Developer Https Online Assessment Apidataserv Com Login

Developer
Report
Acunetix Security Audit
23 October 2023
Generated by Acunetix
1
Scan of online-assessment.apidataserv.com
Scan details
Scan information
Start time 23/10/2023, 07:41:32
Start url https://online-assessment.apidataserv.com/login
Host online-assessment.apidataserv.com
Scan time 5 minutes, 48 seconds
Profile Full Scan
Server information nginx/1.14.2
Responsive True
Server OS Unknown
Threat level
Acunetix Threat Level 2
One or more medium-severity type vulnerabilities have been discovered by the scanner. You should investigate each of
these vulnerabilities to ensure they will not escalate to more severe problems.
Alerts distribution
Total alerts found 13

High 0
Medium 3
Low 4
Informational 6
2
Alerts summary
Error message on page
Classification
Base Score: 5.0
Access Vector: Network_accessible
Access Complexity: Low
Authentication: None
Confidentiality Impact: Partial
Integrity Impact: None
Availability Impact: None
CVSS2 Exploitability: Not_defined
Remediation Level: Not_defined
Report Confidence: Not_defined
Availability Requirement: Not_defined
Collateral Damage Potential: Not_defined
Confidentiality Requirement: Not_defined
Integrity Requirement: Not_defined
Target Distribution: Not_defined
Base Score: 5.3
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
CVSS3 User Interaction: None
Scope: Unchanged
Confidentiality Impact: Low
CWE CWE-200
Affected items Variation
Web Server 1
/FNu46MsRQH.cgi 1
Slow HTTP Denial of Service Attack
Classification
Base Score: 5.0
Confidentiality Impact: None
Availability Impact: Partial
3
Base Score: 5.3
Scope: Unchanged
Availability Impact: Low
Web Server 1
Clickjacking: X-Frame-Options header missing
Classification
Base Score: 4.3
Access Complexity: Medium
Integrity Impact: Partial
CWE CWE-693
Web Server 1
Cookie(s) without Secure flag set
Classification
Base Score: 0.0
CWE CWE-16
Web Server 2
4
Error page path disclosure
Classification
Base Score: 5.0
Base Score: 0.0
Scope: Unchanged
CWE CWE-200
Web Server 1
Content Security Policy (CSP) not implemented
Classification
Base Score: 0.0
CWE CWE-16
/login 1
Password type input with auto-complete enabled
Classification
5
Base Score: 0.0
Base Score: 7.5
Scope: Unchanged
Confidentiality Impact: High
CWE CWE-200
Web Server 1
Possible internal IP address disclosure
Classification
Base Score: 5.0
Base Score: 7.5
Scope: Unchanged
CWE CWE-200
6
Web Server 1
/FNu46MsRQH.cgi 1
Possible server path disclosure (Unix)
Classification
Base Score: 5.0
Base Score: 7.5
Scope: Unchanged
CWE CWE-200
/FNu46MsRQH.cgi 1
Subresource Integrity (SRI) not implemented
Classification
Base Score: 0.0
CWE CWE-16
/login 1
7
Alerts details
Error message on page
Severity Medium
Reported by module /Scripts/PerFolder/Invalid_Page_Text_Search.script
Description
This alert requires manual confirmation
Application error or warning messages may expose sensitive information about an application's internal workings to an
attacker.
Acunetix found an error or warning message that may disclose sensitive information. The message may also contain the
location of the file that produced an unhandled exception. Consult the 'Attack details' section for more information about the
affected page.
Impact
Error messages may disclose sensitive information which can be used to escalate attacks.
Recommendation
Verify that this page is disclosing error or warning messages and properly configure the application to log errors to a file
instead of displaying the error to the user.
References
PHP Runtime Configuration (https://www.php.net/manual/en/errorfunc.configuration.php#ini.display-errors)

Improper Error Handling (https://www.owasp.org/index.php/Improper_Error_Handling)
Affected items
Web Server
Details
Pattern found:
Fatal error
Request headers
GET /vZgPQhJ5Ls.jsp HTTP/1.1
Cookie:
ci_session=tsqb2lobjcp62m4nfi07cs7mf0eeng8c;csrf_cookie_name=16aaa76ead90d793833ed86bbb60
f39f
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate
Host: online-assessment.apidataserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
Gecko) Chrome/73.0.3683.103 Safari/537.36
Connection: Keep-alive
/FNu46MsRQH.cgi
Details
8
Pattern found:
Fatal error
Request headers
GET /FNu46MsRQH.cgi HTTP/1.1
Referer: https://online-assessment.apidataserv.com/login
Cookie:
f39f
Slow HTTP Denial of Service Attack
Severity Medium
Reported by module /SlowHTTPDOS
Description
Your web server is vulnerable to Slow HTTP DoS (Denial of Service) attacks.
Slowloris and Slow HTTP POST DoS attacks rely on the fact that the HTTP protocol, by design, requires requests to be
completely received by the server before they are processed. If an HTTP request is not complete, or if the transfer rate is
very low, the server keeps its resources busy waiting for the rest of the data. If the server keeps too many resources busy,
this creates a denial of service.
Impact
A single machine can take down another machine's web server with minimal bandwidth and side effects on unrelated
services and ports.
Recommendation
Consult Web references for information about protecting your web server against this type of attack.
References
Slowloris DOS Mitigation Guide (https://www.funtoo.org/Slowloris_DOS_Mitigation_Guide)

Protect Apache Against Slowloris Attack
(https://web.archive.org/web/20180329210925/http://blog.secaserver.com/2011/08/protect-apache-slowloris-attack/)
Affected items
Web Server
Details
Time difference between connections: 10000 ms
Request headers
9
Clickjacking: X-Frame-Options header missing
Severity Low
Reported by module /Scripts/PerServer/Clickjacking_X_Frame_Options.script
Description
Clickjacking (User Interface redress attack, UI redress attack, UI redressing) is a malicious technique of tricking a Web user
into clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential
information or taking control of their computer while clicking on seemingly innocuous web pages.
The server didn't return an X-Frame-Options header which means that this website could be at risk of a clickjacking
attack. The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed
to render a page inside a frame or iframe. Sites can use this to avoid clickjacking attacks, by ensuring that their content is
not embedded into other sites.
Impact
The impact depends on the affected web application.
Recommendation
Configure your web server to include an X-Frame-Options header and a CSP header with frame-ancestors directive.
Consult Web references for more information about the possible values for this header.
References
The X-Frame-Options response header (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options)

Clickjacking (https://en.wikipedia.org/wiki/Clickjacking)
OWASP Clickjacking (https://www.owasp.org/index.php/Clickjacking)
Defending with Content Security Policy frame-ancestors directive
(https://www.owasp.org/index.php/Clickjacking_Defense_Cheat_Sheet#Defending_with_Content_Security_Policy_frame-
ancestors_directive)
Frame Buster Buster (https://stackoverflow.com/questions/958997/frame-buster-buster-buster-code-needed)
Affected items
Web Server
Details
Request headers
GET / HTTP/1.1
Cookie:
f39f
Cookie(s) without Secure flag set
Severity Low
10
Reported by module /RPA/Cookie_Without_Secure.js
Description
This cookie does not have the Secure flag set. When a cookie is set with the Secure flag, it instructs the browser that the
cookie can only be accessed over secure SSL/TLS channels. This is an important security protection for session cookies.
Impact
Cookies could be sent over unencrypted channels.
Recommendation
If possible, you should set the Secure flag for this cookie.
Affected items
Web Server
Verified vulnerability
Details
Set-Cookie: ci_session=tsqb2lobjcp62m4nfi07cs7mf0eeng8c; expires=Mon, 23-Oct-2023 09:41:35 GMT; Max-
Age=7200; path=/; HttpOnly; SameSite=Lax
Request headers
GET /login HTTP/1.1
Web Server
Verified vulnerability
Details
Set-Cookie: csrf_cookie_name=16aaa76ead90d793833ed86bbb60f39f; expires=Mon, 23-Oct-2023 09:41:35 GMT; Max-
Age=7200; path=/; HttpOnly; SameSite=Lax
Request headers
GET /login HTTP/1.1
Error page path disclosure
Severity Low
Reported by module /Scripts/PerServer/Error_Page_Path_Disclosure.script
11
Description
Application errors or warning messages may disclose sensitive information about an application's internal workings to an
attacker.
Acunetix found one or more fully qualified path names that may disclose a web server's file system structure. Consult the
'Attack details' section for more information about the affected page.
Impact
Error messages information about an application's internal workings may be used to escalate attacks.
Recommendation
Properly configure the application not to disclose information about an application's internal workings to the user.
Affected items
Web Server
Details
Pattern found:
/var/www/online
Request headers
Content Security Policy (CSP) not implemented
Severity Informational
Reported by module /httpdata/CSP_not_implemented.js
Description
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks,
including Cross Site Scripting (XSS) and data injection attacks.
Content Security Policy (CSP) can be implemented by adding a Content-Security-Policy header. The value of this header
is a string containing the policy directives describing your Content Security Policy. To implement CSP, you should define
lists of allowed origins for the all of the types of resources that your site utilizes. For example, if you have a simple site that
needs to load scripts, stylesheets, and images hosted locally, as well as from the jQuery library from their CDN, the CSP
header could look like the following:
Content-Security-Policy:
default-src 'self';
script-src 'self' https://code.jquery.com;
12
It was detected that your web application doesn't implement Content Security Policy (CSP) as the CSP header is missing
from the response. It's recommended to implement Content Security Policy (CSP) into your web application.
Impact
CSP can be used to prevent and/or mitigate attacks that involve content/code injection, such as cross-site scripting/XSS
attacks, attacks that require embedding a malicious resource, attacks that involve malicious use of iframes, such as
clickjacking attacks, and others.
Recommendation
It's recommended to implement Content Security Policy (CSP) into your web application. Configuring Content Security
Policy involves adding the Content-Security-Policy HTTP header to a web page and giving it values to control resources
the user agent is allowed to load for that page.
References
Content Security Policy (CSP) (https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP)

