- Nikto v2.6.0
---------------------------------------------------------------------------
+ Your Nikto installation is out of date.
+ Target IP:          196.200.146.50
+ Target Hostname:    www.fls.usmba.ac.ma
+ Target Port:        80
+ Platform:           Linux/Unix
+ Start Time:         2026-03-11 07:50:07 (GMT-4)
---------------------------------------------------------------------------
+ Server: Apache/2.4.33 (Unix) OpenSSL/1.0.2n PHP/7.1.16 mod_perl/2.0.8-dev Perl/v5.16.3
+ No CGI Directories found (use '-C all' to force check all possible dirs). CGI tests skipped.
+ [013587] /: Suggested security header missing: referrer-policy. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
+ [013587] /: Suggested security header missing: permissions-policy. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy
+ [013587] /: Suggested security header missing: x-content-type-options. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
+ [013587] /: Suggested security header missing: strict-transport-security. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
+ [013587] /: Suggested security header missing: content-security-policy. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
+ [999965] /index: Apache mod_negotiation is enabled with MultiViews, which allows attackers to easily brute force file names. The following alternatives for 'index' were found: HTTP_NOT_FOUND.html.var, HTTP_NOT_FOUND.html.var, HTTP_NOT_FOUND.html.var, HTTP_NOT_FOUND.html.var, HTTP_NOT_FOUND.html.var, HTTP_NOT_FOUND.html.var, HTTP_NOT_FOUND.html.var, HTTP_NOT_FOUND.html.var, HTTP_NOT_FOUND.html.var, HTTP_NOT_FOUND.html.var, HTTP_NOT_FOUND.html.var, HTTP_NOT_FOUND.html.var, HTTP_NOT_FOUND.html.var, HTTP_NOT_FOUND.html.var, HTTP_NOT_FOUND.html.var, HTTP_NOT_FOUND.html.var, HTTP_NOT_FOUND.html.var, HTTP_NOT_FOUND.html.var. See: http://www.wisec.it/sectou.php?id=4698ebdc59d15,https://exchange.xforce.ibmcloud.com/vulnerabilities/8275
+ [600595] OpenSSL/1.0.2n appears to be outdated (current is at least 3.6.0). OpenSSL 1.1.1w is current for 1.x and is supported via contract, and 3.0.12 for 3.0.x, and 3.1.4 for 3.1.x.
+ [600625] PHP/7.1.16 appears to be outdated (current is at least 8.5.1).
+ [600050] Apache/2.4.33 appears to be outdated (current is at least 2.4.66).
+ [600487] mod_perl/2.0.8-dev appears to be outdated (current is at least 2.0.13).
+ [600620] Perl/v5.16.3 appears to be outdated (current is at least v5.36.3).
+ Scan terminated: 0 errors and 11 items reported on the remote host
+ End Time:           2026-03-11 07:51:08 (GMT-4) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested