Scan summary
Scan information
Start time28-9-2006, 21:56
Finish time30-9-2006, 11:00
Scan time 2223 minutes
Server bannerApache/2.0.54 (Debian GNU/Linux) PHP/4.3.10-16
Operating systemUnix
WebServer technologiesPHP
NameSeverityAffects
80.
Source code disclosure
Medium
/include/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.pl
82.
Source code disclosure
Medium
/include/fckeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx
83.
Source code disclosure
Medium
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/util.asp
85.
Source code disclosure
Medium
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
86.
Source code disclosure
Medium
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/config.asp
87.
Source code disclosure
Medium
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/commands.asp
88.
Source code disclosure
Medium
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/class_upload.asp
91.
Source code disclosure
Medium
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/basexml.asp
93.
Source code disclosure
Medium
/include/fckeditor/editor/filemanager/browser/default/connectors/perl/connector.cgi
94.
Source code disclosure
Medium
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
(GET Command=FileUpload&Type=File&CurrentFolder=/)
141.
Broken links
Low
/modules/uploads/index.php (GET
module=uploads&action=add2db&return_module=; POST
MAX_FILE_SIZE=1000000&return_module=&return_action=&return_id=&filename=&txtDescription=&save=%26nbsp%3BAttach%26nbsp%3B&cancel=Cancel)
145.
Broken links
Low
/modules/Users/index.php (GET module=Users&action=ListView&query=true&last_name=I)
146.
Broken links
Low
/include/fckeditor/editor/dialog/fck_flash/fck_flash_preview.html
147.
Broken links
Low
/modules/Users/index.php (GET module=Users&action=ListView&query=true&last_name=H)
152.
Broken links
Low
/include/fckeditor/editor/dialog/common/common/fcknumericfield.htc
154.
File inputs accepted
Low
/include/fckeditor/editor/filemanager/browser/default/connectors/test.html
156.
File inputs accepted
Low
/include/fckeditor/editor/filemanager/browser/default/connectors/test.html
158.
Broken links
Low
/include/fckeditor/editor/dialog/fck_flash/fck_flash.js
175.
Broken links
Low
/modules/Users/index.php (GET module=Users&action=ListView&advanced=true)
176.
Broken links
Low
/modules/Users/index.php (GET module=Users&action=ListView&query=true&last_name=B)
177.
Broken links
Low
/modules/Users/index.php (GET module=Users&action=ListView&query=true&last_name=A)
178.
Broken links
Low
/modules/Users/index.php (GET module=Users&action=ListView&query=true&last_name=C)
179.
Broken links
Low
/modules/Users/index.php (GET module=Users&action=ListView&query=true&last_name=D)
180.
Broken links
Low
/modules/Users/index.php (GET module=Users&action=ListView&query=true&last_name=E)
181.
Broken links
Low
/modules/Users/index.php (GET module=Users&action=ListView&query=true&last_name=F)
182.
Broken links
Low
/modules/Users/index.php (GET module=Users&action=ListView&query=true&last_name=G)
1.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger has been set to connector.aspx.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
2.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/io.asp
DetailsThe Cookie variable PHPSESSID has been set to io.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
3.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/io.asp
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger has been set to io.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
4.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/io.asp
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger=bluelagoon; ck_login_language_vtiger has been set to io.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
5.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/util.asp
DetailsThe Cookie variable PHPSESSID has been set to util.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
6.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/util.asp
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger has been set to util.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
7.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/util.asp
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger has been set to util.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
8.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/basexml.asp
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger=bluelagoon; ck_login_language_vtiger has been set to basexml.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
9.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx
DetailsThe Cookie variable PHPSESSID has been set to connector.aspx.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
10.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
DetailsThe Cookie variable PHPSESSID has been set to connector.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
11.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger has been set to connector.aspx.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
12.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger=bluelagoon; ck_login_language_vtiger has been set to connector.aspx.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
13.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/perl/connector.cgi
DetailsThe Cookie variable PHPSESSID has been set to connector.cgi.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
14.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/perl/connector.cgi
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger has been set to connector.cgi.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
15.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/perl/connector.cgi
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger has been set to connector.cgi.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
16.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/perl/connector.cgi
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger=bluelagoon; ck_login_language_vtiger has been set to connector.cgi.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
17.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/util.asp
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger=bluelagoon; ck_login_language_vtiger has been set to util.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
18.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/config.asp
DetailsThe Cookie variable PHPSESSID has been set to config.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
19.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/class_upload.asp
DetailsThe Cookie variable PHPSESSID has been set to class_upload.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
20.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/class_upload.asp
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger has been set to class_upload.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
21.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/class_upload.asp
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger has been set to class_upload.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
22.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/class_upload.asp
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger=bluelagoon; ck_login_language_vtiger has been set to class_upload.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
23.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/commands.asp
DetailsThe Cookie variable PHPSESSID has been set to commands.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
24.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/commands.asp
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger has been set to commands.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
25.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger has been set to connector.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
26.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/commands.asp
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger=bluelagoon; ck_login_language_vtiger has been set to commands.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
27.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger has been set to connector.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
28.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/config.asp
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger has been set to config.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
29.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/config.asp
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger has been set to config.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
30.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/config.asp
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger=bluelagoon; ck_login_language_vtiger has been set to config.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
31.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
DetailsThe GET variable Command has been set to connector.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
32.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
DetailsThe GET variable Type has been set to connector.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
33.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
DetailsThe GET variable CurrentFolder has been set to connector.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
34.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/fckconfig.js
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger has been set to fckconfig.js.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
35.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/commands.asp
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger has been set to commands.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
36.
Script source code disclosure
Severity
High
Affects
/include/prototype-1.4.0/src/prototype.js
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger has been set to prototype.js.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
37.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/fckconfig.js
DetailsThe Cookie variable PHPSESSID has been set to fckconfig.js.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
38.
Script source code disclosure
Severity
High
Affects
/include/magpierss/rss_parse.inc
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger has been set to rss_parse.inc.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
39.
Script source code disclosure
Severity
High
Affects
/include/magpierss/rss_parse.inc
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger has been set to rss_parse.inc.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
40.
Script source code disclosure
Severity
High
Affects
/include/magpierss/rss_parse.inc
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger=bluelagoon; ck_login_language_vtiger has been set to rss_parse.inc.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
41.
Script source code disclosure
Severity
High
Affects
/include/magpierss/rss_utils.inc
DetailsThe Cookie variable PHPSESSID has been set to rss_utils.inc.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
42.
Script source code disclosure
Severity
High
Affects
/include/magpierss/rss_utils.inc
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger has been set to rss_utils.inc.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
43.
Script source code disclosure
Severity
High
Affects
/include/magpierss/rss_fetch.inc
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger=bluelagoon; ck_login_language_vtiger has been set to rss_fetch.inc.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
44.
Script source code disclosure
Severity
High
Affects
/include/magpierss/rss_utils.inc
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger=bluelagoon; ck_login_language_vtiger has been set to rss_utils.inc.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
45.
Script source code disclosure
Severity
High
Affects
/include/magpierss/rss_fetch.inc
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger has been set to rss_fetch.inc.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
46.
Script source code disclosure
Severity
High
Affects
/include/prototype-1.4.0/src/prototype.js
DetailsThe Cookie variable PHPSESSID has been set to prototype.js.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
47.
Script source code disclosure
Severity
High
Affects
/include/prototype-1.4.0/src/prototype.js
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger has been set to prototype.js.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
48.
Script source code disclosure
Severity
High
Affects
/include/prototype-1.4.0/src/prototype.js
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger=bluelagoon; ck_login_language_vtiger has been set to prototype.js.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
49.
Script source code disclosure
Severity
High
Affects
/themes/bluelagoon/images/Thumbs.db
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger has been set to Thumbs.db.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
50.
Script source code disclosure
Severity
High
Affects
/themes/bluelagoon/images/Thumbs.db
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger has been set to Thumbs.db.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
51.
Script source code disclosure
Severity
High
Affects
/themes/bluelagoon/images/Thumbs.db
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger=bluelagoon; ck_login_language_vtiger has been set to Thumbs.db.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
52.
Script source code disclosure
Severity
High
Affects
/themes/bluelagoon/images/Thumbs.db
DetailsThe Cookie variable PHPSESSID has been set to Thumbs.db.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
53.
Script source code disclosure
Severity
High
Affects
/include/magpierss/rss_utils.inc
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger has been set to rss_utils.inc.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
54.
Script source code disclosure
Severity
High
Affects
/include/magpierss/extlib/Snoopy.class.inc
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger has been set to Snoopy.class.inc.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
55.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger=bluelagoon; ck_login_language_vtiger has been set to connector.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
56.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/fckconfig.js
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger=bluelagoon; ck_login_language_vtiger has been set to fckconfig.js.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
57.
Script source code disclosure
Severity
High
Affects
/include/install/images/Thumbs.db
DetailsThe Cookie variable PHPSESSID has been set to Thumbs.db.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
58.
Script source code disclosure
Severity
High
Affects
/include/install/images/Thumbs.db
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger=bluelagoon; ck_login_language_vtiger has been set to Thumbs.db.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
59.
Script source code disclosure
Severity
High
Affects
/include/install/images/Thumbs.db
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger has been set to Thumbs.db.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
60.
Script source code disclosure
Severity
High
Affects
/include/install/images/Thumbs.db
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger has been set to Thumbs.db.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
61.
Script source code disclosure
Severity
High
Affects
/include/magpierss/rss_parse.inc
DetailsThe Cookie variable PHPSESSID has been set to rss_parse.inc.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
62.
Script source code disclosure
Severity
High
Affects
/include/magpierss/extlib/Snoopy.class.inc
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger has been set to Snoopy.class.inc.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
63.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/fckconfig.js
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger has been set to fckconfig.js.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
64.
Script source code disclosure
Severity
High
Affects
/include/magpierss/extlib/Snoopy.class.inc
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger=bluelagoon; ck_login_language_vtiger has been set to Snoopy.class.inc.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
65.
Script source code disclosure
Severity
High
Affects
/include/magpierss/rss_cache.inc
DetailsThe Cookie variable PHPSESSID has been set to rss_cache.inc.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
66.
Script source code disclosure
Severity
High
Affects
/include/magpierss/rss_cache.inc
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger has been set to rss_cache.inc.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
67.
Script source code disclosure
Severity
High
Affects
/include/magpierss/rss_cache.inc
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger has been set to rss_cache.inc.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
68.
Script source code disclosure
Severity
High
Affects
/include/magpierss/rss_cache.inc
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger=bluelagoon; ck_login_language_vtiger has been set to rss_cache.inc.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
69.
Script source code disclosure
Severity
High
Affects
/include/magpierss/rss_fetch.inc
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger has been set to rss_fetch.inc.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
70.
Script source code disclosure
Severity
High
Affects
/include/magpierss/rss_fetch.inc
DetailsThe Cookie variable PHPSESSID has been set to rss_fetch.inc.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
71.
Script source code disclosure
Severity
High
Affects
/include/magpierss/extlib/Snoopy.class.inc
DetailsThe Cookie variable PHPSESSID has been set to Snoopy.class.inc.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
72.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/basexml.asp
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger has been set to basexml.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
73.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/basexml.asp
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger has been set to basexml.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
74.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/basexml.asp
DetailsThe Cookie variable PHPSESSID has been set to basexml.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
75.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.pl
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger has been set to spellchecker.pl.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
76.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.pl
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger has been set to spellchecker.pl.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
77.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.pl
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger=1; ck_login_theme_vtiger=bluelagoon; ck_login_language_vtiger has been set to spellchecker.pl.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
78.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.pl
DetailsThe Cookie variable PHPSESSID has been set to spellchecker.pl.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
79.
Script source code disclosure
Severity
High
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/io.asp
DetailsThe Cookie variable PHPSESSID=92b87a95c97a93cc5f657db8ac5c8176; ck_login_id_vtiger has been set to io.asp.
TypeValidation
DescriptionIt is
possible to read the source code of this script by using script
filename as a parameter. It seems that this script includes a file
which name is determined using user-supplied data. This data is not
properly validated before being passed to the include function.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
launch further attacks.
RecommendationAnalyse the source code of this script and solve the problem.
Reported by moduleParameter manipulation
Request
Response
80.
Source code disclosure
Severity
Medium
Affects
/include/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.pl
DetailsWe have found #!/usr/bin/perl
TypeValidation
DescriptionLooks like
the source code for this script is available. This check is using
pattern matching to determine if server side tags are found in the
file. In some cases this may generate false positives.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
conduct further attacks.
RecommendationRemove this file from your website or change permissions in order to remove access.
Reported by moduleText search
Request
Response
81.
PHPSESSID session fixation
Severity
Medium
Affects
/
DetailsNo details are available.
TypeValidation
DescriptionThis script is vulnerable to PHPSESSID session fixation attacks.
By
injecting a custom PHPSESSID is possible to alter the PHP session
cookie. Attackers will normally manipulate cookie values to
fraudulently authenticate themselves on a web site.
ImpactBy exploiting
this vulnerability, an attacker may conduct a session fixation attack.
In a session fixation attack, the attacker fixes the user's session ID
before the user even logs into the target server, thereby eliminating
the need to obtain the user's session ID afterwards.
RecommendationSet
session.use_only_cookies = 1 from php.ini. This option enables
administrators to make their users invulnerable to attacks which
involve passing session ids in URLs; defaults to 0.
Reported by moduleDirectory checks
Request
Response
82.
Source code disclosure
Severity
Medium
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx
DetailsWe have found <%@ Page language="c#" Inherits="FredCK.FCKeditorV2.FileBrowserConnector" AutoEventWireup="false" %>
TypeValidation
DescriptionLooks like
the source code for this script is available. This check is using
pattern matching to determine if server side tags are found in the
file. In some cases this may generate false positives.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
conduct further attacks.
RecommendationRemove this file from your website or change permissions in order to remove access.
Reported by moduleText search
Request
Response
83.
Source code disclosure
Severity
Medium
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/util.asp
DetailsWe have found <%
Function RemoveFromStart( sourceString, charToRemove )
Dim oRegex
Set oRegex = New RegExp
oRegex.Pattern = "^" & charToRemove & "+"
RemoveFromStart = oRegex.Replace( sourceString, "" )
End Function
Function RemoveFromEnd( sourceString, charToRemove )
Dim oRegex
Set oRegex = New RegExp
oRegex.Pattern = charToRemove & "+$"
RemoveFromEnd = oRegex.Replace( sourceString, "" )
End Function
Function ConvertToXmlAttribute( value )
ConvertToXmlAttribute = Replace( value, "&", "&" )
End Function
Function InArray( value, sourceArray )
Dim i
For i = 0 to UBound( sourceArray )
If sourceArray(i) = value Then
InArray = True
Exit Function
End If
Next
InArray = False
End Function
%>
TypeValidation
DescriptionLooks like
the source code for this script is available. This check is using
pattern matching to determine if server side tags are found in the
file. In some cases this may generate false positives.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
conduct further attacks.
RecommendationRemove this file from your website or change permissions in order to remove access.
Reported by moduleText search
Request
Response
84.
Source code disclosure
Severity
Medium
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/io.asp
DetailsWe have found <%
Function GetUrlFromPath( resourceType, folderPath )
If resourceType = "" Then
GetUrlFromPath = RemoveFromEnd( sUserFilesPath, "/" ) & folderPath
Else
GetUrlFromPath = sUserFilesPath & resourceType & folderPath
End If
End Function
Function RemoveExtension( fileName )
RemoveExtension = Left( fileName, InStrRev( fileName, "." ) - 1 )
End Function
Function ServerMapFolder( resourceType, folderPath )
' Get the resource type directory.
Dim sResourceTypePath
sResourceTypePath = sUserFilesDirectory & resourceType & "\"
' Ensure that the directory exists.
CreateServerFolder sResourceTypePath
' Return the resource type directory combined with the required path.
ServerMapFolder = sResourceTypePath & RemoveFromStart( folderPath, "/" )
End Function
Sub CreateServerFolder( folderPath )
Dim oFSO
Set oFSO = Server.CreateObject( "Scripting.FileSystemObject" )
Dim sParent
sParent = oFSO.GetParentFolderName( folderPath )
' Check if the parent exists, or create it.
If ( NOT oFSO.FolderExists( sParent ) ) Then CreateServerFolder( sParent )
If ( oFSO.FolderExists( folderPath ) = False ) Then
oFSO.CreateFolder( folderPath )
End If
Set oFSO = Nothing
End Sub
Function IsAllowedExt( extension, resourceType )
Dim oRE
Set oRE = New RegExp
oRE.IgnoreCase = True
oRE.Global = True
Dim sAllowed, sDenied
sAllowed = ConfigAllowedExtensions.Item( resourceType )
sDenied = ConfigDeniedExtensions.Item( resourceType )
IsAllowedExt = True
If sDenied <> "" Then
oRE.Pattern = sDenied
IsAllowedExt = Not oRE.Test( extension )
End If
If IsAllowedExt And sAllowed <> "" Then
oRE.Pattern = sAllowed
IsAllowedExt = oRE.Test( extension )
End If
Set oRE = Nothing
End Function
%>
TypeValidation
DescriptionLooks like
the source code for this script is available. This check is using
pattern matching to determine if server side tags are found in the
file. In some cases this may generate false positives.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
conduct further attacks.
RecommendationRemove this file from your website or change permissions in order to remove access.
Reported by moduleText search
Request
Response
85.
Source code disclosure
Severity
Medium
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
DetailsWe have found <%@ CodePage=65001 Language="VBScript"%>
TypeValidation
DescriptionLooks like
the source code for this script is available. This check is using
pattern matching to determine if server side tags are found in the
file. In some cases this may generate false positives.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
conduct further attacks.
RecommendationRemove this file from your website or change permissions in order to remove access.
Reported by moduleText search
Request
Response
86.
Source code disclosure
Severity
Medium
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/config.asp
DetailsWe have found <%
' SECURITY: You must explicitelly enable this "connector" (set it to "True").
Dim ConfigIsEnabled
ConfigIsEnabled = False
' Path to user files relative to the document root.
Dim ConfigUserFilesPath
ConfigUserFilesPath = "/UserFiles/"
Dim ConfigAllowedExtensions, ConfigDeniedExtensions
Set ConfigAllowedExtensions = CreateObject( "Scripting.Dictionary" )
Set ConfigDeniedExtensions = CreateObject( "Scripting.Dictionary" )
ConfigAllowedExtensions.Add "File", ""
ConfigDeniedExtensions.Add "File", "php|asp|aspx|ascx|jsp|cfm|cfc|pl|bat|exe|com|dll|vbs|js|reg"
ConfigAllowedExtensions.Add "Image", "jpg|gif|jpeg|png|bmp"
ConfigDeniedExtensions.Add "Image", ""
ConfigAllowedExtensions.Add "Flash", "swf|fla"
ConfigDeniedExtensions.Add "Flash", ""
ConfigAllowedExtensions.Add "Media", "swf|fla|jpg|gif|jpeg|png|avi|mpg|mpeg|mp(1-4)|wma|wmv|wav|mid|midi|rmi|rm|ram|rmvb|mov|qt"
ConfigDeniedExtensions.Add "Media", ""
%>
TypeValidation
DescriptionLooks like
the source code for this script is available. This check is using
pattern matching to determine if server side tags are found in the
file. In some cases this may generate false positives.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
conduct further attacks.
RecommendationRemove this file from your website or change permissions in order to remove access.
Reported by moduleText search
Request
Response
87.
Source code disclosure
Severity
Medium
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/commands.asp
DetailsWe have found <%
Sub GetFolders( resourceType, currentFolder ) ' Map the virtual path to
the local server path. Dim sServerDir sServerDir = ServerMapFolder(
resourceType, currentFolder ) ' Open the "Folders" node. Response.Write
"<Folders>" Dim oFSO, oCurrentFolder, oFolders, oFolder Set oFSO
= Server.CreateObject( "Scripting.FileSystemObject" ) Set
oCurrentFolder = oFSO.GetFolder( sServerDir ) Set oFolders =
oCurrentFolder.SubFolders For Each oFolder in oFolders Response.Write
"<Folder name=""" & ConvertToXmlAttribute( oFolder.name ) &
""" />" Next Set oFSO = Nothing ' Close the "Folders" node.
Response.Write "</Folders>"
End Sub
Sub GetFoldersAndFiles( resourceType, currentFolder ) ' Map the virtual
path to the local server path. Dim sServerDir sServerDir =
ServerMapFolder( resourceType, currentFolder ) Dim oFSO,
oCurrentFolder, oFolders, oFolder, oFiles, oFile Set oFSO =
Server.CreateObject( "Scripting.FileSystemObject" ) Set oCurrentFolder
= oFSO.GetFolder( sServerDir ) Set oFolders = oCurrentFolder.SubFolders
Set oFiles = oCurrentFolder.Files ' Open the "Folders" node.
Response.Write "<Folders>" For Each oFolder in oFolders
Response.Write "<Folder name=""" & ConvertToXmlAttribute(
oFolder.name ) & """ />" Next ' Close the "Folders" node.
Response.Write "</Folders>" ' Open the "Files" node.
Response.Write "<Files>" For Each oFile in oFiles Dim iFileSize
iFileSize = Round( oFile.size / 1024 ) If ( iFileSize < 1 AND
oFile.size <> 0 ) Then iFileSize = 1 Response.Write "<File
name=""" & ConvertToXmlAttribute( oFile.name ) & """ size="""
& iFileSize & """ />" Next ' Close the "Files" node.
Response.Write "</Files>"
End Sub
Sub CreateFolder( resourceType, currentFolder ) Dim sErrorNumber Dim
sNewFolderName sNewFolderName = Request.QueryString( "NewFolderName" )
If ( sNewFolderName = "" OR InStr( 1, sNewFolderName, ".." ) > 0 )
Then sErrorNumber = "102" Else ' Map the virtual path to the local
server path of the current folder. Dim sServerDir sServerDir =
ServerMapFolder( resourceType, currentFolder & "/" &
sNewFolderName ) On Error Resume Next CreateServerFolder sServerDir Dim
iErrNumber, sErrDescription iErrNumber = err.number sErrDescription =
err.Description On Error Goto 0 Select Case iErrNumber Case 0
sErrorNumber = "0" Case 52 sErrorNumber = "102" ' Invalid Folder Name.
Case 70 sErrorNumber = "103" ' Security Error. Case 76 sErrorNumber =
"102" ' Path too long. Case Else sErrorNumber = "110" End Select End If
' Create the "Error" node. Response.Write "<Error number=""" &
sErrorNumber & """ originalNumber=""" & iErrNumber & """
originalDescription=""" & ConvertToXmlAttribute( sErrDescription )
& """ />"
End Sub
Sub FileUpload( resourceType, currentFolder ) Dim oUploader Set
oUploader = New NetRube_Upload oUploader.MaxSize = 0 oUploader.Allowed
= ConfigAllowedExtensions.Item( resourceType ) oUploader.Denied =
ConfigDeniedExtensions.Item( resourceType ) oUploader.GetData Dim
sErrorNumber sErrorNumber = "0" Dim sFileName, sOriginalFileName,
sExtension sFileName = "" If oUploader.ErrNum > 1 Then sErrorNumber
= "202" Else ' Map the virtual path to the local server path. Dim
sServerDir sServerDir = ServerMapFolder( resourceType, currentFolder )
Dim oFSO Set oFSO = Server.CreateObject( "Scripting.FileSystemObject" )
' Get the uploaded file name. sFileName = oUploader.File( "NewFile"
).Name sExtension = oUploader.File( "NewFile" ).Ext sOriginalFileName =
sFileName Dim iCounter iCounter = 0 Do While ( True ) Dim sFilePath
sFilePath = sServerDir & sFileName If ( oFSO.FileExists( sFilePath
) ) Then iCounter = iCounter + 1 sFileName = RemoveExtension(
sOriginalFileName ) & "(" & iCounter & ")." &
sExtension sErrorNumber = "201" Else oUploader.SaveAs "NewFile",
sFilePath If oUploader.ErrNum > 0 Then sErrorNumber = "202" Exit Do
End If Loop End If Set oUploader = Nothing Response.Clear
Response.Write "<script type=""text/javascript"">" Response.Write
"window.parent.frames['frmUpload'].OnUploadCompleted(" &
sErrorNumber & ",'" & Replace( sFileName, "'", "\'" ) & "')
;" Response.Write "</script>" Response.End
End Sub
%>
TypeValidation
DescriptionLooks like
the source code for this script is available. This check is using
pattern matching to determine if server side tags are found in the
file. In some cases this may generate false positives.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
conduct further attacks.
RecommendationRemove this file from your website or change permissions in order to remove access.
Reported by moduleText search
Request
Response
88.
Source code disclosure
Severity
Medium
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/class_upload.asp
DetailsWe have found <%
'**********************************************
' File: NetRube_Upload.asp
' Version: NetRube Upload Class Version 2.1 Build 20050228
' Author: NetRube
' Email: NetRube@126.com
' Date: 02/28/2005
' Comments: The code for the Upload.
' This can free usage, but please
' not to delete this copyright information.
' If you have a modification version,
' Please send out a duplicate to me.
'**********************************************
' #########: NetRube_Upload.asp
' ######: NetRube Upload Class Version 2.1 Build 20050228
' ######: NetRube(###############)
' ############: NetRube@126.com
' ######: 2005###02###28###
' ######: ###############
' ##################################################################
' #############################################
' ########################
'**********************************************
Class NetRube_Upload
Public File, Form
Private oSourceData
Private nMaxSize, nErr, sAllowed, sDenied
Private Sub Class_Initialize
nErr = 0
nMaxSize = 1048576
Set File = Server.CreateObject("Scripting.Dictionary")
File.CompareMode = 1
Set Form = Server.CreateObject("Scripting.Dictionary")
Form.CompareMode = 1
Set oSourceData = Server.CreateObject("ADODB.Stream")
oSourceData.Type = 1
oSourceData.Mode = 3
oSourceData.Open
End Sub
Private Sub Class_Terminate
Form.RemoveAll
Set Form = Nothing
File.RemoveAll
Set File = Nothing
oSourceData.Close
Set oSourceData = Nothing
End Sub
Public Property Get Version
Version = "NetRube Upload Class Version 1.0 Build 20041218"
End Property
Public Property Get ErrNum
ErrNum = nErr
End Property
Public Property Let MaxSize(nSize)
nMaxSize = nSize
End Property
Public Property Let Allowed(sExt)
sAllowed = sExt
End Property
Public Property Let Denied(sExt)
sDenied = sExt
End Property
Public Sub GetData
Dim aCType
aCType = Split(Request.ServerVariables("HTTP_CONTENT_TYPE"), ";")
If aCType(0) <> "multipart/form-data" Then
nErr = 1
Exit Sub
End If
Dim nTotalSize
nTotalSize = Request.TotalBytes
If nTotalSize < 1 Then
nErr = 2
Exit Sub
End If
If nMaxSize > 0 And nTotalSize > nMaxSize Then
nErr = 3
Exit Sub
End If
oSourceData.Write Request.BinaryRead(nTotalSize)
oSourceData.Position = 0
Dim oTotalData, oFormStream, sFormHeader, sFormName, bCrLf, nBoundLen, nFormStart, nFormEnd, nPosStart, nPosEnd, sBoundary
oTotalData = oSourceData.Read
bCrLf = ChrB(13) & ChrB(10)
sBoundary = MidB(oTotalData, 1, InStrB(1, oTotalData, bCrLf) - 1)
nBoundLen = LenB(sBoundary) + 2
nFormStart = nBoundLen
Set oFormStream = Server.CreateObject("ADODB.Stream")
Do While (nFormStart + 2) < nTotalSize
nFormEnd = InStrB(nFormStart, oTotalData, bCrLf & bCrLf) + 3
With oFormStream
.Type = 1
.Mode = 3
.Open
oSourceData.Position = nFormStart
oSourceData.CopyTo oFormStream, nFormEnd - nFormStart
.Position = 0
.Type = 2
.CharSet = "UTF-8"
sFormHeader = .ReadText
.Close
End With
nFormStart = InStrB(nFormEnd, oTotalData, sBoundary) - 1
nPosStart = InStr(22, sFormHeader, " name=", 1) + 7
nPosEnd = InStr(nPosStart, sFormHeader, """")
sFormName = Mid(sFormHeader, nPosStart, nPosEnd - nPosStart)
If InStr(45, sFormHeader, " filename=", 1) > 0 Then
Set File(sFormName) = New NetRube_FileInfo
File(sFormName).FormName = sFormName
File(sFormName).Start = nFormEnd
File(sFormName).Size = nFormStart - nFormEnd - 2
nPosStart = InStr(nPosEnd, sFormHeader, " filename=", 1) + 11
nPosEnd = InStr(nPosStart, sFormHeader, """")
File(sFormName).ClientPath = Mid(sFormHeader, nPosStart, nPosEnd - nPosStart)
File(sFormName).Name = Mid(File(sFormName).ClientPath, InStrRev(File(sFormName).ClientPath, "\") + 1)
File(sFormName).Ext = LCase(Mid(File(sFormName).Name, InStrRev(File(sFormName).Name, ".") + 1))
nPosStart = InStr(nPosEnd, sFormHeader, "Content-Type: ", 1) + 14
nPosEnd = InStr(nPosStart, sFormHeader, vbCr)
File(sFormName).MIME = Mid(sFormHeader, nPosStart, nPosEnd - nPosStart)
Else
With oFormStream
.Type = 1
.Mode = 3
.Open
oSourceData.Position = nPosEnd
oSourceData.CopyTo oFormStream, nFormStart - nFormEnd - 2
.Position = 0
.Type = 2
.CharSet = "UTF-8"
Form(sFormName) = .ReadText
.Close
End With
End If
nFormStart = nFormStart + nBoundLen
Loop
oTotalData = ""
Set oFormStream = Nothing
End Sub
Public Sub SaveAs(sItem, sFileName)
If File(sItem).Size < 1 Then
nErr = 2
Exit Sub
End If
If Not IsAllowed(File(sItem).Ext) Then
nErr = 4
Exit Sub
End If
Dim oFileStream
Set oFileStream = Server.CreateObject("ADODB.Stream")
With oFileStream
.Type = 1
.Mode = 3
.Open
oSourceData.Position = File(sItem).Start
oSourceData.CopyTo oFileStream, File(sItem).Size
.Position = 0
.SaveToFile sFileName, 2
.Close
End With
Set oFileStream = Nothing
End Sub
Private Function IsAllowed(sExt)
Dim oRE
Set oRE = New RegExp
oRE.IgnoreCase = True
oRE.Global = True
If sDenied = "" Then
oRE.Pattern = sAllowed
IsAllowed = (sAllowed = "") Or oRE.Test(sExt)
Else
oRE.Pattern = sDenied
IsAllowed = Not oRE.Test(sExt)
End If
Set oRE = Nothing
End Function
End Class
Class NetRube_FileInfo
Dim FormName, ClientPath, Path, Name, Ext, Content, Size, MIME, Start
End Class
%>
TypeValidation
DescriptionLooks like
the source code for this script is available. This check is using
pattern matching to determine if server side tags are found in the
file. In some cases this may generate false positives.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
conduct further attacks.
RecommendationRemove this file from your website or change permissions in order to remove access.
Reported by moduleText search
Request
Response
89.
Apache 2.x version older than 2.0.55
Severity
Medium
Affects
Web Server
DetailsCurrent version is Apache/2.0.54
TypeConfiguration
Description This alert has been generated using only banner information. It may be a false positive.
Multiple vulnerabilities have been found in this version of Apache. You should upgrade to the latest version of Apache.
Affected Apache versions (up to 2.0.55).
ImpactMultiple. Check references for details about every vulnerability.
RecommendationUpgrade Apache 2.x to the latest version.
Reported by moduleVersion check
References
CAN-2005-2088http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2088
CAN-2005-2700http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700
CAN-2005-2491http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491
CAN-2005-2728http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2728
CAN-2005-1268http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1268
Request
Response
90.
Apache Mod_Rewrite Off-By-One Buffer Overflow Vulnerability
Severity
Medium
Affects
Web Server
DetailsCurrent version is Apache/2.0.54
TypeConfiguration
Description This alert has been generated using only banner information. It may be a false positive.
Apache
mod_rewrite is prone to an off-by-one buffer-overflow condition.
The vulnerability arising in the mod_rewrite module's ldap scheme
handling allows for potential memory corruption when an attacker
exploits certain rewrite rules.
Affected Apache versions:
- Apache 1.3.28 - 1.3.36 with mod_rewrite
- Apache 2.2.0 - 2.2.2 with mod_rewrite
- Apache 2.0.46 - 2.0.58 with mod_rewrite
ImpactAn attacker may
exploit this issue to trigger a denial-of-service condition.
Reportedly, arbitrary code execution may be possible as well.
RecommendationUpgrade Apache to the latest version.
Reported by moduleVersion check
References
BID 19204http://www.securityfocus.com/bid/19204
VU#395412http://www.kb.cert.org/vuls/id/395412
Request
Response
91.
Source code disclosure
Severity
Medium
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/basexml.asp
DetailsWe have found <%
Sub SetXmlHeaders() ' Cleans the response buffer. Response.Clear() '
Prevent the browser from caching the result. Response.CacheControl =
"no-cache" ' Set the response format. Response.CharSet = "UTF-8"
Response.ContentType = "text/xml"
End Sub
Sub CreateXmlHeader( command, resourceType, currentFolder ) ' Create
the XML document header. Response.Write "<?xml version=""1.0""
encoding=""utf-8"" ?>" ' Create the main "Connector" node.
Response.Write "<Connector command=""" & command & """
resourceType=""" & resourceType & """>" ' Add the current
folder node. Response.Write "<CurrentFolder path=""" &
ConvertToXmlAttribute( currentFolder ) & """ url=""" &
ConvertToXmlAttribute( GetUrlFromPath( resourceType, currentFolder) )
& """ />"
End Sub
Sub CreateXmlFooter() Response.Write "</Connector>"
End Sub
Sub SendError( number, text ) SetXmlHeaders ' Create the XML document
header. Response.Write "<?xml version=""1.0"" encoding=""utf-8""
?>" Response.Write "<Connector><Error number=""" &
number & """ text=""" & Server.HTMLEncode( text ) & """
/></Connector>" Response.End
End Sub
%>
TypeValidation
DescriptionLooks like
the source code for this script is available. This check is using
pattern matching to determine if server side tags are found in the
file. In some cases this may generate false positives.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
conduct further attacks.
RecommendationRemove this file from your website or change permissions in order to remove access.
Reported by moduleText search
Request
Response
92.
Full path disclosure
Severity
Medium
Affects
/index.php
DetailsThe Cookie variable PHPSESSID has been set to '.
TypeValidation
DescriptionThis script is vulnerable to full path disclosure.
By injecting unexpected data into a parameter it's possible to generate an error that will reveal the full path of the script.
ImpactA remote user can determine the full path to the web root directory and other potentially sensitive information.
RecommendationYour script should properly sanitize user input.
Reported by moduleParameter manipulation
References
Request
Response
93.
Source code disclosure
Severity
Medium
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/perl/connector.cgi
DetailsWe have found #!/usr/bin/env perl
#####
# FCKeditor - The text editor for internet
# Copyright (C) 2003-2005 Frederico Caldeira Knabben
#
# Licensed under the terms of the GNU Lesser General Public License:
# http://www.opensource.org/licenses/lgpl-license.php
#
# For further information visit:
# http://www.fckeditor.net/
#
# "Support Open Source software. What about a donation today?"
#
# File Name: connector.cgi
# This is the File Manager Connector for Perl.
#
# File Authors:
# Takashi Yamaguchi (jack@omakase.net)
# Frederico Caldeira Knabben (fredck@fckeditor.net)
#####
##
# ATTENTION: To enable this connector, look for the "SECURITY" comment in this file.
##
## START: Hack for Windows (Not important to understand the editor code... Perl specific).
if(Windows_check()) {
chdir(GetScriptPath($0));
}
sub Windows_check
{
# IIS,PWS(NT/95)
$www_server_os = $^O;
# Win98 & NT(SP4)
if($www_server_os eq "") { $www_server_os= $ENV{'OS'}; }
# AnHTTPd/Omni/IIS
if($ENV{'SERVER_SOFTWARE'} =~ /AnWeb|Omni|IIS\//i) { $www_server_os= 'win'; }
# Win Apache
if($ENV{'WINDIR'} ne "") { $www_server_os= 'win'; }
if($www_server_os=~ /win/i) { return(1); }
return(0);
}
sub GetScriptPath {
local($path) = @_;
if($path =~ /[\:\/\\]/) { $path =~ s/(.*?)[\/\\][^\/\\]+$/$1/; } else { $path = '.'; }
$path;
}
## END: Hack for IIS
require 'util.pl';
require 'io.pl';
require 'basexml.pl';
require 'commands.pl';
require 'upload_fck.pl';
##
# SECURITY: REMOVE/COMMENT THE FOLLOWING LINE TO ENABLE THIS CONNECTOR.
##
&SendError( 1, 'This connector is disabled. Please check the "editor/filemanager/browser/default/connectors/perl
TypeValidation
DescriptionLooks like
the source code for this script is available. This check is using
pattern matching to determine if server side tags are found in the
file. In some cases this may generate false positives.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
conduct further attacks.
RecommendationRemove this file from your website or change permissions in order to remove access.
Reported by moduleText search
Request
Response
94.
Source code disclosure
Severity
Medium
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
(GET Command=FileUpload&Type=File&CurrentFolder=/)
DetailsWe have found <%@ CodePage=65001 Language="VBScript"%>
TypeValidation
DescriptionLooks like
the source code for this script is available. This check is using
pattern matching to determine if server side tags are found in the
file. In some cases this may generate false positives.
ImpactAn attacker can
gather sensitive information (database connection strings, application
logic) by analysing the source code. This information can be used to
conduct further attacks.
RecommendationRemove this file from your website or change permissions in order to remove access.
Reported by moduleText search
Request
Response
95.
Full path disclosure
Severity
Medium
Affects
/
DetailsThe Cookie variable PHPSESSID has been set to '.
TypeValidation
DescriptionThis script is vulnerable to full path disclosure.
By injecting unexpected data into a parameter it's possible to generate an error that will reveal the full path of the script.
ImpactA remote user can determine the full path to the web root directory and other potentially sensitive information.
RecommendationYour script should properly sanitize user input.
Reported by moduleParameter manipulation
References
Request
Response
96.
Possible sensitive directories
Severity
Low
Affects
/test/
DetailsNo details are available.
TypeValidation
DescriptionA possible
sensitive directory has been found. This check looks for known
sensitive directories like: backup directories, database dumps,
administration pages, temporary directories. Each of those directories
may help an attacker to learn more about his target.
ImpactThis directory may expose sensitive information that may help an malicious user to prepare more advanced attacks.
RecommendationRestrict access to this directory or remove it from the website.
Reported by moduleDirectory checks
Request
Response
97.
Possible sensitive directories
Severity
Low
Affects
/modules/Webmails/tmp/
DetailsNo details are available.
TypeValidation
DescriptionA possible
sensitive directory has been found. This check looks for known
sensitive directories like: backup directories, database dumps,
administration pages, temporary directories. Each of those directories
may help an attacker to learn more about his target.
ImpactThis directory may expose sensitive information that may help an malicious user to prepare more advanced attacks.
RecommendationRestrict access to this directory or remove it from the website.
Reported by moduleDirectory checks
Request
Response
98.
Possible sensitive directories
Severity
Low
Affects
/include/prototype-1.4.0/test/
DetailsNo details are available.
TypeValidation
DescriptionA possible
sensitive directory has been found. This check looks for known
sensitive directories like: backup directories, database dumps,
administration pages, temporary directories. Each of those directories
may help an attacker to learn more about his target.
ImpactThis directory may expose sensitive information that may help an malicious user to prepare more advanced attacks.
RecommendationRestrict access to this directory or remove it from the website.
Reported by moduleDirectory checks
Request
Response
99.
Possible sensitive directories
Severity
Low
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/asp/
DetailsNo details are available.
TypeValidation
DescriptionA possible
sensitive directory has been found. This check looks for known
sensitive directories like: backup directories, database dumps,
administration pages, temporary directories. Each of those directories
may help an attacker to learn more about his target.
ImpactThis directory may expose sensitive information that may help an malicious user to prepare more advanced attacks.
RecommendationRestrict access to this directory or remove it from the website.
Reported by moduleDirectory checks
Request
Response
100.
Possible sensitive files
Severity
Low
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/test.html
DetailsNo details are available.
TypeValidation
DescriptionA possible
sensitive file has been found. This check looks for known sensitive
files like: password files, configuration files, log files, include
files, statistics data, database dumps. Each of those files may help an
attacker to learn more about his target.
ImpactThis file may expose sensitive information that may help an malicious user to prepare more advanced attacks.
RecommendationRestrict access to this file or remove it from the website.
Reported by moduleDirectory checks
Request
Response
101.
Possible sensitive directories
Severity
Low
Affects
/include/database/
DetailsNo details are available.
TypeValidation
DescriptionA possible
sensitive directory has been found. This check looks for known
sensitive directories like: backup directories, database dumps,
administration pages, temporary directories. Each of those directories
may help an attacker to learn more about his target.
ImpactThis directory may expose sensitive information that may help an malicious user to prepare more advanced attacks.
RecommendationRestrict access to this directory or remove it from the website.
Reported by moduleDirectory checks
Request
Response
102.
Possible sensitive directories
Severity
Low
Affects
/include/install/
DetailsNo details are available.
TypeValidation
DescriptionA possible
sensitive directory has been found. This check looks for known
sensitive directories like: backup directories, database dumps,
administration pages, temporary directories. Each of those directories
may help an attacker to learn more about his target.
ImpactThis directory may expose sensitive information that may help an malicious user to prepare more advanced attacks.
RecommendationRestrict access to this directory or remove it from the website.
Reported by moduleDirectory checks
Request
Response
103.
Possible sensitive directories
Severity
Low
Affects
/install/
DetailsNo details are available.
TypeValidation
DescriptionA possible
sensitive directory has been found. This check looks for known
sensitive directories like: backup directories, database dumps,
administration pages, temporary directories. Each of those directories
may help an attacker to learn more about his target.
ImpactThis directory may expose sensitive information that may help an malicious user to prepare more advanced attacks.
RecommendationRestrict access to this directory or remove it from the website.
Reported by moduleDirectory checks
Request
Response
104.
Possible sensitive directories
Severity
Low
Affects
/data/
DetailsNo details are available.
TypeValidation
DescriptionA possible
sensitive directory has been found. This check looks for known
sensitive directories like: backup directories, database dumps,
administration pages, temporary directories. Each of those directories
may help an attacker to learn more about his target.
ImpactThis directory may expose sensitive information that may help an malicious user to prepare more advanced attacks.
RecommendationRestrict access to this directory or remove it from the website.
Reported by moduleDirectory checks
Request
Response
105.
Possible sensitive directories
Severity
Low
Affects
/include/
DetailsNo details are available.
TypeValidation
DescriptionA possible
sensitive directory has been found. This check looks for known
sensitive directories like: backup directories, database dumps,
administration pages, temporary directories. Each of those directories
may help an attacker to learn more about his target.
ImpactThis directory may expose sensitive information that may help an malicious user to prepare more advanced attacks.
RecommendationRestrict access to this directory or remove it from the website.
Reported by moduleDirectory checks
Request
Response
106.
Directory listing found
Severity
Low
Affects
/include
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
107.
Directory listing found
Severity
Low
Affects
/include (GET C=D;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
108.
Possible sensitive directories
Severity
Low
Affects
/database/
DetailsNo details are available.
TypeValidation
DescriptionA possible
sensitive directory has been found. This check looks for known
sensitive directories like: backup directories, database dumps,
administration pages, temporary directories. Each of those directories
may help an attacker to learn more about his target.
ImpactThis directory may expose sensitive information that may help an malicious user to prepare more advanced attacks.
RecommendationRestrict access to this directory or remove it from the website.
Reported by moduleDirectory checks
Request
Response
109.
Directory listing found
Severity
Low
Affects
/include/images (GET C=D;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
110.
Directory listing found
Severity
Low
Affects
/include/js (GET C=S;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
111.
Directory listing found
Severity
Low
Affects
/include/js (GET C=M;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
112.
Directory listing found
Severity
Low
Affects
/include/js (GET C=N;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
113.
Directory listing found
Severity
Low
Affects
/include/js (GET C=D;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
114.
Directory listing found
Severity
Low
Affects
/include/js (GET C=S;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
115.
Directory listing found
Severity
Low
Affects
/include/js (GET C=M;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
116.
Directory listing found
Severity
Low
Affects
/include/js (GET C=N;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
117.
Directory listing found
Severity
Low
Affects
/include/js
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
118.
Directory listing found
Severity
Low
Affects
/include/images (GET C=D;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
119.
Directory listing found
Severity
Low
Affects
/include/images (GET C=M;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
120.
Directory listing found
Severity
Low
Affects
/include (GET C=N;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
121.
Directory listing found
Severity
Low
Affects
/include/images (GET C=N;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
122.
Directory listing found
Severity
Low
Affects
/include (GET C=N;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
123.
Directory listing found
Severity
Low
Affects
/include/images (GET C=S;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
124.
Directory listing found
Severity
Low
Affects
/include/images (GET C=M;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
125.
Directory listing found
Severity
Low
Affects
/include/images (GET C=N;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
126.
Directory listing found
Severity
Low
Affects
/include/images
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
127.
Directory listing found
Severity
Low
Affects
/include (GET C=M;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
128.
Broken links
Severity
Low
Affects
/modules/Emails/Emails.js
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
129.
Directory listing found
Severity
Low
Affects
/include (GET C=S;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
130.
Directory listing found
Severity
Low
Affects
/include (GET C=D;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
131.
Directory listing found
Severity
Low
Affects
/include (GET C=S;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
132.
Directory listing found
Severity
Low
Affects
/include (GET C=M;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
133.
Directory listing found
Severity
Low
Affects
/include/images (GET C=S;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
134.
Directory listing found
Severity
Low
Affects
/include/js (GET C=D;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
135.
Broken links
Severity
Low
Affects
/modules/Accounts/Accounts.js
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
136.
Broken links
Severity
Low
Affects
/modules/Users/{ORDER_BY}user_ip
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
137.
Broken links
Severity
Low
Affects
/modules/Users/{ORDER_BY}login_time
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
138.
Broken links
Severity
Low
Affects
/modules/Users/{ORDER_BY}logout_time
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
139.
Broken links
Severity
Low
Affects
/modules/uploads/index.php
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
140.
Broken links
Severity
Low
Affects
/modules/uploads/themes/style.css
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
141.
Broken links
Severity
Low
Affects
/modules/uploads/index.php (GET
module=uploads&action=add2db&return_module=; POST
MAX_FILE_SIZE=1000000&return_module=&return_action=&return_id=&filename=&txtDescription=&save=%26nbsp%3BAttach%26nbsp%3B&cancel=Cancel)
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
142.
File inputs accepted
Severity
Low
Affects
/include/fckeditor/editor/dialog/fck_flash.html
DetailsNo details are available.
TypeInformational
DescriptionBy this form input is possible to upload a file to the server.
ImpactUser may upload malicious files to server.
RecommendationCheck if the script inputs are properly validated.
Reported by moduleCrawler
References
Request
Response
143.
File inputs accepted
Severity
Low
Affects
/include/fckeditor/editor/dialog/fck_image.html
DetailsNo details are available.
TypeInformational
DescriptionBy this form input is possible to upload a file to the server.
ImpactUser may upload malicious files to server.
RecommendationCheck if the script inputs are properly validated.
Reported by moduleCrawler
References
Request
Response
144.
File inputs accepted
Severity
Low
Affects
/include/fckeditor/editor/dialog/fck_link.html
DetailsNo details are available.
TypeInformational
DescriptionBy this form input is possible to upload a file to the server.
ImpactUser may upload malicious files to server.
RecommendationCheck if the script inputs are properly validated.
Reported by moduleCrawler
References
Request
Response
145.
Broken links
Severity
Low
Affects
/modules/Users/index.php (GET module=Users&action=ListView&query=true&last_name=I)
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
146.
Broken links
Severity
Low
Affects
/include/fckeditor/editor/dialog/fck_flash/fck_flash_preview.html
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
147.
Broken links
Severity
Low
Affects
/modules/Users/index.php (GET module=Users&action=ListView&query=true&last_name=H)
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
148.
File inputs accepted
Severity
Low
Affects
/include/fckeditor/editor/dialog/fck_flash.html
DetailsNo details are available.
TypeInformational
DescriptionBy this form input is possible to upload a file to the server.
ImpactUser may upload malicious files to server.
RecommendationCheck if the script inputs are properly validated.
Reported by moduleCrawler
References
Request
Response
149.
Directory listing found
Severity
Low
Affects
/include/scriptaculous (GET C=M;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
150.
File inputs accepted
Severity
Low
Affects
/include/fckeditor/editor/dialog/fck_image.html
DetailsNo details are available.
TypeInformational
DescriptionBy this form input is possible to upload a file to the server.
ImpactUser may upload malicious files to server.
RecommendationCheck if the script inputs are properly validated.
Reported by moduleCrawler
References
Request
Response
151.
File inputs accepted
Severity
Low
Affects
/include/fckeditor/editor/dialog/fck_link.html
DetailsNo details are available.
TypeInformational
DescriptionBy this form input is possible to upload a file to the server.
ImpactUser may upload malicious files to server.
RecommendationCheck if the script inputs are properly validated.
Reported by moduleCrawler
References
Request
Response
152.
Broken links
Severity
Low
Affects
/include/fckeditor/editor/dialog/common/common/fcknumericfield.htc
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
153.
File inputs accepted
Severity
Low
Affects
/include/fckeditor/editor/filemanager/browser/default/frmupload.html
DetailsNo details are available.
TypeInformational
DescriptionBy this form input is possible to upload a file to the server.
ImpactUser may upload malicious files to server.
RecommendationCheck if the script inputs are properly validated.
Reported by moduleCrawler
References
Request
Response
154.
File inputs accepted
Severity
Low
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/test.html
DetailsNo details are available.
TypeInformational
DescriptionBy this form input is possible to upload a file to the server.
ImpactUser may upload malicious files to server.
RecommendationCheck if the script inputs are properly validated.
Reported by moduleCrawler
References
Request
Response
155.
File inputs accepted
Severity
Low
Affects
/include/fckeditor/editor/filemanager/browser/default/frmupload.html
DetailsNo details are available.
TypeInformational
DescriptionBy this form input is possible to upload a file to the server.
ImpactUser may upload malicious files to server.
RecommendationCheck if the script inputs are properly validated.
Reported by moduleCrawler
References
Request
Response
156.
File inputs accepted
Severity
Low
Affects
/include/fckeditor/editor/filemanager/browser/default/connectors/test.html
DetailsNo details are available.
TypeInformational
DescriptionBy this form input is possible to upload a file to the server.
ImpactUser may upload malicious files to server.
RecommendationCheck if the script inputs are properly validated.
Reported by moduleCrawler
References
Request
Response
157.
TRACE Method Enabled
Severity
Low
Affects
Web Server
DetailsNo details are available.
TypeValidation
DescriptionHTTP TRACE
method is enabled on this web server. In the presence of other
cross-domain vulnerabilities in web browsers, sensitive header
information could be read from any domains that support the HTTP TRACE
method.
ImpactAttackers may
abuse HTTP TRACE functionality to gain access to information in HTTP
headers such as cookies and authentication data.
RecommendationDisable TRACE Method on the web server.
Reported by moduleCGI Tester
Request
Response
158.
Broken links
Severity
Low
Affects
/include/fckeditor/editor/dialog/fck_flash/fck_flash.js
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
159.
Broken links
Severity
Low
Affects
/themes/alphagrey/include/style.css
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
160.
Broken links
Severity
Low
Affects
/modules/Potentials/Potentials.js
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
161.
Broken links
Severity
Low
Affects
/modules/Contacts/Contacts.js
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
162.
Broken links
Severity
Low
Affects
/modules/Notes/Notes.js
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
163.
Broken links
Severity
Low
Affects
/modules/Calendar/Calendar.js
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
164.
Broken links
Severity
Low
Affects
/modules/Products/Products.js
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
165.
Broken links
Severity
Low
Affects
/modules/Vendors/Vendors.js
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
166.
Broken links
Severity
Low
Affects
/modules/PriceBooks/PriceBooks.js
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
167.
Broken links
Severity
Low
Affects
/modules/Quotes/Quotes.js
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
168.
Broken links
Severity
Low
Affects
/modules/Campaigns/Campaigns.js
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
169.
Broken links
Severity
Low
Affects
/modules/Leads/Leads.js
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
170.
Broken links
Severity
Low
Affects
/modules/Users/{ORDER_BY}user_name
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
171.
File inputs accepted
Severity
Low
Affects
/modules/uploads/index.php
DetailsNo details are available.
TypeInformational
DescriptionBy this form input is possible to upload a file to the server.
ImpactUser may upload malicious files to server.
RecommendationCheck if the script inputs are properly validated.
Reported by moduleCrawler
References
Request
Response
172.
Broken links
Severity
Low
Affects
/style.css
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
173.
Broken links
Severity
Low
Affects
/themes/woodspice/include/style.css
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
174.
Broken links
Severity
Low
Affects
/modules/Users/index.php
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
175.
Broken links
Severity
Low
Affects
/modules/Users/index.php (GET module=Users&action=ListView&advanced=true)
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
176.
Broken links
Severity
Low
Affects
/modules/Users/index.php (GET module=Users&action=ListView&query=true&last_name=B)
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
177.
Broken links
Severity
Low
Affects
/modules/Users/index.php (GET module=Users&action=ListView&query=true&last_name=A)
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
178.
Broken links
Severity
Low
Affects
/modules/Users/index.php (GET module=Users&action=ListView&query=true&last_name=C)
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
179.
Broken links
Severity
Low
Affects
/modules/Users/index.php (GET module=Users&action=ListView&query=true&last_name=D)
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
180.
Broken links
Severity
Low
Affects
/modules/Users/index.php (GET module=Users&action=ListView&query=true&last_name=E)
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
181.
Broken links
Severity
Low
Affects
/modules/Users/index.php (GET module=Users&action=ListView&query=true&last_name=F)
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
182.
Broken links
Severity
Low
Affects
/modules/Users/index.php (GET module=Users&action=ListView&query=true&last_name=G)
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
183.
Broken links
Severity
Low
Affects
/themes/bluelagoon/include/style.css
DetailsNo details are available.
TypeInformational
DescriptionThis page was found as link but is inaccessible.
ImpactProblems navigating the site.
RecommendationRemove the links to this file or make this available.
Reported by moduleCrawler
References
Request
Response
184.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/internals (GET C=D;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
185.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/globals (GET C=S;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
186.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/globals (GET C=D;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
187.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/globals (GET C=N;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
188.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/globals (GET C=M;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
189.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/globals (GET C=S;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
190.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/globals (GET C=D;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
191.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/internals
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
192.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/internals (GET C=N;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
193.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/css (GET C=D;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
194.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/internals (GET C=S;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
195.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/globals
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
196.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/internals (GET C=N;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
197.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/internals (GET C=M;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
198.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/internals (GET C=S;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
199.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/internals (GET C=D;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
200.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/css
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
201.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/css (GET C=N;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
202.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/css (GET C=M;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
203.
Directory listing found
Severity
Low
Affects
/include/scriptaculous (GET C=D;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
204.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/internals (GET C=M;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
205.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/commandclasses
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
206.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source (GET C=M;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
207.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/classes
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
208.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/classes (GET C=N;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
209.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/classes (GET C=M;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
210.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/classes (GET C=S;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
211.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/classes (GET C=D;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
212.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/classes (GET C=N;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
213.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/classes (GET C=M;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
214.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/globals (GET C=M;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
215.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/classes (GET C=D;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
216.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/globals (GET C=N;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
217.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/commandclasses (GET C=N;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
218.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/commandclasses (GET C=M;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
219.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/commandclasses (GET C=S;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
220.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/commandclasses (GET C=D;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
221.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/commandclasses (GET C=N;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
222.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/commandclasses (GET C=M;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
223.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/commandclasses (GET C=S;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
224.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/commandclasses (GET C=D;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
225.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/css (GET C=N;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
226.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source/classes (GET C=S;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
227.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog/common/images (GET C=M;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
228.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog/common (GET C=N;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
229.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog/common (GET C=M;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
230.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog/common (GET C=S;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
231.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog/common (GET C=D;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
232.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog/common (GET C=N;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
233.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog/common (GET C=M;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
234.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog/common (GET C=S;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
235.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog/common (GET C=D;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
236.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/css (GET C=S;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
237.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog/common/images (GET C=N;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
238.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog (GET C=S;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
239.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog/common/images (GET C=S;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
240.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog/common/images (GET C=D;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
241.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog/common/images (GET C=N;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
242.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog/common/images (GET C=M;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
243.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog/common/images (GET C=S;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
244.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog/common/images (GET C=D;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
245.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog/fck_about
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
246.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog/fck_about (GET C=N;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
247.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog/common/images
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
248.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/css/behaviors (GET C=S;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
249.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/css (GET C=M;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
250.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/css (GET C=S;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
251.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/css (GET C=D;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
252.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/css/behaviors
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
253.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/css/behaviors (GET C=N;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
254.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/css/behaviors (GET C=M;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
255.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/css/behaviors (GET C=S;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
256.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/css/behaviors (GET C=D;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
257.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog/common
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
258.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/css/behaviors (GET C=M;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
259.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog (GET C=D;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
260.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/css/behaviors (GET C=D;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
261.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
262.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog (GET C=N;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
263.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog (GET C=M;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
264.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog (GET C=S;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
265.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog (GET C=D;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
266.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog (GET C=N;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
267.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/dialog (GET C=M;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
268.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source (GET C=N;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
269.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/css/behaviors (GET C=N;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
270.
Directory listing found
Severity
Low
Affects
/include/ListView (GET C=S;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
271.
Directory listing found
Severity
Low
Affects
/include/Ajax (GET C=M;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
272.
Directory listing found
Severity
Low
Affects
/include/Ajax (GET C=S;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
273.
Directory listing found
Severity
Low
Affects
/include/Ajax (GET C=D;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
274.
Directory listing found
Severity
Low
Affects
/include/ListView
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
275.
Directory listing found
Severity
Low
Affects
/include/ListView (GET C=N;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
276.
Directory listing found
Severity
Low
Affects
/include/ListView (GET C=M;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
277.
Directory listing found
Severity
Low
Affects
/include/ListView (GET C=S;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
278.
Directory listing found
Severity
Low
Affects
/include/ListView (GET C=D;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
279.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source (GET C=S;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
280.
Directory listing found
Severity
Low
Affects
/include/ListView (GET C=M;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
281.
Directory listing found
Severity
Low
Affects
/include/Ajax (GET C=S;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
282.
Directory listing found
Severity
Low
Affects
/include/ListView (GET C=D;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
283.
Directory listing found
Severity
Low
Affects
/include/clock
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
284.
Directory listing found
Severity
Low
Affects
/include/clock (GET C=N;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
285.
Directory listing found
Severity
Low
Affects
/include/clock (GET C=M;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
286.
Directory listing found
Severity
Low
Affects
/include/clock (GET C=S;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
287.
Directory listing found
Severity
Low
Affects
/include/clock (GET C=D;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
288.
Directory listing found
Severity
Low
Affects
/include/clock (GET C=N;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
289.
Directory listing found
Severity
Low
Affects
/include/clock (GET C=M;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
290.
Directory listing found
Severity
Low
Affects
/include/ListView (GET C=N;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
291.
Directory listing found
Severity
Low
Affects
/include/calculator (GET C=S;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
292.
Directory listing found
Severity
Low
Affects
/include/scriptaculous (GET C=N;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
293.
Directory listing found
Severity
Low
Affects
/include/scriptaculous (GET C=M;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
294.
Directory listing found
Severity
Low
Affects
/include/scriptaculous (GET C=S;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
295.
User credentials are sent in clear text
Severity
Low
Affects
/
DetailsNo details are available.
TypeInformational
DescriptionIt seemes that user credentials are sent to /index.php in clear text.
ImpactA third party may be able to read the user credentials by intercepting an unencrypted HTTP connection.
RecommendationBecause
user credentials usually are considered sensitive information, it is
recommended to be sent to the server over an encrypted connection.
Reported by moduleCrawler
References
Request
Response
296.
Directory listing found
Severity
Low
Affects
/include/scriptaculous (GET C=N;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
297.
Directory listing found
Severity
Low
Affects
/include/scriptaculous (GET C=S;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
298.
Directory listing found
Severity
Low
Affects
/include/scriptaculous (GET C=D;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
299.
Directory listing found
Severity
Low
Affects
/include/calculator
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
300.
Directory listing found
Severity
Low
Affects
/include/Ajax (GET C=N;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
301.
Directory listing found
Severity
Low
Affects
/include/calculator (GET C=M;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
302.
Directory listing found
Severity
Low
Affects
/include/Ajax (GET C=D;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
303.
Directory listing found
Severity
Low
Affects
/include/calculator (GET C=D;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
304.
Directory listing found
Severity
Low
Affects
/include/calculator (GET C=N;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
305.
Directory listing found
Severity
Low
Affects
/include/calculator (GET C=M;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
306.
Directory listing found
Severity
Low
Affects
/include/calculator (GET C=S;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
307.
Directory listing found
Severity
Low
Affects
/include/calculator (GET C=D;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
308.
Directory listing found
Severity
Low
Affects
/include/Ajax
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
309.
Directory listing found
Severity
Low
Affects
/include/Ajax (GET C=N;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
310.
Directory listing found
Severity
Low
Affects
/include/Ajax (GET C=M;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
311.
Directory listing found
Severity
Low
Affects
/include/database
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
312.
Directory listing found
Severity
Low
Affects
/include/calculator (GET C=N;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
313.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor (GET C=N;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
314.
Directory listing found
Severity
Low
Affects
/include/clock (GET C=S;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
315.
Directory listing found
Severity
Low
Affects
/include/fckeditor (GET C=N;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
316.
Directory listing found
Severity
Low
Affects
/include/fckeditor (GET C=M;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
317.
Directory listing found
Severity
Low
Affects
/include/fckeditor (GET C=S;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
318.
Directory listing found
Severity
Low
Affects
/include/fckeditor (GET C=D;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
319.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
320.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor (GET C=N;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
321.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor (GET C=M;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
322.
Directory listing found
Severity
Low
Affects
/include/fckeditor (GET C=S;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
323.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor (GET C=D;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
324.
Directory listing found
Severity
Low
Affects
/include/fckeditor (GET C=M;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
325.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor (GET C=M;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
326.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor (GET C=S;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
327.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor (GET C=D;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
328.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
329.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source (GET C=N;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
330.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source (GET C=M;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
331.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source (GET C=S;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
332.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source (GET C=D;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
333.
Directory listing found
Severity
Low
Affects
/include/scriptaculous
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
334.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor (GET C=S;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
335.
Directory listing found
Severity
Low
Affects
/include/db_backup (GET C=N;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
336.
Directory listing found
Severity
Low
Affects
/include/fckeditor/editor/_source (GET C=D;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
337.
Directory listing found
Severity
Low
Affects
/include/database (GET C=N;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
338.
Directory listing found
Severity
Low
Affects
/include/database (GET C=M;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
339.
Directory listing found
Severity
Low
Affects
/include/database (GET C=S;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
340.
Directory listing found
Severity
Low
Affects
/include/database (GET C=D;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
341.
Directory listing found
Severity
Low
Affects
/include/database (GET C=N;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
342.
Directory listing found
Severity
Low
Affects
/include/database (GET C=M;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
343.
Directory listing found
Severity
Low
Affects
/include/database (GET C=D;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
344.
Directory listing found
Severity
Low
Affects
/include/fckeditor (GET C=D;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
345.
Directory listing found
Severity
Low
Affects
/include/db_backup
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
346.
Directory listing found
Severity
Low
Affects
/include/clock (GET C=D;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
347.
Directory listing found
Severity
Low
Affects
/include/db_backup (GET C=M;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
348.
Directory listing found
Severity
Low
Affects
/include/db_backup (GET C=S;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
349.
Directory listing found
Severity
Low
Affects
/include/db_backup (GET C=D;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
350.
Directory listing found
Severity
Low
Affects
/include/db_backup (GET C=N;O=A)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
351.
Directory listing found
Severity
Low
Affects
/include/db_backup (GET C=M;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
352.
Directory listing found
Severity
Low
Affects
/include/db_backup (GET C=D;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
353.
Directory listing found
Severity
Low
Affects
/include/db_backup (GET C=S;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
354.
Directory listing found
Severity
Low
Affects
/include/fckeditor
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
355.
Directory listing found
Severity
Low
Affects
/include/fckeditor (GET C=N;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
356.
Directory listing found
Severity
Low
Affects
/include/database (GET C=S;O=D)
DetailsWe have found <TITLE>Index of
TypeInformation
DescriptionThe web
server is configured to display the list of files contained in this
directory. This is not recommended because the directory may contain
files that are not normally exposed through links on the web site.
ImpactA user can view a list of all files from this directory possibly exposing sensitive information.
RecommendationYou
should make sure the directory does not contain sensitive information
or you may want to restrict directory listings from the web server
configuration.
Reported by moduleText search
Request
Response
Informational