Scan report for "hrmo.gov.sl"

  1. Nikto Online
  2. Scan report for "hrmo.gov.sl"
Membership level: Free member
Summary

Found

17

Duration

1min 1sec

Date

2025-03-05

IP

208.98.35.210

Report
Nikto scan (max 60 sec) (nikto -host hrmo.gov.sl -maxtime 60)
- Nikto 
---------------------------------------------------------------------------
+ Target IP:          208.98.35.210
+ Target Hostname:    hrmo.gov.sl
+ Target Port:        80
+ Start Time:         2025-03-05 12:19:09 (GMT-8)
---------------------------------------------------------------------------
+ Server: Microsoft-IIS/10.0
+ /: Retrieved x-aspnet-version header: 4.0.30319.
+ /: Retrieved x-powered-by header: ASP.NET.
+ /: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/
+ Server may be vulnerable to https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/MS10-070 (based on numeric calculation) and thus may allow a cryptographic padding oracle. This vulnerability must be manually validated. See: http://blog.gdssecurity.com/labs/2010/9/14/automated-padding-oracle-attacks-with-padbuster.html
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ OPTIONS: Allowed HTTP Methods: OPTIONS, TRACE, GET, HEAD, POST .
+ OPTIONS: Public HTTP Methods: OPTIONS, TRACE, GET, HEAD, POST .
+ /examples/servlet/AUX: Apache Tomcat versions below 4.1 may be vulnerable to DoS by repeatedly requesting this file.
+ /login/: This might be interesting.
+ /reports/: This might be interesting.
+ /reports/rwservlet?server=repserv+report=/tmp/hacker.rdf+destype=cache+desformat=PDF: Oracle Reports rwservlet report Variable Arbitrary Report Executable Execution. See: https://www.exploit-db.com/exploits/26006
+ /reports/rwservlet: Oracle Reports. See: CWE-552
+ /reports/rwservlet/showenv: Oracle Reports. See: CWE-552
+ /reports/rwservlet/showmap: Oracle Reports. See: CWE-552
+ /reports/rwservlet/showjobs: Oracle Reports. See: CWE-552
+ /reports/rwservlet/getjobid7?server=myrep: Oracle Reports. See: CWE-552
+ /reports/rwservlet/getjobid4?server=myrep: Oracle Reports. See: CWE-552
+ /reports/rwservlet/showmap?server=myserver: Oracle Reports. See: CWE-552
+ Scan terminated: 0 error(s) and 17 item(s) reported on remote host
+ End Time:           2025-03-05 12:20:10 (GMT-8) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
Trustpilot
Online Nikto scanner - Online Nikto web server scanner | Product Hunt
Detailed report
Target
hrmo.gov.sl
Target IP
208.98.35.210
Scan method
Nikto scan (max 60 sec)
Run command
nikto -host hrmo.gov.sl -maxtime 60
Duration
Quick report
Scan date
05 Mar 2025 15:20
Copy scan report
Download report
Remove scan result
$
Check ports
API - Scan ID