XSS, Cross Site Scripting, CWE-79, CAPEC-86, Javascript Injection
Netsparker - Scan Report Summary
|
TARGET URL
|
http://www.baysideeyes.com.au/cmsAdmin/upload...
|
SCAN DATE
|
2/5/2011 4:04:05 PM
|
REPORT DATE
|
2/28/2011 10:20:41 AM
|
SCAN DURATION
|
00:28:39
|
|
Total Requests
Redacted
Average Speed
Redacted
req/sec.
|
19
identified
6
confirmed
5
critical
2
informational
|
GHDB, DORK Tests
GHDB, DORK Tests
|
PROFILE
|
Previous Settings
|
ENABLED ENGINES
|
Boolean SQL Injection, SQL Injection, Cross-site Scripting
|
|
Authentication
Scheduled
|
VULNERABILITIES
Vulnerabilities
|
|
|
[High Possibility] SQL Injection
[High Possibility] SQL Injection
SQL Injection occurs when data input for example by a user is interpreted as a SQL command rather than normal data by the backend database. This is an extremely common vulnerability and its successful exploitation can have critical implications. Even though Netsparker believes that there is a SQL Injection in here it
could not confirm it. There can be numerous reasons for Netsparker not being able to confirm this. We strongly recommend investigating the issue manually to ensure that it is an SQL Injection and that it needs to be addressed. You can also consider sending the details of this issue to us, in order that we can address this issue for the next time and give you a more precise result.
Impact
Depending on the backend database, database connection settings and the operating system, an attacker can mount one or more of the following type of attacks successfully:
- Reading, Updating and Deleting arbitrary data from the database
- Executing commands on the underlying operating system
- Reading, Updating and Deleting arbitrary tables from the database
Actions to Take
- See the remedy for solution.
- If you are not using a database access layer (DAL) within the architecture consider its benefits and implement if appropriate. As a minimum the use of s DAL will help centralize the issue and its resolution. You can also use an ORM (object relational mapping). Most ORM systems use parameterized queries and this can solve many if not all SQL Injection based problems.
- Locate all of the dynamically generated SQL queries and convert them to parameterised queries. (If you decide to use a DAL/ORM, change all legacy code to use these new libraries)
- Monitor and review weblogs and application logs in order to uncover active or previous exploitation attempts.
A very robust method for mitigating the threat of SQL Injection based vulnerabilities is to use parameterized queries (prepared statements). Almost all modern languages provide built in libraries for this. Wherever possible do not create dynamic SQL queries or SQL queries with string concatenation.
Required Skills for Successful Exploitation
There are numerous freely available tools to test for SQL Injection vulnerabilities. This is a complex area with many dependencies, however it should be noted that the numerous resources available in this area have raised both attacker awareness of the issues and their ability to discover and leverage them. SQL Injection is one of the most common web application vulnerabilities.
External References
Remedy References
Parameters
Parameter
|
Type
|
Value
|
task
|
GET
|
'+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
|
Request
GET /index.php?task='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B' HTTP/1.1
Referer: http://www.baysideeyes.com.au/contactus.htm
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.baysideeyes.com.au
Cookie: cms_PHPSESSID=226331de5d288eaa7c220ecc9fc5461e
Accept-Encoding: gzip, deflate
Response
HTTP/1.1 200 OK
Date: Sat, 05 Feb 2011 22:07:28 GMT
Server: Apache/1.3.41 (Unix) mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR' at line 3
Parameters
Parameter
|
Type
|
Value
|
task
|
GET
|
'+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
|
address
|
POST
|
3
|
besttime
|
POST
|
3
|
comments
|
POST
|
3
|
email
|
POST
|
netsparker@example.com
|
firstname
|
POST
|
Ronald Smith
|
mobile
|
POST
|
3
|
phone
|
POST
|
3
|
postcode
|
POST
|
3
|
referralother
|
POST
|
3
|
state
|
POST
|
3
|
Submit
|
POST
|
Submit
|
suburb
|
POST
|
3
|
surname
|
POST
|
Ronald Smith
|
whereheard
|
POST
|
3
|
Request
POST /index.php?task='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B' HTTP/1.1
Referer: http://www.baysideeyes.com.au/contactus.htm
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.baysideeyes.com.au
Cookie: cms_PHPSESSID=226331de5d288eaa7c220ecc9fc5461e
Content-Length: 194
Accept-Encoding: gzip, deflate
address=3&besttime=3&comments=3&email=netsparker%40example.com&firstname=Ronald+Smith&mobile=3&phone=3&postcode=3&referralother=3&state=3&Submit=Submit&suburb=3&surname=Ronald+Smith&whereheard=3
Response
HTTP/1.1 200 OK
Date: Sat, 05 Feb 2011 22:07:37 GMT
Server: Apache/1.3.41 (Unix) mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR' at line 3
Parameters
Parameter
|
Type
|
Value
|
task
|
GET
|
'+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
|
firstname
|
POST
|
Ronald Smith
|
surname
|
POST
|
Ronald Smith
|
address
|
POST
|
3
|
suburb
|
POST
|
3
|
state
|
POST
|
--Please Select--
|
postcode
|
POST
|
3
|
phone
|
POST
|
3
|
mobile
|
POST
|
3
|
besttime
|
POST
|
--Please Select--
|
email
|
POST
|
netsparker@example.com
|
comments
|
POST
|
3
|
whereheard
|
POST
|
--Please Select--
|
referralother
|
POST
|
3
|
Request
POST /index.php?task='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B' HTTP/1.1
Referer: http://www.baysideeyes.com.au/contactus.htm
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.baysideeyes.com.au
Cookie: cms_PHPSESSID=226331de5d288eaa7c220ecc9fc5461e
Content-Length: 228
Accept-Encoding: gzip, deflate
firstname=Ronald+Smith&surname=Ronald+Smith&address=3&suburb=3&state=--Please+Select--&postcode=3&phone=3&mobile=3&besttime=--Please+Select--&email=netsparker%40example.com&comments=3&whereheard=--Please+Select--&referralother=3
Response
HTTP/1.1 200 OK
Date: Sat, 05 Feb 2011 22:08:11 GMT
Server: Apache/1.3.41 (Unix) mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR' at line 3
Parameters
Parameter
|
Type
|
Value
|
task
|
GET
|
'+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
|
firstname
|
POST
|
Ronald Smith
|
surname
|
POST
|
Ronald Smith
|
address
|
POST
|
3
|
suburb
|
POST
|
3
|
postcode
|
POST
|
3
|
phone
|
POST
|
3
|
mobile
|
POST
|
3
|
besttime
|
POST
|
--Please Select--
|
email
|
POST
|
netsparker@example.com
|
comments
|
POST
|
3
|
whereheard
|
POST
|
--Please Select--
|
referralother
|
POST
|
3
|
Request
POST /index.php?task='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B' HTTP/1.1
Referer: http://www.baysideeyes.com.au/contactus.htm
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.baysideeyes.com.au
Cookie: cms_PHPSESSID=226331de5d288eaa7c220ecc9fc5461e
Content-Length: 204
Accept-Encoding: gzip, deflate
firstname=Ronald+Smith&surname=Ronald+Smith&address=3&suburb=3&postcode=3&phone=3&mobile=3&besttime=--Please+Select--&email=netsparker%40example.com&comments=3&whereheard=--Please+Select--&referralother=3
Response
HTTP/1.1 200 OK
Date: Sat, 05 Feb 2011 22:08:11 GMT
Server: Apache/1.3.41 (Unix) mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR' at line 3
Parameters
Parameter
|
Type
|
Value
|
task
|
GET
|
'+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
|
firstname
|
POST
|
Ronald Smith
|
surname
|
POST
|
Ronald Smith
|
address
|
POST
|
3
|
suburb
|
POST
|
3
|
postcode
|
POST
|
3
|
phone
|
POST
|
3
|
mobile
|
POST
|
3
|
email
|
POST
|
netsparker@example.com
|
comments
|
POST
|
3
|
whereheard
|
POST
|
--Please Select--
|
referralother
|
POST
|
3
|
Request
POST /index.php?task='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B' HTTP/1.1
Referer: http://www.baysideeyes.com.au/contactus.htm
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.baysideeyes.com.au
Cookie: cms_PHPSESSID=226331de5d288eaa7c220ecc9fc5461e
Content-Length: 177
Accept-Encoding: gzip, deflate
firstname=Ronald+Smith&surname=Ronald+Smith&address=3&suburb=3&postcode=3&phone=3&mobile=3&email=netsparker%40example.com&comments=3&whereheard=--Please+Select--&referralother=3
Response
HTTP/1.1 200 OK
Date: Sat, 05 Feb 2011 22:09:08 GMT
Server: Apache/1.3.41 (Unix) mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR' at line 3
Cross-site Scripting
Cross-site Scripting
XSS (Cross-site Scripting) allows an attacker to execute a dynamic script (
Javascript, VbScript) in the context of the application. This allows several different attack opportunities, mostly hijacking the current session of the user or changing the look of the page by changing the HTML on the fly to steal the user's credentials. This happens because the input entered by a user has been interpreted as HTML/Javascript/VbScript by the browser.
XSS targets the users of the application instead of the server. Although this is a limitation, since it allows attackers to hijack other users' session, an attacker might attack an administrator to gain full control over the application.
Impact
There are many different attacks that can be leveraged through the use of XSS, including:
- Hi-jacking users' active session
- Changing the look of the page within the victims browser.
- Mounting a successful phishing attack.
- Intercept data and perform man-in-the-middle attacks.
The issue occurs because the browser interprets the input as active HTML, Javascript or VbScript. To avoid this, all input and output from the application should be filtered. Output should be filtered according to the output format and location. Typically the output location is HTML. Where the output is HTML ensure that all active content is removed prior to its presentation to the server.
Prior to sanitizing user input, ensure you have a pre-defined list of both expected and acceptable characters with which you populate a white-list. This list needs only be defined once and should be used to sanitize and validate all subsequent input.
There are a number of pre-defined, well structured white-list libraries available for many different environments, good examples of these include, OWASP Reform and Microsoft Anti Cross-site Scripting libraries are good examples.
External References
- /index.php
/index.php
CONFIRMED
|
Parameters
Parameter
|
Type
|
Value
|
task
|
GET
|
<script>ns(0x0004B3)</script>
|
address
|
POST
|
3
|
besttime
|
POST
|
3
|
comments
|
POST
|
3
|
email
|
POST
|
netsparker@example.com
|
firstname
|
POST
|
Ronald Smith
|
mobile
|
POST
|
3
|
phone
|
POST
|
3
|
postcode
|
POST
|
3
|
referralother
|
POST
|
3
|
state
|
POST
|
3
|
Submit
|
POST
|
Submit
|
suburb
|
POST
|
3
|
surname
|
POST
|
Ronald Smith
|
whereheard
|
POST
|
3
|
Request
POST /index.php?task=%3Cscript%3Ens(0x0004B3)%3C/script%3E HTTP/1.1
Referer: http://www.baysideeyes.com.au/contactus.htm
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.baysideeyes.com.au
Cookie: cms_PHPSESSID=226331de5d288eaa7c220ecc9fc5461e
Content-Length: 194
Accept-Encoding: gzip, deflate
address=3&besttime=3&comments=3&email=netsparker%40example.com&firstname=Ronald+Smith&mobile=3&phone=3&postcode=3&referralother=3&state=3&Submit=Submit&suburb=3&surname=Ronald+Smith&whereheard=3
Response
HTTP/1.1 200 OK
Date: Sat, 05 Feb 2011 22:07:49 GMT
Server: Apache/1.3.41 (Unix) mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Fatal error: Call to undefined method MainController::<script>ns(0x0004B3)</script>() in /home/jbayside/public_html/lib/controller.php on line 23
- /index.php
/index.php
CONFIRMED
|
Parameters
Parameter
|
Type
|
Value
|
task
|
GET
|
<script>ns(0x000527)</script>
|
firstname
|
POST
|
Ronald Smith
|
surname
|
POST
|
Ronald Smith
|
address
|
POST
|
3
|
suburb
|
POST
|
3
|
state
|
POST
|
--Please Select--
|
postcode
|
POST
|
3
|
phone
|
POST
|
3
|
mobile
|
POST
|
3
|
besttime
|
POST
|
--Please Select--
|
email
|
POST
|
netsparker@example.com
|
comments
|
POST
|
3
|
whereheard
|
POST
|
--Please Select--
|
referralother
|
POST
|
3
|
Request
POST /index.php?task=%3Cscript%3Ens(0x000527)%3C/script%3E HTTP/1.1
Referer: http://www.baysideeyes.com.au/contactus.htm
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.baysideeyes.com.au
Cookie: cms_PHPSESSID=226331de5d288eaa7c220ecc9fc5461e
Content-Length: 228
Accept-Encoding: gzip, deflate
firstname=Ronald+Smith&surname=Ronald+Smith&address=3&suburb=3&state=--Please+Select--&postcode=3&phone=3&mobile=3&besttime=--Please+Select--&email=netsparker%40example.com&comments=3&whereheard=--Please+Select--&referralother=3
Response
HTTP/1.1 200 OK
Date: Sat, 05 Feb 2011 22:08:20 GMT
Server: Apache/1.3.41 (Unix) mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Fatal error: Call to undefined method MainController::<script>ns(0x000527)</script>() in /home/jbayside/public_html/lib/controller.php on line 23
- /index.php
/index.php
CONFIRMED
|
Parameters
Parameter
|
Type
|
Value
|
task
|
GET
|
<script>ns(0x00052D)</script>
|
firstname
|
POST
|
Ronald Smith
|
surname
|
POST
|
Ronald Smith
|
address
|
POST
|
3
|
suburb
|
POST
|
3
|
postcode
|
POST
|
3
|
phone
|
POST
|
3
|
mobile
|
POST
|
3
|
besttime
|
POST
|
--Please Select--
|
email
|
POST
|
netsparker@example.com
|
comments
|
POST
|
3
|
whereheard
|
POST
|
--Please Select--
|
referralother
|
POST
|
3
|
Request
POST /index.php?task=%3Cscript%3Ens(0x00052D)%3C/script%3E HTTP/1.1
Referer: http://www.baysideeyes.com.au/contactus.htm
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.baysideeyes.com.au
Cookie: cms_PHPSESSID=226331de5d288eaa7c220ecc9fc5461e
Content-Length: 204
Accept-Encoding: gzip, deflate
firstname=Ronald+Smith&surname=Ronald+Smith&address=3&suburb=3&postcode=3&phone=3&mobile=3&besttime=--Please+Select--&email=netsparker%40example.com&comments=3&whereheard=--Please+Select--&referralother=3
Response
HTTP/1.1 200 OK
Date: Sat, 05 Feb 2011 22:08:21 GMT
Server: Apache/1.3.41 (Unix) mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Fatal error: Call to undefined method MainController::<script>ns(0x00052D)</script>() in /home/jbayside/public_html/lib/controller.php on line 23
- /index.php
/index.php
CONFIRMED
|
Parameters
Parameter
|
Type
|
Value
|
task
|
GET
|
<script>ns(0x000532)</script>
|
Request
GET /index.php?task=%3Cscript%3Ens(0x000532)%3C/script%3E HTTP/1.1
Referer: http://www.baysideeyes.com.au/contactus.htm
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.baysideeyes.com.au
Cookie: cms_PHPSESSID=226331de5d288eaa7c220ecc9fc5461e
Accept-Encoding: gzip, deflate
Response
HTTP/1.1 200 OK
Date: Sat, 05 Feb 2011 22:08:24 GMT
Server: Apache/1.3.41 (Unix) mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Fatal error: Call to undefined method MainController::<script>ns(0x000532)</script>() in /home/jbayside/public_html/lib/controller.php on line 23
- /index.php
/index.php
CONFIRMED
|
Parameters
Parameter
|
Type
|
Value
|
task
|
GET
|
<script>ns(0x00057F)</script>
|
firstname
|
POST
|
Ronald Smith
|
surname
|
POST
|
Ronald Smith
|
address
|
POST
|
3
|
suburb
|
POST
|
3
|
postcode
|
POST
|
3
|
phone
|
POST
|
3
|
mobile
|
POST
|
3
|
email
|
POST
|
netsparker@example.com
|
comments
|
POST
|
3
|
whereheard
|
POST
|
--Please Select--
|
referralother
|
POST
|
3
|
Request
POST /index.php?task=%3Cscript%3Ens(0x00057F)%3C/script%3E HTTP/1.1
Referer: http://www.baysideeyes.com.au/contactus.htm
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.baysideeyes.com.au
Cookie: cms_PHPSESSID=226331de5d288eaa7c220ecc9fc5461e
Content-Length: 177
Accept-Encoding: gzip, deflate
firstname=Ronald+Smith&surname=Ronald+Smith&address=3&suburb=3&postcode=3&phone=3&mobile=3&email=netsparker%40example.com&comments=3&whereheard=--Please+Select--&referralother=3
Response
HTTP/1.1 200 OK
Date: Sat, 05 Feb 2011 22:09:37 GMT
Server: Apache/1.3.41 (Unix) mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Fatal error: Call to undefined method MainController::<script>ns(0x00057F)</script>() in /home/jbayside/public_html/lib/controller.php on line 23
Password Transmitted Over HTTP
Password Transmitted Over HTTP
Netsparker identified that password data is sent over HTTP.
Impact
If an attacker can intercept network traffic he/she can steal users credentials.
Actions to Take
- See the remedy for solution.
- Move all of your critical forms and pages to HTTPS and do not serve them over HTTP.
All sensitive data should be transferred over HTTPS rather than HTTP. Forms should be served over HTTPS. All aspects of the application that accept user input starting from the login process should only be served over HTTPS.
- /cmsAdmin/admin.php
/cmsAdmin/admin.php
CONFIRMED
|
mshtml.HTMLInputElementClass
Request
POST /cmsAdmin/admin.php? HTTP/1.1
Referer: http://www.baysideeyes.com.au/cmsAdmin/admin.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.baysideeyes.com.au
Cookie: cms_PHPSESSID=226331de5d288eaa7c220ecc9fc5461e
Content-Length: 121
Accept-Encoding: gzip, deflate
action=loginSubmit&login=Login&password=&redirectUrl=http%3a%2f%2fwww.baysideeyes.com.au%2fcmsAdmin%2fadmin.php&username=
Response
HTTP/1.1 200 OK
Date: Sat, 05 Feb 2011 22:03:54 GMT
Server: Apache/1.3.41 (Unix) mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
X-Powered-By: PHP/5.2.5
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Finetune CMS</title>
<meta name="robots" content="noindex,nofollow" />
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="chrome=1" />
<meta http-equiv="X-UA-Compatible" content="ie=8" />
<!-- CSS -->
<link rel="stylesheet" href="3rdParty/SimplaAdmin/css/reset.css" type="text/css" media="screen" /><!-- Reset Stylesheet -->
<link rel="stylesheet" href="3rdParty/SimplaAdmin/css/style.css" type="text/css" media="screen" /><!-- Main Stylesheet -->
<link rel="stylesheet" href="3rdParty/SimplaAdmin/css/invalid.css" type="text/css" media="screen" /><!-- Invalid Stylesheet. This makes stuff look pretty. Remove it if you want the CSS completely valid -->
<link rel="stylesheet" href="3rdParty/SimplaAdmin/css/blue.css" type="text/css" media="screen" /><!-- options: green, blue, red -->
<!--[if lte IE 7]><link rel="stylesheet" href="3rdParty/SimplaAdmin/css/ie.css" type="text/css" media="screen" /><![endif]-->
<link rel="stylesheet" href="3rdParty/jqueryPlugins/thickbox.css" type="text/css" media="screen" />
<link rel="stylesheet" href="3rdParty/jqueryPlugins/uploadify/uploadify.css" type="text/css" media="screen" />
<!-- javascript -->
<script type="text/javascript" src="3rdParty/jquery/jquery1.4.1.js"></script>
<script type="text/javascript" src="3rdParty/json2.js"></script>
<script type="text/javascript" src="lib/admin_functions.js"></script>
<!--[if lte IE 6]><script type="text/javascript" src="3rdParty/jqueryPlugins/DD_belatedPNG_0.0.7a.js"></script><![endif]-->
<!--[if lte IE 6]><script type="text/javascript">DD_belatedPNG.fix('#main-content ul li, #sidebar-title img')</script><![endif]-->
<script type="text/javascript"><!-- // language strings for javascript prompts
lang_confirm_erase_record = 'Delete this record? Are you sure?';
//--></script>
<!-- /javascript -->
</head>
<body class="simpla">
<div id="body-wrapper"> <!-- Wrapper for the radial gradient background -->
<div id="sidebar"><div id="sidebar-wrapper"> <!-- Sidebar with logo and menu -->
<h1 id="sidebar-title">
<a href="?menu=home">Finetune CMS</a>
</h1>
<!-- Sidebar Profile links -->
<div id="profile-links">
<a href='http://www.stockstreet.com.au/cmshelp.php' target='_blank'>Help</a> | <a href='?menu=license'>License</a> | <a href='/' target='_blank' class='mLink'>View Website >></a><br/> </div>
</div></div> <!-- End #sidebar -->
<div id="main-content"> <!-- Main Content Section with everything -->
<noscript> <!-- Show a notification if the user has disabled javascript -->
<div class="notification error png_bg">
<div>Javascript is disabled or is not supported by your browser. Please <a href="http://browsehappy.com/" title="Upgrade to a better browser">upgrade</a> your browser or <a href="http://www.google.com/support/bin/answer.py?answer=23852" title="Enable Javascript in your browser">enable</a> Javascript to navigate the interface properly.</div>
</div>
</noscript>
<form method="post" action="?">
<input type="hidden" name="action" value="loginSubmit" />
<input type="hidden" name="redirectUrl" value="http://www.baysideeyes.com.au/cmsAdmin/admin.php" />
<div class="content-box">
<div class="content-box-header"><h3>Login</h3></div>
<div class="content-box-content login-content">
<div class="tab-content default-tab" align="center">
<p>
<span class="label">Username</span>
<input class="text-input" type="text" name="username" id="username" value="" tabindex="1" />
</p>
<script type="text/javascript">document.getElementById('username').focus();</script>
<p>
<span class="label">Password</span>
<input class="text-input" type="password" name="password" value="" tabindex="2" />
</p>
<p>
<input class="button" type="submit" name="login" value="Login" tabindex="4" />
</p>
<p>
<a href="?menu=forgotPassword">Forgot your password?</a>
</p>
<div class="clear"></div>
</div> <!-- End .tab-content -->
</div> <!-- End .content-box-content -->
</div> <!-- End .content-box -->
</form>
<div id="footer">
<small>
0.03 seconds
<!-- -->
</small>
</div>
</div> <!-- End #main-content -->
</div> <!-- End #body-wrapper -->
</body>
</html>
<!--Finetune CMS v2.04 (Build: 9.19.2668)Licensed to: Bayside Eyes ~ www.baysideeyes.com.auExecute time: 0.03 seconds-->
Apache Version Disclosure
Apache Version Disclosure
Netsparker identified that the target web server is an Apache server. This was disclosed through the HTTP response. This information can help an attacker to gain a greater understanding of the systems in use and potentially develop further attacks targeted at the specific version of Apache.
Impact
An attacker can search for specific security vulnerabilities for the version of Apache identified within the SERVER header.
Configure your web server to prevent information leakage from the SERVER
header of its HTTP response.
- /cmsAdmin/uploads/BLEPHARITIS.pdf&s=204.93
/cmsAdmin/uploads/BLEPHARITIS.pdf&s=204.93
|
Apache/1.3.41 (Unix)
Request
GET /cmsAdmin/uploads/BLEPHARITIS.pdf&s=204.93 HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.baysideeyes.com.au
Accept-Encoding: gzip, deflate
Response
HTTP/1.1 200 OK
Date: Sat, 05 Feb 2011 22:03:41 GMT
Server: Apache/1.3.41 (Unix) mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a
Content-Type: text/html; charset=utf-8
Content-Encoding:
Content-Length: 1822
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <title>Bayside Eye Specialists: Laser eye Surgery, Cataract, Glaucoma, Anti Wrinkle Injections, Brighton, Melbourne, Cataract Melbourne</title> <meta name="description" content="Bayside Eye Specialists is your Ophthalmologist of choice in Brighton, Melbourne. Experts in laser eye surgery, cataracts, glaucoma, anti wrinkle injections and strabismus, our surgeons are renowned for their skill and care." /> <meta name="keywords" content="Laser eye Surgery, Cataracts, Glaucoma, Anti Wrinkle Injections, Brighton, Melbourne, Bayside Eye Specialists" /> <link href="/css/baystyle.css" rel="stylesheet" type="text/css" /> <script type="text/javascript" src="/js/jquery-1.4.2.min.js"></script> <script type="text/javascript" src="/js/jquery.validate.js"></script> <script src="/js/SpryValidationTextField.js" type="text/javascript"></script><script src="/js/SpryValidationSelect.js" type="text/javascript"></script><link href="/css/SpryValidationTextField.css" rel="stylesheet" type="text/css" /><link href="/css/SpryValidationSelect.css" rel="stylesheet" type="text/css" /> <script type="text/javascript" src="/js/scripts.js"></script> </head> <body> <table width="934" border="0" align="center" cellpadding="0" cellspacing="0" class="tableborder">
<tr>
<td><img src="/images/bigpic_new1.jpg" width="934" height="135" /></td>
</tr>
<tr>
<td><a href="/index.htm"><img src="/images/nav1.jpg" width="101" height="49" border="0" /></a><a href="/eye-specialists/cataracts.htm"><img src="/images/nav2.jpg" width="118" height="49" border="0" /></a><a href="/patient-information.htm"><img src="/images/nav3.jpg" width="158" height="49" border="0" /></a><a href="/referrer-information.htm"><img src="/images/nav4.jpg" width="144" height="49" border="0" /></a><a href="/doctors.htm"><img src="/images/nav5.jpg" width="141" height="49" border="0" /></a><a href="/aboutus.htm"><img src="/images/nav6.jpg" width="138" height="49" border="0" /></a><a href="/contactus.htm"><img src="/images/nav7.jpg" width="134" height="49" border="0" /></a></td>
</tr>
<tr>
<td><table width="934" border="0" cellpadding="0" cellspacing="0" class="homecontent">
<tr>
<td valign="top" class="leftsidebar_home"><h1>Bayside Eye Specialists:<br />
<span class="subheading"> The Melbourne Cataract & Eye Surgery Specialists</span></h1>
<p>With two convenient practices in East Brighton and East Melbourne, Bayside Eye Specialists is a state of the art Ophthalmology practice dedicated to excellence in eye care. Our experienced Surgeons are experts in their field, and all have achieved Fellowship status in their special area of interest. The broad range of our Surgeon’s interests allows us to care for your whole family – from newborns to retirees.</p>
<p>You are assured of the safety and accuracy of treatment and results, as we have the latest technology and equipment. Our caring and knowledgeable staff are on hand to ensure a pleasant visit to Bayside Eye Specialists.</p> </td>
<td valign="top" class="centrebar"><table width="100%" border="0" cellspacing="3" cellpadding="3">
<tr>
<td><a href="/eye-specialists/cataracts.htm"><img src="/images/btn_home1.jpg" width="287" height="129" /></a></td>
<td><div align="right"><a href="/patient-information.htm"><img src="/images/btn_home2.jpg" width="287" height="129" /></a></div></td>
</tr>
<tr>
<td><a href="/referrer-information.htm"><img src="/images/btn_home3.jpg" width="287" height="129" /></a></td>
<td><div align="right"><a href="/doctors.htm"><img src="/images/btn_home4.jpg" width="287" height="129" /></a></div></td>
</tr>
<tr>
<td><a href="/aboutus.htm"><img src="/images/btn_home5.jpg" width="287" height="129" /></a></td>
<td><div align="right"><a href="/contactus.htm"><img src="/images/btn_home6.jpg" width="287" height="129" /></a></div></td>
</tr>
</table></td>
</tr>
</table></td>
</tr> <tr>
<td class="footer"><table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td>BAYSIDE EYE SPECIALISTS: 323 Nepean Highway, Brighton East VIC 3187 PH: (03) 9596 7440 </td>
<td><div align="right"><a href="privacy.htm">Privacy Policy</a> | <a href="sitemap.htm">Site Map</a> </div></td>
</tr>
</table></td>
</tr>
</table> <script type="text/javascript"> var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-3211698-1']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> </body></html>
PHP Version Disclosure
PHP Version Disclosure
Netsparker identified that the target web server is disclosing the PHP version in use through the HTTP response. This information can help an attacker to gain a greater understanding of the systems in use and potentially develop further attacks targeted at the specific version of PHP.
Impact
An attacker can look for specific security vulnerabilities for the version identified. Also the attacker can use this information in conjunction with the other vulnerabilities in the application or the web server.
- /cmsAdmin/admin.php
/cmsAdmin/admin.php
|
PHP/5.2.5
Request
GET /cmsAdmin/admin.php HTTP/1.1
Referer: http://www.baysideeyes.com.au/cmsAdmin/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.baysideeyes.com.au
Accept-Encoding: gzip, deflate
Response
HTTP/1.1 200 OK
Date: Sat, 05 Feb 2011 22:03:41 GMT
Server: Apache/1.3.41 (Unix) mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
X-Powered-By: PHP/5.2.5
Set-Cookie: cms_PHPSESSID=226331de5d288eaa7c220ecc9fc5461e; expires=Sun, 06 Feb 2011 22:03:42 GMT; path=/; HttpOnly
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Finetune CMS</title>
<meta name="robots" content="noindex,nofollow" />
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="chrome=1" />
<meta http-equiv="X-UA-Compatible" content="ie=8" />
<!-- CSS -->
<link rel="stylesheet" href="3rdParty/SimplaAdmin/css/reset.css" type="text/css" media="screen" /><!-- Reset Stylesheet -->
<link rel="stylesheet" href="3rdParty/SimplaAdmin/css/style.css" type="text/css" media="screen" /><!-- Main Stylesheet -->
<link rel="stylesheet" href="3rdParty/SimplaAdmin/css/invalid.css" type="text/css" media="screen" /><!-- Invalid Stylesheet. This makes stuff look pretty. Remove it if you want the CSS completely valid -->
<link rel="stylesheet" href="3rdParty/SimplaAdmin/css/blue.css" type="text/css" media="screen" /><!-- options: green, blue, red -->
<!--[if lte IE 7]><link rel="stylesheet" href="3rdParty/SimplaAdmin/css/ie.css" type="text/css" media="screen" /><![endif]-->
<link rel="stylesheet" href="3rdParty/jqueryPlugins/thickbox.css" type="text/css" media="screen" />
<link rel="stylesheet" href="3rdParty/jqueryPlugins/uploadify/uploadify.css" type="text/css" media="screen" />
<!-- javascript -->
<script type="text/javascript" src="3rdParty/jquery/jquery1.4.1.js"></script>
<script type="text/javascript" src="3rdParty/json2.js"></script>
<script type="text/javascript" src="lib/admin_functions.js"></script>
<!--[if lte IE 6]><script type="text/javascript" src="3rdParty/jqueryPlugins/DD_belatedPNG_0.0.7a.js"></script><![endif]-->
<!--[if lte IE 6]><script type="text/javascript">DD_belatedPNG.fix('#main-content ul li, #sidebar-title img')</script><![endif]-->
<script type="text/javascript"><!-- // language strings for javascript prompts
lang_confirm_erase_record = 'Delete this record? Are you sure?';
//--></script>
<!-- /javascript -->
</head>
<body class="simpla">
<div id="body-wrapper"> <!-- Wrapper for the radial gradient background -->
<div id="sidebar"><div id="sidebar-wrapper"> <!-- Sidebar with logo and menu -->
<h1 id="sidebar-title">
<a href="?menu=home">Finetune CMS</a>
</h1>
<!-- Sidebar Profile links -->
<div id="profile-links">
<a href='http://www.stockstreet.com.au/cmshelp.php' target='_blank'>Help</a> | <a href='?menu=license'>License</a> | <a href='/' target='_blank' class='mLink'>View Website >></a><br/> </div>
</div></div> <!-- End #sidebar -->
<div id="main-content"> <!-- Main Content Section with everything -->
<noscript> <!-- Show a notification if the user has disabled javascript -->
<div class="notification error png_bg">
<div>Javascript is disabled or is not supported by your browser. Please <a href="http://browsehappy.com/" title="Upgrade to a better browser">upgrade</a> your browser or <a href="http://www.google.com/support/bin/answer.py?answer=23852" title="Enable Javascript in your browser">enable</a> Javascript to navigate the interface properly.</div>
</div>
</noscript>
<form method="post" action="?">
<input type="hidden" name="action" value="loginSubmit" />
<input type="hidden" name="redirectUrl" value="http://www.baysideeyes.com.au/cmsAdmin/admin.php" />
<div class="content-box">
<div class="content-box-header"><h3>Login</h3></div>
<div class="content-box-content login-content">
<div class="tab-content default-tab" align="center">
<p>
<span class="label">Username</span>
<input class="text-input" type="text" name="username" id="username" value="" tabindex="1" />
</p>
<script type="text/javascript">document.getElementById('username').focus();</script>
<p>
<span class="label">Password</span>
<input class="text-input" type="password" name="password" value="" tabindex="2" />
</p>
<p>
<input class="button" type="submit" name="login" value="Login" tabindex="4" />
</p>
<p>
<a href="?menu=forgotPassword">Forgot your password?</a>
</p>
<div class="clear"></div>
</div> <!-- End .tab-content -->
</div> <!-- End .content-box-content -->
</div> <!-- End .content-box -->
</form>
<div id="footer">
<small>
0.99 seconds
<!-- -->
</small>
</div>
</div> <!-- End #main-content -->
</div> <!-- End #body-wrapper -->
</body>
</html>
<!--Finetune CMS v2.04 (Build: 9.19.2668)Licensed to: Bayside Eyes ~ www.baysideeyes.com.auExecute time: 0.99 seconds-->
OpenSSL Version Disclosure
OpenSSL Version Disclosure
Netsparker identified that the target web server is disclosing OpenSSL version in the HTTP response. This information can help an attacker to develop further attacks and also the system can become an easier target for automated attacks.
Impact
An attacker can look for specific security vulnerabilities for the identified version. Also the attacker can use this information in conjunction with the other vulnerabilities in the application or the web server.
Configure your web server to prevent information leakage from the SERVER
header of its HTTP response.
- /cmsAdmin/uploads/BLEPHARITIS.pdf&s=204.93
/cmsAdmin/uploads/BLEPHARITIS.pdf&s=204.93
|
OpenSSL/0.9.7a
Request
GET /cmsAdmin/uploads/BLEPHARITIS.pdf&s=204.93 HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.baysideeyes.com.au
Accept-Encoding: gzip, deflate
Response
HTTP/1.1 200 OK
Date: Sat, 05 Feb 2011 22:03:41 GMT
Server: Apache/1.3.41 (Unix) mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a
Content-Type: text/html; charset=utf-8
Content-Encoding:
Content-Length: 1822
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <title>Bayside Eye Specialists: Laser eye Surgery, Cataract, Glaucoma, Anti Wrinkle Injections, Brighton, Melbourne, Cataract Melbourne</title> <meta name="description" content="Bayside Eye Specialists is your Ophthalmologist of choice in Brighton, Melbourne. Experts in laser eye surgery, cataracts, glaucoma, anti wrinkle injections and strabismus, our surgeons are renowned for their skill and care." /> <meta name="keywords" content="Laser eye Surgery, Cataracts, Glaucoma, Anti Wrinkle Injections, Brighton, Melbourne, Bayside Eye Specialists" /> <link href="/css/baystyle.css" rel="stylesheet" type="text/css" /> <script type="text/javascript" src="/js/jquery-1.4.2.min.js"></script> <script type="text/javascript" src="/js/jquery.validate.js"></script> <script src="/js/SpryValidationTextField.js" type="text/javascript"></script><script src="/js/SpryValidationSelect.js" type="text/javascript"></script><link href="/css/SpryValidationTextField.css" rel="stylesheet" type="text/css" /><link href="/css/SpryValidationSelect.css" rel="stylesheet" type="text/css" /> <script type="text/javascript" src="/js/scripts.js"></script> </head> <body> <table width="934" border="0" align="center" cellpadding="0" cellspacing="0" class="tableborder">
<tr>
<td><img src="/images/bigpic_new1.jpg" width="934" height="135" /></td>
</tr>
<tr>
<td><a href="/index.htm"><img src="/images/nav1.jpg" width="101" height="49" border="0" /></a><a href="/eye-specialists/cataracts.htm"><img src="/images/nav2.jpg" width="118" height="49" border="0" /></a><a href="/patient-information.htm"><img src="/images/nav3.jpg" width="158" height="49" border="0" /></a><a href="/referrer-information.htm"><img src="/images/nav4.jpg" width="144" height="49" border="0" /></a><a href="/doctors.htm"><img src="/images/nav5.jpg" width="141" height="49" border="0" /></a><a href="/aboutus.htm"><img src="/images/nav6.jpg" width="138" height="49" border="0" /></a><a href="/contactus.htm"><img src="/images/nav7.jpg" width="134" height="49" border="0" /></a></td>
</tr>
<tr>
<td><table width="934" border="0" cellpadding="0" cellspacing="0" class="homecontent">
<tr>
<td valign="top" class="leftsidebar_home"><h1>Bayside Eye Specialists:<br />
<span class="subheading"> The Melbourne Cataract & Eye Surgery Specialists</span></h1>
<p>With two convenient practices in East Brighton and East Melbourne, Bayside Eye Specialists is a state of the art Ophthalmology practice dedicated to excellence in eye care. Our experienced Surgeons are experts in their field, and all have achieved Fellowship status in their special area of interest. The broad range of our Surgeon’s interests allows us to care for your whole family – from newborns to retirees.</p>
<p>You are assured of the safety and accuracy of treatment and results, as we have the latest technology and equipment. Our caring and knowledgeable staff are on hand to ensure a pleasant visit to Bayside Eye Specialists.</p> </td>
<td valign="top" class="centrebar"><table width="100%" border="0" cellspacing="3" cellpadding="3">
<tr>
<td><a href="/eye-specialists/cataracts.htm"><img src="/images/btn_home1.jpg" width="287" height="129" /></a></td>
<td><div align="right"><a href="/patient-information.htm"><img src="/images/btn_home2.jpg" width="287" height="129" /></a></div></td>
</tr>
<tr>
<td><a href="/referrer-information.htm"><img src="/images/btn_home3.jpg" width="287" height="129" /></a></td>
<td><div align="right"><a href="/doctors.htm"><img src="/images/btn_home4.jpg" width="287" height="129" /></a></div></td>
</tr>
<tr>
<td><a href="/aboutus.htm"><img src="/images/btn_home5.jpg" width="287" height="129" /></a></td>
<td><div align="right"><a href="/contactus.htm"><img src="/images/btn_home6.jpg" width="287" height="129" /></a></div></td>
</tr>
</table></td>
</tr>
</table></td>
</tr> <tr>
<td class="footer"><table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td>BAYSIDE EYE SPECIALISTS: 323 Nepean Highway, Brighton East VIC 3187 PH: (03) 9596 7440 </td>
<td><div align="right"><a href="privacy.htm">Privacy Policy</a> | <a href="sitemap.htm">Site Map</a> </div></td>
</tr>
</table></td>
</tr>
</table> <script type="text/javascript"> var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-3211698-1']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> </body></html>
Apache Module Version Disclosure
Apache Module Version Disclosure
Netsparker identified that the target web server is disclosing one of the Apache modules version. This was disclosed through the HTTP response. This information can help an attacker to gain a greater understanding of the systems in use and potentially develop further attacks targeted at the specific version of Apache.
