Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- + Target IP: 112.213.89.106
- + Target Hostname: phongkhamdaiphuoc.vn
- + Target Port: 80
- + Start Time: 2015-09-27 17:36:53 (GMT7)
- ---------------------------------------------------------------------------
- + Server: Apache
- + Cookie PHPSESSID created without the httponly flag
- + Retrieved x-powered-by header: PHP/5.3.29
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + Multiple index files found: /index.html, /index.php
- + /cgi-sys/guestbook.cgi: May allow attackers to execute commands as the web daemon.
- + /IlohaMail/blank.html: IlohaMail 0.8.10 contains a XSS vulnerability. Previous versions contain other non-descript vulnerabilities.
- + /cfide/Administrator/startstop.html: Can start/stop the server
- + /cgi-sys/Count.cgi: This may allow attackers to execute arbitrary commands on the server
- + OSVDB-613: /SiteScope/htdocs/SiteScope.html: The SiteScope install may allow remote users to get sensitive information about the hosts being monitored.
- + OSVDB-113: /ncl_items.html: This may allow attackers to reconfigure your Tektronix printer.
- + OSVDB-376: /manager/contextAdmin/contextAdmin.html: Tomcat may be configured to let attackers read arbitrary files. Restrict access to /admin.
- + OSVDB-376: /jk-manager/contextAdmin/contextAdmin.html: Tomcat may be configured to let attackers read arbitrary files. Restrict access to /admin.
- + OSVDB-376: /jk-status/contextAdmin/contextAdmin.html: Tomcat may be configured to let attackers read arbitrary files. Restrict access to /admin.
- + OSVDB-376: /admin/contextAdmin/contextAdmin.html: Tomcat may be configured to let attackers read arbitrary files. Restrict access to /admin.
- + OSVDB-376: /host-manager/contextAdmin/contextAdmin.html: Tomcat may be configured to let attackers read arbitrary files. Restrict access to /admin.
- + OSVDB-12184: /?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
- + OSVDB-12184: /?=PHPE9568F36-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
- + OSVDB-12184: /?=PHPE9568F34-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
- + OSVDB-12184: /?=PHPE9568F35-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
- + OSVDB-3092: /cgi-sys/entropysearch.cgi?query=asdfasdf&user=root&basehref=%2F%2Fwww.yourdomain.com/: CPanel's Entropy Search allows username enumeration via the user parameter.
- + OSVDB-3092: /cgi-sys/scgiwrap: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web
- + OSVDB-3092: /admin.html: This might be interesting...
- + OSVDB-3092: /admin/: This might be interesting...
- + OSVDB-3092: /demo/: This might be interesting...
- + OSVDB-3092: /easylog/easylog.html: This might be interesting...
- + OSVDB-3092: /log.html: This might be interesting...
- + OSVDB-3092: /logfile.html: This might be interesting...
- + OSVDB-3092: /logger.html: This might be interesting...
- + OSVDB-3092: /stats.html: This might be interesting...
- + OSVDB-3092: /test.html: This might be interesting...
- + OSVDB-3092: /wwwstats.html: This might be interesting...
- + OSVDB-3092: /img-sys/: Default image directory should not allow directory listing.
- + OSVDB-3092: /java-sys/: Default Java directory should not allow directory listing.
- + OSVDB-3093: /admin/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
- + ERROR: Error limit (20) reached for host, giving up. Last error: opening stream: can't connect (timeout): Operation now in progress
- + Scan terminated: 20 error(s) and 36 item(s) reported on remote host
- + End Time: 2015-09-27 18:06:08 (GMT7) (1755 seconds)
- ---------------------------------------------------------------------------
- + 1 host(s) tested
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement