Guest User

AACD

a guest
May 23rd, 2019
118
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. [+] http://aacd.websiteseguro.com/
  2. | Interesting Entries:
  3. | - Server: Apache/2.2.22 (Debian)
  4. | - X-Powered-By: PHP/5.4.45-0+deb7u14
  5. | Found By: Headers (Passive Detection)
  6. | Confidence: 100%
  7.  
  8. [+] http://aacd.websiteseguro.com/robots.txt
  9. | Found By: Robots Txt (Aggressive Detection)
  10. | Confidence: 100%
  11.  
  12. [+] http://aacd.websiteseguro.com/xmlrpc.php
  13. | Found By: Direct Access (Aggressive Detection)
  14. | Confidence: 100%
  15. | References:
  16. | - http://codex.wordpress.org/XML-RPC_Pingback_API
  17. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
  18. | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
  19. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
  20. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
  21.  
  22. [+] http://aacd.websiteseguro.com/readme.html
  23. | Found By: Direct Access (Aggressive Detection)
  24. | Confidence: 100%
  25.  
  26. [+] Upload directory has listing enabled: http://aacd.websiteseguro.com/wp-content/uploads/
  27. | Found By: Direct Access (Aggressive Detection)
  28. | Confidence: 100%
  29.  
  30. [+] http://aacd.websiteseguro.com/wp-cron.php
  31. | Found By: Direct Access (Aggressive Detection)
  32. | Confidence: 60%
  33. | References:
  34. | - https://www.iplocation.net/defend-wordpress-from-ddos
  35. | - https://github.com/wpscanteam/wpscan/issues/1299
  36.  
  37. [+] WordPress version 4.9.10 identified (Latest, released on 2019-03-13).
  38. | Detected By: Emoji Settings (Passive Detection)
  39. | - http://aacd.websiteseguro.com/, Match: '-release.min.js?ver=4.9.10'
  40. | Confirmed By: Atom Generator (Aggressive Detection)
  41. | - http://aacd.websiteseguro.com/?feed=atom, <generator uri="https://wordpress.org/" version="4.9.10">WordPress</generator>
  42.  
  43. [i] The main theme could not be detected.
  44.  
  45. [+] Enumerating Vulnerable Plugins (via Passive Methods)
  46. [+] Checking Plugin Versions (via Passive and Aggressive Methods)
  47.  
  48. [i] Plugin(s) Identified:
  49.  
  50. [+] w3-total-cache
  51. | Location: http://aacd.websiteseguro.com/wp-content/plugins/w3-total-cache/
  52. | Last Updated: 2019-05-06T14:04:00.000Z
  53. | [!] The version is out of date, the latest version is 0.9.7.4
  54. |
  55. | Detected By: Comment Debug Info (Passive Detection)
  56. |
  57. | [!] 11 vulnerabilities identified:
  58. |
  59. | [!] Title: W3 Total Cache <= 0.9.4.1 - Authenticated Reflected Cross-Site Scripting (XSS)
  60. | Fixed in: 0.9.5
  61. | References:
  62. | - https://wpvulndb.com/vulnerabilities/8625
  63. | - https://blog.zerial.org/seguridad/vulnerabilidad-cross-site-scripting-en-wordpress-w3-total-cache/
  64. | - http://seclists.org/fulldisclosure/2016/Sep/52
  65. | - https://sumofpwn.nl/advisory/2016/reflected_cross_site_scripting_vulnerability_in_w3_total_cache_plugin.html
  66. | - http://seclists.org/fulldisclosure/2016/Nov/63
  67. |
  68. | [!] Title: W3 Total Cache <= 0.9.4.1 – Unauthenticated Security Token Bypass
  69. | Fixed in: 0.9.5
  70. | References:
  71. | - https://wpvulndb.com/vulnerabilities/8626
  72. | - https://secupress.me/blog/4-new-security-flaws-w3-total-cache-0-9-4-1/
  73. |
  74. | [!] Title: W3 Total Cache <= 0.9.4.1 – Authenticated Arbitrary File Upload
  75. | Fixed in: 0.9.5
  76. | References:
  77. | - https://wpvulndb.com/vulnerabilities/8627
  78. | - https://secupress.me/blog/4-new-security-flaws-w3-total-cache-0-9-4-1/
  79. |
  80. | [!] Title: W3 Total Cache <= 0.9.4.1 – Authenticated Arbitrary File Download
  81. | Fixed in: 0.9.5
  82. | References:
  83. | - https://wpvulndb.com/vulnerabilities/8628
  84. | - https://secupress.me/blog/4-new-security-flaws-w3-total-cache-0-9-4-1/
  85. |
  86. | [!] Title: W3 Total Cache <= 0.9.4.1 – Authenticated Arbitrary PHP Code Execution
  87. | Fixed in: 0.9.5
  88. | References:
  89. | - https://wpvulndb.com/vulnerabilities/8629
  90. | - https://secupress.me/blog/4-new-security-flaws-w3-total-cache-0-9-4-1/
  91. |
  92. | [!] Title: W3 Total Cache <= 0.9.4 - Unauthenticated Server Side Request Forgery (SSRF)
  93. | Fixed in: 0.9.5
  94. | References:
  95. | - https://wpvulndb.com/vulnerabilities/8644
  96. | - https://klikki.fi/adv/w3_total_cache.html
  97. |
  98. | [!] Title: W3 Total Cache <= 0.9.4.1 - Weak Validation of Amazon SNS Push Messages
  99. | Fixed in: 0.9.5
  100. | References:
  101. | - https://wpvulndb.com/vulnerabilities/8654
  102. | - https://sumofpwn.nl/advisory/2016/weak_validation_of_amazon_sns_push_messages_in_w3_total_cache_wordpress_plugin.html
  103. | - http://seclists.org/fulldisclosure/2016/Nov/61
  104. |
  105. | [!] Title: W3 Total Cache <= 0.9.4.1 - Information Disclosure Race Condition
  106. | Fixed in: 0.9.5
  107. | References:
  108. | - https://wpvulndb.com/vulnerabilities/8655
  109. | - https://sumofpwn.nl/advisory/2016/information_disclosure_race_condition_in_w3_total_cache_wordpress_plugin.html
  110. | - http://seclists.org/fulldisclosure/2016/Nov/62
  111. |
  112. | [!] Title: W3 Total Cache < 0.9.7.3 - Cryptographic Signature Bypass
  113. | Fixed in: 0.9.7.4
  114. | References:
  115. | - https://wpvulndb.com/vulnerabilities/9271
  116. | - https://plugins.trac.wordpress.org/changeset/2081515/w3-total-cache#file21
  117. |
  118. | [!] Title: W3 Total Cache <= 0.9.7.3 - Cross-Site Scripting (XSS)
  119. | Fixed in: 0.9.7.4
  120. | References:
  121. | - https://wpvulndb.com/vulnerabilities/9269
  122. | - https://plugins.trac.wordpress.org/changeset/2081515/w3-total-cache#file24
  123. |
  124. | [!] Title: W3 Total Cache <= 0.9.7.3 - SSRF / RCE via phar
  125. | Fixed in: 0.9.7.4
  126. | References:
  127. | - https://wpvulndb.com/vulnerabilities/9270
  128. | - https://plugins.trac.wordpress.org/changeset/2081515/w3-total-cache#file24
  129. |
  130. | Version: 0.9.4.1 (100% confidence)
  131. | Detected By: Readme - Stable Tag (Aggressive Detection)
  132. | - http://aacd.websiteseguro.com/wp-content/plugins/w3-total-cache/readme.txt
  133. | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
  134. | - http://aacd.websiteseguro.com/wp-content/plugins/w3-total-cache/readme.txt
  135.  
  136. [+] wordpress-seo
  137. | Location: http://aacd.websiteseguro.com/wp-content/plugins/wordpress-seo/
  138. | Last Updated: 2019-05-16T11:05:00.000Z
  139. | [!] The version is out of date, the latest version is 11.2.1
  140. |
  141. | Detected By: Comment (Passive Detection)
  142. |
  143. | [!] 2 vulnerabilities identified:
  144. |
  145. | [!] Title: Yoast SEO <= 5.7.1 - Authenticated Cross-Site Scripting (XSS)
  146. | Fixed in: 5.8
  147. | References:
  148. | - https://wpvulndb.com/vulnerabilities/8960
  149. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16842
  150. | - https://plugins.trac.wordpress.org/changeset/1766831/wordpress-seo/trunk/admin/google_search_console/class-gsc-table.php
  151. | - https://packetstormsecurity.com/files/145080/WordPress-Yoast-SEO-Cross-Site-Scripting.html
  152. |
  153. | [!] Title: Yoast SEO <= 9.1 - Authenticated Race Condition
  154. | Fixed in: 9.2
  155. | References:
  156. | - https://wpvulndb.com/vulnerabilities/9150
  157. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19370
  158. | - https://plugins.trac.wordpress.org/changeset/1977260/wordpress-seo
  159. | - https://www.youtube.com/watch?v=nL141dcDGCY
  160. | - http://packetstormsecurity.com/files/150497/
  161. | - https://github.com/Yoast/wordpress-seo/pull/11502/commits/3bfa70a143f5ea3ee1934f3a1703bb5caf139ffa
  162. |
  163. | Version: 3.5 (100% confidence)
  164. | Detected By: Comment (Passive Detection)
  165. | - http://aacd.websiteseguro.com/, Match: 'optimized with the Yoast SEO plugin v3.5 -'
  166. | Confirmed By:
  167. | Readme - Stable Tag (Aggressive Detection)
  168. | - http://aacd.websiteseguro.com/wp-content/plugins/wordpress-seo/readme.txt
  169. | Readme - ChangeLog Section (Aggressive Detection)
  170. | - http://aacd.websiteseguro.com/wp-content/plugins/wordpress-seo/readme.txt
  171.  
  172. [+] youtube-embed-plus
  173. | Location: http://aacd.websiteseguro.com/wp-content/plugins/youtube-embed-plus/
  174. | Last Updated: 2019-05-11T14:32:00.000Z
  175. | [!] The version is out of date, the latest version is 13.1
  176. |
  177. | Detected By: Javascript Var (Passive Detection)
  178. |
  179. | [!] 1 vulnerability identified:
  180. |
  181. | [!] Title: YouTube Embed <= 11.8.1 - Cross-Site Request Forgery (CSRF)
  182. | Fixed in: 11.8.2
  183. | References:
  184. | - https://wpvulndb.com/vulnerabilities/8873
  185. | - https://security.dxw.com/advisories/csrf-in-youtube-plugin/
  186. | - http://seclists.org/fulldisclosure/2017/Jul/64
  187. |
  188. | Version: 11.4 (100% confidence)
  189. | Detected By: Javascript Var (Passive Detection)
  190. | - http://aacd.websiteseguro.com/, Match: 'vol":"1","version":"11.4","evselector":"ifra'
  191. | Confirmed By: Readme - Stable Tag (Aggressive Detection)
  192. | - http://aacd.websiteseguro.com/wp-content/plugins/youtube-embed-plus/readme.txt
  193.  
  194. [+] Enumerating Vulnerable Themes (via Passive and Aggressive Methods)
  195. Checking Known Locations - Time: 00:00:44 <============================================================> (290 / 290) 100.00% Time: 00:00:44
  196. [+] Checking Theme Versions (via Passive and Aggressive Methods)
RAW Paste Data