Nikto scan report for "www.annualreportservice.com"

Nikto scan (max 60 sec) (nikto -host www.annualreportservice.com -maxtime 60)

- Nikto 
---------------------------------------------------------------------------
+ Target IP:          75.127.47.9
+ Target Hostname:    www.annualreportservice.com
+ Target Port:        80
+ Start Time:         2024-09-29 15:59:11 (GMT-4)
---------------------------------------------------------------------------
+ Server: Apache/2.4.55
+ /: Cookie cart[0] created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ /: Cookie PHPSESSID created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ /: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/
+ /robots.txt: Entry '/client/' is returned a non-forbidden or redirect HTTP code (200). See: https://portswigger.net/kb/issues/00600600_robots-txt-file
+ No creds found for realm 'Authentication'
+ /robots.txt: Entry '/admin/' is returned a non-forbidden or redirect HTTP code (200). See: https://portswigger.net/kb/issues/00600600_robots-txt-file
+ /robots.txt: contains 3 entries which should be manually viewed. See: https://developer.mozilla.org/en-US/docs/Glossary/Robots.txt
+ Multiple index files found: /index.cgi, /index.php.
+ Apache/2.4.55 appears to be outdated (current is at least 2.4.58). Apache 2.2.34 is the EOL for the 2.x branch.
+ /: Web Server returns a valid response with junk HTTP methods which may cause false positives.
+ /: DEBUG HTTP verb may show server debugging information. See: https://docs.microsoft.com/en-us/visualstudio/debugger/how-to-enable-debugging-for-aspnet-applications?view=vs-2017
+ /admin/login.php?action=insert&username=test&password=test: phpAuction may allow user admin accounts to be inserted without proper authentication. Attempt to log in with user 'test' password 'test' to verify. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0995
+ /admin/: This might be interesting.
+ /client/: This might be interesting.
+ No creds found for realm '/download'
+ /test.html: This might be interesting.
+ /admin/index.php: This might be interesting: has been seen in web logs from an unknown scanner.
+ Scan terminated: 0 error(s) and 15 item(s) reported on remote host
+ End Time:           2024-09-29 16:00:12 (GMT-4) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested

Online Nikto scanner - Online Nikto web server scanner | Product Hunt

Target

www.annualreportservice.com

Scan method

Nikto scan (max 60 sec)

Run command

nikto -host www.annualreportservice.com -maxtime 60

Duration

61s

Quick report

Order full scan ($7.99/one time)

Scan date

29 Sep 2024 16:00

Copy scan report

Download report

Remove scan result

$

Check ports

Use Portscanner Tool

API - Scan ID

14a2cd4cd0181da74073f74ce02d3e4e15a71ed2

Scan report for "www.annualreportservice.com"

Summary

-

1min 1sec

2024-09-29

-

Report

Detailed report