Welcome to Scribd!

Executive: Acunetix Security Audit

Uploaded by

0% found this document useful (0 votes)

23 views3 pages

The security audit of http://testphp.vulnweb.com/ found 155 alerts, including 64 high severity issues allowing compromise of the backend database or website defacement. The majority of alerts were for SQL injection (35 alerts), cross site scripting (18 alerts), and blind SQL injection (8 alerts). Several medium severity issues were also discovered relating to information disclosure, backup files, and insecure practices.

Original Description:

Original Title

919dd0a8-120d-461c-a4d3-16f30e0dbe86

Copyright

Available Formats

PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as pdf or txt

0% found this document useful (0 votes)

23 views3 pages

Executive: Acunetix Security Audit

Uploaded by

Ibrahim qashta

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as pdf or txt

Jump to Page

You are on page 1of 3

Search inside document

Executive

Summary
Report
Acunetix Security Audit

31 December 2022

Generated by Acunetix
Scan of http://testphp.vulnweb.com/
Scan details
Scan information
Start time 31/12/2022, 09:12:21
Start url http://testphp.vulnweb.com/
Host http://testphp.vulnweb.com/
Scan time 116 minutes, 46 seconds
Profile Full Scan

Threat level

Acunetix Threat Level 3

One or more high-severity type vulnerabilities have been discovered by the scanner. A malicious user can exploit these
vulnerabilities and compromise the backend database and/or deface your website.

Alerts distribution

Total alerts found 155

High 64
Medium 65
Low 9
Informational 17
Executive summary
Alert group Severity Alert count
SQL injection High 35
Cross site scripting High 18
Blind SQL Injection High 8
PHP allow_url_fopen enabled (AcuSensor) High 1
Script source code disclosure High 1
Weak password High 1
Application error message Medium 15
Directory listing Medium 15
Error message on page Medium 12
Backup files Medium 6
HTML form without CSRF protection Medium 6
HTTP parameter pollution Medium 2
User credentials are sent in clear text Medium 2
Cross domain data hijacking Medium 1
Cross site scripting (content-sniffing) Medium 1
Insecure crossdomain.xml file Medium 1
JetBrains .idea project directory Medium 1
PHP errors enabled (AcuSensor) Medium 1
URL redirection Medium 1
WS_FTP log file found Medium 1
MySQL username disclosure Low 6
Clickjacking: X-Frame-Options header missing Low 1
Hidden form input named price was found Low 1
Login page password-guessing attack Low 1

