- Nikto v2.5.0
---------------------------------------------------------------------------
+ Multiple IPs found: 104.18.14.240, 104.18.15.240, 2606:4700::6812:ff0, 2606:4700::6812:ef0
+ Target IP:          104.18.14.240
+ Target Hostname:    www.carrier411.com
+ Target Port:        80
+ Start Time:         2024-06-12 16:56:17 (GMT-4)
---------------------------------------------------------------------------
+ Server: cloudflare
+ /: IP address found in the '__cf_bm' cookie. The IP is "1.0.1.1".
+ /: IP address found in the 'set-cookie' header. The IP is "1.0.1.1". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ /: An alt-svc header was found which is advertising HTTP/3. The endpoint is: ':443'. Nikto cannot test HTTP/3 over QUIC. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/alt-svc
+ All CGI directories 'found', use '-C none' to test none
+ /splashAdmin.php: Cobalt Qube 3 admin is running. This may have multiple security problems which could not be tested remotely. See: https://seclists.org/bugtraq/2002/Jul/262
+ /tiki/tiki-install.php: Tiki 1.7.2 and previous allowed restricted Wiki pages to be viewed via a 'URL trick'. Default login/pass could be admin/admin.
+ /scripts/samples/details.idc: NT ODBC Remote Compromise. See: http://attrition.org/security/advisory/individual/rfp/rfp.9901.nt_odbc
+ /hola/admin/cms/htmltags.php?datei=./sec/data.php: hola-cms-1.2.9-10 may reveal the administrator ID and password. See: https://vulners.com/exploitdb/EDB-ID:23027
+ /inc/common.load.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1253
+ /inc/dbase.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1253
+ /scripts/tools/ctss.idc: This CGI allows remote users to view and modify SQL DB contents, server paths, docroot and more.
+ /view_source.jsp: Resin 2.1.2 view_source.jsp allows any file on the system to be viewed by using \..\ directory traversal. This script may be vulnerable.
+ /phpEventCalendar/file_upload.php: phpEventCalendar 1.1 and prior are vulnerable to file upload bug.
+ /servlet/com.unify.servletexec.UploadServlet: This servlet allows attackers to upload files to the server.
+ /cgi.cgi/.cobalt: May allow remote admin of CGI scripts.
+ /cgi-915/.cobalt: May allow remote admin of CGI scripts.
+ /mpcgi/.cobalt: May allow remote admin of CGI scripts.
+ /cgi-bin/.cobalt: May allow remote admin of CGI scripts.
+ /ows-bin/.cobalt: May allow remote admin of CGI scripts.
+ /cgi-sys/.cobalt: May allow remote admin of CGI scripts.
+ /htbin/.cobalt: May allow remote admin of CGI scripts.
+ /cgibin/.cobalt: May allow remote admin of CGI scripts.
+ /scripts/.cobalt: May allow remote admin of CGI scripts.
+ /cgi-win/.cobalt: May allow remote admin of CGI scripts.
+ /fcgi-bin/.cobalt: May allow remote admin of CGI scripts.
+ /midicart.mdb: MIDICART database is available for browsing. This should not be allowed via the web server. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1432
+ /shopping300.mdb: VP-ASP shopping cart application allows .mdb files (which may include customer data) to be downloaded via the web. These should not be available. See: https://securitytracker.com/id/1004382
+ /adm/config.php: PHP Config file may contain database IDs and passwords.
+ /cgi-914/.access: Contains authorization information.
+ /bin/.access: Contains authorization information.
+ /cgi/.access: Contains authorization information.
+ /cgi-bin/.access: Contains authorization information.
+ /cgi-sys/.access: Contains authorization information.
+ /cgi-local/.access: Contains authorization information.
+ /cgis/.access: Contains authorization information.
+ /cgi-win/.access: Contains authorization information.
+ /cgi-exe/.access: Contains authorization information.
+ /cgi-perl/.access: Contains authorization information.
+ /cgi-bin-sdb/.access: Contains authorization information.
+ /cgi-mod/.access: Contains authorization information.
