- Nikto --------------------------------------------------------------------------- + Multiple IPs found: 75.2.60.5, 99.83.190.102 + Target IP: 75.2.60.5 + Target Hostname: dogandme.fr + Target Port: 80 + Start Time: 2025-07-11 13:22:44 (GMT-7) --------------------------------------------------------------------------- + Server: nginx + Root page / redirects to: https://dogandme.fr/ + No CGI Directories found (use '-C all' to force check all possible dirs) + : Server banner changed from 'nginx' to 'Netlify'. + /75.2.60.5.pem: Netlify was identified by the x-nf-request-id header. See: https://www.netlify.com/ + /: Uncommon header 'cache-status' found, with contents: "Netlify Edge"; fwd=miss. + /: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/ + /kboard/: KBoard Forum 0.3.0 and prior have a security problem in forum_edit_post.php, forum_post.php and forum_reply.php. + /lists/admin/: PHPList pre 2.6.4 contains a number of vulnerabilities including remote administrative access, harvesting user info and more. Default login to admin interface is admin/phplist. + /splashAdmin.php: Cobalt Qube 3 admin is running. This may have multiple security problems which could not be tested remotely. See: https://seclists.org/bugtraq/2002/Jul/262 + /ssdefs/: Siteseed pre 1.4.2 has 'major' security problems. + /sshome/: Siteseed pre 1.4.2 has 'major' security problems. + /tiki/: Tiki 1.7.2 and previous allowed restricted Wiki pages to be viewed via a 'URL trick'. Default login/pass could be admin/admin. + /tiki/tiki-install.php: Tiki 1.7.2 and previous allowed restricted Wiki pages to be viewed via a 'URL trick'. Default login/pass could be admin/admin. + /scripts/samples/details.idc: NT ODBC Remote Compromise. See: http://attrition.org/security/advisory/individual/rfp/rfp.9901.nt_odbc + /_vti_bin/shtml.exe: Attackers may be able to crash FrontPage by requesting a DOS device, like shtml.exe/aux.htm -- a DoS was not attempted. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0709 + /~root/: Allowed to browse root's home directory. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1013 + /cgi-bin/wrap: Allows viewing of directories. + /forums//admin/config.php: PHP Config file may contain database IDs and passwords. + /forums//adm/config.php: PHP Config file may contain database IDs and passwords. + /forums//administrator/config.php: PHP Config file may contain database IDs and passwords. + /forums/config.php: PHP Config file may contain database IDs and passwords. + /guestbook/guestbookdat: PHP-Gastebuch 1.60 Beta reveals sensitive information about its configuration. + /guestbook/pwd: PHP-Gastebuch 1.60 Beta reveals the md5 hash of the admin password. + /help/: Help directory should not be accessible. + /hola/admin/cms/htmltags.php?datei=./sec/data.php: hola-cms-1.2.9-10 may reveal the administrator ID and password. See: https://vulners.com/exploitdb/EDB-ID:23027 + /global.inc: PHP-Survey's include file should not be available via the web. Configure the web server to ignore .inc files or change this to global.inc.php. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0614 + /inc/common.load.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1253 + /inc/config.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1253 + /inc/dbase.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1253 + /geeklog/users.php: Geeklog prior to 1.3.8-1sr2 contains a SQL injection vulnerability that lets a remote attacker reset admin password. See: https://vulners.com/osvdb/OSVDB:2703 + /gb/index.php?login=true: gBook may allow admin login by setting the value 'login' equal to 'true'. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1560 + /guestbook/admin.php: Guestbook admin page available without authentication. + /getaccess: This may be an indication that the server is running getAccess for SSO. + /cfdocs/expeval/openfile.cfm: Can use to expose the system/server path. + /tsweb/: Microsoft TSAC found. See: https://web.archive.org/web/20040910030506/http://www.dslwebserver.com/main/fr_index.html?/main/sbs-Terminal-Services-Advanced-Client-Configuration.html + /vgn/performance/TMT: Vignette CMS admin/maintenance script available. + /vgn/performance/TMT/Report: Vignette CMS admin/maintenance script available. + /vgn/performance/TMT/Report/XML: Vignette CMS admin/maintenance script available. + /vgn/performance/TMT/reset: Vignette CMS admin/maintenance script available. + /vgn/ppstats: Vignette CMS admin/maintenance script available. + /vgn/previewer: Vignette CMS admin/maintenance script available. + /vgn/record/previewer: Vignette CMS admin/maintenance script available. + /vgn/stylepreviewer: Vignette CMS admin/maintenance script available. + /vgn/vr/Deleting: Vignette CMS admin/maintenance script available. + /vgn/vr/Editing: Vignette CMS admin/maintenance script available. + /vgn/vr/Saving: Vignette CMS admin/maintenance script available. + /vgn/vr/Select: Vignette CMS admin/maintenance script available. + /scripts/iisadmin/bdir.htr: This default script shows host info, may allow file browsing and buffer a overrun in the Chunked Encoding data transfer mechanism, request /scripts/iisadmin/bdir.htr??c:\. See: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/MS02-028 + /scripts/iisadmin/ism.dll: Allows you to mount a brute force attack on passwords. + /scripts/tools/ctss.idc: This CGI allows remote users to view and modify SQL DB contents, server paths, docroot and more. + /bigconf.cgi: BigIP Configuration CGI. + /blah_badfile.shtml: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call. + /vgn/style: Vignette server may reveal system information through this file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0401 + /SiteServer/Admin/commerce/foundation/domain.asp: Displays known domains of which that server is involved. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1769 + /SiteServer/Admin/commerce/foundation/driver.asp: Displays a list of installed ODBC drivers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1769 + /SiteServer/Admin/commerce/foundation/DSN.asp: Displays all DSNs configured for selected ODBC drivers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1769 + /SiteServer/admin/findvserver.asp: Gives a list of installed Site Server components. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1769 + /SiteServer/Admin/knowledge/dsmgr/default.asp: Used to view current search catalog configurations. + /basilix/mbox-list.php3: BasiliX webmail application prior to 1.1.1 contains a XSS issue in 'message list' function/page. + /basilix/message-read.php3: BasiliX webmail application prior to 1.1.1 contains a XSS issue in 'read message' function/page. + /clusterframe.jsp: Macromedia JRun 4 build 61650 remote administration interface is vulnerable to several XSS attacks. + /IlohaMail/blank.html: IlohaMail 0.8.10 contains a XSS vulnerability. Previous versions contain other non-descript vulnerabilities. + /bb-dnbd/faxsurvey: This may allow arbitrary command execution. + /cartcart.cgi: If this is Dansie Shopping Cart 3.0.8 or earlier, it contains a backdoor to allow attackers to execute arbitrary commands. + /scripts/Carello/Carello.dll: Carello 1.3 may allow commands to be executed on the server by replacing hidden form elements. This could not be tested by Nikto. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0614 + /scripts/tools/dsnform.exe: Allows creation of ODBC Data Source. + /scripts/tools/dsnform: Allows creation of ODBC Data Source. + /SiteServer/Admin/knowledge/dsmgr/users/GroupManager.asp: Microsoft Site Server script used to create, modify, and potentially delete LDAP users and groups. See: https://securitytracker.com/id/1003420 + /SiteServer/Admin/knowledge/dsmgr/users/UserManager.asp: Microsoft Site Server used to create, modify, and potentially delete LDAP users and groups. See: https://securitytracker.com/id/1003420 + /prd.i/pgen/: Has MS Merchant Server 1.0. + /readme.eml: Remote server may be infected with the Nimda virus. + /scripts/httpodbc.dll: Possible IIS backdoor found. + /scripts/proxy/w3proxy.dll: MSProxy v1.0 installed. + /siteseed/: Siteseed pre 1.4.2 have 'major' security problems. + /pccsmysqladm/incs/dbconnect.inc: This file should not be accessible, as it contains database connectivity information. Upgrade to version 1.2.5 or higher. + /iisadmin/: Access to /iisadmin should be restricted to localhost or allowed hosts only. + /PDG_Cart/order.log: PDG Commerce log found. See: http://zodi.com/cgi-bin/shopper.cgi?display=intro&template=Intro/commerce.html + /ows/restricted%2eshow: OWS may allow restricted files to be viewed by replacing a character with its encoded equivalent. + /view_source.jsp: Resin 2.1.2 view_source.jsp allows any file on the system to be viewed by using \..\ directory traversal. This script may be vulnerable. + /w-agora/: w-agora pre 4.1.4 may allow a remote user to execute arbitrary PHP scripts via URL includes in include/*.php and user/*.php files. Default account is 'admin' but password set during install. + /vider.php3: MySimpleNews may allow deleting of news items without authentication. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2320 + /officescan/cgi/cgiChkMasterPwd.exe: Trend Micro Officescan allows you to skip the login page and access some CGI programs directly. See: https://web.archive.org/web/20030607054822/http://support.microsoft.com/support/exchange/content/whitepapers/owaguide.doc + /admin-serv/config/admpw: This file contains the encrypted Netscape admin password. It should not be accessible via the web. + /cgi-bin/cgi_process: WASD reveals a lot of system information in this script. It should be removed. + /ht_root/wwwroot/-/local/httpd$map.conf: WASD reveals the http configuration file. Upgrade to a later version and secure according to the documents on the WASD web site. + /local/httpd$map.conf: WASD reveals the http configuration file. Upgrade to a later version and secure according to the documents on the WASD web site. + /tree: WASD Server reveals the entire web root structure and files via this URL. Upgrade to a later version and secure according to the documents on the WASD web site. + /................../config.sys: PWS allows files to be read by prepending multiple '.' characters. At worst, IIS, not PWS, should be used. + /..\..\..\..\..\..\temp\temp.class: Cisco ACS 2.6.x and 3.0.1 (build 40) allows authenticated remote users to retrieve any file from the system. Upgrade to the latest version. + /admentor/adminadmin.asp: Version 2.11 of AdMentor is vulnerable to SQL injection during login, in the style of: ' or =. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0308 + /My_eGallery/public/displayCategory.php: My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6795 + /postnuke/My_eGallery/public/displayCategory.php: My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6795 + /postnuke/html/My_eGallery/public/displayCategory.php: My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6795 + /modules/My_eGallery/public/displayCategory.php: My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6795 + /phpBB/My_eGallery/public/displayCategory.php: My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6795 + /forum/My_eGallery/public/displayCategory.php: My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6795 + /author.asp: May be FactoSystem CMS, which could include SQL injection problems that could not be tested remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1499 + /phpimageview.php?pic=javascript:alert(8754): PHP Image View 1.0 is vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1724 + /openautoclassifieds/friendmail.php?listing=: OpenAutoClassifieds 1.0 is vulnerable to a XSS attack. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1145 + /modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat=1&categories=%3Cimg%20src=javascript:alert(9456);%3E&parent_id=0: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). + /modules.php?letter=%22%3E%3Cimg%20src=javascript:alert(document.cookie);%3E&op=modload&name=Members_List&file=index: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). + /members.asp?SF=%22;}alert(223344);function%20x()\{v%20=%22: Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). See: OSVDB-4598 + /jigsaw/: Jigsaw server may be installed. Versions lower than 2.2.1 are vulnerable to Cross Site Scripting (XSS) in the error page. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1053 + /guestbook/?number=5&lng=%3Cscript%3Ealert(document.domain);%3C/script%3E: MPM Guestbook 1.2 and previous are vulnreable to XSS attacks. See: OSVDB-2754 + /forum_members.asp?find=%22;}alert(9823);function%20x()\{v%20=%22: Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). See: OSVDB-2946 + /anthill/login.php: Anthill bug tracking system may be installed. Versions lower than 0.1.6.1 allow XSS and may allow users to bypass login requirements. + /cfdocs/expeval/sendmail.cfm: Can be used to send email; go to the page and fill in the form. + /cgi-bin/bigconf.cgi: BigIP Configuration CGI. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1550 + /ammerum/: Ammerum pre 0.6-1 had several security issues. + /ariadne/: Ariadne pre 2.1.2 has several vulnerabilities. The default login/pass to the admin page is admin/muze. + /cbms/cbmsfoot.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/. + /cbms/changepass.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/. + /cbms/editclient.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/. + /cbms/passgen.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/. + /cbms/realinv.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/. + /cbms/usersetup.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/. + /ext.dll?MfcIsapiCommand=LoadPage&page=admin.hts%20&a0=add&a1=root&a2=%5C: This check (A) sets up the next BadBlue test (B) for possible exploit. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0595 + /db/users.dat: upb PB allows the user database to be retrieved remotely. See: OSVDB-59412 + /dcshop/auth_data/auth_user_file.