GoLismero Report

Vulnerabilities by criticality

High
Middle
Critical
Informational
Low
76%
5%
4%
12%
4%

Vulnerabilities by type

Insecure SSL/TLS Algorithm
Uncategorized Vulnerability
Domain Disclosure
SQL Injection
Invalid SSL/TLS Certificate
Invalid CN Field
Weak SSL/TLS Key
Cross-Site Scripting
12%
4%
73%

Vulnerabilities by target

NotTheRealName.org
http://NotTheRealName.org/
6%
94%

Vulnerabilities

ID Target Vulnerability Criticality
025ebecd808c8b3208e6b8f0ec8db098

http://NotTheRealName.org/eB00VjBg.phpx

Uncategorized Vulnerability critical Details
38be635f0e568c724097a15eafe776f1

http://NotTheRealName.org/Login.asp

Uncategorized Vulnerability critical Details
3abe61f1c457efb11e6ccf5253ddbf4d

http://NotTheRealName.org/

Uncategorized Vulnerability critical Details
40f508525f916b68a10a62eefdef7929

http://NotTheRealName.org/

Uncategorized Vulnerability critical Details
675655a1ab0510ccdb103a5f14664684

http://NotTheRealName.org/

Uncategorized Vulnerability critical Details
75e73dd683f0d3a28dd82cd1ee774d54

http://NotTheRealName.org/

Uncategorized Vulnerability critical Details
9b1e072a3497afbe547827716aab9c89

http://NotTheRealName.org/

Uncategorized Vulnerability critical Details
a4e19f5f617746e54308907fcf22037c

http://NotTheRealName.org/robots.txt

Uncategorized Vulnerability critical Details
ae5ff97eda5bc145b3991603eee8d490

http://NotTheRealName.org/

Uncategorized Vulnerability critical Details
bbb3eb7b9e1a51faf2c84987ea9d1f5b

http://NotTheRealName.org/robots.txt

Uncategorized Vulnerability critical Details
252e373aa58a368552d6096c74081e2d

NotTheRealName.org

Domain Disclosure high Details
2e439fb533398364887b3c07391cd7d8

127.0.0.1

Invalid SSL/TLS Certificate high Details
a2f463df3d4ad9ac1587b80f366155b2

NotTheRealName.org

Invalid SSL/TLS Certificate high Details
059cac89da31128fa5dac24fc529df3a

127.0.0.1

Insecure SSL/TLS Algorithm middle Details
e697d3363f32d32260c6fa618cb952f1

NotTheRealName.org

Insecure SSL/TLS Algorithm middle Details
25a2e3849a284cede65529b2d53f5a54

NotTheRealName.org

Invalid CN Field middle Details
96cee1c66f580e1afc2edc6ca544510a

127.0.0.1

Invalid CN Field middle Details
0443b69d07247cc753398f91811fc9a3

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
06524eb31e7e3c9e4d68b076c511b331

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
082e890ffcb008d3754e98fa9e3a09ed

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
09d94944d9c571d3caa62517ae6b67a2

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
1003e2abef3bc3c7fed35cdc9623769f

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
11df24cdd4c9e7231b4dc0f6d7dd4044

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
12b695c87779994f9dc34027d27dfcbe

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
141d3061130f51a6c11f763ac6075cc3

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
16cb8a14c90c204b91b80fce836e430c

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
1828c11dacd1213d762e38c60eb801a0

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
1d9898ba1f35a8af324e1cea76928fbe

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
1e14f60647a012a9b6ff254abd4dbd08

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
28f6e288a7bdd43b17816d482e99d6c9

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
2f9ef119276fa87bfa1e31c2f033c831

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
30717ad67b602458ac44ddc2352f81e2

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
3106727eea56fa16b3172ee14cf8c3b0

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
3b8a4d6ca20703f96064fb5d443598a1

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
3bbaa15fa8e235a36bc79066eada490c

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
3ca58e5eb19386758713580a4637d107

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
402c84034c798af7f19c0fac955b195e

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
41da1f59964e9dbae3d37e4fa3118317

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
42dc540a22632c8e0f7b8017a5de6028

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
445074db11f5e97b620c4c14596e9ddf

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
4b1d863775776f2634687a30caafb0d8

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
4d69d10b23f30d0f0ab57376bd1b98d4

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
4f737143884dadb674fc813a948df97c

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
5aac51d0c95c996aa94d56299c9c662b

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
5be556a880204c731aa3e490840e9347

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
5c9c56ed578cd80083c6de64d795a8d7

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
60dcff83322c2f319e722473a6339715

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
6571fe453c929f3694a7f6ba0c59dc8e

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
679a31108b4de16229df3e48b37461b9

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
6b6bea8c0f2c0018b04a0c8c084070f0

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
6d214936b9d891f8682067c9a8cdc561

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
6f6e5972b3d43fb78178398c71e4f79b

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
76b9607f6db61780ef0aa7a22ed5af4e

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
78f041bd26039b60d4a0471b0b955d08

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
7f11dc5a011c600cea9bbc68f34abcc1

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
878d92e9e5fc529ca34e0687c93aae23

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
87cc8c2bb4e1a23197a72b04cf6093fe

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
88838f8d34a72dd4a4aeedea119ca6dc

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
9511f5e65cf6d40468c76923a2b1dae7

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
97bc727c7f868f1816bf44ef2dbf184c

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
9c0cfc847ef7038098a72817c4aa7c6b

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
ad523e1531c4c45d03a4c935d5c8a426

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
b28b17590a048c6cc2f583509fbcf480

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
b370f27e26e935056f74e1c8f14e3c98

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
b6e1f0ed796e1d0f59c6c5a823d00ea5

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
ca410626258f9d5690572ec645b07c04

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
d248447574c2497114b946acedf55864

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
d44ff1209161b40c287e8f9439ca812f

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
d6001e0af82858614aebe71a3c3c81d7

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
dd3f75af5ea3e6fcfe211a6482e1289e

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
e09ecdd049ad19124e8b59d05c615d87

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
e53c44d221ea3c478488808bf4fff0f9

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
e66c9a5bd003b6f70a3a49b2362d4622

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
e9887119420ba091de629686b89a65fa

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
ecf7c0d462b7cc5f88ff771c612cfade

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
edaff2c6ff9ca823d56aafcfc3d40ce3

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low Details
f6716ce1d8f1abe624f795a6071f4e5d

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low Details
041ffd64d65e24a31175950125b86835

127.0.0.1

Weak SSL/TLS Key low Details
f9ac6db137d764ddd058f8317f1018e4

NotTheRealName.org

Weak SSL/TLS Key low Details
0867247fa07f9a4a1a2021eeea73fd56

http://NotTheRealName.org/showforum.php?id=0

SQL Injection informational Details
803f0b34790229b72585e3119b3e67f9

http://NotTheRealName.org/showforum.php?id=2

SQL Injection informational Details
a48247471a8bdbfbf1fdfa8c862dc232

http://NotTheRealName.org/showforum.php?id=1

SQL Injection informational Details
Total: 82

Technical report

Hide all
ID Target Vulnerability Criticality
0443b69d07247cc753398f91811fc9a3

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
06524eb31e7e3c9e4d68b076c511b331

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
082e890ffcb008d3754e98fa9e3a09ed

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
09d94944d9c571d3caa62517ae6b67a2

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
1003e2abef3bc3c7fed35cdc9623769f

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
11df24cdd4c9e7231b4dc0f6d7dd4044

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
12b695c87779994f9dc34027d27dfcbe

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: Not Info
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
141d3061130f51a6c11f763ac6075cc3

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
16cb8a14c90c204b91b80fce836e430c

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: Not Info
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
1828c11dacd1213d762e38c60eb801a0

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: Not Info
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
1d9898ba1f35a8af324e1cea76928fbe

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
1e14f60647a012a9b6ff254abd4dbd08

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE6.0|NS8.1-IE]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
28f6e288a7bdd43b17816d482e99d6c9

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
2f9ef119276fa87bfa1e31c2f033c831

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
30717ad67b602458ac44ddc2352f81e2

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
3106727eea56fa16b3172ee14cf8c3b0

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
3b8a4d6ca20703f96064fb5d443598a1

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
3bbaa15fa8e235a36bc79066eada490c

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
3ca58e5eb19386758713580a4637d107

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
402c84034c798af7f19c0fac955b195e

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
41da1f59964e9dbae3d37e4fa3118317

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
42dc540a22632c8e0f7b8017a5de6028

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
445074db11f5e97b620c4c14596e9ddf

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE6.0|NS8.1-IE]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
4b1d863775776f2634687a30caafb0d8

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [Not Info]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
4d69d10b23f30d0f0ab57376bd1b98d4

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
4f737143884dadb674fc813a948df97c

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE6.0|NS8.1-IE]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
5aac51d0c95c996aa94d56299c9c662b

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
5be556a880204c731aa3e490840e9347

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
5c9c56ed578cd80083c6de64d795a8d7

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
60dcff83322c2f319e722473a6339715

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE6.0|NS8.1-IE]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
6571fe453c929f3694a7f6ba0c59dc8e

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
679a31108b4de16229df3e48b37461b9

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [Not Info]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
6b6bea8c0f2c0018b04a0c8c084070f0

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
6d214936b9d891f8682067c9a8cdc561

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
6f6e5972b3d43fb78178398c71e4f79b

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
76b9607f6db61780ef0aa7a22ed5af4e

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
78f041bd26039b60d4a0471b0b955d08

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
7f11dc5a011c600cea9bbc68f34abcc1

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
878d92e9e5fc529ca34e0687c93aae23

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
87cc8c2bb4e1a23197a72b04cf6093fe

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
88838f8d34a72dd4a4aeedea119ca6dc

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [Not Info]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
9511f5e65cf6d40468c76923a2b1dae7

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
97bc727c7f868f1816bf44ef2dbf184c

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
9c0cfc847ef7038098a72817c4aa7c6b

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE6.0|NS8.1-IE]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
ad523e1531c4c45d03a4c935d5c8a426

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: Not Info
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
b28b17590a048c6cc2f583509fbcf480

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
b370f27e26e935056f74e1c8f14e3c98

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
b6e1f0ed796e1d0f59c6c5a823d00ea5

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE6.0|NS8.1-IE]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
ca410626258f9d5690572ec645b07c04

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
d248447574c2497114b946acedf55864

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
d44ff1209161b40c287e8f9439ca812f

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
d6001e0af82858614aebe71a3c3c81d7

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
dd3f75af5ea3e6fcfe211a6482e1289e

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
e09ecdd049ad19124e8b59d05c615d87

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
e53c44d221ea3c478488808bf4fff0f9

http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE6.0|NS8.1-IE]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
e66c9a5bd003b6f70a3a49b2362d4622

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
e9887119420ba091de629686b89a65fa

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE6.0|NS8.1-IE]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
ecf7c0d462b7cc5f88ff771c612cfade

http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/register.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [Not Info]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
edaff2c6ff9ca823d56aafcfc3d40ce3

http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FDefault.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
f6716ce1d8f1abe624f795a6071f4e5d

http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F

Cross-Site Scripting low

Cross-Site Scripting

Target:http://NotTheRealName.org/Login.asp?page=%2FLogin.asp%3F
Vulnerability:Cross-Site Scripting (injection/xss)
Criticality:low
Plugin ID:testing/attack/xsser
Plugin name:XSSer
Impact:0
Severity:0
Risk:0
Description: Cross-site scripting vulnerabilities, also known as XSS, allow an attacker to inject arbitrary HTML content into a web page. Typically an attacker would inject JavaScript code in order to control the web application on behalf of the user, or redirect the user to a malicious site. Browsers: [IE7.0|IE6.0|NS8.1-IE] [NS8.1-G|FF2.0] [O9.02]
Solution: There are several libraries and methods of filtering user input to prevent XSS vulnerabilities. Use whichever is provided for your current programming language and platform or, if none is available or feasible, try using third party products. As a last resort, try developing your own XSS filter using the guidelines provided by OWASP.
252e373aa58a368552d6096c74081e2d

NotTheRealName.org

Domain Disclosure high

Possible subdomain leak

Target:NotTheRealName.org
Vulnerability:Domain Disclosure (information_disclosure/domain_disclosure)
Criticality:high
Plugin ID:testing/scan/brute_dns
Plugin name:DNS Bruteforcer
Impact:0
Severity:0
Risk:0
Description: A subdomain was discovered which may be an unwanted information disclosure.
Solution: Please visit the reference website for more information on how to patch this vulnerability.
059cac89da31128fa5dac24fc529df3a

127.0.0.1

Insecure SSL/TLS Algorithm middle

Insecure SSL/TLS Algorithm

Target:127.0.0.1
Vulnerability:Insecure SSL/TLS Algorithm (ssl/insecure_algorithm)
Criticality:middle
Plugin ID:testing/scan/sslscan
Plugin name:SSLScan
Impact:0
Severity:0
Risk:0
Description: An SSL/TLS certificate was found to be using an insecure algorithm. This may allow a strategically located attacker to snoop on network traffic, or perform a Man-In-The-Middle attack against unsuspecting users connecting to this host.
Solution: Create a new certificate using only secure algorithms.
e697d3363f32d32260c6fa618cb952f1

NotTheRealName.org

Insecure SSL/TLS Algorithm middle

Insecure SSL/TLS Algorithm

Target:NotTheRealName.org
Vulnerability:Insecure SSL/TLS Algorithm (ssl/insecure_algorithm)
Criticality:middle
Plugin ID:testing/scan/sslscan
Plugin name:SSLScan
Impact:0
Severity:0
Risk:0
Description: An SSL/TLS certificate was found to be using an insecure algorithm. This may allow a strategically located attacker to snoop on network traffic, or perform a Man-In-The-Middle attack against unsuspecting users connecting to this host.
Solution: Create a new certificate using only secure algorithms.
25a2e3849a284cede65529b2d53f5a54

NotTheRealName.org

Invalid CN Field middle

Invalid CN Field

Target:NotTheRealName.org
Vulnerability:Invalid CN Field (ssl/invalid_common_name)
Criticality:middle
Plugin ID:testing/scan/sslscan
Plugin name:SSLScan
Impact:0
Severity:0
Risk:0
Description: An invalid CN field was found in a SSL/TLS certificate. This may allow a strategically located attacker to snoop on network traffic, or perform a Man-In-The-Middle attack against unsuspecting users connecting to this host.
Solution: Create a new certificate with the correct CN field.
96cee1c66f580e1afc2edc6ca544510a

127.0.0.1

Invalid CN Field middle

Invalid CN Field

Target:127.0.0.1
Vulnerability:Invalid CN Field (ssl/invalid_common_name)
Criticality:middle
Plugin ID:testing/scan/sslscan
Plugin name:SSLScan
Impact:0
Severity:0
Risk:0
Description: An invalid CN field was found in a SSL/TLS certificate. This may allow a strategically located attacker to snoop on network traffic, or perform a Man-In-The-Middle attack against unsuspecting users connecting to this host.
Solution: Create a new certificate with the correct CN field.
2e439fb533398364887b3c07391cd7d8

