- Nikto --------------------------------------------------------------------------- + Target IP: 167.114.163.236 + Target Hostname: 167.114.163.236 + Target Port: 80 + Start Time: 2024-08-10 00:47:19 (GMT-4) --------------------------------------------------------------------------- + Server: Apache + /: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/ + No CGI Directories found (use '-C all' to force check all possible dirs) + OPTIONS: Allowed HTTP Methods: OPTIONS, HEAD, GET, POST . + : Server banner changed from 'Apache' to 'imunify360-webshield/1.21'. + /kboard/: KBoard Forum 0.3.0 and prior have a security problem in forum_edit_post.php, forum_post.php and forum_reply.php. + /lists/admin/: PHPList pre 2.6.4 contains a number of vulnerabilities including remote administrative access, harvesting user info and more. Default login to admin interface is admin/phplist. + /splashAdmin.php: Cobalt Qube 3 admin is running. This may have multiple security problems which could not be tested remotely. See: https://seclists.org/bugtraq/2002/Jul/262 + /ssdefs/: Siteseed pre 1.4.2 has 'major' security problems. + /sshome/: Siteseed pre 1.4.2 has 'major' security problems. + /tiki/: Tiki 1.7.2 and previous allowed restricted Wiki pages to be viewed via a 'URL trick'. Default login/pass could be admin/admin. + /tiki/tiki-install.php: Tiki 1.7.2 and previous allowed restricted Wiki pages to be viewed via a 'URL trick'. Default login/pass could be admin/admin. + /scripts/samples/details.idc: NT ODBC Remote Compromise. See: http://attrition.org/security/advisory/individual/rfp/rfp.9901.nt_odbc + /_vti_bin/shtml.exe: Attackers may be able to crash FrontPage by requesting a DOS device, like shtml.exe/aux.htm -- a DoS was not attempted. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0709 + /~root/: Allowed to browse root's home directory. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1013 + /cgi-bin/wrap: Allows viewing of directories. + /forums//admin/config.php: PHP Config file may contain database IDs and passwords. + /forums//adm/config.php: PHP Config file may contain database IDs and passwords. + /forums//administrator/config.php: PHP Config file may contain database IDs and passwords. + /forums/config.php: PHP Config file may contain database IDs and passwords. + /guestbook/guestbookdat: PHP-Gastebuch 1.60 Beta reveals sensitive information about its configuration. + /guestbook/pwd: PHP-Gastebuch 1.60 Beta reveals the md5 hash of the admin password. + /help/: Help directory should not be accessible. + /hola/admin/cms/htmltags.php?datei=./sec/data.php: hola-cms-1.2.9-10 may reveal the administrator ID and password. See: https://vulners.com/exploitdb/EDB-ID:23027 + /global.inc: PHP-Survey's include file should not be available via the web. Configure the web server to ignore .inc files or change this to global.inc.php. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0614 + /inc/common.load.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1253 + /inc/config.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1253 + /inc/dbase.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1253 + /geeklog/users.php: Geeklog prior to 1.3.8-1sr2 contains a SQL injection vulnerability that lets a remote attacker reset admin password. See: https://vulners.com/osvdb/OSVDB:2703 + /gb/index.php?login=true: gBook may allow admin login by setting the value 'login' equal to 'true'. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1560 + /guestbook/admin.php: Guestbook admin page available without authentication. + /getaccess: This may be an indication that the server is running getAccess for SSO. + /cfdocs/expeval/openfile.cfm: Can use to expose the system/server path. + /tsweb/: Microsoft TSAC found. See: https://web.archive.org/web/20040910030506/http://www.dslwebserver.com/main/fr_index.html?/main/sbs-Terminal-Services-Advanced-Client-Configuration.html + /vgn/performance/TMT: Vignette CMS admin/maintenance script available. + /vgn/performance/TMT/Report: Vignette CMS admin/maintenance script available. + /vgn/performance/TMT/Report/XML: Vignette CMS admin/maintenance script available. + /vgn/performance/TMT/reset: Vignette CMS admin/maintenance script available. + /vgn/ppstats: Vignette CMS admin/maintenance script available. + /vgn/previewer: Vignette CMS admin/maintenance script available. + /vgn/record/previewer: Vignette CMS admin/maintenance script available. + /vgn/stylepreviewer: Vignette CMS admin/maintenance script available. + /vgn/vr/Deleting: Vignette CMS admin/maintenance script available. + /vgn/vr/Editing: Vignette CMS admin/maintenance script available. + /vgn/vr/Saving: Vignette CMS admin/maintenance script available. + /vgn/vr/Select: Vignette CMS admin/maintenance script available. + /scripts/iisadmin/bdir.htr: This default script shows host info, may allow file browsing and buffer a overrun in the Chunked Encoding data transfer mechanism, request /scripts/iisadmin/bdir.htr??c:\. See: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/MS02-028 + /scripts/iisadmin/ism.dll: Allows you to mount a brute force attack on passwords. + /scripts/tools/ctss.idc: This CGI allows remote users to view and modify SQL DB contents, server paths, docroot and more. + /bigconf.cgi: BigIP Configuration CGI. + /blah_badfile.shtml: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call. + /vgn/style: Vignette server may reveal system information through this file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0401 + /SiteServer/Admin/commerce/foundation/domain.asp: Displays known domains of which that server is involved. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1769 + /SiteServer/Admin/commerce/foundation/driver.asp: Displays a list of installed ODBC drivers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1769 + /SiteServer/Admin/commerce/foundation/DSN.asp: Displays all DSNs configured for selected ODBC drivers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1769 + /SiteServer/admin/findvserver.asp: Gives a list of installed Site Server components. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1769 + /SiteServer/Admin/knowledge/dsmgr/default.asp: Used to view current search catalog configurations. + /basilix/mbox-list.php3: BasiliX webmail application prior to 1.1.1 contains a XSS issue in 'message list' function/page. + /basilix/message-read.php3: BasiliX webmail application prior to 1.1.1 contains a XSS issue in 'read message' function/page. + /clusterframe.jsp: Macromedia JRun 4 build 61650 remote administration interface is vulnerable to several XSS attacks. + /IlohaMail/blank.html: IlohaMail 0.8.10 contains a XSS vulnerability. Previous versions contain other non-descript vulnerabilities. + /bb-dnbd/faxsurvey: This may allow arbitrary command execution. + /cartcart.cgi: If this is Dansie Shopping Cart 3.0.8 or earlier, it contains a backdoor to allow attackers to execute arbitrary commands. + /scripts/Carello/Carello.dll: Carello 1.3 may allow commands to be executed on the server by replacing hidden form elements. This could not be tested by Nikto. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0614 + /scripts/tools/dsnform.exe: Allows creation of ODBC Data Source. + /scripts/tools/dsnform: Allows creation of ODBC Data Source. + /SiteServer/Admin/knowledge/dsmgr/users/GroupManager.asp: Microsoft Site Server script used to create, modify, and potentially delete LDAP users and groups. See: https://securitytracker.com/id/1003420 + /SiteServer/Admin/knowledge/dsmgr/users/UserManager.asp: Microsoft Site Server used to create, modify, and potentially delete LDAP users and groups. See: https://securitytracker.com/id/1003420 + /prd.i/pgen/: Has MS Merchant Server 1.0. + /readme.eml: Remote server may be infected with the Nimda virus. + /scripts/httpodbc.dll: Possible IIS backdoor found. + /scripts/proxy/w3proxy.dll: MSProxy v1.0 installed. + /siteseed/: Siteseed pre 1.4.2 have 'major' security problems. + /pccsmysqladm/incs/dbconnect.inc: This file should not be accessible, as it contains database connectivity information. Upgrade to version 1.2.5 or higher. + /iisadmin/: Access to /iisadmin should be restricted to localhost or allowed hosts only. + /PDG_Cart/order.log: PDG Commerce log found. See: http://zodi.com/cgi-bin/shopper.cgi?display=intro&template=Intro/commerce.html + Scan terminated: 4 error(s) and 74 item(s) reported on remote host + End Time: 2024-08-10 00:48:58 (GMT-4) (99 seconds) --------------------------------------------------------------------------- + 1 host(s) tested