Jump to content

Recommended Posts

I'm too worried about the design, that's not my part in the project. just need a few people to test the features out to see if there's any vulnerabilities in it, as its an accounting software as well as the UI for customers...

 

http://hee.sg-php.com

 

 

any suggestions are welcomed

 

Thanks to everyone who helps!

 

~Shane.G

Link to comment
https://forums.phpfreaks.com/topic/113181-testing-for-a-movie-rental-site/
Share on other sites

Vulnerability description

It seemes that user credentials are sent to /index.php in clear text.

This vulnerability affects /index.php (GET content=register).

The impact of this vulnerability

A third party may be able to read the user credentials by intercepting an unencrypted HTTP connection.

 

Attack details

No details are available.

 

View HTTP headers

Request

GET /index.php?content=register HTTP/1.0

Accept: */*

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)

Host: hee.sg-php.com

Cookie: splash=visited

Connection: Close

Pragma: no-cache

Referer: http://hee.sg-php.com/index.php

Acunetix-Product: WVS/5.0 (Acunetix Web Vulnerability Scanner - EVALUATION)

Acunetix-Scanning-agreement: Third Party Scanning PROHIBITED

Acunetix-User-agreement: http://www.acunetix.com/wvs/disc.htmResponse

HTTP/1.1 200 OK

Date: Wed, 09 Jul 2008 04:04:24 GMT

Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635

X-Powered-By: PHP/5.2.6

Connection: close

Content-Type: text/html View HTML response

Launch the attack with HTTP Editor

How to fix this vulnerability

Because user credentials usually are considered sensitive information, it is recommended to be sent to the server over an encrypted connection.

 

This page was found as link but is inaccessible.

This vulnerability affects /index.php (GET content=movie&id=1).

The impact of this vulnerability

Problems navigating the site.

 

Attack details

No details are available.

 

 

How to fix this vulnerability

Remove the links to this file or make this available.

 

Vulnerability description

Password type input named pasField from form named loginForm1 with action GET content=login has autocomplete enabled. An attacker with local access could obtain the cleartext password from the browser cache.

This vulnerability affects /index.php (GET content=login).

The impact of this vulnerability

Possible sensitive information disclosure

 

Attack details

No details are available.

 

View HTTP headers

Request

GET /index.php?content=login HTTP/1.0

Accept: */*

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)

Host: hee.sg-php.com

Cookie: splash=visited

Connection: Close

Pragma: no-cache

Referer: http://hee.sg-php.com/index.php

Acunetix-Product: WVS/5.0 (Acunetix Web Vulnerability Scanner - EVALUATION)

Acunetix-Scanning-agreement: Third Party Scanning PROHIBITED

Acunetix-User-agreement: http://www.acunetix.com/wvs/disc.htmResponse

HTTP/1.1 200 OK

Date: Wed, 09 Jul 2008 04:04:02 GMT

Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635

X-Powered-By: PHP/5.2.6

Connection: close

Content-Type: text/html View HTML response

Launch the attack with HTTP Editor

How to fix this vulnerability

The password autocomplete should be disabled in sensitive applications.

To disable autocomplete, you may use a code similar to:

<INPUT TYPE="password" AUTOCOMPLETE="off">

Password type input with autocomplete enabled

Vulnerability description

Password type input named password from form named new_user_registration with action GET content=register has autocomplete enabled. An attacker with local access could obtain the cleartext password from the browser cache.

This vulnerability affects /index.php (GET content=register).

The impact of this vulnerability

Possible sensitive information disclosure

 

Attack details

No details are available.

 

View HTTP headers

Request

GET /index.php?content=register HTTP/1.0

Accept: */*

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)

Host: hee.sg-php.com

Cookie: splash=visited

Connection: Close

Pragma: no-cache

Referer: http://hee.sg-php.com/index.php

Acunetix-Product: WVS/5.0 (Acunetix Web Vulnerability Scanner - EVALUATION)

Acunetix-Scanning-agreement: Third Party Scanning PROHIBITED

Acunetix-User-agreement: http://www.acunetix.com/wvs/disc.htmResponse

HTTP/1.1 200 OK

Date: Wed, 09 Jul 2008 04:04:24 GMT

Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635

X-Powered-By: PHP/5.2.6

Connection: close

Content-Type: text/html View HTML response

Launch the attack with HTTP Editor

How to fix this vulnerability

The password autocomplete should be disabled in sensitive applications.

To disable autocomplete, you may use a code similar to:

<INPUT TYPE="password" AUTOCOMPLETE="off">

Password type input with autocomplete enabled

Vulnerability description

Password type input named confirm from form named new_user_registration with action GET content=register has autocomplete enabled. An attacker with local access could obtain the cleartext password from the browser cache.

This vulnerability affects /index.php (GET content=register).

The impact of this vulnerability

Possible sensitive information disclosure

 

Attack details

No details are available.

 

View HTTP headers

Request

GET /index.php?content=register HTTP/1.0

Accept: */*

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)

Host: hee.sg-php.com

Cookie: splash=visited

Connection: Close

Pragma: no-cache

Referer: http://hee.sg-php.com/index.php

Acunetix-Product: WVS/5.0 (Acunetix Web Vulnerability Scanner - EVALUATION)

Acunetix-Scanning-agreement: Third Party Scanning PROHIBITED

Acunetix-User-agreement: http://www.acunetix.com/wvs/disc.htmResponse

HTTP/1.1 200 OK

Date: Wed, 09 Jul 2008 04:04:24 GMT

Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635

X-Powered-By: PHP/5.2.6

Connection: close

Content-Type: text/html View HTML response

Launch the attack with HTTP Editor

How to fix this vulnerability

The password autocomplete should be disabled in sensitive applications.

To disable autocomplete, you may use a code similar to:

<INPUT TYPE="password" AUTOCOMPLETE="off">

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.