Implementing Content Security Policy (https://hacks.mozilla.org/2016/02/implementing-content-security-policy/)
Affected items
/login
Details
Request headers
GET /login HTTP/1.1
Password type input with auto-complete enabled
Reported by module /Crawler/12-Crawler_Password_Input_Autocomplete.js
Description
When a new name and password is entered in a form and the form is submitted, the browser asks if the password should
be saved.Thereafter when the form is displayed, the name and password are filled in automatically or are completed as the
name is entered. An attacker with local access could obtain the cleartext password from the browser cache.
Impact
Possible sensitive information disclosure.
Recommendation
The password auto-complete should be disabled in sensitive applications.

To disable auto-complete, you may use a code similar to:
<INPUT TYPE="password" AUTOCOMPLETE="off">
13
Affected items
Web Server
Details
Form name: <empty>
Form action: /login
Form method: POST
Form input:
password [password]
Request headers
GET /login HTTP/1.1
Possible internal IP address disclosure
Reported by module /Scripts/PerFolder/Invalid_Page_Text_Search.script
Description
A string matching an internal IPv4 address was found on this page. This may disclose information about the IP addressing
scheme of the internal network. This information can be used to conduct further attacks.
This alert may be a false positive, manual confirmation is required.
Impact
Recommendation
Prevent this information from being displayed to the user.
Affected items
Web Server
Details
Pattern found:
192.168.2.34
Request headers
14
GET /vZgPQhJ5Ls.jsp HTTP/1.1
Cookie:
f39f
/FNu46MsRQH.cgi
Details
Pattern found:
192.168.2.34
Request headers
Cookie:
f39f
Possible server path disclosure (Unix)
Reported by module /Scripts/PerFile/Text_Search_File.script
Description
One or more fully qualified path names were found on this page. From this information the attacker may learn the file
system structure from the web server. This information can be used to conduct further attacks.
This alert may be a false positive, manual confirmation is required.
Impact
Recommendation
Prevent this information from being displayed to the user.
References
Full Path Disclosure (https://www.owasp.org/index.php/Full_Path_Disclosure)
15
Affected items
/FNu46MsRQH.cgi
Details
Pattern found:
/var/www/online
Request headers
Cookie:
f39f
Subresource Integrity (SRI) not implemented
Reported by module /RPA/SRI_Not_Implemented.js
Description
Subresource Integrity (SRI) is a security feature that enables browsers to verify that third-party resources they fetch (for
example, from a CDN) are delivered without unexpected manipulation. It works by allowing developers to provide a
cryptographic hash that a fetched file must match.
Third-party resources (such as scripts and stylesheets) can be manipulated. An attacker that has access or has hacked the
hosting CDN can manipulate or replace the files. SRI allows developers to specify a base64-encoded cryptographic hash of
the resource to be loaded. The integrity attribute containing the hash is then added to the <script> HTML element tag. The
integrity string consists of a base64-encoded hash, followed by a prefix that depends on the hash algorithm. This prefix can
either be sha265, sha384 or sha512.
The script loaded from the external URL specified in the Details section doesn't implement Subresource Integrity (SRI). It's
recommended to implement Subresource Integrity (SRI) for all the scripts loaded from external hosts.
Impact
An attacker that has access or has hacked the hosting CDN can manipulate or replace the files.
Recommendation
Use the SRI Hash Generator link (from the References section) to generate a <script> element that implements
Subresource Integrity (SRI).
For example, you can use the following <script> element to tell a browser that before executing the
https://example.com/example-framework.js script, the browser must first compare the script to the expected hash, and
verify that there's a match.
16
<script src="https://example.com/example-framework.js"
integrity="sha384-oqVuAfXRKap7fdgcCY5uykM6+R9GqQ8K/uxy9rx7HNQlGYl1kPzQho1wx4JwY8wC"
crossorigin="anonymous"></script>
References
Subresource Integrity (https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity)

