Jump to content

Recommended Posts

HTTP TRACE method is enabled on this web server.

In the presence of other cross-domain vulnerabilities in web browsers, sensitive header information could be read from any domains that support the HTTP TRACE method. This vulnerability affects Web Server.

The impact of this vulnerability

Attackers may abuse HTTP TRACE functionality to gain access to information in HTTP headers such as cookies and authentication data.

How to fix this vulnerability

Disable TRACE Method on the web server.

 

File inputs accepted

By this form input is possible to upload a file to the server.

This vulnerability affects /up.php.

The impact of this vulnerability

User may upload malicious files to server.

 

 

How to fix this vulnerability

Check if the script inputs are properly validated

 

 

 

How do you figure all that stuff out?

Link to comment
https://forums.phpfreaks.com/topic/120354-hack-this/page/2/#findComment-625250
Share on other sites

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.