Scribd Logo
Upload

Welcome to Scribd!

  • Executive Summary All Vulnerabilities

    Uploaded by

    Thilin Thungeesha
    25 views21 pages
    The document provides a summary of security audits conducted on multiple websites. The audits found vulnerabilities of varying severity levels, including: - One site with high severity vulnerabilities that could allow compromise of the backend database or defacement. - Several sites with medium severity vulnerabilities that should be investigated to prevent escalation. - Most sites had low severity issues or informational findings. Common vulnerabilities included lack of CSRF protections, backup files accessible, cookie security issues, and others.

    Original Description:

    Original Title

    20230525_Executive_Summary_All_vulnerabilities (1)

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document provides a summary of security audits conducted on multiple websites. The audits found vulnerabilities of varying severity levels, including: - One site with high severity vulnerabilities that could allow compromise of the backend database or defacement. - Several sites with medium severity vulnerabilities that should be investigated to prevent escalation. - Most sites had low severity issues or informational findings. Common vulnerabilities included lack of CSRF protections, backup files accessible, cookie security issues, and others.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    25 views21 pages

    Executive Summary All Vulnerabilities

    Uploaded by

    Thilin Thungeesha
    The document provides a summary of security audits conducted on multiple websites. The audits found vulnerabilities of varying severity levels, including: - One site with high severity vulnerabilities that could allow compromise of the backend database or defacement. - Several sites with medium severity vulnerabilities that should be investigated to prevent escalation. - Most sites had low severity issues or informational findings. Common vulnerabilities included lack of CSRF protections, backup files accessible, cookie security issues, and others.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 21

    Executive

    Summary
    Report
    Acunetix Security Audit

    25 May 2023

    Generated by Acunetix
    Vulnerabilities
    Scan details
    Scan information
    Start url https://curl.se
    Host https://curl.se/

    Threat level

    Acunetix Threat Level 3

    One or more high-severity type vulnerabilities have been discovered by the scanner. A malicious user can exploit these
    vulnerabilities and compromise the backend database and/or deface your website.

    Alerts distribution

    Total alerts found 246


    High 7
    Medium 14
    Low 10
    Informational 215
    Executive summary
    Alert group Severity Alert count
    User controllable script source High 6
    Git repository found High 1
    User controllable tag parameter Medium 6
    Directory listing Medium 3
    Error message on page Medium 3
    Development configuration file Medium 1
    HTML form without CSRF protection Medium 1
    Possible sensitive files Low 6
    Documentation file Low 3
    OPTIONS method is enabled Low 1
    Vulnerabilities

    Scan details
    Scan information
    Start url https://www.okx.com
    Host https://www.okx.com/

    Threat level

    Acunetix Threat Level 2

    One or more medium-severity type vulnerabilities have been discovered by the scanner. You should investigate each of these
    vulnerabilities to ensure they will not escalate to more severe problems.

    Alerts distribution

    Total alerts found 22


    High 0
    Medium 1
    Low 2
    Informational 19
    Executive summary
    Alert group Severity Alert count
    HTML form without CSRF protection Medium 1
    Cookie(s) without HttpOnly flag set Low 1
    Cookie(s) without Secure flag set Low 1
    Vulnerabilities
    Scan details
    Scan information
    Start url http://opensea.io
    Host http://opensea.io/

    Threat level

    Acunetix Threat Level 2

    One or more medium-severity type vulnerabilities have been discovered by the scanner. You should investigate each of these
    vulnerabilities to ensure they will not escalate to more severe problems.

    Alerts distribution

    Total alerts found 6


    High 0
    Medium 2
    Low 2
    Informational 2
    Executive summary
    Alert group Severity Alert count
    Backup files Medium 1
    HTML form without CSRF protection Medium 1
    Clickjacking: X-Frame-Options header missing Low 1
    Cookie(s) without Secure flag set Low 1
    Vulnerabilities
    Scan details
    Scan information
    Start url https://www.tide.co
    Host https://www.tide.co/

    Threat level

    Acunetix Threat Level 2

    One or more medium-severity type vulnerabilities have been discovered by the scanner. You should investigate each of these
    vulnerabilities to ensure they will not escalate to more severe problems.

