Beruflich Dokumente
Kultur Dokumente
Scan of http://testphp.acunetix.com:80/
Scan details
Scan information Starttime Finish time Scan time Profile Server information Responsive Server banner Server OS Server technologies Threat level
True Apache/2.0.55 (Ubuntu) mod_python/3.1.4 Python/2.4.3 PHP/5.1.2 mod_ssl/2.0.55 OpenSSL/0.9.8a mod_perl/2.0.2 Perl/v5.8.7 Unix PHP,Perl,mod_ssl,mod_perl,mod_python,OpenSSL
Alerts distribution Total alerts found High Medium Low Informational 215 115 7 40 53
Alerts summary
Apache Mod_Rewrite Off-By-One Buffer Overflow Vulnerability Affects Web Server Cross Site Scripting Affects /guestbook.php /search.php PHP HTML Entity Encoder Heap Overflow Vulnerability Affects PHP PHP version older than 5.2.1 Affects PHP Variations 1 Variations 1 Variations 69 34 Variations 1
PHP version older than 5.2.3 Affects PHP PHP version older than 5.2.5 Affects PHP PHP version older than 5.2.6 Affects PHP PHP Zend_Hash_Del_Key_Or_Index vulnerability Affects PHP Proxy accepts CONNECT requests Affects Server SQL Injection (AS) Affects /AJAX/infoartist.php /artists.php Apache 2.x version older than 2.0.61 Affects Web Server Apache 2.x version older than 2.0.63 Affects Web Server Apache Mod_SSL Log Function Format String Vulnerability Affects mod_ssl Apache Mod_SSL SSL_Util_UUEncode_Binary Stack Buffer Overflow Vulnerability Affects mod_ssl Open proxy server Affects Server PHP enable_dl enabled Affects Web Server PHP errors enabled Affects / Variations 1 Variations 1 Variations 1 Variations 1 Variations 1 Variations 1 Variations 1 Variations 2 2 Variations 1 Variations 1 Variations 1 Variations 1 Variations 1
Application error message Affects /AJAX/infoartist.php /AJAX/infocateg.php /AJAX/infotitle.php /artists.php /listproducts.php /showimage.php Hidden form input named price was found Affects /product.php TRACE Method Enabled Affects Web Server User credentials are sent in clear text Affects /login.php /signup.php Broken links Affects /privacy.php /secured/office_files/filelist.xml Variations 1 1 Variations 1 1 Variations 1 Variations 7 Variations 7 7 7 2 5 2
Files found in the application directory but not linked Affects /_mmServerScripts/MMHTTPDB.php /_mmServerScripts/mysql.php /404.php /acunetix_file_inclusion_test /acunetix_md5_random.php /acunetix_not_execute /acunetix_rfi_test.php /acunetix_xsl_inclusion_test.xsl /admin/create.sql /blade_phpinfo.php /Connections/DB_Connection.php /CVS/Entries /CVS/Entries.Log /CVS/Repository /CVS/Root /database_connect.php /dot.gif /favicon.ico /Flash/add.fla /index.bak /logout.php /pi.php /pictures/1.jpg /pictures/1.jpg.tn /pictures/2.jpg /pictures/2.jpg.tn /pictures/3.jpg /pictures/3.jpg.tn /pictures/4.jpg /pictures/4.jpg.tn /pictures/5.jpg /pictures/5.jpg.tn /pictures/6.jpg /pictures/6.jpg.tn /pictures/7.jpg /pictures/7.jpg.tn /pictures/8.jpg /pictures/8.jpg.tn /secured /secured/database_connect.php /secured/index.php /secured/office.htm /sendcommand.php /Templates/main_dynamic_template.dwt.php /testphp.tar.gz /wvstests/pmwiki_2_1_19/scripts/version.php /xss.js /xss.swf Variations 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1
Password type input with autocomplete enabled Affects /login.php /signup.php Variations 1 2
Alert details
Apache Mod_Rewrite Off-By-One Buffer Overflow Vulnerability
Severity High Type Configuration Reported by module Version check Description
Impact
Impact
/guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details
/guestbook.php Details
/guestbook.php Details
/guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details
/guestbook.php Details
/guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details
/guestbook.php Details
/guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details
/guestbook.php Details
10
/guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details
/guestbook.php Details
/guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details
11
/guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details /guestbook.php Details /search.php Details
/search.php Details
/search.php Details
/search.php Details
12
/search.php Details /search.php Details /search.php Details /search.php Details /search.php Details /search.php Details /search.php Details
/search.php Details
13
/search.php Details /search.php Details /search.php Details /search.php Details /search.php Details /search.php Details /search.php Details /search.php Details /search.php Details /search.php Details /search.php Details /search.php Details
14
/search.php Details
Impact
15
Impact
Impact
16
Impact
17
Impact
Impact
18
Impact
Impact
Affected items /AJAX/infoartist.php Details /AJAX/infoartist.php Details /artists.php Details /artists.php Details
19
Description
Impact
20
Impact
Impact
Impact
mod_ssl Details
Impact
Impact
22
Impact
Impact
Affected items /AJAX/infoartist.php Details /AJAX/infoartist.php Details /AJAX/infoartist.php Details /AJAX/infoartist.php Details /AJAX/infoartist.php Details /AJAX/infoartist.php Details /AJAX/infoartist.php Details
23
/AJAX/infocateg.php Details /AJAX/infocateg.php Details /AJAX/infocateg.php Details /AJAX/infocateg.php Details /AJAX/infocateg.php Details /AJAX/infocateg.php Details /AJAX/infocateg.php Details /AJAX/infotitle.php Details /AJAX/infotitle.php Details /AJAX/infotitle.php Details /AJAX/infotitle.php Details /AJAX/infotitle.php Details /AJAX/infotitle.php Details /AJAX/infotitle.php Details /artists.php Details
24
/artists.php Details /listproducts.php Details /listproducts.php Details /listproducts.php Details /listproducts.php Details /listproducts.php Details /showimage.php Details /showimage.php Details
Impact
/product.php Details
25
/product.php Details
/product.php Details
/product.php Details
/product.php Details
/product.php Details
Impact
Impact
Broken links
Severity Informational Type Informational Reported by module Crawler Description
Impact
Impact
27
/acunetix_file_inclusion_test Details /acunetix_md5_random.php Details /acunetix_not_execute Details /acunetix_rfi_test.php Details /acunetix_xsl_inclusion_test.xsl Details /admin/create.sql Details /blade_phpinfo.php Details /Connections/DB_Connection.php Details /CVS/Entries Details /CVS/Entries.Log Details /CVS/Repository Details /CVS/Root Details /database_connect.php Details /dot.gif Details /favicon.ico Details
28
/Flash/add.fla Details /index.bak Details /logout.php Details /pi.php Details /pictures/1.jpg Details /pictures/1.jpg.tn Details /pictures/2.jpg Details /pictures/2.jpg.tn Details /pictures/3.jpg Details /pictures/3.jpg.tn Details /pictures/4.jpg Details /pictures/4.jpg.tn Details /pictures/5.jpg Details /pictures/5.jpg.tn Details /pictures/6.jpg Details
29
/pictures/6.jpg.tn Details /pictures/7.jpg Details /pictures/7.jpg.tn Details /pictures/8.jpg Details /pictures/8.jpg.tn Details /secured Details /secured/database_connect.php Details /secured/index.php Details /secured/office.htm Details /sendcommand.php Details /Templates/main_dynamic_template.dwt.php Details /testphp.tar.gz Details /wvstests/pmwiki_2_1_19/scripts/version.php Details /xss.js Details /xss.swf Details
Impact
/signup.php Details
31