API tools faq
paste
Advertisement
Guest User

nikto log

a guest
Feb 12th, 2015
563
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.99 KB | None | 0 0
raw download clone embed print report
  1. + File/dir '/catalogo1/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
  2. + File/dir '/catalogo/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
  3. + File/dir '/ediciones/20000929/policiales8.html' in robots.txt returned a non-forbidden or redirect HTTP code (200)
  4. + File/dir '/ediciones/20001001/policiales2.html' in robots.txt returned a non-forbidden or redirect HTTP code (200)
  5. + File/dir '/ediciones/20000924/policiales2.html' in robots.txt returned a non-forbidden or redirect HTTP code (200)
  6. + File/dir '/edis/20101110/policiales15.htm' in robots.txt returned a non-forbidden or redirect HTTP code (200)
  7. + File/dir '/edis/20101111/policiales18.htm' in robots.txt returned a non-forbidden or redirect HTTP code (200)
  8. + File/dir '/edis/20101119/policiales21.htm' in robots.txt returned a non-forbidden or redirect HTTP code (200)
  9. + File/dir '/edis/20080714/20080714232937.htm' in robots.txt returned a non-forbidden or redirect HTTP code (200)
  10. + File/dir '/e-propiedades/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
  11. + File/dir '/edis/20101103/policiales12.htm' in robots.txt returned a non-forbidden or redirect HTTP code (200)
  12. + File/dir '/edis/20130614/Un-profesor-denuncia-decano-Ingenieria-acoso-laboral-laciudad8.htm' in robots.txt returned a non-forbidden or redirect HTTP code (200)
  13. + "robots.txt" contains 34 entries which should be manually viewed.
  14. + Multiple index files found: index.jhtml, index.shtml
  15. + OSVDB-5737: WebLogic may reveal its internal IP or hostname in the Location header. The value is "http://www.eldia.com.".
  16. + Uncommon header 'x-cascade' found, with contents: pass
  17. + DEBUG HTTP verb may show server debugging information. See http://msdn.microsoft.com/en-us/library/e8z01xdh%28VS.80%29.aspx for details.
  18. + /kboard/: KBoard Forum 0.3.0 and prior have a security problem in forum_edit_post.php, forum_post.php and forum_reply.php
  19. + /lists/admin/: PHPList pre 2.6.4 contains a number of vulnerabilities including remote administrative access, harvesting user info and more. Default login to admin interface is admin/phplist
  20. + /ssdefs/: Siteseed pre 1.4.2 has 'major' security problems.
  21. + /sshome/: Siteseed pre 1.4.2 has 'major' security problems.
  22. + /tiki/: Tiki 1.7.2 and previous allowed restricted Wiki pages to be viewed via a 'URL trick'. Default login/pass could be admin/admin
  23. + OSVDB-396: /_vti_bin/shtml.exe: Attackers may be able to crash FrontPage by requesting a DOS device, like shtml.exe/aux.htm -- a DoS was not attempted.
  24. + OSVDB-637: /~root/: Allowed to browse root's home directory.
  25. + /cgi-bin/wrap: comes with IRIX 6.2; allows to view directories
  26. + /guestbook/guestbookdat: PHP-Gastebuch 1.60 Beta reveals sensitive information about its configuration.
  27. + /guestbook/pwd: PHP-Gastebuch 1.60 Beta reveals the md5 hash of the admin password.
  28. + /help/: Help directory should not be accessible
  29. + /getaccess: This may be an indication that the server is running getAccess for SSO
  30. + /tsweb/: Microsoft TSAC found. http://www.dslwebserver.com/main/fr_index.html?/main/sbs-Terminal-Services-Advanced-Client-Configuration.html
  31. + /vgn/performance/TMT: Vignette CMS admin/maintenance script available.
  32. + /vgn/performance/TMT/Report: Vignette CMS admin/maintenance script available.
  33. + /vgn/performance/TMT/Report/XML: Vignette CMS admin/maintenance script available.
  34. + /vgn/performance/TMT/reset: Vignette CMS admin/maintenance script available.
  35. + /vgn/ppstats: Vignette CMS admin/maintenance script available.
  36. + /vgn/previewer: Vignette CMS admin/maintenance script available.
  37. + /vgn/record/previewer: Vignette CMS admin/maintenance script available.
  38. + /vgn/stylepreviewer: Vignette CMS admin/maintenance script available.
  39. + /vgn/vr/Deleting: Vignette CMS admin/maintenance script available.
  40. + /vgn/vr/Editing: Vignette CMS admin/maintenance script available.
  41. + /vgn/vr/Saving: Vignette CMS admin/maintenance script available.
  42. + /vgn/vr/Select: Vignette CMS admin/maintenance script available.
  43. + /blah_badfile.shtml: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call.
  44. + OSVDB-4910: /vgn/style: Vignette server may reveal system information through this file.
  45. + /basilix/mbox-list.php3: BasiliX webmail application prior to 1.1.1 contains a XSS issue in 'message list' function/page
  46. + /basilix/message-read.php3: BasiliX webmail application prior to 1.1.1 contains a XSS issue in 'read message' function/page
  47. + /IlohaMail/blank.html: IlohaMail 0.8.10 contains a XSS vulnerability. Previous versions contain other non-descript vulnerabilities.
  48. + /bb-dnbd/faxsurvey: This may allow arbitrary command execution.
  49. + /scripts/tools/dsnform: Allows creation of ODBC Data Source
  50. + /prd.i/pgen/: Has MS Merchant Server 1.0
  51. + /scripts/httpodbc.dll: Possible IIS backdoor found.
  52. + /SiteServer/admin/: Site Server components admin. Default account may be 'LDAP_Anonymous', pass is 'LdapPassword_1'. see http://www.wiretrip.net/rfp/p/doc.asp/i1/d69.htm
  53. + /siteseed/: Siteseed pre 1.4.2 has 'major' security problems.
  54. + /iisadmin/: Access to /iisadmin should be restricted to localhost or allowed hosts only.
  55. + /PDG_Cart/oder.log: Shopping cart software log
  56. + /ows/restricted%2eshow: OWS may allow restricted files to be viewed by replacing a character with its encoded equivalent.
  57. + /WEB-INF./web.xml: Multiple implementations of j2ee servlet containers allow files to be retrieved from WEB-INF by appending a '.' to the directory name. Products include Sybase EA Service, Oracle Containers, Orion, JRun, HPAS, Pramati and others. See http://www.westpoint.l
  58. + /w-agora/: w-agora pre 4.1.4 may allow a remote user to execute arbitrary PHP scripts via URL includes in include/*.php and user/*.php files. Default account is 'admin' but password set during install.
  59. + /pbserver/pbserver.dll: This may contain a buffer overflow. http://www.microsoft.com/technet/security/bulletin/http://www.microsoft.com/technet/security/bulletin/ms00-094.asp.asp
  60. + /servlet/com.unify.servletexec.UploadServlet: This servlet allows attackers to upload files to the server.
  61. + /scripts/cpshost.dll: Posting acceptor possibly allows you to upload files
  62. + /basilix/compose-attach.php3: BasiliX webmail application prior to 1.1.1 contains a non-descript security vulnerability in compose-attach.php3 related to attachment uploads
  63. + /server/: If port 8000, Macromedia JRun 4 build 61650 remote administration interface is vulnerable to several XSS attacks.
  64. + /vgn/ac/data: Vignette CMS admin/maintenance script available.
  65. + /vgn/ac/delete: Vignette CMS admin/maintenance script available.
  66. + /vgn/ac/edit: Vignette CMS admin/maintenance script available.
  67. + /vgn/ac/esave: Vignette CMS admin/maintenance script available.
  68. + /vgn/ac/fsave: Vignette CMS admin/maintenance script available.
  69. + /vgn/ac/index: Vignette CMS admin/maintenance script available.
  70. + /vgn/asp/MetaDataUpdate: Vignette CMS admin/maintenance script available.
  71. + /vgn/asp/previewer: Vignette CMS admin/maintenance script available.
  72. + /vgn/asp/status: Vignette CMS admin/maintenance script available.
  73. + /vgn/asp/style: Vignette CMS admin/maintenance script available.
  74. + /vgn/errors: Vignette CMS admin/maintenance script available.
  75. + /vgn/jsp/controller: Vignette CMS admin/maintenance script available.
  76. + /vgn/jsp/errorpage: Vignette CMS admin/maintenance script available.
  77. + /vgn/jsp/initialize: Vignette CMS admin/maintenance script available.
  78. + /vgn/jsp/jspstatus: Vignette CMS admin/maintenance script available.
  79. + /vgn/jsp/jspstatus56: Vignette CMS admin/maintenance script available.
  80. + /vgn/jsp/metadataupdate: Vignette CMS admin/maintenance script available.
  81. + /vgn/jsp/previewer: Vignette CMS admin/maintenance script available.
  82. + /vgn/jsp/style: Vignette CMS admin/maintenance script available.
  83. + /vgn/legacy/edit: Vignette CMS admin/maintenance script available.
  84. + /vgn/login: Vignette server may allow user enumeration based on the login attempts to this file.
  85. + /fpdb/shop.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
  86. + OSVDB-15971: /MIDICART/midicart.mdb: MIDICART database is available for browsing. This should not be allowed via the web server.
  87. + /news/news.mdb: Web Wiz Site News release v3.06 admin password database is available and unencrypted.
  88. + OSVDB-15971: /shoppingdirectory/midicart.mdb: MIDICART database is available for browsing. This should not be allowed via the web server.
  89. + OSVDB-4398: /database/db2000.mdb: Max Web Portal database is available remotely. It should be moved from the default location to a directory outside the web root.
  90. + OSVDB-6467: /pw/storemgr.pw: Encrypted ID/Pass for Mercantec's SoftCart, http://www.mercantec.com/, see http://www.mindsec.com/advisories/post2.txt for more information.
  91. + /servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call.
  92. + /typo3conf/: This may contain sensitive Typo3 files.
  93. + /typo3conf/database.sql: Typo3 SQL file found.
  94. + OSVDB-53386: /vchat/msg.txt: VChat allows user information to be retrieved.
  95. + OSVDB-4907: /vgn/license: Vignette server license file found.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!