Jump to content

Recommended Posts

Password type input with autocomplete enabled

 

Password type input named password from unnamed form with action http://elitegpt.com/forum/member.php has autocomplete enabled. An attacker with local access could obtain the cleartext password from the browser cache.

This vulnerability affects /.

The impact of this vulnerability

Possible sensitive information disclosure

 

 

How to fix this vulnerability

The password autocomplete should be disabled in sensitive applications.

To disable autocomplete, you may use a code similar to:

<INPUT TYPE="password" AUTOCOMPLETE="off">

 

 

User credentials are sent in clear text

It seems that user credentials are sent in clear text.

The impact of this vulnerability

A third party may be able to read the user credentials by intercepting an unencrypted HTTP connection.

How to fix this vulnerability

Because user credentials usually are considered sensitive information, it is recommended to be sent to the server over an encrypted connection.

Link to comment
https://forums.phpfreaks.com/topic/118564-getpaidto-site/#findComment-610423
Share on other sites

Apache Mod_SSL Log Function Format String Vulnerability

This alert was generated using only banner information. It may be a false positive. A format string vulnerability has been found in mod_ssl versions older than 2.8.19. Successful exploitation of this issue will most likely allow an attacker to execute arbitrary code on the affected computer. Affected mod_ssl versions (up to 2.8.18).

This vulnerability affects mod_ssl.

The impact of this vulnerability

Denial of service and/or possible arbitrary code execution.

How to fix this vulnerability

Upgrade mod_ssl to the latest version.

 

Unfiltered Header Injection in Apache 1.3.34/2.0.57/2.2.1

This version of Apache is vulnerable to HTML injection (including malicious Javascript code) through "Expect" header. Until not it was not classed as security vulnerability as an attacker has no way to influence the Expect header a victim will send to a target site. However, according to Amit Klein's paper: "Forging HTTP request headers with Flash" there is a working cross site scripting (XSS) attack against Apache 1.3.34, 2.0.57 and 2.2.1 (as long as the client browser is IE or Firefox, and it supports Flash 6/7+). Affected Apache versions (up to 1.3.34/2.0.57/2.2.1). This vulnerability affects Web Server.

The impact of this vulnerability

Malicious users may inject JavaScript, not allowed, ActiveX, HTML or Flash to fool a user in order to gather data from them. An attacker can steal the session cookie and take over the account, impersonating the user. It is also possible to modify the content of the page presented to the user.

How to fix this vulnerability

Upgrade to the latest Apache versions. This flaw has been corrected in Apache versions (1.3.35/2.0.58/2.2.2)

Apache Mod_SSL SSL_Util_UUEncode_Binary Stack Buffer Overflow Vulnerability

This alert was generated using only banner information. It may be a false positive. A stack-based buffer overflow has been reported in the Apache mod_ssl module. This issue would most likely result in a denial of service if triggered, but could theoretically allow for execution of arbitrary code. The issue is not believed to be exploitable to execute arbitrary code on x86 architectures, though this may not be the case with other architectures. Affected mod_ssl versions (up to 2.8.17). This vulnerability affects mod_ssl.

The impact of this vulnerability

Denial of service and/or possible arbitrary code execution.

How to fix this vulnerability

Upgrade mod_ssl to the latest version.

Link to comment
https://forums.phpfreaks.com/topic/118564-getpaidto-site/#findComment-610428
Share on other sites

Blind SQL/XPath injection

This script is possibly vulnerable to SQL/XPath Injection attacks.

 

SQL injection is a vulnerability that allows an attacker to alter backend SQL statements by manipulating the user input. An SQL injection occurs when web applications accept user input that is directly placed into a SQL statement and doesn't properly filter out dangerous characters.

 

This is one of the most common application layer attacks currently being used on the Internet. Despite the fact that it is relatively easy to protect against, there is a large number of web applications vulnerable.

 

XPath Injection is an attack technique used to exploit web sites that construct XPath queries from user-supplied input.

This vulnerability affects /forum/member.php

/forum/calendar.php

/forum/forumdisplay.php

/forum/memberlist.php

/forum/search.php

/forum/showthread.php

/forum/usercp2.php

 

 

The impact of this vulnerability

An unauthenticated attacker may execute arbitrary SQL/XPath statements on the vulnerable system. This may compromise the integrity of your database and/or expose sensitive information.

 

How to fix this vulnerability

Your script should filter metacharacters from user input.

Check detailed information for more information about fixing this vulnerability. trim(),mysql_real_escape_string()

 

Link to comment
https://forums.phpfreaks.com/topic/118564-getpaidto-site/#findComment-610993
Share on other sites

GHDB: 500 Internal Server Error

The description for this alert is contributed by the GHDB community, it may contain inappropriate language.

Category : Error Messages

 

This one shows the type of web server running on the site, and has the ability to show other information depending on how the message is internally formatted.

This vulnerability affects /js/olib/makemini.pl.

The impact of this vulnerability

Not available. Check description.

 

Attack details

We found

intitle:"500 Internal Server Error" "server at"

 

 

GHDB: Files uploaded through FTP

Vulnerability description

The description for this alert is contributed by the GHDB community, it may contain inappropriate language.

Category : Files containing juicy info

 

Files uploaded through ftp by other people, sometimes you can find all sorts of things from movies to important stuff.

This vulnerability affects /icons.

The impact of this vulnerability

Not available. Check description.

Attack details

We found

intitle:"Index of" upload size parent directory

 

 

GHDB: Generic MySQL error message

Vulnerability description

The description for this alert is contributed by the GHDB community, it may contain inappropriate language.

 

Category : Error Messages

 

Another generic SQL message, this message can display path names, function names, filenames and partial SQL code, all of which are very helpful for hackers...

This vulnerability affects /images.

The impact of this vulnerability

Not available. Check description.

Attack details

We found

"Supplied argument is not a valid MySQL result resource"

 

 

 

GHDB: Apache directory listing which show Apache version

The description for this alert is contributed by the GHDB community, it may contain inappropriate language.

 

Category : Files containing juicy info

 

This is a very basic string found on directory listing pages which show the version of the Apache web server. Hackers can use this information to find vulnerable targets without querying the servers.

This vulnerability affects /css.

The impact of this vulnerability

Not available. Check description.

Attack details

We found

intitle:index.of "Apache" "server at"

 

Link to comment
https://forums.phpfreaks.com/topic/118564-getpaidto-site/#findComment-611002
Share on other sites

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.