Report Affected Items
[Pages:120]Affected Items Report
Acunetix Security Audit
2023-08-11
Generated by Acunetix 1
Selected vulnerabilities
Scan details
Scan information Start url Host
Threat level
Acunetix Threat Level 3
One or more high-severity type vulnerabilities have been discovered by the scanner. A malicious user can exploit these vulnerabilities and compromise the backend database and/or deface your website.
Alerts distribution
Total alerts found
1
High
1
Medium
0
Low
0
Informational
0
2
Affected items
Web Server Alert group Severity Description Recommendations Alert variants
Details
SQL injection High SQL injection (SQLi) refers to an injection attack wherein an attacker can execute malicious SQL statements that control a web application's database server. Use parameterized queries when dealing with SQL queries that contain user input. Parameterized queries allow the database to understand which parts of the SQL query should be considered as user input, therefore solving SQL injection.
HTTP Header input Referer was set to bk9903qS'; waitfor delay '0:0:6' --
Tests performed:
A43iGMod'; waitfor delay '0:0:15' -- => 20.008 SVzqLHFk'; waitfor delay '0:0:6' -- => 20.009 NE08NzuH'; waitfor delay '0:0:3' -- => 20.009 uPlFyjOF'; waitfor delay '0:0:15' -- => 20.014 Z5YYr4MK'; waitfor delay '0:0:0' -- => 0.685 jIPH5K68'; waitfor delay '0:0:0' -- => 0.582 bk9903qS'; waitfor delay '0:0:6' -- => 20.013
GET / HTTP/1.1
Original value:
Referer: bk9903qS'; waitfor delay '0:0:6' --
User-Agent: User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; 360SE)
X-Requested-With: XMLHttpRequest
3
Scanned items (coverage report)
4
Selected vulnerabilities
Scan details
Scan information Start url Host
Threat level
Acunetix Threat Level 3
One or more high-severity type vulnerabilities have been discovered by the scanner. A malicious user can exploit these vulnerabilities and compromise the backend database and/or deface your website.
Alerts distribution
Total alerts found
1
High
1
Medium
0
Low
0
Informational
0
5
Affected items
Web Server Alert group Severity Description Recommendations Alert variants
Details
SQL injection High SQL injection (SQLi) refers to an injection attack wherein an attacker can execute malicious SQL statements that control a web application's database server. Use parameterized queries when dealing with SQL queries that contain user input. Parameterized queries allow the database to understand which parts of the SQL query should be considered as user input, therefore solving SQL injection.
HTTP Header input User-Agent was set to 0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z
Tests performed:
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z => 20.012 0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z => 20.011 0'XOR(if(now()=sysdate(),sleep(0),0))XOR'Z => 0.286 0'XOR(if(now()=sysdate(),sleep(3),0))XOR'Z => 20.001 0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z => 20.014 0'XOR(if(now()=sysdate(),sleep(0),0))XOR'Z => 0.283 0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z => 20.004
GET / HTTP/1.1
Original value: User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; 360SE)
Referer:
User-Agent: 0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z
X-Requested-With: XMLHttpRequest
6
Scanned items (coverage report)
7
Selected vulnerabilities
Scan details
Scan information Start url Host
Threat level
Acunetix Threat Level 3
One or more high-severity type vulnerabilities have been discovered by the scanner. A malicious user can exploit these vulnerabilities and compromise the backend database and/or deface your website.
Alerts distribution
Total alerts found
1
High
1
Medium
0
Low
0
Informational
0
8
................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.
Related searches
- how has technology affected businesses
- how has technology affected art
- how has technology affected schools
- how has science affected society
- how has technology affected society
- how technology has affected communication
- has technology negatively affected society
- how new technology has affected the environment in a negative way
- affected or effected rule
- affected vs effected meanings
- affected vs effected grammar rules
- being affected or being effected