Acunetix Website Audit 11 August, 2012

Developer Report

Generated by Acunetix WVS Reporter (v8.0 Build 20120808)

Scan of http://mssql.preview.xss.cx:80/mla2000/

Scan details

Scan information

Starttime

8/11/2012 9:06:16 AM

Finish time

8/11/2012 9:09:13 AM

Scan time

2 minutes, 57 seconds

Profile

Default

Server information

Responsive

True

Server banner

Microsoft-IIS/7.5

Server OS

Windows

Server technologies

Threat level

Acunetix Threat Level 3

One or more high-severity type vulnerabilities have been discovered by the scanner. A malicious user can exploit these vulnerabilities and compromise the backend database and/or deface your website.

Alerts distribution

Total alerts found

68

High

33

Medium

7

Low

4

Informational

24

Knowledge base

List of file extensions

File extensions can provide information on what technologies are being used on this website. List of file extensions detected: - asp => 17 file(s) - js => 2 file(s) - css => 1 file(s)

List of client scripts

These files contain Javascript code referenced from the website. - /mla2000/scripts/js/mla_sql.js - /mla2000/scripts/js/mylittletree.js

List of files with inputs

These files have at least one input (GET or POST). - /mla2000/scripts/hlp/connected.asp - 1 inputs

Acunetix Website Audit

2

- /mla2000/scripts/conn/dsn.asp - 1 inputs - /mla2000/scripts/conn/dsnless.asp - 1 inputs - /mla2000/scripts/pref/theme.asp - 1 inputs - /mla2000/scripts/pref/display.asp - 1 inputs - /mla2000/scripts/pref/language.asp - 1 inputs

List of external hosts

These hosts were linked from this website but they were not scanned because they are not listed in the list of hosts allowed.(Settings->Scanners settings->Scanner->List of hosts allowed). - www.mylittletools.net -

List of email addresses

List of all email addresses found on this host. - webmaster@myLittleTools.net

Alerts summary

Cross Site Scripting (verified)

Affects

Variations

/mla2000/scripts/conn/dsn.asp

1

/mla2000/scripts/conn/dsnless.asp

32

HTML form without CSRF protection

Affects

Variations

/mla2000/scripts/conn/dsn.asp

1

/mla2000/scripts/conn/dsnless.asp

1

/mla2000/scripts/pref/display.asp

1

/mla2000/scripts/pref/language.asp

1

/mla2000/scripts/pref/theme.asp

1

User credentials are sent in clear text

Affects

Variations

/mla2000/scripts/conn/dsn.asp

1

/mla2000/scripts/conn/dsnless.asp

1

Possible sensitive directories

Affects

Variations

/mla2000/scripts/db

1

/mla2000/scripts/DB

1

/mla2000/scripts/inc

1

/mla2000/scripts/tools

1

Acunetix Website Audit

3

				Broken links
Affects																				Variations
/mla2000/scripts/connection/default.asp																				1
/mla2000/scripts/inc/scripts/conn/default.asp																				1
/mla2000/scripts/inc/webmaster@mylittletools.net																				1
/mla2000/webmaster@mylittletools.net																				1
				Email address found
Affects																				Variations
/mla2000/default.asp																				1
/mla2000/scripts/conn/default.asp																				1
/mla2000/scripts/conn/dsn.asp																				1
/mla2000/scripts/conn/dsnless.asp																				1
/mla2000/scripts/conn/expired.asp																				1
/mla2000/scripts/hlp/connected.asp																				1
/mla2000/scripts/hlp/default.asp																				1
/mla2000/scripts/inc/frameset.asp																				1
/mla2000/scripts/inc/frameset2.asp																				1
/mla2000/scripts/inc/header.asp																				1
/mla2000/scripts/inc/tree.asp																				1
/mla2000/scripts/inc/tree2.asp																				1
/mla2000/scripts/pref/default.asp																				1
/mla2000/scripts/pref/display.asp																				1
/mla2000/scripts/pref/language.asp																				1
/mla2000/scripts/pref/theme.asp																				1
/mla2000/themes/classic/css/mla_sql.css																				1
				Password type input with autocomplete enabled
Affects																				Variations
/mla2000/scripts/conn/dsn.asp																				1
/mla2000/scripts/conn/dsnless.asp																				1
				Possible username or password disclosure
Affects																				Variations
/mla2000/scripts/hlp/connected.asp																				1
Acunetix Website Audit																			4

Alert details

Cross Site Scripting (verified)

Severity

High

Type

Validation

Reported by module

Scripting (XSS.script)

Description

This script is possibly vulnerable to Cross Site Scripting (XSS) attacks. Cross site scripting (also referred to as XSS) is a vulnerability that allows an attacker to send malicious code (usually in the form of Javascript) to another user. Because a browser cannot know if the script should be trusted or not, it will execute the script in the user context allowing the attacker to access any cookies or session tokens retained by the browser.

Impact

Malicious users may inject JavaScript, VBScript, ActiveX, HTML or Flash into a vulnerable application to fool a user in order to gather data from them. An attacker can steal the session cookie and take over the account, impersonating the user. It is also possible to modify the content of the page presented to the user.

Recommendation

Your script should filter metacharacters from user input.

References

ASP.NET Unicode Character Conversion XSS

Acunetix Cross Site Scripting Attack

How To: Prevent Cross-Site Scripting in ASP.NET

Microsoft ASP.NET request filtering flaw

OWASP PHP Top 5

Cross site scripting

XSS cheat sheet

XSS Annihilation

OWASP Cross Site Scripting

The Cross Site Scripting Faq

Security Focus - Penetration Testing for Web Applications (Part Two)

Allowing HTML and Preventing XSS

Affected items

/mla2000/scripts/conn/dsn.asp

Details

URL encoded POST input mla_conn_user was set to '"()&%1<ScRiPt >prompt(992424)</ScRiPt>

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_initialcatalog was set to '"()&%1<ScRiPt >prompt(960313)</ScRiPt> The input is reflected inside a text element.

Request headers

Acunetix Website Audit

5

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_initialcatalog was set to undefined1<ScRiPt >prompt(935068)</ScRiPt> The input is reflected inside a text element.

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_initialcatalog was set to undefined1<ScRiPt >prompt(988472)</ScRiPt> The input is reflected inside a text element.

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_initialcatalog was set to undefined1<ScRiPt >prompt(928042)</ScRiPt> The input is reflected inside a text element.

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_initialcatalog was set to '"()&%1<ScRiPt >prompt(955908)</ScRiPt>

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

Acunetix Website Audit

6

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_initialcatalog was set to '"()&%1<ScRiPt >prompt(987045)</ScRiPt>

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_initialcatalog was set to '"()&%1<ScRiPt >prompt(903424)</ScRiPt>

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_initialcatalog was set to '"()&%1<ScRiPt >prompt(908623)</ScRiPt>

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_networklibrary was set to '"()&%1<ScRiPt >prompt(983993)</ScRiPt>

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_networklibrary was set to 1<ScRiPt >prompt(917456)</ScRiPt> The input is reflected inside a text element.

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

Acunetix Website Audit

7

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_password was set to '"()&%1<ScRiPt >prompt(902421)</ScRiPt> The input is reflected inside a text element.

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_password was set to '"()&%1<ScRiPt >prompt(941993)</ScRiPt>

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_password was set to 1<ScRiPt >prompt(932580)</ScRiPt> The input is reflected inside a text element.

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_password was set to '"()&%1<ScRiPt >prompt(983245)</ScRiPt> The input is reflected inside a text element.

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_password was set to '"()&%1<ScRiPt >prompt(997329)</ScRiPt> The input is reflected inside a text element.

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD

Acunetix Website Audit

8

Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_password was set to '"()&%1<ScRiPt >prompt(918274)</ScRiPt> The input is reflected inside a text element.

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_password was set to '"()&%1<ScRiPt >prompt(999539)</ScRiPt> The input is reflected inside a text element.

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_portnumber was set to undefined1<ScRiPt >prompt(992830)</ScRiPt> The input is reflected inside a text element.

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_portnumber was set to undefined1<ScRiPt >prompt(918570)</ScRiPt> The input is reflected inside a text element.

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

Acunetix Website Audit

9

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_portnumber was set to '"()&%1<ScRiPt >prompt(922684)</ScRiPt> The input is reflected inside a text element.

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_portnumber was set to '"()&%1<ScRiPt >prompt(997060)</ScRiPt> The input is reflected inside a text element.

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_portnumber was set to '"()&%1<ScRiPt >prompt(919927)</ScRiPt> The input is reflected inside a text element.

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_portnumber was set to '"()&%1<ScRiPt >prompt(989406)</ScRiPt>

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_portnumber was set to undefined1<ScRiPt >prompt(978994)</ScRiPt> The input is reflected inside a text element.

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD

Acunetix Website Audit

10

Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_portnumber was set to 1<ScRiPt >prompt(937788)</ScRiPt> The input is reflected inside a text element.

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_portnumber was set to undefined1<ScRiPt >prompt(985007)</ScRiPt> The input is reflected inside a text element.

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_user was set to '"()&%1<ScRiPt >prompt(948886)</ScRiPt>

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_user was set to '"()&%1<ScRiPt >prompt(985355)</ScRiPt>

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_user was set to '"()&%1<ScRiPt >prompt(934687)</ScRiPt>

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1

Acunetix Website Audit

11

Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_user was set to '"()&%1<ScRiPt >prompt(969555)</ScRiPt> The input is reflected inside a text element.

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_user was set to undefined1<ScRiPt >prompt(978432)</ScRiPt> The input is reflected inside a text element.

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

/mla2000/scripts/conn/dsnless.asp

Details

URL encoded POST input mla_conn_user was set to undefined1<ScRiPt >prompt(988190)</ScRiPt> The input is reflected inside a text element.

Request headers

GET /mla2000/scripts/hlp/connected.asp?refresh=1 HTTP/1.1 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* Host: mssql.preview.xss.cx

Acunetix Website Audit

12

HTML form without CSRF protection

Severity

Medium

Type

Informational

Reported by module

Crawler

Description

This alert may be a false positive, manual confirmation is required. Cross-site request forgery, also known as a one-click attack or session riding and abbreviated as CSRF or XSRF, is a type of malicious exploit of a website whereby unauthorized commands are transmitted from a user that the website trusts. Acunetix WVS found a HTML form with no apparent CSRF protection implemented. Consult details for more information about the affected HTML form.

Impact

An attacker may force the users of a web application to execute actions of the attacker's choosing. A successful CSRF exploit can compromise end user data and operation in case of normal user. If the targeted end user is the administrator account, this can compromise the entire web application.

Recommendation

Check if this form requires CSRF protection and implement CSRF countermeasures if necessary.

Affected items

/mla2000/scripts/conn/dsn.asp

Details

Form name: mla_conn Form action: http://mssql.preview.xss.cx/mla2000/scripts/conn/dsn.asp Form method: POST Form inputs: - mla_conn_dsn [Text] - mla_conn_user [Text] - mla_conn_password [Password] - mla_conn_cookie [Checkbox] - mla_conn_submit [Submit]

Request headers

GET /mla2000/scripts/conn/dsn.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/conn/default.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

Acunetix Website Audit

13

/mla2000/scripts/conn/dsnless.asp

Details

Form name: mla_conn Form action: http://mssql.preview.xss.cx/mla2000/scripts/conn/dsnless.asp Form method: POST Form inputs: - mla_conn_datasource [Text] - mla_conn_portnumber [Text] - mla_conn_initialcatalog [Text] - mla_conn_provider [Radio] - mla_conn_networklibrary [Select] - mla_conn_trusted [Checkbox] - mla_conn_user [Text] - mla_conn_password [Password] - mla_conn_co ... (line truncated)

Request headers

GET /mla2000/scripts/conn/dsnless.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/conn/default.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

/mla2000/scripts/pref/display.asp

Details

Form name: mla_cfg Form action: http://mssql.preview.xss.cx/mla2000/scripts/pref/display.asp Form method: POST Form inputs: - mla_cfg_showsysdatabases [Checkbox] - mla_cfg_showsystables [Checkbox] - mla_cfg_showsysviews [Checkbox] - mla_cfg_showsysprocedures [Checkbox] - mla_cfg_showsysfunctions [Checkbox] - mla_cfg_pagesize [Text] - mla_cfg_maxdisplayedchar [Text] - mla_cfg_maxd ... (line truncated)

Request headers

GET /mla2000/scripts/pref/display.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/pref/default.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

Acunetix Website Audit

14

/mla2000/scripts/pref/language.asp

Details

Form name: mla_cfg Form action: http://mssql.preview.xss.cx/mla2000/scripts/pref/language.asp Form method: POST Form inputs: - mla_cfg_lng [Select] - mla_cfg_cancel [Submit] - mla_cfg_submit [Submit]

Request headers

GET /mla2000/scripts/pref/language.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/pref/default.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

/mla2000/scripts/pref/theme.asp

Details

Form name: mla_cfg Form action: http://mssql.preview.xss.cx/mla2000/scripts/pref/theme.asp Form method: POST Form inputs: - mla_cfg_theme [Select] - mla_cfg_cancel [Submit] - mla_cfg_submit [Submit]

Request headers

GET /mla2000/scripts/pref/theme.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/pref/default.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

Acunetix Website Audit

15

User credentials are sent in clear text

Severity

Medium

Type

Informational

Reported by module

Crawler

Description

User credentials are transmitted over an unencrypted channel. This information should always be transferred via an encrypted channel (HTTPS) to avoid being intercepted by malicious users.

Impact

A third party may be able to read the user credentials by intercepting an unencrypted HTTP connection.

Recommendation

Because user credentials are considered sensitive information, should always be transferred to the server over an encrypted connection (HTTPS).

Affected items

/mla2000/scripts/conn/dsn.asp

Details

Form name: mla_conn Form action: http://mssql.preview.xss.cx/mla2000/scripts/conn/dsn.asp Form method: POST Form inputs: - mla_conn_dsn [Text] - mla_conn_user [Text] - mla_conn_password [Password] - mla_conn_cookie [Checkbox] - mla_conn_submit [Submit]

Request headers

GET /mla2000/scripts/conn/dsn.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/conn/default.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

Acunetix Website Audit

16

/mla2000/scripts/conn/dsnless.asp

Details

Form name: mla_conn Form action: http://mssql.preview.xss.cx/mla2000/scripts/conn/dsnless.asp Form method: POST Form inputs: - mla_conn_datasource [Text] - mla_conn_portnumber [Text] - mla_conn_initialcatalog [Text] - mla_conn_provider [Radio] - mla_conn_networklibrary [Select] - mla_conn_trusted [Checkbox] - mla_conn_user [Text] - mla_conn_password [Password] - mla_conn_co ... (line truncated)

Request headers

GET /mla2000/scripts/conn/dsnless.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/conn/default.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

Acunetix Website Audit

17

Possible sensitive directories

Severity

Low

Type

Validation

Reported by module

Scripting (Possible_Sensitive_Directories.script)

Description

A possible sensitive directory has been found. This directory is not directly linked from the website.This check looks for common sensitive resources like backup directories, database dumps, administration pages, temporary directories. Each one of these directories could help an attacker to learn more about his target.

Impact

This directory may expose sensitive information that could help a malicious user to prepare more advanced attacks.

Recommendation

Restrict access to this directory or remove it from the website.

References

Web Server Security and Database Server Security

Affected items

/mla2000/scripts/db

Details

No details are available.

Request headers

GET /mla2000/scripts/db HTTP/1.1 Accept: acunetix/wvs Range: bytes=0-99999 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)

/mla2000/scripts/DB

Details

No details are available.

Request headers

GET /mla2000/scripts/DB HTTP/1.1 Accept: acunetix/wvs Range: bytes=0-99999 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)

/mla2000/scripts/inc

Details

No details are available.