Security Penetration Test Report of VULNWEB PDF
Document12 pages
Security Penetration Test Report of VULNWEB PDF
Bão Đêm
38% (8)
Report For Foophones: by Utkarsh Munra
Document37 pages
Report For Foophones: by Utkarsh Munra
suraj fb
No ratings yet
Hands on Hacking: Become an Expert at Next Gen Penetration Testing and Purple Teaming
From Everand
Hands on Hacking: Become an Expert at Next Gen Penetration Testing and Purple Teaming
Matthew Hickey
Rating: 3 out of 5 stars
3/5 (3)
CxEye UserManual V1 81 PDF
Document128 pages
CxEye UserManual V1 81 PDF
zvonebul
No ratings yet
Developer Report: Acunetix Website Audit 23 December, 2021
Document7 pages
Developer Report: Acunetix Website Audit 23 December, 2021
BAGAS TRI RAMADANA -
No ratings yet
Cargill Web Application Scanning Report
Document27 pages
Cargill Web Application Scanning Report
Hari King
No ratings yet
Comprehensive Report: Acunetix Threat Level 3
Document37 pages
Comprehensive Report: Acunetix Threat Level 3
Yudha Trias Rusmana
No ratings yet
Cisco
Document92 pages
Cisco
ari sirwan
No ratings yet
Comprehensive Report: Acunetix Threat Level 3
Document38 pages
Comprehensive Report: Acunetix Threat Level 3
Yudha Trias Rusmana
No ratings yet
Vulnerabiliades - Diccionario
Document142 pages
Vulnerabiliades - Diccionario
Johan Morillo
No ratings yet
Website Vulnerability Scanner Report (Light)
Document4 pages
Website Vulnerability Scanner Report (Light)
MasBa
No ratings yet
Owasp Zap Hostedscan Report 2024-02-12
Document17 pages
Owasp Zap Hostedscan Report 2024-02-12
faizan.reza
No ratings yet
Delhi Ford 1
Document18 pages
Delhi Ford 1
Vivek Gautam
No ratings yet
ZAP Scanning: Project 2
Document24 pages
ZAP Scanning: Project 2
Sabyasachi dutta
No ratings yet
Browser Security I (Slides)
Document56 pages
Browser Security I (Slides)
Dan Vollek
No ratings yet
Executive Summary WWW Six Group Com
Document3 pages
Executive Summary WWW Six Group Com
yomi kwairanga
No ratings yet
Usenixsec 05
Document36 pages
Usenixsec 05
mohamedsamirnassar1993
No ratings yet
Ridho Abdul Majid
Document24 pages
Ridho Abdul Majid
Ridho Abdul Majid
No ratings yet
Phase2 Security Report
Document64 pages
Phase2 Security Report
Anonymous r3xb805E
No ratings yet
Web Application Audit Report: Demo Account
Document12 pages
Web Application Audit Report: Demo Account
Samuel Konan
No ratings yet
Security Sample VAPT Report
Document28 pages
Security Sample VAPT Report
Ravi Giri
No ratings yet
Vulnerability Scan: Prepared by
Document14 pages
Vulnerability Scan: Prepared by
zitexit
No ratings yet
Rapport de Scan Thecnique
Document10 pages
Rapport de Scan Thecnique
ayariimed
No ratings yet
Comprehensive New WWW Six Group Com
Document41 pages
Comprehensive New WWW Six Group Com
yomi kwairanga
No ratings yet
Copyright of Bangladesh Scan Result
Document65 pages
Copyright of Bangladesh Scan Result
antiblack49
No ratings yet
Comprehensive Report: Acunetix Threat Level 3
Document23 pages
Comprehensive Report: Acunetix Threat Level 3
bugtest
No ratings yet
Developer Report PDF
Document65 pages
Developer Report PDF
Anonymous JyKPfbZBQ
No ratings yet
Owasp Zap Hostedscan Report 2024-04-30
Document16 pages
Owasp Zap Hostedscan Report 2024-04-30
Tymmz Allotey
No ratings yet
10a - Web Security
Document14 pages
10a - Web Security
Alif Faisal
No ratings yet
Wapiti Vulnerability Report: Target: Http://123.231.148.147:8081/webservice
Document7 pages
Wapiti Vulnerability Report: Target: Http://123.231.148.147:8081/webservice
Plokodot Plokodot
No ratings yet
Vulnerabilities and Attacks: Msc. Vuong Thi Nhung Faculty of Information Technology Hanoi University
Document50 pages
Vulnerabilities and Attacks: Msc. Vuong Thi Nhung Faculty of Information Technology Hanoi University
rooney ngô
No ratings yet
(Divi Report) Daptatech Rep
