API tools faq
paste
Advertisement
Guest User

AACD

a guest
May 23rd, 2019
156
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.79 KB | None | 0 0
raw download clone embed print report
  1. [+] http://aacd.websiteseguro.com/
  2. | Interesting Entries:
  3. | - Server: Apache/2.2.22 (Debian)
  4. | - X-Powered-By: PHP/5.4.45-0+deb7u14
  5. | Found By: Headers (Passive Detection)
  6. | Confidence: 100%
  7.  
  8. [+] http://aacd.websiteseguro.com/robots.txt
  9. | Found By: Robots Txt (Aggressive Detection)
  10. | Confidence: 100%
  11.  
  12. [+] http://aacd.websiteseguro.com/xmlrpc.php
  13. | Found By: Direct Access (Aggressive Detection)
  14. | Confidence: 100%
  15. | References:
  16. | - http://codex.wordpress.org/XML-RPC_Pingback_API
  17. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
  18. | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
  19. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
  20. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
  21.  
  22. [+] http://aacd.websiteseguro.com/readme.html
  23. | Found By: Direct Access (Aggressive Detection)
  24. | Confidence: 100%
  25.  
  26. [+] Upload directory has listing enabled: http://aacd.websiteseguro.com/wp-content/uploads/
  27. | Found By: Direct Access (Aggressive Detection)
  28. | Confidence: 100%
  29.  
  30. [+] http://aacd.websiteseguro.com/wp-cron.php
  31. | Found By: Direct Access (Aggressive Detection)
  32. | Confidence: 60%
  33. | References:
  34. | - https://www.iplocation.net/defend-wordpress-from-ddos
  35. | - https://github.com/wpscanteam/wpscan/issues/1299
  36.  
  37. [+] WordPress version 4.9.10 identified (Latest, released on 2019-03-13).
  38. | Detected By: Emoji Settings (Passive Detection)
  39. | - http://aacd.websiteseguro.com/, Match: '-release.min.js?ver=4.9.10'
  40. | Confirmed By: Atom Generator (Aggressive Detection)
  41. | - http://aacd.websiteseguro.com/?feed=atom, <generator uri="https://wordpress.org/" version="4.9.10">WordPress</generator>
  42.  
  43. [i] The main theme could not be detected.
  44.  
  45. [+] Enumerating Vulnerable Plugins (via Passive Methods)
  46. [+] Checking Plugin Versions (via Passive and Aggressive Methods)
  47.  
  48. [i] Plugin(s) Identified:
  49.  
  50. [+] w3-total-cache
  51. | Location: http://aacd.websiteseguro.com/wp-content/plugins/w3-total-cache/
  52. | Last Updated: 2019-05-06T14:04:00.000Z
  53. | [!] The version is out of date, the latest version is 0.9.7.4
  54. |
  55. | Detected By: Comment Debug Info (Passive Detection)
  56. |
  57. | [!] 11 vulnerabilities identified:
  58. |
  59. | [!] Title: W3 Total Cache <= 0.9.4.1 - Authenticated Reflected Cross-Site Scripting (XSS)
  60. | Fixed in: 0.9.5
  61. | References:
  62. | - https://wpvulndb.com/vulnerabilities/8625
  63. | - https://blog.zerial.org/seguridad/vulnerabilidad-cross-site-scripting-en-wordpress-w3-total-cache/
  64. | - http://seclists.org/fulldisclosure/2016/Sep/52
  65. | - https://sumofpwn.nl/advisory/2016/reflected_cross_site_scripting_vulnerability_in_w3_total_cache_plugin.html
  66. | - http://seclists.org/fulldisclosure/2016/Nov/63
  67. |
  68. | [!] Title: W3 Total Cache <= 0.9.4.1 – Unauthenticated Security Token Bypass
  69. | Fixed in: 0.9.5
  70. | References:
  71. | - https://wpvulndb.com/vulnerabilities/8626
  72. | - https://secupress.me/blog/4-new-security-flaws-w3-total-cache-0-9-4-1/
  73. |
  74. | [!] Title: W3 Total Cache <= 0.9.4.1 – Authenticated Arbitrary File Upload
  75. | Fixed in: 0.9.5
  76. | References:
  77. | - https://wpvulndb.com/vulnerabilities/8627
  78. | - https://secupress.me/blog/4-new-security-flaws-w3-total-cache-0-9-4-1/
  79. |
  80. | [!] Title: W3 Total Cache <= 0.9.4.1 – Authenticated Arbitrary File Download
  81. | Fixed in: 0.9.5
  82. | References:
  83. | - https://wpvulndb.com/vulnerabilities/8628
  84. | - https://secupress.me/blog/4-new-security-flaws-w3-total-cache-0-9-4-1/
  85. |
  86. | [!] Title: W3 Total Cache <= 0.9.4.1 – Authenticated Arbitrary PHP Code Execution
  87. | Fixed in: 0.9.5
  88. | References:
  89. | - https://wpvulndb.com/vulnerabilities/8629
  90. | - https://secupress.me/blog/4-new-security-flaws-w3-total-cache-0-9-4-1/
  91. |
  92. | [!] Title: W3 Total Cache <= 0.9.4 - Unauthenticated Server Side Request Forgery (SSRF)
  93. | Fixed in: 0.9.5
  94. | References:
  95. | - https://wpvulndb.com/vulnerabilities/8644
  96. | - https://klikki.fi/adv/w3_total_cache.html
  97. |
  98. | [!] Title: W3 Total Cache <= 0.9.4.1 - Weak Validation of Amazon SNS Push Messages
  99. | Fixed in: 0.9.5
  100. | References:
  101. | - https://wpvulndb.com/vulnerabilities/8654
  102. | - https://sumofpwn.nl/advisory/2016/weak_validation_of_amazon_sns_push_messages_in_w3_total_cache_wordpress_plugin.html
  103. | - http://seclists.org/fulldisclosure/2016/Nov/61
  104. |
  105. | [!] Title: W3 Total Cache <= 0.9.4.1 - Information Disclosure Race Condition
  106. | Fixed in: 0.9.5
  107. | References:
  108. | - https://wpvulndb.com/vulnerabilities/8655
  109. | - https://sumofpwn.nl/advisory/2016/information_disclosure_race_condition_in_w3_total_cache_wordpress_plugin.html
  110. | - http://seclists.org/fulldisclosure/2016/Nov/62
  111. |
  112. | [!] Title: W3 Total Cache < 0.9.7.3 - Cryptographic Signature Bypass
  113. | Fixed in: 0.9.7.4
  114. | References:
  115. | - https://wpvulndb.com/vulnerabilities/9271
  116. | - https://plugins.trac.wordpress.org/changeset/2081515/w3-total-cache#file21
  117. |
  118. | [!] Title: W3 Total Cache <= 0.9.7.3 - Cross-Site Scripting (XSS)
  119. | Fixed in: 0.9.7.4
  120. | References:
  121. | - https://wpvulndb.com/vulnerabilities/9269
  122. | - https://plugins.trac.wordpress.org/changeset/2081515/w3-total-cache#file24
  123. |
  124. | [!] Title: W3 Total Cache <= 0.9.7.3 - SSRF / RCE via phar
  125. | Fixed in: 0.9.7.4
  126. | References:
  127. | - https://wpvulndb.com/vulnerabilities/9270
  128. | - https://plugins.trac.wordpress.org/changeset/2081515/w3-total-cache#file24
  129. |
  130. | Version: 0.9.4.1 (100% confidence)
  131. | Detected By: Readme - Stable Tag (Aggressive Detection)
  132. | - http://aacd.websiteseguro.com/wp-content/plugins/w3-total-cache/readme.txt
  133. | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
  134. | - http://aacd.websiteseguro.com/wp-content/plugins/w3-total-cache/readme.txt
  135.  
  136. [+] wordpress-seo
  137. | Location: http://aacd.websiteseguro.com/wp-content/plugins/wordpress-seo/
  138. | Last Updated: 2019-05-16T11:05:00.000Z
  139. | [!] The version is out of date, the latest version is 11.2.1
  140. |
  141. | Detected By: Comment (Passive Detection)
  142. |
  143. | [!] 2 vulnerabilities identified:
  144. |
  145. | [!] Title: Yoast SEO <= 5.7.1 - Authenticated Cross-Site Scripting (XSS)
  146. | Fixed in: 5.8
  147. | References:
  148. | - https://wpvulndb.com/vulnerabilities/8960
  149. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16842
  150. | - https://plugins.trac.wordpress.org/changeset/1766831/wordpress-seo/trunk/admin/google_search_console/class-gsc-table.php
  151. | - https://packetstormsecurity.com/files/145080/WordPress-Yoast-SEO-Cross-Site-Scripting.html
  152. |
  153. | [!] Title: Yoast SEO <= 9.1 - Authenticated Race Condition
  154. | Fixed in: 9.2
  155. | References:
  156. | - https://wpvulndb.com/vulnerabilities/9150
  157. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19370
  158. | - https://plugins.trac.wordpress.org/changeset/1977260/wordpress-seo
  159. | - https://www.youtube.com/watch?v=nL141dcDGCY
  160. | - http://packetstormsecurity.com/files/150497/
  161. | - https://github.com/Yoast/wordpress-seo/pull/11502/commits/3bfa70a143f5ea3ee1934f3a1703bb5caf139ffa
  162. |
  163. | Version: 3.5 (100% confidence)
  164. | Detected By: Comment (Passive Detection)
  165. | - http://aacd.websiteseguro.com/, Match: 'optimized with the Yoast SEO plugin v3.5 -'
  166. | Confirmed By:
  167. | Readme - Stable Tag (Aggressive Detection)
  168. | - http://aacd.websiteseguro.com/wp-content/plugins/wordpress-seo/readme.txt
  169. | Readme - ChangeLog Section (Aggressive Detection)
  170. | - http://aacd.websiteseguro.com/wp-content/plugins/wordpress-seo/readme.txt
  171.  
  172. [+] youtube-embed-plus
  173. | Location: http://aacd.websiteseguro.com/wp-content/plugins/youtube-embed-plus/
  174. | Last Updated: 2019-05-11T14:32:00.000Z
  175. | [!] The version is out of date, the latest version is 13.1
  176. |
  177. | Detected By: Javascript Var (Passive Detection)
  178. |
  179. | [!] 1 vulnerability identified:
  180. |
  181. | [!] Title: YouTube Embed <= 11.8.1 - Cross-Site Request Forgery (CSRF)
  182. | Fixed in: 11.8.2
  183. | References:
  184. | - https://wpvulndb.com/vulnerabilities/8873
  185. | - https://security.dxw.com/advisories/csrf-in-youtube-plugin/
  186. | - http://seclists.org/fulldisclosure/2017/Jul/64
  187. |
  188. | Version: 11.4 (100% confidence)
  189. | Detected By: Javascript Var (Passive Detection)
  190. | - http://aacd.websiteseguro.com/, Match: 'vol":"1","version":"11.4","evselector":"ifra'
  191. | Confirmed By: Readme - Stable Tag (Aggressive Detection)
  192. | - http://aacd.websiteseguro.com/wp-content/plugins/youtube-embed-plus/readme.txt
  193.  
  194. [+] Enumerating Vulnerable Themes (via Passive and Aggressive Methods)
  195. Checking Known Locations - Time: 00:00:44 <============================================================> (290 / 290) 100.00% Time: 00:00:44
  196. [+] Checking Theme Versions (via Passive and Aggressive Methods)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!