Impact
An attacker can look for specific security vulnerabilities for the identified Apache module version. The attacker can also use this information in conjunction with the other vulnerabilities in the application or the web server.
Configure your web server to prevent information leakage from the SERVER
header of its HTTP response.
- /cmsAdmin/uploads/BLEPHARITIS.pdf&s=204.93
/cmsAdmin/uploads/BLEPHARITIS.pdf&s=204.93
|
mod_ssl/2.8.31 OpenSSL/0.9.7a
Request
GET /cmsAdmin/uploads/BLEPHARITIS.pdf&s=204.93 HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.baysideeyes.com.au
Accept-Encoding: gzip, deflate
Response
HTTP/1.1 200 OK
Date: Sat, 05 Feb 2011 22:03:41 GMT
Server: Apache/1.3.41 (Unix) mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a
Content-Type: text/html; charset=utf-8
Content-Encoding:
Content-Length: 1822
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <title>Bayside Eye Specialists: Laser eye Surgery, Cataract, Glaucoma, Anti Wrinkle Injections, Brighton, Melbourne, Cataract Melbourne</title> <meta name="description" content="Bayside Eye Specialists is your Ophthalmologist of choice in Brighton, Melbourne. Experts in laser eye surgery, cataracts, glaucoma, anti wrinkle injections and strabismus, our surgeons are renowned for their skill and care." /> <meta name="keywords" content="Laser eye Surgery, Cataracts, Glaucoma, Anti Wrinkle Injections, Brighton, Melbourne, Bayside Eye Specialists" /> <link href="/css/baystyle.css" rel="stylesheet" type="text/css" /> <script type="text/javascript" src="/js/jquery-1.4.2.min.js"></script> <script type="text/javascript" src="/js/jquery.validate.js"></script> <script src="/js/SpryValidationTextField.js" type="text/javascript"></script><script src="/js/SpryValidationSelect.js" type="text/javascript"></script><link href="/css/SpryValidationTextField.css" rel="stylesheet" type="text/css" /><link href="/css/SpryValidationSelect.css" rel="stylesheet" type="text/css" /> <script type="text/javascript" src="/js/scripts.js"></script> </head> <body> <table width="934" border="0" align="center" cellpadding="0" cellspacing="0" class="tableborder">
<tr>
<td><img src="/images/bigpic_new1.jpg" width="934" height="135" /></td>
</tr>
<tr>
<td><a href="/index.htm"><img src="/images/nav1.jpg" width="101" height="49" border="0" /></a><a href="/eye-specialists/cataracts.htm"><img src="/images/nav2.jpg" width="118" height="49" border="0" /></a><a href="/patient-information.htm"><img src="/images/nav3.jpg" width="158" height="49" border="0" /></a><a href="/referrer-information.htm"><img src="/images/nav4.jpg" width="144" height="49" border="0" /></a><a href="/doctors.htm"><img src="/images/nav5.jpg" width="141" height="49" border="0" /></a><a href="/aboutus.htm"><img src="/images/nav6.jpg" width="138" height="49" border="0" /></a><a href="/contactus.htm"><img src="/images/nav7.jpg" width="134" height="49" border="0" /></a></td>
</tr>
<tr>
<td><table width="934" border="0" cellpadding="0" cellspacing="0" class="homecontent">
<tr>
<td valign="top" class="leftsidebar_home"><h1>Bayside Eye Specialists:<br />
<span class="subheading"> The Melbourne Cataract & Eye Surgery Specialists</span></h1>
<p>With two convenient practices in East Brighton and East Melbourne, Bayside Eye Specialists is a state of the art Ophthalmology practice dedicated to excellence in eye care. Our experienced Surgeons are experts in their field, and all have achieved Fellowship status in their special area of interest. The broad range of our Surgeon’s interests allows us to care for your whole family – from newborns to retirees.</p>
<p>You are assured of the safety and accuracy of treatment and results, as we have the latest technology and equipment. Our caring and knowledgeable staff are on hand to ensure a pleasant visit to Bayside Eye Specialists.</p> </td>
<td valign="top" class="centrebar"><table width="100%" border="0" cellspacing="3" cellpadding="3">
<tr>
<td><a href="/eye-specialists/cataracts.htm"><img src="/images/btn_home1.jpg" width="287" height="129" /></a></td>
<td><div align="right"><a href="/patient-information.htm"><img src="/images/btn_home2.jpg" width="287" height="129" /></a></div></td>
</tr>
<tr>
<td><a href="/referrer-information.htm"><img src="/images/btn_home3.jpg" width="287" height="129" /></a></td>
<td><div align="right"><a href="/doctors.htm"><img src="/images/btn_home4.jpg" width="287" height="129" /></a></div></td>
</tr>
<tr>
<td><a href="/aboutus.htm"><img src="/images/btn_home5.jpg" width="287" height="129" /></a></td>
<td><div align="right"><a href="/contactus.htm"><img src="/images/btn_home6.jpg" width="287" height="129" /></a></div></td>
</tr>
</table></td>
</tr>
</table></td>
</tr> <tr>
<td class="footer"><table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td>BAYSIDE EYE SPECIALISTS: 323 Nepean Highway, Brighton East VIC 3187 PH: (03) 9596 7440 </td>
<td><div align="right"><a href="privacy.htm">Privacy Policy</a> | <a href="sitemap.htm">Site Map</a> </div></td>
</tr>
</table></td>
</tr>
</table> <script type="text/javascript"> var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-3211698-1']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> </body></html>
Frontpage Version Disclosure
Frontpage Version Disclosure
Netsparker identified that the target web server is disclosing the FrontPage version in use through the HTTP response. This information can help an attacker to gain a greater understanding of the system in use and potentially develop further attacks targeted at the specific web server version.
Impact
An attacker can look for specific security vulnerabilities for the version identified. The attacker can also use this information in conjunction with the other vulnerabilities in the application or the web server.
Configure your web server to prevent information leakage from headers of its HTTP response.
- /cmsAdmin/uploads/BLEPHARITIS.pdf&s=204.93
/cmsAdmin/uploads/BLEPHARITIS.pdf&s=204.93
|
FrontPage/5.0.2.2635
Request
GET /cmsAdmin/uploads/BLEPHARITIS.pdf&s=204.93 HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.baysideeyes.com.au
Accept-Encoding: gzip, deflate
Response
HTTP/1.1 200 OK
Date: Sat, 05 Feb 2011 22:03:41 GMT
Server: Apache/1.3.41 (Unix) mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a
Content-Type: text/html; charset=utf-8
Content-Encoding:
Content-Length: 1822
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <title>Bayside Eye Specialists: Laser eye Surgery, Cataract, Glaucoma, Anti Wrinkle Injections, Brighton, Melbourne, Cataract Melbourne</title> <meta name="description" content="Bayside Eye Specialists is your Ophthalmologist of choice in Brighton, Melbourne. Experts in laser eye surgery, cataracts, glaucoma, anti wrinkle injections and strabismus, our surgeons are renowned for their skill and care." /> <meta name="keywords" content="Laser eye Surgery, Cataracts, Glaucoma, Anti Wrinkle Injections, Brighton, Melbourne, Bayside Eye Specialists" /> <link href="/css/baystyle.css" rel="stylesheet" type="text/css" /> <script type="text/javascript" src="/js/jquery-1.4.2.min.js"></script> <script type="text/javascript" src="/js/jquery.validate.js"></script> <script src="/js/SpryValidationTextField.js" type="text/javascript"></script><script src="/js/SpryValidationSelect.js" type="text/javascript"></script><link href="/css/SpryValidationTextField.css" rel="stylesheet" type="text/css" /><link href="/css/SpryValidationSelect.css" rel="stylesheet" type="text/css" /> <script type="text/javascript" src="/js/scripts.js"></script> </head> <body> <table width="934" border="0" align="center" cellpadding="0" cellspacing="0" class="tableborder">
<tr>
<td><img src="/images/bigpic_new1.jpg" width="934" height="135" /></td>
</tr>
<tr>
<td><a href="/index.htm"><img src="/images/nav1.jpg" width="101" height="49" border="0" /></a><a href="/eye-specialists/cataracts.htm"><img src="/images/nav2.jpg" width="118" height="49" border="0" /></a><a href="/patient-information.htm"><img src="/images/nav3.jpg" width="158" height="49" border="0" /></a><a href="/referrer-information.htm"><img src="/images/nav4.jpg" width="144" height="49" border="0" /></a><a href="/doctors.htm"><img src="/images/nav5.jpg" width="141" height="49" border="0" /></a><a href="/aboutus.htm"><img src="/images/nav6.jpg" width="138" height="49" border="0" /></a><a href="/contactus.htm"><img src="/images/nav7.jpg" width="134" height="49" border="0" /></a></td>
</tr>
<tr>
<td><table width="934" border="0" cellpadding="0" cellspacing="0" class="homecontent">
<tr>
<td valign="top" class="leftsidebar_home"><h1>Bayside Eye Specialists:<br />
<span class="subheading"> The Melbourne Cataract & Eye Surgery Specialists</span></h1>
<p>With two convenient practices in East Brighton and East Melbourne, Bayside Eye Specialists is a state of the art Ophthalmology practice dedicated to excellence in eye care. Our experienced Surgeons are experts in their field, and all have achieved Fellowship status in their special area of interest. The broad range of our Surgeon’s interests allows us to care for your whole family – from newborns to retirees.</p>
<p>You are assured of the safety and accuracy of treatment and results, as we have the latest technology and equipment. Our caring and knowledgeable staff are on hand to ensure a pleasant visit to Bayside Eye Specialists.</p> </td>
<td valign="top" class="centrebar"><table width="100%" border="0" cellspacing="3" cellpadding="3">
<tr>
<td><a href="/eye-specialists/cataracts.htm"><img src="/images/btn_home1.jpg" width="287" height="129" /></a></td>
<td><div align="right"><a href="/patient-information.htm"><img src="/images/btn_home2.jpg" width="287" height="129" /></a></div></td>
</tr>
<tr>
<td><a href="/referrer-information.htm"><img src="/images/btn_home3.jpg" width="287" height="129" /></a></td>
<td><div align="right"><a href="/doctors.htm"><img src="/images/btn_home4.jpg" width="287" height="129" /></a></div></td>
</tr>
<tr>
<td><a href="/aboutus.htm"><img src="/images/btn_home5.jpg" width="287" height="129" /></a></td>
<td><div align="right"><a href="/contactus.htm"><img src="/images/btn_home6.jpg" width="287" height="129" /></a></div></td>
</tr>
</table></td>
</tr>
</table></td>
</tr> <tr>
<td class="footer"><table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td>BAYSIDE EYE SPECIALISTS: 323 Nepean Highway, Brighton East VIC 3187 PH: (03) 9596 7440 </td>
<td><div align="right"><a href="privacy.htm">Privacy Policy</a> | <a href="sitemap.htm">Site Map</a> </div></td>
</tr>
</table></td>
</tr>
</table> <script type="text/javascript"> var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-3211698-1']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> </body></html>
Database Error Message
Database Error Message
Netsparker identified a database error message.
Impact
The error message may disclose sensitive information and this information can be used by an attacker to mount new attacks or to enlarge the attack surface. In rare conditions this may be a clue for an SQL Injection vulnerability. Most of the time Netsparker will detect and report that problem separately.
Do not provide any error messages on production environments. Save error messages with a reference number to a backend storage such as a text file or database, then show this number and a static user-friendly error message to the user.
Parameters
Parameter
|
Type
|
Value
|
task
|
GET
|
'+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
|
Request
GET /index.php?task='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B' HTTP/1.1
Referer: http://www.baysideeyes.com.au/contactus.htm
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.baysideeyes.com.au
Cookie: cms_PHPSESSID=226331de5d288eaa7c220ecc9fc5461e
Accept-Encoding: gzip, deflate
Response
HTTP/1.1 200 OK
Date: Sat, 05 Feb 2011 22:07:28 GMT
Server: Apache/1.3.41 (Unix) mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR' at line 3
E-mail Address Disclosure
E-mail Address Disclosure
Netsparker found e-mail addresses on the web site.
Impact
E-mail addresses discovered within the application can be used by both spam email engines and also brute force tools. Furthermore valid email addresses may lead to social engineering attacks .
Use generic email addresses such as contact@ or info@ for general communications, remove user/people specific e-mail addresses from the web site, should this be required use submission forms for this purpose.
External References
- /referrer-information.htm
/referrer-information.htm
|
- info@baysideeyes.com.au
- info@msiimaging.com.au
Request
GET /referrer-information.htm HTTP/1.1
Referer: http://www.baysideeyes.com.au/cmsAdmin/uploads/BLEPHARITIS.pdf&s=204.93
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.baysideeyes.com.au
Accept-Encoding: gzip, deflate
Response
HTTP/1.1 200 OK
Date: Sat, 05 Feb 2011 22:03:42 GMT
Server: Apache/1.3.41 (Unix) mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a
Content-Type: text/html; charset=utf-8
Content-Encoding:
Content-Length: 4331
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <title>Bayside Eye Specialists: Referrer Information</title> <meta name="description" content="Bayside Eye Specialists is your Ophthalmologist of choice in Brighton, Melbourne. Experts in laser eye surgery, cataracts, glaucoma, botox and strabismus, our surgeons are renowned for their skill and care." /> <meta name="keywords" content="Laser eye Surgery, Cataracts, Glaucoma, Botox, Brighton, Melbourne, Bayside Eye Specialists" /> <link href="/css/baystyle.css" rel="stylesheet" type="text/css" /> <script type="text/javascript" src="/js/jquery-1.4.2.min.js"></script> <script type="text/javascript" src="/js/jquery.validate.js"></script> <script src="/js/SpryValidationTextField.js" type="text/javascript"></script><script src="/js/SpryValidationSelect.js" type="text/javascript"></script><link href="/css/SpryValidationTextField.css" rel="stylesheet" type="text/css" /><link href="/css/SpryValidationSelect.css" rel="stylesheet" type="text/css" /> <script type="text/javascript" src="/js/scripts.js"></script> </head> <body> <table width="934" border="0" align="center" cellpadding="0" cellspacing="0" class="tableborder">
<tr>
<td><img src="/images/bigpic_new1.jpg" width="934" height="135" /></td>
</tr>
<tr>
<td><a href="/index.htm"><img src="/images/nav1.jpg" width="101" height="49" border="0" /></a><a href="/eye-specialists/cataracts.htm"><img src="/images/nav2.jpg" width="118" height="49" border="0" /></a><a href="/patient-information.htm"><img src="/images/nav3.jpg" width="158" height="49" border="0" /></a><a href="/referrer-information.htm"><img src="/images/nav4.jpg" width="144" height="49" border="0" /></a><a href="/doctors.htm"><img src="/images/nav5.jpg" width="141" height="49" border="0" /></a><a href="/aboutus.htm"><img src="/images/nav6.jpg" width="138" height="49" border="0" /></a><a href="/contactus.htm"><img src="/images/nav7.jpg" width="134" height="49" border="0" /></a></td>
</tr> <tr>
<td>
<table width="934" border="0" cellpadding="0" cellspacing="0">
<tr>
<td valign="top" class="leftsidebar">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td valign="top" class="leftsidebar_home"> <ul> <li><a href="/eye-specialists/antiwrinkleinjections.htm">Anti-wrinkle injections</a></li> <li><a href="/eye-specialists/blended-mono-vision.html">Blended/Monovision</a></li> <li><a href="/eye-specialists/cataracts.htm">Cataract</a></li> <li><a href="/">Corneal</a></li> <li><a href="/eye-specialists/glaucoma.htm">Glaucoma</a></li> <li><a href="/eye-specialists/herpes-simplex-eye-disease.html">Herpes Simplex Eye Disease</a></li> <li><a href="/eye-specialists/laser-eye-surgery.htm">Laser eye surgery</a></li> <li><a href="/eye-specialists/blepharitis-meibomian-gland-dysfunction.html">Oculoplastics</a></li> <li><a href="/eye-specialists/ocular-surface-squamous-neoplasia.html">OSSN</a></li> <li><a href="/eye-specialists/paediatrics.htm">Paediatrics</a></li> <li><a href="/eye-specialists/pterygium.htm">Pterygium</a></li> <li><a href="/eye-specialists/retinal-detachment.html">Retinal</a></li> <li><a href="/eye-specialists/strabismus.htm">Strabismus</a></li> <li><a href="/eye-specialists/viral-conjunctivitis.html">Viral Conjunctivitis</a></li> <li><a href="eye-specialists/ophthalmology.htm">General Ophthalmology</a></li> </ul></td> </tr>
<tr>
<td class="calltoaction">
<p align="center">
<strong>Opening Hours</strong><br/>
8:30am to 5:30pm <br/>
Monday to Friday
</p>
<p align="center"><a href="index.htm">return home</a></p>
</td>
</tr>
</table>
</td>
<td valign="top" class="maintext_page" id="top">
<h1>Information For Referrers</h1>
<p>Bayside Eye Specialists are well placed to provide the full complement of ophthalmic care to you and your patients. Emergency patients are seen promptly and waiting times are kept to a minimum. We look forward to continuing to provide Excellence in Eye Care to you and your patients.</p><ul><li>Emergencies seen promptly </li><li>Argus correspondence available </li><li>Calendar of Educational Events </li><li>Accessible, approachable surgeons </li><li>Culture of Care </li></ul><p>Bayside Eye Specialists pride ourselves on our Culture of Care – that is, our patients, referrers, doctors and staff are all treated with good will and respect, with a focus on exceptional communication. We value the contribution that each person makes to the delivery of outstanding clinical care.</p><p>Our accessible, approachable surgeons are happy to take calls and discuss patients and their planned care. Emergency patients are seen promptly, as we have a surgeon here Monday through to Friday. Electronically encrypted correspondence is available via Argus, a bonus for busy GP practices. If you are interested in a visit from one of our Eye Specialists please complete the following enquiry form.</p><p><a href="/enquiry-form.htm">Visit Enquiry Form</a></p><p> </p><h1>BAYSIDE EYE SPECIALISTS ELECTRONIC NEWSLETTER</h1><p>Bayside Eye Specialists publish a bi-monthly electronic newsletter to our professional colleagues.</p><p>Register to receive our free e-newsletters and keep up to date with articles on current trends and innovations in eye care. The details of all our CPD accredited education sessions are also included.</p><p><a href="/register-newsletter.htm">CLICK HERE TO REGISTER</a>!</p><p> </p><p><strong><span style="text-decoration: underline;"><a name="2" id="2"></a>What’s New?</span></strong></p><p>Bayside Eye Specialists have recently expanded our services to include posterior segment imaging including fundus <strong>Fluorescein angiography</strong>, particularly with a view to managing <strong>ARMD</strong>. Dr Michael Shiu and Dr Damien Louis also administer <strong>Lucentis</strong> injections. <strong> </strong></p><p><strong> </strong><strong>Selective Laser Trabeculoplasty</strong> (SLT) is performed on-site. SLT is clinically proven to treat open angle glaucoma by safely and effectively reducing intraocular pressure in a single inexpensive procedure, with no residual scarring. SLT reduces or eliminates the need for topical <strong>glaucoma</strong> medications, saving patients from the common local and systemic side effects of medication, as well as money. It is particularly helpful in the treatment of noncompliant glaucoma patients.</p><p>Dr Andrew Atkins has many year of experience in the use of <strong>Botox</strong> for therapeutic purposes (blepharospam, facial tics) and has extended his practice to include cosmetic Botox injections.</p><p>Laser screening sessions run regularly, with <strong>Laser Refractive Surgery</strong> performed at LaserSight in East Melbourne by Dr Laurence Sullivan and Dr Michael Shiu. All pre and post-operative care is undertaken at Bayside Eye Specialists. Please contact Ms Lynne Cheesewright at LaserSight for further information regarding optometric co-management. Ph: 9663 0101</p><p> </p><p><strong><span style="text-decoration: underline;"><a name="3" id="3"></a>Education Evenings</span></strong></p><p>2011 event dates coming soon.</p><p>As part of our commitment to excellence in eye care we run a Calendar of Educational Events accredited for CPD points with Optometrists Association Australia. We also work with our local GP Divisions in the provision of their CPD programmes.</p><p>To register for any of our sessions phone 9596 7440 or email <a href="mailto:info@baysideeyes.com.au">info@baysideeyes.com.au </a></p><p>All Brighton sessions are scheduled at 6.30pm for 7.00pm start.</p><p>All East Melbourne sessions are scheduled at 6:00pm for 6:30pm start.</p><p><a href="/calendar-rsvp.htm">RSVP to an Upcoming Event</a></p><p> </p><p><strong><span style="text-decoration: underline;"><a name="5" id="5"></a>Billing Policy</span></strong></p><p>Pensioners and Health Care Card holders are discounted for consultations, procedures and investigations, as well as surgery. Veterans Affairs patients are fully covered for all treatment.</p><p> </p><p><strong><span style="text-decoration: underline;"><a name="6" id="6"></a>Refractive Targets & Cataract Surgery</span></strong></p><p>Together with the IOL Master and the Holladay IOL Consultant program, we are able to audit and therefore optimise refractive outcomes. The appropriate use of Toric IOL’s and Limbal Relaxing Incisions (LRI’s) in small incision cataract surgery results in excellent patient outcomes and increased freedom from glasses.</p><p>To date we are within the "Gold Standard" (0.5 dioptre) of standard deviation of refractive error, at 0.4 dioptre, which shows the almost obsessive focus we have on refractive outcomes.</p><p>Our surgeons assess each patient and their individual social and visual needs and expectations. Patients are provided with detailed theatre booking counseling and assistance, by experienced and caring staff members.</p><p> </p><p><strong><span style="text-decoration: underline;"><a name="7" id="7"></a>Patient Satisfaction</span></strong></p><p>Patients report they are very happy with the quality of their experience at Bayside Eye Specialists: staff and facilities are welcoming, accessible, and ‘comfortable’, and our surgeons are described as capable and approachable.</p><p> </p><p><strong><span style="text-decoration: underline;"><a name="7" id="7"></a>Feedback</span></strong></p><p>We are continually striving to improve our practice to provide you and your patients with a superior level of quality care in a warm, friendly and relaxed environment. Please submit any feedback to <a href="mailto:info@msiimaging.com.au">info@baysideeyes.com.au</a>.</p><ul><li><a href="/downloads/referral_form.pdf">Click here to download referral form</a></li><li><a href="/referral-pad.htm">Click here to order referral pads online</a></li></ul> <p><a href="#top">back to top</a></p>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td class="footer"><table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td>BAYSIDE EYE SPECIALISTS: 323 Nepean Highway, Brighton East VIC 3187 PH: (03) 9596 7440 </td>
<td><div align="right"><a href="privacy.htm">Privacy Policy</a> | <a href="sitemap.htm">Site Map</a> </div></td>
</tr>
</table></td>
</tr>
</table> <script type="text/javascript"> var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-3211698-1']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> </body></html>
[Possible] Internal Path Leakage (*nix)
[Possible] Internal Path Leakage (*nix)
Netsparker identified an internal path in the document.
Impact
There is no direct impact however this information can help an attacker during the exploitation of some other vulnerabilities.
- Error messages should be disabled.
- Remove this kind of private data from the output.
External References
/home/jbayside/public_html/lib/controller.php
Request
GET /index.php?task=%2527 HTTP/1.1
Referer: http://www.baysideeyes.com.au/contactus.htm
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.baysideeyes.com.au
Cookie: cms_PHPSESSID=226331de5d288eaa7c220ecc9fc5461e
Accept-Encoding: gzip, deflate
Response
HTTP/1.1 200 OK
Date: Sat, 05 Feb 2011 22:07:26 GMT
Server: Apache/1.3.41 (Unix) mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Fatal error: Call to undefined method MainController::%27() in /home/jbayside/public_html/lib/controller.php on line 23