Document5 pages
(Divi Report) Daptatech Rep
carlos
No ratings yet
GamaSec Example Report
Document42 pages
GamaSec Example Report
Mefistogr
No ratings yet
Vulnerability Scan: Prepared by
Document13 pages
Vulnerability Scan: Prepared by
zitexit
No ratings yet
2023 08 03 ZAP Report
Document58 pages
2023 08 03 ZAP Report
Quang Hà Đặng
No ratings yet
Threat Model For Bwapp
Document38 pages
Threat Model For Bwapp
shinde_jayesh2005
No ratings yet
This Study Resource Was
Document5 pages
This Study Resource Was
Nathalie
No ratings yet
Comprehensive New Https Tech Jobs Credit Agricole Com
Document27 pages
Comprehensive New Https Tech Jobs Credit Agricole Com
Brain code
No ratings yet
Testphp Acunetics PDF
Document98 pages
Testphp Acunetics PDF
Ranjan Kumar Singh
No ratings yet
PentestTools WebsiteScanner Report
Document4 pages
PentestTools WebsiteScanner Report
tc
No ratings yet
A Specimen of Network Security Scan Report
Document68 pages
A Specimen of Network Security Scan Report
M. Saad Jumani
No ratings yet
An toàn hệ thống web
Document74 pages
An toàn hệ thống web
nhi
No ratings yet
Browser Security Model: John Mitchell
Document74 pages
Browser Security Model: John Mitchell
nhi
No ratings yet
WebStrike PDF Report
Document4 pages
WebStrike PDF Report
Biswajit
No ratings yet
Website Vulnerability Scanner Report (Light)
Document6 pages
Website Vulnerability Scanner Report (Light)
alex681219
No ratings yet
Generated On Mar., 23 Nov. 2021 18:22:47 Summary of Alerts: High Medium Low Informational
Document1 page
Generated On Mar., 23 Nov. 2021 18:22:47 Summary of Alerts: High Medium Low Informational
Raksasa Repulsive
No ratings yet
Quick HTTP Opensea Io
Document3 pages
Quick HTTP Opensea Io
Thilin Thungeesha
No ratings yet
PentestTools WebsiteScanner Report
Document5 pages
PentestTools WebsiteScanner Report
miguel
No ratings yet
Vulnerability Scan: Prepared by
Document20 pages
Vulnerability Scan: Prepared by
Diego Moreno
No ratings yet
(Divi Report) Tokenlab
Document12 pages
(Divi Report) Tokenlab
carlos
No ratings yet
Browser Security Model: John Mitchell
Document74 pages
Browser Security Model: John Mitchell
salim ucar
No ratings yet
Hardening Enterprise Apache Installations: Sander Temme
Document39 pages
Hardening Enterprise Apache Installations: Sander Temme
wcai88
No ratings yet
Introduction To Web Penetration Testing
Document60 pages
Introduction To Web Penetration Testing
matthieucolle1
No ratings yet
Comprehensive New Https PHP
Document19 pages
Comprehensive New Https PHP
Angel Bracero
No ratings yet
Ransomware The Clock Is Ticking
Document32 pages
Ransomware The Clock Is Ticking
Rashmita Mishra
No ratings yet
Executive Summary All Vulnerabilities
Document21 pages
Executive Summary All Vulnerabilities
Thilin Thungeesha
No ratings yet
Website Vulnerability Scanner Report (Light)
Document3 pages
Website Vulnerability Scanner Report (Light)
android tips and tricks
No ratings yet
Phpmyadmin Web Application Security Assessment
Document16 pages
Phpmyadmin Web Application Security Assessment
yb
No ratings yet
Demo Pentest Report 1709741204
Document19 pages
Demo Pentest Report 1709741204
Baji Shaik
No ratings yet
Fundamental Cyber Security Training
Document9 pages
Fundamental Cyber Security Training
Kenjie Sama
No ratings yet
Fundamental Cyber Security Training
Document9 pages
Fundamental Cyber Security Training
YılmazDeğirmenci
No ratings yet
Sec Your Embed Sys Life Cycle
Document5 pages
Sec Your Embed Sys Life Cycle
Ibrahim qashta
No ratings yet
Lab1 Solution
Document2 pages
Lab1 Solution
Ibrahim qashta
No ratings yet
1 s2.0 S1877050922004422 Main
Document8 pages
1 s2.0 S1877050922004422 Main
Ibrahim qashta
No ratings yet
Electronics 11 03330 v2
Document41 pages
Electronics 11 03330 v2
Ibrahim qashta
