Scan Details · Vulnerabilities: 90 Creation Time: 23:07:31 Scan Details Vulnerabilities By...

Web Application Static Source Code Security Analysis ReportThunderScan PHP / DefenseCode LLC.

10-07-2012 Page 1

Project Name: PHP MutillidaeSecurity Scan

Line per vuln: 10

Scanned Files: 20 Filters: 0

Code Lines: 981 Creation Date: 10-07-2012

Vulnerabilities: 90 Creation Time: 23:07:31

Scan Details

Vulnerabilities By Severity

Vulnerability group Findings Project information

Company DefenseCode LTD.

Author DefenseCode

E-mail [email protected]

Brief Description PHP source code vulnerabilitiyscan of Mutillidae 1.3.

SQL Injection 13

File Disclosure 2

PHP File Inclusion 1

Shell Command Execution 1

Cross Site Scripting 45

File Manipulation 2

Misc. Dangerous Functions 25

Dangerous File Extensions 1


10-07-2012 Page 2

SQL Injection (13)1. SQL Injection through mysql_query()

Risk: Code Line: Vuln ID:

HIGH 13 6

File:

E:\Audit\mutillidae1.3\mutillidae\header.php

Vulnerability:

13: mysql_query($query)

Input variable:

$_REQUEST["user_name"]

Stack (function/line/file):

0. mysql_query() 12 E:\Audit\mutillidae1.3\mutillidae\header.php

User input flow:

0. $_REQUEST["user_name"]1. $username2. $query

Filter:

No mitigating factors, input variable did not passed through PHP input validation functions.

2. SQL Injection through mysql_query()


HIGH 23 11

File:

E:\Audit\mutillidae1.3\mutillidae\user-info.php

Vulnerability:


Input variable:

$_REQUEST["password"]



10-07-2012 Page 3

SQL Injection (13)0. mysql_query() 22 E:\Audit\mutillidae1.3\mutillidae\user-info.php

User input flow:

0. $_REQUEST["password"]1. $password2. $query

Filter:




HIGH 10 3

File:

E:\Audit\mutillidae1.3\mutillidae\closedb.inc

Vulnerability:


Input variable:

$_SERVER['HTTP_REFERER']


0. mysql_query() 9 E:\Audit\mutillidae1.3\mutillidae\closedb.inc

User input flow:

0. $_SERVER['HTTP_REFERER']1. $query

Filter:




HIGH 57 7


10-07-2012 Page 4

SQL Injection (13)File:


Vulnerability:


Input variable:

$_COOKIE["uid"]



User input flow:

0. $_COOKIE["uid"]1. $query

Filter:




HIGH 27 9

File:

E:\Audit\mutillidae1.3\mutillidae\register.php

Vulnerability:


Input variable:



0. mysql_query() 26 E:\Audit\mutillidae1.3\mutillidae\register.php

User input flow:



10-07-2012 Page 5

SQL Injection (13)Filter:




HIGH 23 12

File:


Vulnerability:


Input variable:

$_REQUEST["view_user_name"]


0. mysql_query() 22 E:\Audit\mutillidae1.3\mutillidae\user-info.php

User input flow:

0. $_REQUEST["view_user_name"]1. $viewusername2. $query

Filter:




HIGH 33 2

File:

E:\Audit\mutillidae1.3\mutillidae\add-to-your-blog.php

Vulnerability:



10-07-2012 Page 6

SQL Injection (13)Input variable:

$_REQUEST["input_from_form"]


0. mysql_query() 32 E:\Audit\mutillidae1.3\mutillidae\add-to-your-blog.php

User input flow:

0. $_REQUEST["input_from_form"]1. $inputfromform2. $query

Filter:




HIGH 27 8

File:


Vulnerability:


Input variable:

$_REQUEST["my_signature"]



User input flow:

0. $_REQUEST["my_signature"]1. $mysignature2. $query

Filter:



10-07-2012 Page 7

SQL Injection (13)9. SQL Injection through mysql_query()


HIGH 25 1

File:


Vulnerability:


Input variable:



0. mysql_query() 24 E:\Audit\mutillidae1.3\mutillidae\add-to-your-blog.php

User input flow:


Filter:




HIGH 10 4

File:


Vulnerability:


Input variable:

$_SERVER['HTTP_USER_AGENT']



10-07-2012 Page 8

SQL Injection (13)0. mysql_query() 9 E:\Audit\mutillidae1.3\mutillidae\closedb.inc

User input flow:

0. $_SERVER['HTTP_USER_AGENT']1. $query

Filter:




HIGH 35 13

File:

E:\Audit\mutillidae1.3\mutillidae\view-someones-blog.php

Vulnerability:


Input variable:

$_REQUEST["show_only_user"]


0. mysql_query() 34 E:\Audit\mutillidae1.3\mutillidae\view-someones-blog.php

User input flow:

0. $_REQUEST["show_only_user"]1. $showonlyuser2. $query

Filter:




HIGH 27 10


10-07-2012 Page 9

SQL Injection (13)File:


Vulnerability:


Input variable:




User input flow:


Filter:




HIGH 13 5

File:


Vulnerability:


Input variable:




User input flow:



10-07-2012 Page 10

SQL Injection (13)Filter:



10-07-2012 Page 11

File Disclosure (2)1. File Disclosure through fopen()


HIGH 29 15

File:

E:\Audit\mutillidae1.3\mutillidae\text-file-viewer.php

Vulnerability:

29: fopen($textfilename, "r")

Input variable:

$_REQUEST["text_file_name"]


0. fopen() 28 E:\Audit\mutillidae1.3\mutillidae\text-file-viewer.php

User input flow:

0. $_REQUEST["text_file_name"]1. $textfilename

Filter:


2. File Disclosure through highlight_file()


HIGH 31 14

File:

E:\Audit\mutillidae1.3\mutillidae\source-viewer.php

Vulnerability:

31: highlight_file($phpfilename)

Input variable:

$_REQUEST["php_file_name"]


0. highlight_file() 30 E:\Audit\mutillidae1.3\mutillidae\source-viewer.php


10-07-2012 Page 12

File Disclosure (2)User input flow:

0. $_REQUEST["php_file_name"]1. $phpfilename

Filter:



10-07-2012 Page 13

PHP File Inclusion (1)1. PHP File Inclusion through include()


HIGH 8 16

File:

E:\Audit\mutillidae1.3\mutillidae\index.php

Vulnerability:

8: include "$page"

Input variable:

$_GET[page]


0. include() 7 E:\Audit\mutillidae1.3\mutillidae\index.php

User input flow:

0. $_GET[page]1. $page

Filter:



10-07-2012 Page 14

Shell Command Execution (1)1. Shell Command Execution through shell_exec()


HIGH 18 17

File:

E:\Audit\mutillidae1.3\mutillidae\dns-lookup.php

Vulnerability:

18: shell_exec "nslookup " $targethost

Input variable:

$_REQUEST["target_host"]


0. shell_exec() 17 E:\Audit\mutillidae1.3\mutillidae\dns-lookup.php

User input flow:

0. $_REQUEST["target_host"]1. $targethost

Filter:


10-07-2012 Page 15

Cross Site Scripting (45)1. Cross Site Scripting through echo()


MEDIUM 18 33

File:


Vulnerability:

18: echo (shell_exec("nslookup " . $targethost))

Input variable:

$_REQUEST["target_host"]


0. echo() 17 E:\Audit\mutillidae1.3\mutillidae\dns-lookup.php

User input flow:

0. $_REQUEST["target_host"]1. $targethost

Filter:


2. Cross Site Scripting through echo()


MEDIUM 5 32

File:


Vulnerability:

5: echo ("<form method=\"POST\" action=\"" .$_SERVER['SCRIPT_NAME'] . "?" .$_SERVER['QUERY_STRING'] . "\">")

Input variable:

$_SERVER['SCRIPT_NAME']

10-07-2012 Page 16

Cross Site Scripting (45)0. echo() 4 E:\Audit\mutillidae1.3\mutillidae\dns-lookup.php

User input flow:

0. $_SERVER['SCRIPT_NAME']

Filter:




MEDIUM 39 21

File:


Vulnerability:

39: echo ("{$row['blogger_name']}:({$row['date']}) {$row['comment']}")

Input variable:



0. echo() 38 E:\Audit\mutillidae1.3\mutillidae\add-to-your-blog.php

User input flow:

0. $_REQUEST["input_from_form"]1. $inputfromform2. $query3. $result4. $row

Filter:


4. Cross Site Scripting through print()


MEDIUM 13 26


10-07-2012 Page 17

Cross Site Scripting (45)File:

E:\Audit\mutillidae1.3\mutillidae\browser-info.php

Vulnerability:

13: print ("Remote Client Port:",$_SERVER['REMOTE_PORT'])

Input variable:

$_SERVER['REMOTE_PORT']


0. print() 12 E:\Audit\mutillidae1.3\mutillidae\browser-info.php

User input flow:

0. $_SERVER['REMOTE_PORT']

Filter:




MEDIUM 5 18

File:


Vulnerability:


Input variable:

$_SERVER['QUERY_STRING']



User input flow:

0. $_SERVER['QUERY_STRING']

Filter:

10-07-2012 Page 18

Cross Site Scripting (45)No mitigating factors, input variable did not passed through PHP input validation functions.



MEDIUM 9 30

File:

E:\Audit\mutillidae1.3\mutillidae\catch.php

Vulnerability:

9: print ($msg . " ")

Input variable:

$_REQUEST


0. print() 8 E:\Audit\mutillidae1.3\mutillidae\catch.php

User input flow:

0. $_REQUEST1. $k2. $msg

Filter:




MEDIUM 8 44

File:


Vulnerability:

8: echo ('<input type="hidden" name="page" value="' . $_REQUEST["page"] . '">')

Input variable:

10-07-2012 Page 19

Cross Site Scripting (45)$_REQUEST["page"]


0. echo() 7 E:\Audit\mutillidae1.3\mutillidae\source-viewer.php

User input flow:

0. $_REQUEST["page"]

Filter:




MEDIUM 29 55

File:


Vulnerability:

29: echo ("Password={$row['password']} ")

Input variable:



0. echo() 28 E:\Audit\mutillidae1.3\mutillidae\user-info.php

User input flow:

0. $_REQUEST["password"]1. $password2. $query3. $result4. $row

Filter:

10-07-2012 Page 20

Cross Site Scripting (45)Risk: Code Line: Vuln ID:

MEDIUM 12 25

File:


Vulnerability:

12: print ("Referrer",$_SERVER['HTTP_REFERER'])

Input variable:

$_SERVER['HTTP_REFERER']



User input flow:

0. $_SERVER['HTTP_REFERER']

Filter:




MEDIUM 14 27

File:


Vulnerability:

14: print ("WhoIs info for your IP:","<pre>".WhoIs($_SERVER['REMOTE_ADDR'])."</pre>")

Input variable:

$_SERVER['REMOTE_ADDR']



User input flow:

10-07-2012 Page 21

Cross Site Scripting (45)0. $_SERVER['REMOTE_ADDR']

Filter:




MEDIUM 15 28

File:


Vulnerability:

15: echo ($HTTP_COOKIE_VARS["TestCookie"])

Input variable:

$HTTP_COOKIE_VARS["TestCookie"]


0. echo() 14 E:\Audit\mutillidae1.3\mutillidae\browser-info.php

User input flow:

0. $HTTP_COOKIE_VARS["TestCookie"]

Filter:




MEDIUM 30 57

File:


Vulnerability:

30: echo ("Signature={$row['mysignature']} ")


10-07-2012 Page 22

Cross Site Scripting (45)Input variable:




User input flow:


Filter:




MEDIUM 5 40

File:


Vulnerability:


Input variable:



0. echo() 4 E:\Audit\mutillidae1.3\mutillidae\register.php

User input flow:


Filter:


10-07-2012 Page 23

Cross Site Scripting (45)

14. Cross Site Scripting through die()


MEDIUM 35 61

File:


Vulnerability:

35: die('Did you <a href="setupreset.php">setup/reset the DB</a>? SQL Error:' .mysql_error($conn) . 'SQL Statement:' . $query)

Input variable:



0. die() 34 E:\Audit\mutillidae1.3\mutillidae\view-someones-blog.php

User input flow:

0. $_REQUEST["show_only_user"]1. $showonlyuser2. $query

Filter:




MEDIUM 33 20

File:


Vulnerability:


Input variable:


10-07-2012 Page 24

Cross Site Scripting (45)$_REQUEST["input_from_form"]


0. die() 32 E:\Audit\mutillidae1.3\mutillidae\add-to-your-blog.php

User input flow:


Filter:




MEDIUM 5 59

File:


Vulnerability:


Input variable:



0. echo() 4 E:\Audit\mutillidae1.3\mutillidae\view-someones-blog.php

User input flow:


Filter:




10-07-2012 Page 25

Cross Site Scripting (45)Risk: Code Line: Vuln ID:

MEDIUM 6 49

File:


Vulnerability:


Input variable:




User input flow:


Filter:




MEDIUM 11 24

File:


Vulnerability:

11: print ("Entire User Agent String",$_SERVER['HTTP_USER_AGENT'])

Input variable:

$_SERVER['HTTP_USER_AGENT']



User input flow:


10-07-2012 Page 26

Cross Site Scripting (45)0. $_SERVER['HTTP_USER_AGENT']

Filter:




MEDIUM 5 31

File:


Vulnerability:


Input variable:



0. echo() 4 E:\Audit\mutillidae1.3\mutillidae\dns-lookup.php

User input flow:


Filter:




MEDIUM 13 35

File:


Vulnerability:


10-07-2012 Page 27




0. die() 12 E:\Audit\mutillidae1.3\mutillidae\header.php

User input flow:


Filter:




MEDIUM 28 53

File:


Vulnerability:

28: echo ("Username={$row['username']} ")

Input variable:




User input flow:


Filter:


10-07-2012 Page 28




MEDIUM 30 48

File:


Vulnerability:

30: echo (stream_get_contents($handle))

Input variable:

$_REQUEST["text_file_name"]


0. echo() 29 E:\Audit\mutillidae1.3\mutillidae\text-file-viewer.php

User input flow:

0. $_REQUEST["text_file_name"]1. $textfilename2. $handle

Filter:




MEDIUM 7 22

File:


Vulnerability:

7: print ("IP",$_SERVER['REMOTE_ADDR'])

Input variable:


10-07-2012 Page 29

Cross Site Scripting (45)Stack (function/line/file):


User input flow:

0. $_SERVER['REMOTE_ADDR']

Filter:




MEDIUM 7 42

File:


Vulnerability:

7: echo ("<form method=\"GET\" action=\"" .$_SERVER['SCRIPT_NAME'] . "?" .$_SERVER['QUERY_STRING'] . "\">")

Input variable:




User input flow:


Filter:




MEDIUM 7 46

File:


10-07-2012 Page 30

Cross Site Scripting (45)E:\Audit\mutillidae1.3\mutillidae\text-file-viewer.php

Vulnerability:


Input variable:




User input flow:


Filter:




MEDIUM 9 23

File:


Vulnerability:

9: print ("Hostname",gethostbyaddr($_SERVER['REMOTE_ADDR']))

Input variable:




User input flow:

0. $_SERVER['REMOTE_ADDR']

Filter:


10-07-2012 Page 31




MEDIUM 9 29

File:


Vulnerability:

9: print ($msg . " ")

Input variable:

$_REQUEST


0. print() 8 E:\Audit\mutillidae1.3\mutillidae\catch.php

User input flow:

0. $_REQUEST1. $v2. $msg

Filter:




MEDIUM 6 50

File:


Vulnerability:


Input variable:


10-07-2012 Page 32

Cross Site Scripting (45)$_SERVER['SCRIPT_NAME']



User input flow:


Filter:




MEDIUM 8 39

File:

E:\Audit\mutillidae1.3\mutillidae\login.php

Vulnerability:


Input variable:



0. echo() 7 E:\Audit\mutillidae1.3\mutillidae\login.php

User input flow:


Filter:




MEDIUM 65 36

10-07-2012 Page 33



Vulnerability:

65: echo ('<blink><h2>You are logged in as ' . $logged_in_user . '</h2>' .$logged_in_usersignature . '</blink>')

Input variable:

$_COOKIE["uid"]


0. echo() 64 E:\Audit\mutillidae1.3\mutillidae\header.php

User input flow:

0. $_COOKIE["uid"]1. $query2. $result3. $row4. $logged_in_usersignature

Filter:




MEDIUM 23 51

File:


Vulnerability:


Input variable:



0. die() 22 E:\Audit\mutillidae1.3\mutillidae\user-info.php

10-07-2012 Page 34

Cross Site Scripting (45)User input flow:


Filter:




MEDIUM 30 58

File:


Vulnerability:

30: echo ("Signature={$row['mysignature']} ")

Input variable:




User input flow:

0. $_REQUEST["view_user_name"]1. $viewusername2. $query3. $result4. $row

Filter:




MEDIUM 5 41


10-07-2012 Page 35



Vulnerability:


Input variable:



0. echo() 4 E:\Audit\mutillidae1.3\mutillidae\register.php

User input flow:


Filter:




MEDIUM 7 47

File:


Vulnerability:


Input variable:




User input flow:



10-07-2012 Page 36

Cross Site Scripting (45)Filter:




MEDIUM 8 38

File:

E:\Audit\mutillidae1.3\mutillidae\login.php

Vulnerability:


Input variable:



0. echo() 7 E:\Audit\mutillidae1.3\mutillidae\login.php

User input flow:


Filter:




MEDIUM 23 52

File:


Vulnerability:



10-07-2012 Page 37




0. die() 22 E:\Audit\mutillidae1.3\mutillidae\user-info.php

User input flow:

0. $_REQUEST["view_user_name"]1. $viewusername2. $query

Filter:




MEDIUM 5 60

File:


Vulnerability:


Input variable:




User input flow:


Filter:


10-07-2012 Page 38

Cross Site Scripting (45)38. Cross Site Scripting through die()


MEDIUM 13 34

File:


Vulnerability:


Input variable:



0. die() 12 E:\Audit\mutillidae1.3\mutillidae\header.php

User input flow:


Filter:




MEDIUM 29 56

File:


Vulnerability:

29: echo ("Password={$row['password']} ")

Input variable:

10-07-2012 Page 39



User input flow:

0. $_REQUEST["view_user_name"]1. $viewusername2. $query3. $result4. $row

Filter:




MEDIUM 65 37

File:


Vulnerability:

65: echo ('<blink><h2>You are logged in as ' . $logged_in_user . '</h2>' .$logged_in_usersignature . '</blink>')

Input variable:

$_COOKIE["uid"]


0. echo() 64 E:\Audit\mutillidae1.3\mutillidae\header.php

User input flow:

0. $_COOKIE["uid"]1. $query2. $result3. $row4. $logged_in_user

Filter:

10-07-2012 Page 40




MEDIUM 25 45

File:


Vulnerability:

25: echo ('' . $phpfilename . ' source code:')

Input variable:

$_REQUEST["php_file_name"]



User input flow:

0. $_REQUEST["php_file_name"]1. $phpfilename

Filter:




MEDIUM 5 19

File:


Vulnerability:


Input variable:

10-07-2012 Page 41



User input flow:


Filter:




MEDIUM 7 43

File:


Vulnerability:

7: echo ("<form method=\"GET\" action=\"" .$_SERVER['SCRIPT_NAME'] . "?" .$_SERVER['QUERY_STRING'] . "\">")

Input variable:




User input flow:


Filter:




MEDIUM 40 62

File:

10-07-2012 Page 42

Cross Site Scripting (45)E:\Audit\mutillidae1.3\mutillidae\view-someones-blog.php

Vulnerability:

40: echo ("{$row['blogger_name']}:({$row['date']}) {$row['comment']}")

Input variable:




User input flow:

0. $_REQUEST["show_only_user"]1. $showonlyuser2. $query3. $result4. $row

Filter:




MEDIUM 28 54

File:


Vulnerability:

28: echo ("Username={$row['username']} ")

Input variable:




User input flow:

0. $_REQUEST["view_user_name"]1. $viewusername


10-07-2012 Page 43

Cross Site Scripting (45)2. $query3. $result4. $row

Filter:



10-07-2012 Page 44

File Manipulation (2)1. File Manipulation through fwrite()


MEDIUM 8 63

File:


Vulnerability:

8: fwrite($handle, $msg)

Input variable:

$_REQUEST


0. fwrite() 7 E:\Audit\mutillidae1.3\mutillidae\catch.php

User input flow:

0. $_REQUEST1. $v2. $msg

Filter:


2. File Manipulation through fwrite()


MEDIUM 8 64

File:


Vulnerability:

8: fwrite($handle, $msg)

Input variable:

$_REQUEST



10-07-2012 Page 45

File Manipulation (2)0. fwrite() 7 E:\Audit\mutillidae1.3\mutillidae\catch.php

User input flow:

0. $_REQUEST1. $k2. $msg

Filter:



10-07-2012 Page 46

Misc. Dangerous Functions (25)1. Misc. Dangerous Functions through Error Handling - mysql_error()


LOW 11 67

File:


Vulnerability:

11: mysql_error

Input variable:

N/A


0. Error Handling - mysql_error()() 10 E:\Audit\mutillidae1.3\mutillidae\closedb.inc

User input flow:

0. N/A1. Error Handling - mysql_error

Filter:


2. Misc. Dangerous Functions through Error Handling - mysql_error()


LOW 59 71

File:


Vulnerability:

59: mysql_error

Input variable:

N/A


0. Error Handling - mysql_error()() 58 E:\Audit\mutillidae1.3\mutillidae\header.php


10-07-2012 Page 47

Misc. Dangerous Functions (25)User input flow:


Filter:




LOW 58 70

File:


Vulnerability:

58: mysql_error

Input variable:

N/A



User input flow:


Filter:




LOW 54 80

File:

E:\Audit\mutillidae1.3\mutillidae\setupreset.php


10-07-2012 Page 48

Misc. Dangerous Functions (25)Vulnerability:

54: mysql_error

Input variable:

N/A


0. Error Handling - mysql_error()() 53 E:\Audit\mutillidae1.3\mutillidae\setupreset.php

User input flow:


Filter:


5. Misc. Dangerous Functions through Information Disclosure - phpinfo()


LOW 20 68

File:


Vulnerability:

20: phpinfo

Input variable:

N/A


0. Information Disclosure - phpinfo()() 19 E:\Audit\mutillidae1.3\mutillidae\dns-lookup.php

User input flow:

0. N/A1. Information Disclosure - phpinfo

Filter:



10-07-2012 Page 49

Misc. Dangerous Functions (25)



LOW 34 78

File:


Vulnerability:

34: mysql_error

Input variable:

N/A



User input flow:


Filter:




LOW 45 79

File:


Vulnerability:

45: mysql_error

Input variable:

N/A



10-07-2012 Page 50

Misc. Dangerous Functions (25)0. Error Handling - mysql_error()() 44 E:\Audit\mutillidae1.3\mutillidae\setupreset.php

User input flow:


Filter:




LOW 8 87

File:


Vulnerability:

8: mysql_error

Input variable:

N/A


0. Error Handling - mysql_error()() 7 E:\Audit\mutillidae1.3\mutillidae\view-someones-blog.php

User input flow:


Filter:




LOW 35 88

File:


10-07-2012 Page 51

Misc. Dangerous Functions (25)E:\Audit\mutillidae1.3\mutillidae\view-someones-blog.php

Vulnerability:

35: mysql_error

Input variable:

N/A


0. Error Handling - mysql_error()() 34 E:\Audit\mutillidae1.3\mutillidae\view-someones-blog.php

User input flow:


Filter:




LOW 25 77

File:


Vulnerability:

25: mysql_error

Input variable:

N/A



User input flow:


Filter:


10-07-2012 Page 52

Misc. Dangerous Functions (25)No mitigating factors, input variable did not passed through PHP input validation functions.



LOW 4 72

File:

E:\Audit\mutillidae1.3\mutillidae\opendb.inc

Vulnerability:

4: mysql_error

Input variable:

N/A


0. Error Handling - mysql_error()() 3 E:\Audit\mutillidae1.3\mutillidae\opendb.inc

User input flow:


Filter:




LOW 33 65

File:


Vulnerability:

33: mysql_error

Input variable:

N/A


10-07-2012 Page 53

Misc. Dangerous Functions (25)Stack (function/line/file):

0. Error Handling - mysql_error()() 32 E:\Audit\mutillidae1.3\mutillidae\add-to-your-blog.php

User input flow:


Filter:




LOW 5 82

File:

E:\Audit\mutillidae1.3\mutillidae\show-log.php

Vulnerability:

5: mysql_error

Input variable:

N/A


0. Error Handling - mysql_error()() 4 E:\Audit\mutillidae1.3\mutillidae\show-log.php

User input flow:


Filter:


14. Misc. Dangerous Functions through Hidden HTML Input - page()


LOW 8 84

10-07-2012 Page 54

Misc. Dangerous Functions (25)File:


Vulnerability:

8: <input type="hidden" name="page" value="' . $_REQUEST["page"] . '">

Input variable:

N/A


0. Hidden HTML Input - page() 7 E:\Audit\mutillidae1.3\mutillidae\source-viewer.php

User input flow:

0. N/A1. Hidden HTML Input - page

Filter:




LOW 34 74

File:


Vulnerability:

34: phpinfo

Input variable:

N/A


0. Information Disclosure - phpinfo()() 33 E:\Audit\mutillidae1.3\mutillidae\register.php

User input flow:


10-07-2012 Page 55

Misc. Dangerous Functions (25)Filter:




LOW 23 85

File:


Vulnerability:

23: mysql_error

Input variable:

N/A


0. Error Handling - mysql_error()() 22 E:\Audit\mutillidae1.3\mutillidae\user-info.php

User input flow:


Filter:




LOW 15 83

File:

E:\Audit\mutillidae1.3\mutillidae\show-log.php

Vulnerability:

15: phpinfo

Input variable:


10-07-2012 Page 56

Misc. Dangerous Functions (25)N/A


0. Information Disclosure - phpinfo()() 14 E:\Audit\mutillidae1.3\mutillidae\show-log.php

User input flow:


Filter:




LOW 14 75

File:


Vulnerability:

14: mysql_error

Input variable:

N/A



User input flow:


Filter:





10-07-2012 Page 57

Misc. Dangerous Functions (25)LOW 67 81

File:


Vulnerability:

67: mysql_error

Input variable:

N/A



User input flow:


Filter:




LOW 13 69

File:


Vulnerability:

13: mysql_error

Input variable:

N/A



User input flow:



10-07-2012 Page 58





LOW 45 89

File:


Vulnerability:

45: phpinfo

Input variable:

N/A


0. Information Disclosure - phpinfo()() 44 E:\Audit\mutillidae1.3\mutillidae\view-someones-blog.php

User input flow:


Filter:




LOW 43 66

File:


Vulnerability:

43: phpinfo

Input variable:


10-07-2012 Page 59

Misc. Dangerous Functions (25)N/A


0. Information Disclosure - phpinfo()() 42 E:\Audit\mutillidae1.3\mutillidae\add-to-your-blog.php

User input flow:


Filter:




LOW 28 73

File:


Vulnerability:

28: mysql_error

Input variable:

N/A


0. Error Handling - mysql_error()() 27 E:\Audit\mutillidae1.3\mutillidae\register.php

User input flow:


Filter:





10-07-2012 Page 60

Misc. Dangerous Functions (25)LOW 37 86

File:


Vulnerability:

37: phpinfo

Input variable:

N/A


0. Information Disclosure - phpinfo()() 36 E:\Audit\mutillidae1.3\mutillidae\user-info.php

User input flow:


Filter:




LOW 16 76

File:


Vulnerability:

16: mysql_error

Input variable:

N/A



User input flow:



10-07-2012 Page 61




10-07-2012 Page 62

Dangerous File Extensions (1)1. Dangerous File Extensions opendb.inc


LOW 1 90

File:

E:\Audit\mutillidae1.3\mutillidae\opendb.inc

Vulnerability:

1: opendb.inc

Input variable:

N/A


0. N/A() 0 E:\Audit\mutillidae1.3\mutillidae\opendb.inc

User input flow:

0. N/A

Filter:


Scan Details · Vulnerabilities: 90 Creation Time: 23:07:31 Scan Details Vulnerabilities By...

Documents

Transcript of Scan Details · Vulnerabilities: 90 Creation Time: 23:07:31 Scan Details Vulnerabilities By...