- Nikto --------------------------------------------------------------------------- + Multiple IPs found: 162.159.137.54, 162.159.136.54 + Target IP: 162.159.137.54 + Target Hostname: vehicleprivacyreport.com + Target Port: 80 + Start Time: 2025-07-23 23:11:21 (GMT-7) --------------------------------------------------------------------------- + Server: cloudflare + /: IP address found in the 'set-cookie' header. The IP is "1.0.1.1". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed + /: Uncommon header 'cf-edge-cache' found, with contents: no-cache. + /: An alt-svc header was found which is advertising HTTP/3. The endpoint is: ':443'. Nikto cannot test HTTP/3 over QUIC. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/alt-svc + /: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/ + /: IP address found in the '__cf_bm' cookie. The IP is "1.0.1.1". + /wp1HWNGj.Big5: Uncommon header 'critical-ch' found, with contents: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA. + /wp1HWNGj.Big5: Uncommon header 'server-timing' found, with contents: chlray;desc="964142ccba850910". + /wp1HWNGj.Big5: Uncommon header 'accept-ch' found, with contents: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA. + /wp1HWNGj.Big5: Uncommon header 'origin-agent-cluster' found, with contents: ?1. + /wp1HWNGj.Big5: Uncommon header 'cf-mitigated' found, with contents: challenge. + No CGI Directories found (use '-C all' to force check all possible dirs) + /: Uncommon header 'proxy-status' found, with contents: Cloudflare-Proxy;error=http_request_error. + /sshome/: Siteseed pre 1.4.2 has 'major' security problems. + /cgi-bin/wrap: Allows viewing of directories. + /guestbook/guestbookdat: PHP-Gastebuch 1.60 Beta reveals sensitive information about its configuration. + /inc/config.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1253 + /guestbook/admin.php: Guestbook admin page available without authentication. + /vgn/ppstats: Vignette CMS admin/maintenance script available. + /scripts/iisadmin/ism.dll: Allows you to mount a brute force attack on passwords. + /scripts/tools/dsnform.exe: Allows creation of ODBC Data Source. + /vider.php3: MySimpleNews may allow deleting of news items without authentication. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2320 + /server/: Possibly Macromedia JRun or CRX WebDAV upload. + /vgn/asp/previewer: Vignette CMS admin/maintenance script available. + /vgn/login: Vignette server may allow user enumeration based on the login attempts to this file. + /shoppingdirectory/midicart.mdb: MIDICART database is available for browsing. This should not be allowed via the web server. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1432 + /typo3conf/: This may contain sensitive TYPO3 files. + /cms/typo3conf/localconf.php: TYPO3 config file found. + /webcart/orders/: This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web. See: https://packetstormsecurity.com/files/32406/xmas.txt.html + /SiteServer/Admin/knowledge/persmbr/VsPrAuoEd.asp: Expose various LDAP service and backend configuration parameters. See: https://vulners.com/osvdb/OSVDB:17662 + /nsn/..%5Cutil/md.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server. + /..\..\..\..\..\..\temp\temp.class: Cisco ACS 2.6.x and 3.0.1 (build 40) allows authenticated remote users to retrieve any file from the system. Upgrade to the latest version. + /phpBB/My_eGallery/public/displayCategory.php: My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6795 + /phpimageview.php?pic=javascript:alert(8754): PHP Image View 1.0 is vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1724 + /modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat=1&categories=%3Cimg%20src=javascript:alert(9456);%3E&parent_id=0: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). + /modules.php?letter=%22%3E%3Cimg%20src=javascript:alert(document.cookie);%3E&op=modload&name=Members_List&file=index: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). + /members.asp?SF=%22;}alert(223344);function%20x()\{v%20=%22: Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). See: OSVDB-4598 + /anthill/login.php: Anthill bug tracking system may be installed. Versions lower than 0.1.6.1 allow XSS and may allow users to bypass login requirements. + /chat/data/usr: SimpleChat! 1.3 allows retrieval of user information. See: OSVDB-53304 + Scan terminated: 0 error(s) and 37 item(s) reported on remote host + End Time: 2025-07-23 23:12:22 (GMT-7) (61 seconds) --------------------------------------------------------------------------- + 1 host(s) tested