+ /webcgi/%2e%2e/abyss.conf: The Abyss configuration file was successfully retrieved. Upgrade with the latest version/patches for 1.0. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0544
+ /cgi-915/%2e%2e/abyss.conf: The Abyss configuration file was successfully retrieved. Upgrade with the latest version/patches for 1.0. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0544
+ /cgi/%2e%2e/abyss.conf: The Abyss configuration file was successfully retrieved. Upgrade with the latest version/patches for 1.0. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0544
+ /mpcgi/%2e%2e/abyss.conf: The Abyss configuration file was successfully retrieved. Upgrade with the latest version/patches for 1.0. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0544
+ /cgi-bin/%2e%2e/abyss.conf: The Abyss configuration file was successfully retrieved. Upgrade with the latest version/patches for 1.0. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0544
+ /ows-bin/%2e%2e/abyss.conf: The Abyss configuration file was successfully retrieved. Upgrade with the latest version/patches for 1.0. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0544
+ /htbin/%2e%2e/abyss.conf: The Abyss configuration file was successfully retrieved. Upgrade with the latest version/patches for 1.0. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0544
+ /cgibin/%2e%2e/abyss.conf: The Abyss configuration file was successfully retrieved. Upgrade with the latest version/patches for 1.0. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0544
+ /scripts/%2e%2e/abyss.conf: The Abyss configuration file was successfully retrieved. Upgrade with the latest version/patches for 1.0. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0544
+ /cgi-home/%2e%2e/abyss.conf: The Abyss configuration file was successfully retrieved. Upgrade with the latest version/patches for 1.0. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0544
+ /cgi-mod/%2e%2e/abyss.conf: The Abyss configuration file was successfully retrieved. Upgrade with the latest version/patches for 1.0. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0544
+ /simplebbs/users/users.php: Simple BBS 1.0.6 allows user information and passwords to be viewed remotely. See: https://www.webhostingtalk.nl/bugtraq-mailing-lijst/23898-simplebbs-1-0-6-default-permissions-vuln.html
+ /typo/typo3conf/database.sql: TYPO3 SQL file found.
+ /site/typo3conf/localconf.php: TYPO3 config file found.
+ /typo3/typo3conf/localconf.php: TYPO3 config file found.
+ /ws_ftp.ini: Can contain saved passwords for FTP sites.
+ /nsn/fdir.bas:ShowVolume: You can use ShowVolume and ShowDirectory directly on the Novell server (NW5.1) to view the filesystem without having to log in.
+ /forum/admin/database/wwForum.mdb: Web Wiz Forums pre 7.5 is vulnerable to Cross-Site Scripting attacks. Default login/pass is Administrator/letmein.
+ /cgi.cgi/post32.exe|dir%20c:\\: post32 can execute arbitrary commands.
+ /webcgi/post32.exe|dir%20c:\\: post32 can execute arbitrary commands.
+ /cgi-914/post32.exe|dir%20c:\\: post32 can execute arbitrary commands.
+ /cgi-915/post32.exe|dir%20c:\\: post32 can execute arbitrary commands.
+ /cgi/post32.exe|dir%20c:\\: post32 can execute arbitrary commands.
+ /ows-bin/post32.exe|dir%20c:\\: post32 can execute arbitrary commands.
+ /cgi-local/post32.exe|dir%20c:\\: post32 can execute arbitrary commands.
+ /cgibin/post32.exe|dir%20c:\\: post32 can execute arbitrary commands.
+ /fcgi-bin/post32.exe|dir%20c:\\: post32 can execute arbitrary commands.
+ /cgi-perl/post32.exe|dir%20c:\\: post32 can execute arbitrary commands.
+ /scgi-bin/post32.exe|dir%20c:\\: post32 can execute arbitrary commands.
+ /cgi-mod/post32.exe|dir%20c:\\: post32 can execute arbitrary commands.
+ /IDSWebApp/IDSjsp/Login.jsp: Tivoli Directory Server Web Administration.
+ /webcgi/test-cgi.tcl: May echo environment variables or give directory listings.
+ /cgi-915/test-cgi.tcl: May echo environment variables or give directory listings.
+ /mpcgi/test-cgi.tcl: May echo environment variables or give directory listings.
+ /cgi-bin/test-cgi.tcl: May echo environment variables or give directory listings.
+ /cgi-sys/test-cgi.tcl: May echo environment variables or give directory listings.
+ /htbin/test-cgi.tcl: May echo environment variables or give directory listings.
+ /cgibin/test-cgi.tcl: May echo environment variables or give directory listings.
+ /scripts/test-cgi.tcl: May echo environment variables or give directory listings.
+ /cgi-win/test-cgi.tcl: May echo environment variables or give directory listings.
+ /fcgi-bin/test-cgi.tcl: May echo environment variables or give directory listings.
+ /cgi-home/test-cgi.tcl: May echo environment variables or give directory listings.
+ /scgi-bin/test-cgi.tcl: May echo environment variables or give directory listings.
+ /cgi-mod/test-cgi.tcl: May echo environment variables or give directory listings.
+ /ht_root/wwwroot/-/local/httpd$map.conf: WASD reveals the http configuration file. Upgrade to a later version and secure according to the documents on the WASD web site.
+ /local/httpd$map.conf: WASD reveals the http configuration file. Upgrade to a later version and secure according to the documents on the WASD web site.
+ /.nsf/../winnt/win.ini: This win.ini file can be downloaded.
+ /................../config.sys: PWS allows files to be read by prepending multiple '.' characters. At worst, IIS, not PWS, should be used.
+ Scan terminated: 0 error(s) and 87 item(s) reported on remote host
+ End Time:           2024-06-12 16:57:18 (GMT-4) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested