Nikto scan (max 60 sec) (nikto -host app.takenos.com -maxtime 60)
- Nikto v2.5.0
---------------------------------------------------------------------------
+ Multiple IPs found: 76.76.21.98, 76.76.21.123
+ Target IP: 76.76.21.98
+ Target Hostname: app.takenos.com
+ Target Port: 80
+ Start Time: 2024-04-24 12:14:48 (GMT-4)
---------------------------------------------------------------------------
+ Server: Vercel
+ /: Uncommon header 'refresh' found, with contents: 0;url=https://app.takenos.com/.
+ Root page / redirects to: https://app.takenos.com/
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ /app.takenos.tgz: IP address found in the 'x-vercel-id' header. The IP is "ad1::". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ /app.takenos.tgz: Uncommon header 'x-vercel-id' found, with contents: iad1::qjrkk-1713975296304-e69f8b3ffbe4.
+ /file/../../../../../../../../etc/: Uncommon header 'x-vercel-error' found, with contents: BAD_REQUEST.
+ /level/16: Retrieved access-control-allow-origin header: *.
+ /level/16: Uncommon header 'x-vercel-cache' found, with contents: HIT.
+ /level/16: Uncommon header 'content-disposition' found, with contents: inline; filename="404".
+ /level/16: Uncommon header 'x-matched-path' found, with contents: /404.
+ /basilix.php3?request_id[DUMMY]=../../../../etc/passwd&RequestID=DUMMY&username=sec&password=secu: Remote file retrieval. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1045
+ /index.php?module=ew_filemanager&type=admin&func=manager&pathext=../../../etc/&view=passwd: EW FileManager for PostNuke allows arbitrary file retrieval. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2047
+ /?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000:X-Frame-Options header is deprecated and has been replaced with the Content-Security-Policy HTTP header with the frame-ancestors directive instead. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
+ /?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/
+ /cgi-bin/pfdisplay.cgi?../../../../../../etc/passwd: This CGI lets attackers get a directory listing of the CGI directory. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0270
+ /jsp/jspsamp/jspexamples/viewsource.jsp?source=/../../../../../../../../../etc/passwd: The JRUN view_source.jsp allows arbitrary file retrieval from the host. Upgrade to JRUN 2.3.3 or higher, or remove all default scripts. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0540
+ Scan terminated: 5 error(s) and 14 item(s) reported on remote host
+ End Time: 2024-04-24 12:15:49 (GMT-4) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested