Report Affected Items LOGON

Report Affected Items Logon-PDF Download

  • Date:14 Sep 2020
  • Views:2
  • Downloads:0
  • Pages:174
  • Size:841.78 KB

Share Pdf : Report Affected Items Logon

Download and Preview : Report Affected Items Logon


Report CopyRight/DMCA Form For : Report Affected Items Logon


Transcription:

Scan of testphp vulnweb com,Scan details,Scan information. Start time 28 04 2020 06 29 55,Start url http testphp vulnweb com. Host testphp vulnweb com,Scan time 32 minutes 15 seconds. Profile Full Scan,Server information nginx 1 4 1,Responsive True. Server OS Unknown,Server technologies PHP,Threat level.
Acunetix Threat Level 3, One or more high severity type vulnerabilities have been discovered by the scanner A malicious user can exploit these. vulnerabilities and compromise the backend database and or deface your website. Alerts distribution,Total alerts found 172,Informational 27. Affected items,Web Server,Alert group Cross site scripting. Severity High, Cross site Scripting XSS refers to client side code injection attack wherein an attacker can. execute malicious scripts into a legitimate website or web application XSS occurs when a. Description, web application makes use of unvalidated or unencoded user input within the output it.
Recommendations Apply context dependent encoding and or validation to user input rendered on a page. Alert variants,URI was set to 1 ScRiPt fjC0 9307 ScRiPt. The input is reflected inside a text element,GET 404 php 1 ScRiPt fjC0 9307 ScRiPt HTTP 1 1. Referer http testphp vulnweb com,Cookie login test 2Ftest. Accept text html application xhtml xml application xml q 0 9 q 0 8. Accept Encoding gzip deflate,Host testphp vulnweb com. User Agent Mozilla 5 0 Windows NT 6 1 WOW64 rv 31 0 Gecko 20100101 Firefox 31 0. Connection Keep alive,AJAX showxml php,Alert group Cross site scripting verified.
Severity High, Cross site Scripting XSS refers to client side code injection attack wherein an attacker can. execute malicious scripts into a legitimate website or web application XSS occurs when a. Description, web application makes use of unvalidated or unencoded user input within the output it. Recommendations Apply context dependent encoding and or validation to user input rendered on a page. Alert variants, Details Cookie input mycookie was set to 3 acx ScRiPt rntK 9680 ScRiPt. GET AJAX showxml php HTTP 1 1, Referer https www google com search hl en q testing. User Agent Mozilla 5 0 Windows NT 6 1 WOW64 rv 31 0 Gecko 20100101 Firefox 31 0. Cookie login test 2Ftest mycookie 3 acx ScRiPt 20 rntK 9680 ScRiPt. Accept text html application xhtml xml application xml q 0 9 q 0 8. Accept Encoding gzip deflate,Host testphp vulnweb com.
Connection Keep alive,comment php,Alert group Cross site scripting verified. Severity High, Cross site Scripting XSS refers to client side code injection attack wherein an attacker can. execute malicious scripts into a legitimate website or web application XSS occurs when a. Description, web application makes use of unvalidated or unencoded user input within the output it. Recommendations Apply context dependent encoding and or validation to user input rendered on a page. Alert variants, URL encoded POST input name was set to your name here acx ScRiPt. JD4Q 9412 ScRiPt,POST comment php HTTP 1 1,Content Type application x www form urlencoded.
Referer http testphp vulnweb com,Cookie login test 2Ftest. Accept text html application xhtml xml application xml q 0 9 q 0 8. Accept Encoding gzip deflate,Content Length 132,Host testphp vulnweb com. User Agent Mozilla 5 0 Windows NT 6 1 WOW64 rv 31 0 Gecko 20100101 Firefox 31 0. Connection Keep alive, Submit Submit comment 555 name your 20name 20here 26 25 acx ScRiPt 20 JD4Q 9412. ScRiPt phpaction echo 20 24 POST comment,guestbook php. Alert group Cross site scripting verified,Severity High.
Cross site Scripting XSS refers to client side code injection attack wherein an attacker can. execute malicious scripts into a legitimate website or web application XSS occurs when a. Description, web application makes use of unvalidated or unencoded user input within the output it. Recommendations Apply context dependent encoding and or validation to user input rendered on a page. Alert variants, URL encoded POST input name was set to test acx ScRiPt Y6Zb 9407. POST guestbook php HTTP 1 1,Content Type application x www form urlencoded. Referer http testphp vulnweb com,Cookie login test 2Ftest. Accept text html application xhtml xml application xml q 0 9 q 0 8. Accept Encoding gzip deflate,Content Length 84,Host testphp vulnweb com.
User Agent Mozilla 5 0 Windows NT 6 1 WOW64 rv 31 0 Gecko 20100101 Firefox 31 0. Connection Keep alive, name test 26 25 acx ScRiPt 20 Y6Zb 9407 ScRiPt submit add 20message text 555. guestbook php,Alert group Cross site scripting verified. Severity High, Cross site Scripting XSS refers to client side code injection attack wherein an attacker can. execute malicious scripts into a legitimate website or web application XSS occurs when a. Description, web application makes use of unvalidated or unencoded user input within the output it. Recommendations Apply context dependent encoding and or validation to user input rendered on a page. Alert variants, Details URL encoded POST input text was set to 555 acx ScRiPt Y6Zb 9283 ScRiPt.
POST guestbook php HTTP 1 1,Content Type application x www form urlencoded. Referer http testphp vulnweb com,Cookie login test 2Ftest. Accept text html application xhtml xml application xml q 0 9 q 0 8. Accept Encoding gzip deflate,Content Length 84,Host testphp vulnweb com. User Agent Mozilla 5 0 Windows NT 6 1 WOW64 rv 31 0 Gecko 20100101 Firefox 31 0. Connection Keep alive, name test submit add 20message text 555 26 25 acx ScRiPt 20 Y6Zb 9283 ScRiPt. Alert group Cross site scripting verified,Severity High.
Cross site Scripting XSS refers to client side code injection attack wherein an attacker can. execute malicious scripts into a legitimate website or web application XSS occurs when a. Description, web application makes use of unvalidated or unencoded user input within the output it. Recommendations Apply context dependent encoding and or validation to user input rendered on a page. Alert variants, Details URL encoded GET input pp was set to 12 acx ScRiPt jZhN 9893 ScRiPt. GET hpp pp 12 26 25 acx ScRiPt 20 jZhN 9893 ScRiPt HTTP 1 1. Referer http testphp vulnweb com,Cookie login test 2Ftest. Accept text html application xhtml xml application xml q 0 9 q 0 8. Accept Encoding gzip deflate,Host testphp vulnweb com. User Agent Mozilla 5 0 Windows NT 6 1 WOW64 rv 31 0 Gecko 20100101 Firefox 31 0. Connection Keep alive,hpp params php,Alert group Cross site scripting verified.
Severity High, Cross site Scripting XSS refers to client side code injection attack wherein an attacker can. execute malicious scripts into a legitimate website or web application XSS occurs when a. Description, web application makes use of unvalidated or unencoded user input within the output it. Recommendations Apply context dependent encoding and or validation to user input rendered on a page. Alert variants, Details URL encoded GET input p was set to 1 acx ScRiPt 3dES 9569 ScRiPt. GET hpp params php p 1 26 25 acx ScRiPt 20 3dES 9569 ScRiPt HTTP 1 1. Referer http testphp vulnweb com,Cookie login test 2Ftest. Accept text html application xhtml xml application xml q 0 9 q 0 8. Accept Encoding gzip deflate,Host testphp vulnweb com.
User Agent Mozilla 5 0 Windows NT 6 1 WOW64 rv 31 0 Gecko 20100101 Firefox 31 0. Connection Keep alive,hpp params php,Alert group Cross site scripting verified. Severity High, Cross site Scripting XSS refers to client side code injection attack wherein an attacker can. execute malicious scripts into a legitimate website or web application XSS occurs when a. Description, web application makes use of unvalidated or unencoded user input within the output it. Recommendations Apply context dependent encoding and or validation to user input rendered on a page. Alert variants, Details URL encoded GET input pp was set to 12 acx ScRiPt l4SI 9722 ScRiPt. GET hpp params php p valid pp 12 26 25 acx ScRiPt 20 l4SI 9722 ScRiPt HTTP 1 1. Referer http testphp vulnweb com,Cookie login test 2Ftest.
Accept text html application xhtml xml application xml q 0 9 q 0 8. Accept Encoding gzip deflate,Host testphp vulnweb com. User Agent Mozilla 5 0 Windows NT 6 1 WOW64 rv 31 0 Gecko 20100101 Firefox 31 0. Connection Keep alive,listproducts php,Alert group Cross site scripting verified. Severity High, Cross site Scripting XSS refers to client side code injection attack wherein an attacker can. execute malicious scripts into a legitimate website or web application XSS occurs when a. Description, web application makes use of unvalidated or unencoded user input within the output it. Recommendations Apply context dependent encoding and or validation to user input rendered on a page. Alert variants, Details URL encoded GET input artist was set to 1 acx ScRiPt KM0B 9371 ScRiPt.
GET listproducts php artist 1 26 25 acx ScRiPt 20 KM0B 9371 ScRiPt HTTP 1 1. Referer http testphp vulnweb com,Cookie login test 2Ftest. Accept text html application xhtml xml application xml q 0 9 q 0 8. Accept Encoding gzip deflate,Host testphp vulnweb com. User Agent Mozilla 5 0 Windows NT 6 1 WOW64 rv 31 0 Gecko 20100101 Firefox 31 0. Connection Keep alive,listproducts php,Alert group Cross site scripting verified. Severity High, Cross site Scripting XSS refers to client side code injection attack wherein an attacker can. execute malicious scripts into a legitimate website or web application XSS occurs when a. Description, web application makes use of unvalidated or unencoded user input within the output it.
Recommendations Apply context dependent encoding and or validation to user input rendered on a page. Alert variants, Details URL encoded GET input cat was set to 1 acx ScRiPt h2AQ 9315 ScRiPt. GET listproducts php cat 1 26 25 acx ScRiPt 20 h2AQ 9315 ScRiPt HTTP 1 1. Referer http testphp vulnweb com,Cookie login test 2Ftest. Accept text html application xhtml xml application xml q 0 9 q 0 8. Accept Encoding gzip deflate,Host testphp vulnweb com. User Agent Mozilla 5 0 Windows NT 6 1 WOW64 rv 31 0 Gecko 20100101 Firefox 31 0. Connection Keep alive,search php,Alert group Cross site scripting verified. Severity High, Cross site Scripting XSS refers to client side code injection attack wherein an attacker can.
execute malicious scripts into a legitimate website or web application XSS occurs when a. Description, web application makes use of unvalidated or unencoded user input within the output it. Recommendations Apply context dependent encoding and or validation to user input rendered on a page. Alert variants, URL encoded POST input searchFor was set to the acx ScRiPt 33Yw 9328. POST search php test query HTTP 1 1,Content Type application x www form urlencoded. Referer http testphp vulnweb com,Cookie login test 2Ftest. Accept text html application xhtml xml application xml q 0 9 q 0 8. Accept Encoding gzip deflate,Content Length 70,Host testphp vulnweb com.
User Agent Mozilla 5 0 Windows NT 6 1 WOW64 rv 31 0 Gecko 20100101 Firefox 31 0. Connection Keep alive, goButton go searchFor the 26 25 acx ScRiPt 20 33Yw 9328 ScRiPt. secured newuser php,Alert group Cross site scripting verified. Severity High, Cross site Scripting XSS refers to client side code injection attack wherein an attacker can. execute malicious scripts into a legitimate website or web application XSS occurs when a. Description, web application makes use of unvalidated or unencoded user input within the output it. Recommendations Apply context dependent encoding and or validation to user input rendered on a page. Alert variants, URL encoded POST input uaddress was set to 3137 Laguna Street acx ScRiPt.
cVea 9682 ScRiPt,POST secured newuser php HTTP 1 1. Content Type application x www form urlencoded,Referer http testphp vulnweb com. Cookie login test 2Ftest, Accept text html application xhtml xml application xml q 0 9 q 0 8. Accept Encoding gzip deflate,Content Length 236,Host testphp vulnweb com. User Agent Mozilla 5 0 Windows NT 6 1 WOW64 rv 31 0 Gecko 20100101 Firefox 31 0. Connection Keep alive, signup signup uaddress 3137 20Laguna 20Street 26 25 acx ScRiPt 20 cVea 9682.
ScRiPt ucc 4111111111111111 uemail sample 40email tst upass g00dPa 24 24w0rD upass2 g0. 0dPa 24 24w0rD uphone 555 666 0606 urname ghovjnjv uuname ghovjnjv. secured newuser php,Alert group Cross site scripting verified. Severity High, Cross site Scripting XSS refers to client side code injection attack wherein an attacker can. execute malicious scripts into a legitimate website or web application XSS occurs when a. Description, web application makes use of unvalidated or unencoded user input within the output it. Recommendations Apply context dependent encoding and or validation to user input rendered on a page. Alert variants, URL encoded POST input ucc was set to 4111111111111111 acx ScRiPt. cVea 9182 ScRiPt,POST secured newuser php HTTP 1 1.
Content Type application x www form urlencoded,Referer http testphp vulnweb com. Cookie login test 2Ftest, Accept text html application xhtml xml application xml q 0 9 q 0 8. Accept Encoding gzip deflate,Content Length 236,Host testphp vulnweb com. User Agent Mozilla 5 0 Windows NT 6 1 WOW64 rv 31 0 Gecko 20100101 Firefox 31 0. Server technologies PHP Threat level Acunetix Threat Level 3 One or more high severity type vulnerabilities have been discovered by the scanner A malicious user can exploit these vulnerabilities and compromise the backend database and or deface your website Alerts distribution Total alerts found 172 High 65 Medium 71 Low 9 Informational 27 3 Affected items Web Server Alert group Cross site

Related Books