Request headers

GET /mla2000/scripts/inc HTTP/1.1 Accept: acunetix/wvs Range: bytes=0-99999 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)

Acunetix Website Audit

18

/mla2000/scripts/tools

Details

No details are available.

Request headers

GET /mla2000/scripts/tools HTTP/1.1 Accept: acunetix/wvs Range: bytes=0-99999 Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)

Acunetix Website Audit

19

Broken links

Severity

Informational

Type

Informational

Reported by module

Crawler

Description

A broken link refers to any link that should take you to a document, image or webpage, that actually results in an error. This page was linked from the website but it is inaccessible.

Impact

Problems navigating the site.

Recommendation

Remove the links to this file or make it accessible.

Affected items

/mla2000/scripts/connection/default.asp

Details

No details are available.

Request headers

GET /mla2000/scripts/connection/default.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/ Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

/mla2000/scripts/inc/scripts/conn/default.asp

Details

No details are available.

Request headers

GET /mla2000/scripts/inc/scripts/conn/default.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/inc/frameset.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

/mla2000/scripts/inc/webmaster@mylittletools.net

Details

No details are available.

Request headers

GET /mla2000/scripts/inc/webmaster@mylittletools.net HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/inc/frameset.asp

Acunetix Website Audit

20

Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

/mla2000/webmaster@mylittletools.net

Details

No details are available.

Request headers

GET /mla2000/webmaster@mylittletools.net HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/ Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

Acunetix Website Audit

21

Email address found

Severity

Informational

Type

Informational

Reported by module

Scripting (Text_Search.script)

Description

One or more email addresses have been found on this page. The majority of spam comes from email addresses harvested off the internet. The spam-bots (also known as email harvesters and email extractors) are programs that scour the internet looking for email addresses on any website they come across. Spambot programs look for strings like myname@mydomain.com and then record any addresses found.

Impact

Email addresses posted on Web sites may attract spam.

Recommendation

Check references for details on how to solve this problem.

References

Spam-Proofing Your Website

Why Am I Getting All This Spam?

Affected items

/mla2000/default.asp

Details

Pattern found: webmaster@myLittleTools.net

Request headers

GET /mla2000/default.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/restart.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

/mla2000/scripts/conn/default.asp

Details

Pattern found: webmaster@myLittleTools.net

Request headers

GET /mla2000/scripts/conn/default.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/hlp/default.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

Acunetix Website Audit

22

/mla2000/scripts/conn/dsn.asp

Details

Pattern found: webmaster@myLittleTools.net

Request headers

GET /mla2000/scripts/conn/dsn.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/conn/default.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

/mla2000/scripts/conn/dsnless.asp

Details

Pattern found: webmaster@myLittleTools.net

Request headers

GET /mla2000/scripts/conn/dsnless.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/conn/default.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

/mla2000/scripts/conn/expired.asp

Details

Pattern found: webmaster@myLittleTools.net

Request headers

GET /mla2000/scripts/conn/expired.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/db/ Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

/mla2000/scripts/hlp/connected.asp

Details

Pattern found: webmaster@myLittleTools.net

Request headers

Acunetix Website Audit

23

GET /mla2000/scripts/hlp/connected.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/conn/dsn.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

/mla2000/scripts/hlp/default.asp

Details

Pattern found: webmaster@myLittleTools.net

Request headers

GET /mla2000/scripts/hlp/default.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/inc/frameset.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

/mla2000/scripts/inc/frameset.asp

Details

Pattern found: webmaster@myLittleTools.net

Request headers

GET /mla2000/scripts/inc/frameset.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/ Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

/mla2000/scripts/inc/frameset2.asp

Details

Pattern found: webmaster@myLittleTools.net

Request headers

GET /mla2000/scripts/inc/frameset2.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/inc/frameset.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx

Acunetix Website Audit

24

Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

/mla2000/scripts/inc/header.asp

Details

Pattern found: webmaster@myLittleTools.net

Request headers

GET /mla2000/scripts/inc/header.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/ Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

/mla2000/scripts/inc/tree.asp

Details

Pattern found: webmaster@myLittleTools.net

Request headers

GET /mla2000/scripts/inc/tree.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/inc/frameset.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

