Choice of robots walkthrough8/31/2023 ![]() + /wp-login/: Admin login page/section found. + Cookie wordpress_test_cookie created without the httponly flag + /admin/index.html: Admin login page/section found. + OSVDB-3092: /license.txt: License file found may identify site software. ![]() + /wp-links-opml.php: This WordPress script reveals the installed version. + OSVDB-5090: /admin/exec.php3?cmd=cat%20/etc/passwd: DotBr 0.1 allows remote command execution. + OSVDB-5089: /admin/system.php3?cmd=cat%20/etc/passwd: DotBr 0.1 allows remote command execution. + Uncommon header 'link' found, with contents: rel=shortlink + OSVDB-3092: /readme: This might be interesting. + OSVDB-3092: /admin/: This might be interesting. The following alternatives for 'index' were found: index.html, index.php + Apache mod_negotiation is enabled with MultiViews, which allows attackers to easily brute force file names. + Uncommon header 'tcn' found, with contents: list + Server leaks inodes via ETags, header found with file /robots.txt, fields: 0x29 0x52467010ef8ad ![]() + No CGI Directories found (use '-C all' to force check all possible dirs) + Retrieved x-powered-by header: PHP/5.5.29 This could allow the user agent to render the content of the site in a different fashion to the MIME type + The X-Content-Type-Options header is not set. This header can hint to the user agent to protect against some forms of XSS + The X-XSS-Protection header is not defined.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |