Found
Duration
Date
IP
- Nikto v2.5.0 --------------------------------------------------------------------------- + Target IP: 5.161.180.74 + Target Hostname: wtct.com + Target Port: 80 + Start Time: 2024-07-13 14:35:13 (GMT-4) --------------------------------------------------------------------------- + Server: Apache + /: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/ + /: Retrieved x-powered-by header: PHP/5.4.16. + /: Server may leak inodes via ETags, header found with file /, inode: 225, size: 447c74a369e00, mtime: gzip. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1418 + /index: Uncommon header 'tcn' found, with contents: list. + /index: Apache mod_negotiation is enabled with MultiViews, which allows attackers to easily brute force file names. The following alternatives for 'index' were found: index.htm. See: http://www.wisec.it/sectou.php?id=4698ebdc59d15,https://exchange.xforce.ibmcloud.com/vulnerabilities/8275 + OPTIONS: Allowed HTTP Methods: GET, HEAD, POST, OPTIONS, TRACE . + /: HTTP TRACE method is active which suggests the host is vulnerable to XST. See: https://owasp.org/www-community/attacks/Cross_Site_Tracing + /webmail/blank.html: IlohaMail 0.8.10 contains an XSS vulnerability. Previous versions contain other non-descript vulnerabilities. + /webmail/: Web based mail package installed. + /mail/: This might be interesting. + /passwd: This might be interesting. + /password: This might be interesting. + /stats/: This might be interesting. + /mail/include.html: This might be interesting: has been seen in web logs from an unknown scanner. + /mail/settings.html: This might be interesting: has been seen in web logs from an unknown scanner. + /webmail/lib/emailreader_execute_on_each_page.inc.php: This might be interesting: has been seen in web logs from an unknown scanner. + /icons/: Directory indexing found. + /icons/README: Apache default file found. See: https://www.vntweb.co.uk/apache-restricting-access-to-iconsreadme/ + Scan terminated: 0 error(s) and 18 item(s) reported on remote host + End Time: 2024-07-13 14:36:14 (GMT-4) (61 seconds) --------------------------------------------------------------------------- + 1 host(s) tested