Nikto scan (max 60 sec) (nikto -host expediagroup.com -maxtime 60)
- Nikto v2.5.0
---------------------------------------------------------------------------
+ Target IP: 162.159.129.11
+ Target Hostname: expediagroup.com
+ Target Port: 80
+ Start Time: 2024-08-19 00:52:59 (GMT-4)
---------------------------------------------------------------------------
+ Server: cloudflare
+ /83xzrpgl.old: Uncommon header 'cf-chl-out' found, with contents: Zbblb9o0SskAwfIvTbqRKDHIY2CJZRMe5fbaHnt+DDFK/4zghEfEzP5kfO/ECb+ba3UjhkXl/DpKonG2ax5Bny22Z5OA2Rm/4lRkTiRYi6YfGPuZrg9lo9gWwROvQp4wg2rEqqOz7KoLyUv1D1rP+Q==$+3q0L+f85F4el42XsHFZcQ==.
+ /83xzrpgl.old: Uncommon header 'origin-agent-cluster' found, with contents: ?1.
+ /83xzrpgl.old: Uncommon header 'accept-ch' found, with contents: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA.
+ /83xzrpgl.old: Uncommon header 'cf-mitigated' found, with contents: challenge.
+ /83xzrpgl.old: Uncommon header 'critical-ch' found, with contents: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA.
+ /83xzrpgl.old: Uncommon header 'x-content-options' found, with contents: nosniff.
+ /webcgi/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /cgi-915/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /cgi/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /cgi-bin/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /htbin/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /cgis/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /cgi-exe/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /webcgi/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-914/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /bin/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-local/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgibin/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgis/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-exe/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-bin-sdb/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-mod/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-bin/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-local/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgibin/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgis/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-bin-sdb/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-mod/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /kboard/: KBoard Forum 0.3.0 and prior have a security problem in forum_edit_post.php, forum_post.php and forum_reply.php.
+ /splashAdmin.php: Cobalt Qube 3 admin is running. This may have multiple security problems which could not be tested remotely. See: https://seclists.org/bugtraq/2002/Jul/262
+ /ssdefs/: Siteseed pre 1.4.2 has 'major' security problems.
+ /sshome/: Siteseed pre 1.4.2 has 'major' security problems.
+ /webcgi/finger: finger other users, may be other commands?.
+ /cgi-914/finger: finger other users, may be other commands?.
+ /cgi-915/finger: finger other users, may be other commands?.
+ /bin/finger: finger other users, may be other commands?.
+ /cgi/finger: finger other users, may be other commands?.
+ /cgi-bin/finger: finger other users, may be other commands?.
+ /cgi-local/finger: finger other users, may be other commands?.
+ /cgi-exe/finger: finger other users, may be other commands?.
+ /cgi-bin-sdb/finger: finger other users, may be other commands?.
+ /cgi-mod/finger: finger other users, may be other commands?.
+ /webcgi/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /cgi-914/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /bin/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /cgi/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /cgi-bin/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /cgi-local/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /htbin/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /cgi-exe/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /cgi-bin-sdb/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /forums//admin/config.php: PHP Config file may contain database IDs and passwords.
+ /forums//adm/config.php: PHP Config file may contain database IDs and passwords.
+ /forums/config.php: PHP Config file may contain database IDs and passwords.
+ /guestbook/pwd: PHP-Gastebuch 1.60 Beta reveals the md5 hash of the admin password.
+ /hola/admin/cms/htmltags.php?datei=./sec/data.php: hola-cms-1.2.9-10 may reveal the administrator ID and password. See: https://vulners.com/exploitdb/EDB-ID:23027
+ /global.inc: PHP-Survey's include file should not be available via the web. Configure the web server to ignore .inc files or change this to global.inc.php. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0614
+ /inc/common.load.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1253
+ /inc/config.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1253
+ /inc/dbase.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1253
+ /cgi-914/echo.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands.
+ /cgi-915/echo.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands.
+ /bin/echo.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands.
+ /cgi-bin/echo.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands.
+ /cgis/echo.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands.
+ /cgi-exe/echo.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands.
+ /cgi/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.
+ /cgi-bin/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.
+ /cgibin/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.
+ /cgis/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.
+ /cgi-exe/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.
+ /guestbook/admin.php: Guestbook admin page available without authentication.
+ /getaccess: This may be an indication that the server is running getAccess for SSO.
+ Scan terminated: 0 error(s) and 74 item(s) reported on remote host
+ End Time: 2024-08-19 00:54:00 (GMT-4) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested