- Nikto --------------------------------------------------------------------------- + Multiple IPs found: 3.33.186.135, 15.197.167.90 + Target IP: 3.33.186.135 + Target Hostname: wasabi.com + Target Port: 80 + Start Time: 2025-07-09 01:48:24 (GMT-7) --------------------------------------------------------------------------- + Server: Netlify + /: Netlify was identified by the x-nf-request-id header. See: https://www.netlify.com/ + Root page / redirects to: https://wasabi.com/ + No CGI Directories found (use '-C all' to force check all possible dirs) + /themes/mambosimple.php?detection=detected&sitename=: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1204 + /index.php?option=search&searchword=: Mambo Site Server 4.0 build 10 is vulnerable to Cross Site Scripting (XSS). + /emailfriend/emailnews.php?id=\": Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1204 + /emailfriend/emailfaq.php?id=\": Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1204 + /emailfriend/emailarticle.php?id=\": Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1204 + /administrator/upload.php?newbanner=1&choice=\": Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). + /administrator/popups/sectionswindow.php?type=web&link=\": Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1204 + /administrator/gallery/view.php?path=\": Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1204 + /administrator/gallery/uploadimage.php?directory=\": Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1204 + /administrator/gallery/navigation.php?directory=\": Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1204 + /administrator/gallery/gallery.php?directory=\": Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1204 + /index.php?dir=: Auto Directory Index 1.2.3 and prior are vulnerable to XSS attacks. See: https://vulners.com/osvdb/OSVDB:2820 + /https-admserv/bin/index?/: Sun ONE Web Server 6.1 administration control is vulnerable to XSS attacks. + /clusterframe.jsp?cluster=: Macromedia JRun 4.x JMC Interface, clusterframe.jsp file is vulnerable to a XSS attack. See: OSVDB-2876 + /upload.php?type=\": Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). + /soinfo.php?\">: The PHP script soinfo.php is vulnerable to Cross Site Scripting. Set expose_php = Off in php.ini. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1954 + /servlet/MsgPage?action=test&msg=: NetDetector 3.0 and below are vulnerable to Cross Site Scripting (XSS). + /servlets/MsgPage?action=badlogin&msg=: The NetDetector install is vulnerable to Cross Site Scripting (XSS) in its invalid login message. + /admin/sh_taskframes.asp?Title=Configuraci%C3%B3n%20de%20registro%20Web&URL=MasterSettings/Web_LogSettings.asp?tab1=TabsWebServer%26tab2=TabsWebLogSettings%26__SAPageKey=5742D5874845934A134CD05F39C63240&ReturnURL=\">: IIS 6 on Windows 2003 is vulnerable to Cross Site Scripting (XSS) in certain error messages. + /SiteServer/Knowledge/Default.asp?ctr=\">: Site Server is vulnerable to Cross Site Scripting. See: OSVDB-17665 + /_mem_bin/formslogin.asp?\">: Site Server is vulnerable to Cross Site Scripting. See: OSVDB-17666 + /webcalendar/week.php?eventinfo=: Webcalendar 0.9.42 and below are vulnerable to Cross Site Scripting (XSS). See: OSVDB-3624 + /user.php?op=userinfo&uname=: The PHP-Nuke installation is vulnerable to Cross Site Scripting (XSS). Update to versions above 5.3.1. + /templates/form_header.php?noticemsg=: MyMarket 1.71 is vulnerable to Cross Site Scripting (XSS). See: OSVDB-41361 + Scan terminated: 4 error(s) and 25 item(s) reported on remote host + End Time: 2025-07-09 01:49:58 (GMT-7) (94 seconds) --------------------------------------------------------------------------- + 1 host(s) tested