    Alerts distribution

    Total alerts found 47


    High 0
    Medium 1
    Low 9
    Informational 37
    Executive summary
    Alert group Severity Alert count
    HTML form without CSRF protection Medium 1
    Insecure response with wildcard '*' in Access-Control-Allow-Origin Low 9
    Vulnerabilities
    Scan details
    Scan information
    Start url http://www.lahitapiola.fi
    Host http://www.lahitapiola.fi/

    Threat level

    Acunetix Threat Level 2

    One or more medium-severity type vulnerabilities have been discovered by the scanner. You should investigate each of these
    vulnerabilities to ensure they will not escalate to more severe problems.

    Alerts distribution

    Total alerts found 11


    High 0
    Medium 4
    Low 3
    Informational 4
    Executive summary
    Alert group Severity Alert count
    Backup files Medium 3
    HTML form without CSRF protection Medium 1
    Clickjacking: X-Frame-Options header missing Low 1
    Cookie(s) without HttpOnly flag set Low 1
    Cookie(s) without Secure flag set Low 1
    Vulnerabilities

    Scan details
    Scan information
    https://etherscan.io/address/0x00005EA00Ac477B1030CE785
    Start url
    06496e8C2dE24bf5
    Host https://etherscan.io/

    Threat level

    Acunetix Threat Level 2

    One or more medium-severity type vulnerabilities have been discovered by the scanner. You should investigate each of these
    vulnerabilities to ensure they will not escalate to more severe problems.

    Alerts distribution

    Total alerts found 2


    High 0
    Medium 1
    Low 1
    Informational 0
    Executive summary
    Alert group Severity Alert count
    HTML form without CSRF protection Medium 1
    OPTIONS method is enabled Low 1
    Vulnerabilities

    Scan details
    Scan information
    Start url https://www.kindredgroup.com
    Host https://www.kindredgroup.com/

    Threat level

    Acunetix Threat Level 2

    One or more medium-severity type vulnerabilities have been discovered by the scanner. You should investigate each of these
    vulnerabilities to ensure they will not escalate to more severe problems.

    Alerts distribution

    Total alerts found 1


    High 0
    Medium 1
    Low 0
    Informational 0
    Executive summary
    Alert group Severity Alert count
    HTML form without CSRF protection Medium 1
    Vulnerabilities

    Scan details
    Scan information
    Start url https://newegg.com
    Host https://newegg.com/

    Threat level

    Acunetix Threat Level 1

    One or more low-severity type vulnerabilities have been discovered by the scanner.

    Alerts distribution

    Total alerts found 1


    High 0
    Medium 0
    Low 1
    Informational 0
    Executive summary
    Alert group Severity Alert count
    Clickjacking: X-Frame-Options header missing Low 1
    Vulnerabilities

    Scan details
    Scan information
    Start url https://www.xvideos.com
    Host https://www.xvideos.com/

    Threat level

    Acunetix Threat Level 2

    One or more medium-severity type vulnerabilities have been discovered by the scanner. You should investigate each of these
    vulnerabilities to ensure they will not escalate to more severe problems.

    Alerts distribution

    Total alerts found 111


    High 0
    Medium 1
    Low 102
    Informational 8
    Executive summary
    Alert group Severity Alert count
    HTML form without CSRF protection Medium 1
    Insecure Flash embed parameter Low 99
    Cookie(s) without HttpOnly flag set Low 1
    Cookie(s) without Secure flag set Low 1
    Possible virtual host found Low 1
    Vulnerabilities

    Scan details
    Scan information
    Start url https://www.8x8.com
    Host https://www.8x8.com/

    Threat level

    Acunetix Threat Level 1

    One or more low-severity type vulnerabilities have been discovered by the scanner.

    Alerts distribution

    Total alerts found 2


    High 0
    Medium 0
    Low 2
    Informational 0
    Executive summary
    Alert group Severity Alert count
    Clickjacking: X-Frame-Options header missing Low 1
    Insecure response with wildcard '*' in Access-Control-Allow-Origin Low 1

    You might also like