[Nikto-discuss] Bug report - Possible invalid database entries
Andres Riancho
andres.riancho at gmail.com
Wed Nov 5 15:26:16 UTC 2008
List,
Are these scan_database lines ok?
"generic","@CGIDIRScart.pl?db='","c:\",","GET","Dansie Shopping Cart
reveals the full path to the CGI directory."
"generic","@CGIDIRScart.pl?db='","d:\",","GET","Dansie Shopping Cart
reveals the full path to the CGI directory."
"generic","/hostadmin/?page='","C:\",","GET","Host Admin reveals
install location and other sensitive information."
"generic","/hostadmin/?page='","D:\",","GET","Host Admin reveals
install location and other sensitive information."
Please note the "d:\",","GET" section.
Cheers,
--
Andres Riancho
http://w3af.sourceforge.net/
Web Application Attack and Audit Framework
More information about the Nikto-discuss
mailing list