------
+ Target IP:          78.46.73.197
+ Target Hostname:    linuxpl.com
+ Target Port:        80
+ Start Time:         2009-11-10 17:04:56
---------------------------------------------------------------------------
+ Server: Power MOD by linuxpl.com
- Allowed HTTP Methods: GET, HEAD, POST, OPTIONS, TRACE 
+ OSVDB-877: HTTP method ('Allow' Header): 'TRACE' is typically only used for debugging and should be disabled. This message does not mean it is vulnerable to XST.
+ OSVDB-637: GET /~root - Enumeration of users is possible by requesting ~username (responds with 'Forbidden' for users, 'not found' for non-existent users).
+ OSVDB-0: GET /webmail/ : Web based mail package installed.
+ OSVDB-0: GET /index.php?module=My_eGallery : My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection.
+ OSVDB-3233: GET /phpinfo.php : Contains PHP configuration information
+ OSVDB-0: GET /pp.php?action=login : Pieterpost 0.10.6 allows anyone to access the 'virtual' account which can be used to relay/send e-mail.
+ OSVDB-877: TRACE / : TRACE option appears to allow XSS or credential theft. See http://www.cgisecurity.com/whitehat-mirror/WhitePaper_screen.pdf for details
+ OSVDB-3092: GET /forum/ : This might be interesting...
+ OSVDB-3093: GET /forum/viewtopic.php : phpBB found.
+ OSVDB-3093: GET /index.php?base=test%20 : This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: GET /index.php?IDAdmin=test : This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: GET /index.php?pymembs=admin : This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: GET /index.php?SqlQuery=test%20 : This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: GET /index.php?tampon=test%20 : This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: GET /index.php?topic=<script>alert(document.cookie)</script>%20 : This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: GET /squirrelmail/src/read_body.php : This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3268: GET /icons/ : Directory indexing is enabled: /icons
+ 3577 items checked: 18 item(s) reported on remote host
+ End Time:        2009-11-10 17:27:38 (1362 seconds)