127.0.0.1

Invalid SSL/TLS Certificate high

Invalid SSL/TLS Certificate

Target:127.0.0.1
Vulnerability:Invalid SSL/TLS Certificate (ssl/invalid_certificate)
Criticality:high
Plugin ID:testing/scan/sslscan
Plugin name:SSLScan
Impact:0
Severity:0
Risk:0
Description: An invalid SSL/TLS certificate was found. This may allow a strategically located attacker to snoop on network traffic, or perform a Man-In-The-Middle attack against unsuspecting users connecting to this host.
Solution: Create a new certificate.
a2f463df3d4ad9ac1587b80f366155b2

NotTheRealName.org

Invalid SSL/TLS Certificate high

Invalid SSL/TLS Certificate

Target:NotTheRealName.org
Vulnerability:Invalid SSL/TLS Certificate (ssl/invalid_certificate)
Criticality:high
Plugin ID:testing/scan/sslscan
Plugin name:SSLScan
Impact:0
Severity:0
Risk:0
Description: An invalid SSL/TLS certificate was found. This may allow a strategically located attacker to snoop on network traffic, or perform a Man-In-The-Middle attack against unsuspecting users connecting to this host.
Solution: Create a new certificate.
0867247fa07f9a4a1a2021eeea73fd56

http://NotTheRealName.org/showforum.php?id=0

SQL Injection informational

SQL Injection Vulnerability - AND boolean-based blind - WHERE or HAVING clause

Target:http://NotTheRealName.org/showforum.php?id=0
Vulnerability:SQL Injection (injection/sql)
Criticality:informational
Plugin ID:testing/attack/sqlmap
Plugin name:SQLMap
Impact:0
Severity:0
Risk:0
Description: SQL injection vulnerabilities allow an attacker to manipulate a SQL query made by the vulnerable web application. Depending on a variety of factors, risks may range from data corruption to complete compromise of the entire database, and even the server itself.
Solution: The correct way to perform SQL queries is by using prepared statements. That way, the data and the code are transmitted in separate channels, with no possibility for injection. If using prepared statements is not possible, consider filtering special characters from the user input - however, this method cannot guarantee 100% effectiveness, and is heavily dependant on the specific configuration of the database being used.
803f0b34790229b72585e3119b3e67f9

http://NotTheRealName.org/showforum.php?id=2

SQL Injection informational

SQL Injection Vulnerability - AND boolean-based blind - WHERE or HAVING clause

Target:http://NotTheRealName.org/showforum.php?id=2
Vulnerability:SQL Injection (injection/sql)
Criticality:informational
Plugin ID:testing/attack/sqlmap
Plugin name:SQLMap
Impact:0
Severity:0
Risk:0
Description: SQL injection vulnerabilities allow an attacker to manipulate a SQL query made by the vulnerable web application. Depending on a variety of factors, risks may range from data corruption to complete compromise of the entire database, and even the server itself.
Solution: The correct way to perform SQL queries is by using prepared statements. That way, the data and the code are transmitted in separate channels, with no possibility for injection. If using prepared statements is not possible, consider filtering special characters from the user input - however, this method cannot guarantee 100% effectiveness, and is heavily dependant on the specific configuration of the database being used.
a48247471a8bdbfbf1fdfa8c862dc232

http://NotTheRealName.org/showforum.php?id=1

SQL Injection informational

SQL Injection Vulnerability - AND boolean-based blind - WHERE or HAVING clause

Target:http://NotTheRealName.org/showforum.php?id=1
Vulnerability:SQL Injection (injection/sql)
Criticality:informational
Plugin ID:testing/attack/sqlmap
Plugin name:SQLMap
Impact:0
Severity:0
Risk:0
Description: SQL injection vulnerabilities allow an attacker to manipulate a SQL query made by the vulnerable web application. Depending on a variety of factors, risks may range from data corruption to complete compromise of the entire database, and even the server itself.
Solution: The correct way to perform SQL queries is by using prepared statements. That way, the data and the code are transmitted in separate channels, with no possibility for injection. If using prepared statements is not possible, consider filtering special characters from the user input - however, this method cannot guarantee 100% effectiveness, and is heavily dependant on the specific configuration of the database being used.
025ebecd808c8b3208e6b8f0ec8db098

