Scan report for "testphp.vulnweb.com"

Membership level: Free member
Summary

Found

5

Duration

30sec

Date

2024-11-17

IP

44.228.249.3

Report
Nikto scan (max 60 sec) (nikto -host testphp.vulnweb.com -maxtime 60)
- Nikto 
---------------------------------------------------------------------------
+ Target IP:          44.228.249.3
+ Target Hostname:    testphp.vulnweb.com
+ Target Port:        80
+ Start Time:         2024-11-17 08:59:07 (GMT-5)
---------------------------------------------------------------------------
+ Server: nginx/1.19.0
+ /: Retrieved x-powered-by header: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1.
+ /: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/
+ /clientaccesspolicy.xml contains a full wildcard entry. See: https://docs.microsoft.com/en-us/previous-versions/windows/silverlight/dotnet-windows-silverlight/cc197955(v=vs.95)?redirectedfrom=MSDN
+ /clientaccesspolicy.xml contains 12 lines which should be manually viewed for improper domains or wildcards. See: https://www.acunetix.com/vulnerabilities/web/insecure-clientaccesspolicy-xml-file/
+ /crossdomain.xml contains a full wildcard entry. See: http://jeremiahgrossman.blogspot.com/2008/05/crossdomainxml-invites-cross-site.html
+ Scan terminated: 20 error(s) and 5 item(s) reported on remote host
+ End Time:           2024-11-17 08:59:37 (GMT-5) (30 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
Detailed report
Target
testphp.vulnweb.com
Target IP
44.228.249.3
Scan method
Nikto scan (max 60 sec)
Run command
nikto -host testphp.vulnweb.com -maxtime 60
Duration
Quick report
Scan date
17 Nov 2024 08:59
Copy scan report
Download report
Remove scan result
$
Total scans
Check ports
API - Scan ID