/mla2000/scripts/inc/tree2.asp

Details

Pattern found: webmaster@myLittleTools.net

Request headers

GET /mla2000/scripts/inc/tree2.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/inc/tree.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

Acunetix Website Audit

25

/mla2000/scripts/pref/default.asp

Details

Pattern found: webmaster@myLittleTools.net

Request headers

GET /mla2000/scripts/pref/default.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/hlp/default.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

/mla2000/scripts/pref/display.asp

Details

Pattern found: webmaster@myLittleTools.net

Request headers

GET /mla2000/scripts/pref/display.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/pref/default.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

/mla2000/scripts/pref/language.asp

Details

Pattern found: webmaster@myLittleTools.net

Request headers

GET /mla2000/scripts/pref/language.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/pref/default.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

/mla2000/scripts/pref/theme.asp

Details

Pattern found: webmaster@myLittleTools.net

Request headers

Acunetix Website Audit

26

GET /mla2000/scripts/pref/theme.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/pref/default.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

/mla2000/themes/classic/css/mla_sql.css

Details

Pattern found: webmaster@mylittletools.net

Request headers

GET /mla2000/themes/classic/css/mla_sql.css HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/inc/header.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

Acunetix Website Audit

27

Password type input with autocomplete enabled

Severity

Informational

Type

Informational

Reported by module

Crawler

Description

When a new name and password is entered in a form and the form is submitted, the browser asks if the password should be saved. Thereafter when the form is displayed, the name and password are filled in automatically or are completed as the name is entered. An attacker with local access could obtain the cleartext password from the browser cache.

Impact

Possible sensitive information disclosure

Recommendation

The password autocomplete should be disabled in sensitive applications. To disable autocomplete, you may use a code similar to: <INPUT TYPE="password" AUTOCOMPLETE="off">

Affected items

/mla2000/scripts/conn/dsn.asp

Details

Password type input named mla_conn_password from form named mla_conn with action dsn.asp has autocomplete enabled.

Request headers

GET /mla2000/scripts/conn/dsn.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/conn/default.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

/mla2000/scripts/conn/dsnless.asp

Details

Password type input named mla_conn_password from form named mla_conn with action dsnless.asp has autocomplete enabled.

Request headers

GET /mla2000/scripts/conn/dsnless.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/conn/default.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

Acunetix Website Audit

28

Possible username or password disclosure

Severity

Informational

Type

Informational

Reported by module

Scripting (Text_Search.script)

Description

A username and/or password was found in this file. This information could be sensitive. This alert may be a false positive, manual confirmation is required.

Impact

Possible sensitive information disclosure.

Recommendation

Remove this file from your website or change its permissions to remove access.

Affected items

/mla2000/scripts/hlp/connected.asp

Details

Pattern found: Pwd=acUn3t1x

Request headers

GET /mla2000/scripts/hlp/connected.asp HTTP/1.1 Pragma: no-cache Referer: http://mssql.preview.xss.cx/mla2000/scripts/conn/dsn.asp Acunetix-Aspect: enabled Acunetix-Aspect-Password: ***** Acunetix-Aspect-Queries: filelist;aspectalerts Cookie: ASPSESSIONIDSCBRSDDB=HGJLFMCDDJBEIAJBLBJMCGHD Host: mssql.preview.xss.cx Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*

Acunetix Website Audit

29

Scanned items (coverage report)

URL: http://mssql.preview.xss.cx/mla2000/

No vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/scripts/

Vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/scripts/inc/

No vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/scripts/inc/header.asp

Vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/scripts/inc/frameset.asp

Vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/scripts/inc/tree.asp

Vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/scripts/inc/scripts

No vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/scripts/inc/scripts/conn

No vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/scripts/inc/scripts/conn/default.asp

Vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/scripts/inc/webmaster@mylittletools.net

Vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/scripts/inc/frameset2.asp

Vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/scripts/inc/tree2.asp

Vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/scripts/connection

No vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/scripts/connection/default.asp

Vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/scripts/js/

No vulnerabilities has been identified for this URL

No input(s) found for this URL

Acunetix Website Audit

30

URL: http://mssql.preview.xss.cx/mla2000/scripts/js/mla_sql.js

No vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/scripts/js/mylittletree.js

No vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/scripts/hlp/

No vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/scripts/hlp/default.asp

Vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/scripts/hlp/connected.asp

Vulnerabilities has been identified for this URL

1 input(s) found for this URL

Inputs

Input scheme 1

Input name

Input type

refresh

URL encoded GET

URL: http://mssql.preview.xss.cx/mla2000/scripts/conn/

No vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/scripts/conn/default.asp

Vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/scripts/conn/dsn.asp

Vulnerabilities has been identified for this URL

5 input(s) found for this URL

Inputs

Input scheme 1

Input name

Input type

mla_conn_cookie

URL encoded POST

mla_conn_dsn

URL encoded POST

mla_conn_password

URL encoded POST

mla_conn_submit

URL encoded POST

mla_conn_user

URL encoded POST

URL: http://mssql.preview.xss.cx/mla2000/scripts/conn/dsnless.asp

Vulnerabilities has been identified for this URL

10 input(s) found for this URL

Inputs

Input scheme 1

Input name

Input type

mla_conn_cookie

URL encoded POST

mla_conn_datasource

URL encoded POST

mla_conn_initialcatalog

URL encoded POST

mla_conn_networklibrary

URL encoded POST

mla_conn_password

URL encoded POST

mla_conn_portnumber

URL encoded POST

mla_conn_provider

URL encoded POST

Acunetix Website Audit

31

mla_conn_submit

URL encoded POST

mla_conn_trusted

URL encoded POST

mla_conn_user

URL encoded POST

URL: http://mssql.preview.xss.cx/mla2000/scripts/conn/expired.asp

Vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/scripts/pref/

No vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/scripts/pref/default.asp

Vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/scripts/pref/theme.asp

Vulnerabilities has been identified for this URL

3 input(s) found for this URL

Inputs

Input scheme 1

Input name

Input type

mla_cfg_cancel

URL encoded POST

mla_cfg_submit

URL encoded POST

mla_cfg_theme

URL encoded POST

URL: http://mssql.preview.xss.cx/mla2000/scripts/pref/display.asp

Vulnerabilities has been identified for this URL

12 input(s) found for this URL

Inputs

Input scheme 1

Input name

Input type

mla_cfg_cancel

URL encoded POST

mla_cfg_firstdayofweek

URL encoded POST

mla_cfg_maxdisplayedbin

URL encoded POST

mla_cfg_maxdisplayedchar

URL encoded POST

mla_cfg_pagesize

URL encoded POST

mla_cfg_rowdelimiter

URL encoded POST

mla_cfg_showsysdatabases

URL encoded POST

mla_cfg_showsysfunctions

URL encoded POST

mla_cfg_showsysprocedures

URL encoded POST

mla_cfg_showsystables

URL encoded POST

mla_cfg_showsysviews

URL encoded POST

mla_cfg_submit

URL encoded POST

URL: http://mssql.preview.xss.cx/mla2000/scripts/pref/language.asp

Vulnerabilities has been identified for this URL

3 input(s) found for this URL

Inputs

Input scheme 1

Input name

Input type

mla_cfg_cancel

URL encoded POST

mla_cfg_lng

URL encoded POST

mla_cfg_submit

URL encoded POST

Acunetix Website Audit

32

URL: http://mssql.preview.xss.cx/mla2000/scripts/db/

No vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/scripts/tools/

No vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/webmaster@mylittletools.net

Vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/themes/

No vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/themes/classic/

No vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/themes/classic/css/

No vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/themes/classic/css/mla_sql.css

Vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/themes/classic/images/

No vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/themes/classic/images/window/

No vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/themes/classic/images/action/

No vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/themes/classic/images/mylittletree/

No vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/themes/classic/images/obj32/

No vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/restart.asp

No vulnerabilities has been identified for this URL

No input(s) found for this URL

URL: http://mssql.preview.xss.cx/mla2000/default.asp

Vulnerabilities has been identified for this URL

No input(s) found for this URL

Acunetix Website Audit

33