SRI Hash Generator (https://www.srihash.org/)
Affected items
/login
Details
Request headers
GET /login HTTP/1.1
17
Scanned items (coverage report)
https://online-assessment.apidataserv.com/
https://online-assessment.apidataserv.com/FNu46MsRQH.cgi
https://online-assessment.apidataserv.com/assets/
https://online-assessment.apidataserv.com/assets/css/
https://online-assessment.apidataserv.com/assets/css/all.css
https://online-assessment.apidataserv.com/assets/css/dashboard.css
https://online-assessment.apidataserv.com/assets/css/daterangepicker.css
https://online-assessment.apidataserv.com/assets/css/elib.css
https://online-assessment.apidataserv.com/assets/css/img/
https://online-assessment.apidataserv.com/assets/css/img/svg/
https://online-assessment.apidataserv.com/assets/css/knowledge.css
https://online-assessment.apidataserv.com/assets/css/mockup_css/
https://online-assessment.apidataserv.com/assets/css/mockup_css/style.css
https://online-assessment.apidataserv.com/assets/css/style.css
https://online-assessment.apidataserv.com/assets/img/
https://online-assessment.apidataserv.com/assets/img/jpg/
https://online-assessment.apidataserv.com/assets/img/png/
https://online-assessment.apidataserv.com/assets/img/svg/
https://online-assessment.apidataserv.com/assets/plugins/
https://online-assessment.apidataserv.com/assets/plugins/bootstrap/
https://online-assessment.apidataserv.com/assets/plugins/bootstrap/css/
https://online-assessment.apidataserv.com/assets/plugins/bootstrap/css/bootstrap.min.css
https://online-assessment.apidataserv.com/assets/plugins/datepicker/
https://online-assessment.apidataserv.com/assets/plugins/datepicker/css/
https://online-assessment.apidataserv.com/assets/plugins/datepicker/css/bootstrap-datepicker.min.css
https://online-assessment.apidataserv.com/assets/plugins/select2/
https://online-assessment.apidataserv.com/assets/plugins/select2/css/
https://online-assessment.apidataserv.com/assets/plugins/select2/css/select2-bootstrap4.min.css
https://online-assessment.apidataserv.com/assets/plugins/select2/css/select2.min.css
https://online-assessment.apidataserv.com/assets/plugins/sweetalert2/
https://online-assessment.apidataserv.com/assets/plugins/sweetalert2/sweetalert2.min.css
https://online-assessment.apidataserv.com/assets/webfonts/
https://online-assessment.apidataserv.com/login
https://online-assessment.apidataserv.com/public/
https://online-assessment.apidataserv.com/public/assets/
https://online-assessment.apidataserv.com/public/assets/img/
https://online-assessment.apidataserv.com/public/assets/img/svg/
https://online-assessment.apidataserv.com/register
https://online-assessment.apidataserv.com/robots.txt
18

Developer Https Online Assessment Apidataserv Com Login

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Developer Https Online Assessment Apidataserv Com Login

Uploaded by

Copyright:

Available Formats

Developer

Acunetix Threat Level 2

Total alerts found 13

Error message on page

Slow HTTP Denial of Service Attack

Clickjacking: X-Frame-Options header missing

Cookie(s) without Secure flag set

Content Security Policy (CSP) not implemented

Password type input with auto-complete enabled

Possible internal IP address disclosure

Possible server path disclosure (Unix)

Subresource Integrity (SRI) not implemented

Error message on page

This alert requires manual confirmation

PHP Runtime Configuration (https://www.php.net/manual/en/errorfunc.configuration.php#ini.display-errors)

Slow HTTP Denial of Service Attack

Slowloris DOS Mitigation Guide (https://www.funtoo.org/Slowloris_DOS_Mitigation_Guide)

The impact depends on the affected web application.

The X-Frame-Options response header (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options)

Cookie(s) without Secure flag set

Cookies could be sent over unencrypted channels.

Error page path disclosure

Content Security Policy (CSP) not implemented

Content Security Policy (CSP) (https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP)

Password type input with auto-complete enabled

Possible sensitive information disclosure.

The password auto-complete should be disabled in sensitive applications.

<INPUT TYPE="password" AUTOCOMPLETE="off">

Possible internal IP address disclosure

This alert may be a false positive, manual confirmation is required.

Possible sensitive information disclosure.

Prevent this information from being displayed to the user.

Possible server path disclosure (Unix)

This alert may be a false positive, manual confirmation is required.

Possible sensitive information disclosure.

Prevent this information from being displayed to the user.

Full Path Disclosure (https://www.owasp.org/index.php/Full_Path_Disclosure)

Subresource Integrity (SRI) not implemented

Subresource Integrity (https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity)

You might also like