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821 https://packetstormsecurity.com/files/32406/xmas.txt.html + /dcshop/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821 https://packetstormsecurity.com/files/32406/xmas.txt.html + /Admin_files/order.log: Selena Sol's WebStore 1.0 exposes order information. See: https://packetstormsecurity.com/files/32406/xmas.txt.html + /admin/cplogfile.log: DevBB 1.0 final log file is readable remotely. Upgrade to the latest version. See: http://www.mybboard.com + /admin/system_footer.php: myphpnuke version 1.8.8_final_7 reveals detailed system information. + /cfdocs/snippets/fileexists.cfm: Can be used to verify the existence of files (on the same drive info as the web tree/file). + /cgi-bin/MachineInfo: Gives out information on the machine. + /chat/!nicks.txt: WF-Chat 1.0 Beta allows retrieval of user information. See: OSVDB-59646 + /chat/!pwds.txt: WF-Chat 1.0 Beta allows retrieval of user information. See: OSVDB-59645 + /chat/data/usr: SimpleChat! 1.3 allows retrieval of user information. See: OSVDB-53304 + /config.php: PHP Config file may contain database IDs and passwords. + /config/: Configuration information may be available remotely. + /cplogfile.log: XMB Magic Lantern forum 1.6b final log file is readable remotely. Upgrade to the latest version. See: https://securitytracker.com/id/1004318,http://www.xmbforum.com + /examples/jsp/snp/anything.snp: Tomcat servlet gives lots of host information. + /cfdocs/snippets/evaluate.cfm: This allows you to enter Coldfusion code to be evaluated, or potentially create denial of service. + /cfide/Administrator/startstop.html: Can start/stop the Coldfusion server. + /cd-cgi/sscd_suncourier.pl: Sunsolve CD script may allow users to execute arbitrary commands. The script was confirmed to exist, but the test was not done. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0436 + /cgi-bin/handler: This program allows remote users to run arbitrary commands. + /cgi-bin/webdist.cgi: This program allows remote users to run arbitrary commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0039 + /ews/ews/architext_query.pl: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands. http://www.securityfocus.com/bid/2665. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0279 + /instantwebmail/message.php: Instant Web Mail is installed. Versions 0.59 and lower can allow remote users to embed POP3 commands in URLs contained in email. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0490 + /admin.php?en_log_id=0&action=config: EasyNews version 4.3 allows remote admin access. This PHP file should be protected. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5412 + /admin.php?en_log_id=0&action=users: EasyNews version 4.3 allows remote admin access. This PHP file should be protected. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5412 + /admin.php4?reg_login=1: Mon Album version 0.6.2d allows remote admin access. This should be protected. + /admin/admin_phpinfo.php4: Mon Album version 0.6.2d allows remote admin access. This should be protected. + /admin/login.php?action=insert&username=test&password=test: phpAuction may allow user admin accounts to be inserted without proper authentication. Attempt to log in with user 'test' password 'test' to verify. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0995 + /dostuff.php?action=modify_user: Blahz-DNS allows unauthorized users to edit user information. Upgrade to version 0.25 or higher. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0599,https://sourceforge.net/projects/blahzdns/ + /accounts/getuserdesc.asp: Hosting Controller 2002 administration page is available. This should be protected. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0776 + /agentadmin.php: Immobilier agentadmin.php contains multiple SQL injection vulnerabilities. See: OSVDB-35876 + /sqldump.sql: Database SQL?. + /structure.sql: Database SQL?. + /servlet/SessionManager: IBM WebSphere reconfigure servlet (user=servlet, password=manager). All default code should be removed from servers. + /ip.txt: This may be User Online version 2.0, which has a remotely accessible log file. + /level/42/exec/show%20conf: Retrieved Cisco configuration file. + /livehelp/: LiveHelp may reveal system information. + /LiveHelp/: LiveHelp may reveal system information. + /logicworks.ini: web-erp 0.1.4 and earlier allow .ini files to be read remotely. See: OSVDB-59536 + /logs/str_err.log: Bmedia error log, contains invalid login attempts which include the invalid usernames and passwords entered (could just be typos & be very close to the right entries). + /mall_log_files/order.log: EZMall2000 exposes order information. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0606 + /megabook/files/20/setup.db: Megabook guestbook configuration available remotely. See: OSVDB-3204 + /officescan/hotdownload/ofscan.ini: OfficeScan from Trend Micro allows anyone to read the ofscan.ini file, which may contain passwords. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1151 + Scan terminated: 0 error(s) and 157 item(s) reported on remote host + End Time: 2025-07-11 13:23:45 (GMT-7) (61 seconds) --------------------------------------------------------------------------- + 1 host(s) tested