No ratings yet
Dis11 Solutions
Document6 pages
Dis11 Solutions
Ibrahim qashta
No ratings yet
Phy Sec Pol
Document20 pages
Phy Sec Pol
Ibrahim qashta
No ratings yet
Sensors 23 04060
Document26 pages
Sensors 23 04060
Ibrahim qashta
No ratings yet
A Study On The Mobile Application Security Threats and Vulnerability Analysis Cases
Document8 pages
A Study On The Mobile Application Security Threats and Vulnerability Analysis Cases
Ibrahim qashta
No ratings yet
Symmetry 14 02304 With Cover
Document12 pages
Symmetry 14 02304 With Cover
Ibrahim qashta
No ratings yet
IOT Assignment-2
Document32 pages
IOT Assignment-2
Ipsy Nayak
No ratings yet
Powermanager Help en PDF
Document354 pages
Powermanager Help en PDF
MiguelGonzalez
No ratings yet
Application Menus: Helptext - Menu
Document3 pages
Application Menus: Helptext - Menu
Gopi Ramalingam
No ratings yet
Individual Activity For Module 1
Document4 pages
Individual Activity For Module 1
sunflowerbees
No ratings yet
Product Review Sitelfhxp PDF
Document2 pages
Product Review Sitelfhxp PDF
syriamargin78
No ratings yet
Commercialized Hospital Information Systems World Wide Web
Document1 page
Commercialized Hospital Information Systems World Wide Web
FRANCESCA GABRIEL DOMINGO
No ratings yet
Abdul Ghafor
Document4 pages
Abdul Ghafor
AbdulGhaforSabury
No ratings yet
IITISoC'22 Problem Statements
Document40 pages
IITISoC'22 Problem Statements
Ajay Choudhary
No ratings yet
This Firmware Can Use For Multi-Language. (Multi-Language Firmware Is The Same As This Firmware.)
Document8 pages
This Firmware Can Use For Multi-Language. (Multi-Language Firmware Is The Same As This Firmware.)
Rubjames
No ratings yet
Bootstrap Mock Test
Document7 pages
Bootstrap Mock Test
Mahesh VP
No ratings yet
Plug in
Document4 pages
Plug in
gholmorad
No ratings yet
OpenHouse-2010-CV-Book-01042010 Final
Document266 pages
OpenHouse-2010-CV-Book-01042010 Final
Umar Iftikhar
No ratings yet
1.01. - Introduction To Web Designing
Document31 pages
1.01. - Introduction To Web Designing
Ujjwal Varshney
No ratings yet
Setting Up Linux Desktops in Horizon VMware Horizon 2106
Document170 pages
Setting Up Linux Desktops in Horizon VMware Horizon 2106
Ibrahem Siam
No ratings yet
Merge123 PDF
Document83 pages
Merge123 PDF
Gaurav Dwivedi
No ratings yet
NetBackup102 Troubleshooting Guide
Document314 pages
NetBackup102 Troubleshooting Guide
dixade1732
No ratings yet
Word 2007
Document272 pages
Word 2007
Akshay Patel
No ratings yet
MSF User Guide
Document30 pages
MSF User Guide
Aashutosh Singh
No ratings yet
Human Bingo: Getting To Know Each Other
Document42 pages
Human Bingo: Getting To Know Each Other
Alvaro Jasmine Kate
No ratings yet
R Markdown Cookbook
Document87 pages
R Markdown Cookbook
Alex Palacios
No ratings yet
(Edelivery) (AP) (QSG) (Domibus 4.2.7) (5.5)
Document38 pages
(Edelivery) (AP) (QSG) (Domibus 4.2.7) (5.5)
ddoru
No ratings yet
3 Func Delegate in The C# PDF
Document3 pages
3 Func Delegate in The C# PDF
Joe Brody
No ratings yet
PHP Introduction: CMPS 246: Web Programming
Document73 pages
PHP Introduction: CMPS 246: Web Programming
Mohammad Sidani
No ratings yet
Online Job Portal Document
Document47 pages
Online Job Portal Document
Vicky Vignesh
No ratings yet
RPV 311
Document295 pages
RPV 311
Juan Capillo
No ratings yet
HOSTEL
Document11 pages
HOSTEL
Rahul Yadav
No ratings yet
Vmware Telco Cloud Automation 2301 Release Notes - 2
Document11 pages
Vmware Telco Cloud Automation 2301 Release Notes - 2
abitalove
No ratings yet
Aws Cloudendure Migration Factory Solution: Implementation Guide
Document54 pages
Aws Cloudendure Migration Factory Solution: Implementation Guide
Johnsanjay k
No ratings yet
RemoteControl II v301
Document130 pages
RemoteControl II v301
Jayme Ferreira da Costa Filho
No ratings yet