http://NotTheRealName.org/eB00VjBg.phpx

Uncategorized Vulnerability critical

User attention required by: Nikto CSV NotTheRealNameEer

Target:http://NotTheRealName.org/eB00VjBg.phpx
Vulnerability:Uncategorized Vulnerability (generic)
Criticality:critical
Plugin ID:NotTheRealNameE/csv_nikto
Plugin name:Nikto CSV NotTheRealNameEer
Impact:0
Severity:0
Risk:0
Description: Retrieved x-aspnet-version header: 2.0.50727
Solution: No additional details are available.
38be635f0e568c724097a15eafe776f1

http://NotTheRealName.org/Login.asp

Uncategorized Vulnerability critical

User attention required by: Nikto CSV NotTheRealNameEer

Target:http://NotTheRealName.org/Login.asp
Vulnerability:Uncategorized Vulnerability (generic)
Criticality:critical
Plugin ID:NotTheRealNameE/csv_nikto
Plugin name:Nikto CSV NotTheRealNameEer
Impact:0
Severity:0
Risk:0
Description: Admin login page/section found.
Solution: No additional details are available.
3abe61f1c457efb11e6ccf5253ddbf4d

http://NotTheRealName.org/

Uncategorized Vulnerability critical

User attention required by: Nikto CSV NotTheRealNameEer

Target:http://NotTheRealName.org/
Vulnerability:Uncategorized Vulnerability (generic)
Criticality:critical
Plugin ID:NotTheRealNameE/csv_nikto
Plugin name:Nikto CSV NotTheRealNameEer
Impact:0
Severity:0
Risk:0
Description: Retrieved x-powered-by header: ASP.NET
Solution: No additional details are available.
40f508525f916b68a10a62eefdef7929

http://NotTheRealName.org/

Uncategorized Vulnerability critical

User attention required by: Nikto CSV NotTheRealNameEer

Target:http://NotTheRealName.org/
Vulnerability:Uncategorized Vulnerability (generic)
Criticality:critical
Plugin ID:NotTheRealNameE/csv_nikto
Plugin name:Nikto CSV NotTheRealNameEer
Impact:0
Severity:0
Risk:0
Description: File/dir '/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
Solution: No additional details are available.
675655a1ab0510ccdb103a5f14664684

http://NotTheRealName.org/

Uncategorized Vulnerability critical

User attention required by: Nikto CSV NotTheRealNameEer

Target:http://NotTheRealName.org/
Vulnerability:Uncategorized Vulnerability (generic)
Criticality:critical
Plugin ID:NotTheRealNameE/csv_nikto
Plugin name:Nikto CSV NotTheRealNameEer
Impact:0
Severity:0
Risk:0
Description: Public HTTP Methods: OPTIONS, TRACE, GET, HEAD, POST
Solution: No additional details are available.
75e73dd683f0d3a28dd82cd1ee774d54

http://NotTheRealName.org/

Uncategorized Vulnerability critical

User attention required by: Nikto CSV NotTheRealNameEer

Target:http://NotTheRealName.org/
Vulnerability:Uncategorized Vulnerability (generic)
Criticality:critical
Plugin ID:NotTheRealNameE/csv_nikto
Plugin name:Nikto CSV NotTheRealNameEer
Impact:0
Severity:0
Risk:0
Description: The anti-clickjacking X-Frame-Options header is not present.
Solution: No additional details are available.
9b1e072a3497afbe547827716aab9c89

http://NotTheRealName.org/

Uncategorized Vulnerability critical

User attention required by: Nikto CSV NotTheRealNameEer

Target:http://NotTheRealName.org/
Vulnerability:Uncategorized Vulnerability (generic)
Criticality:critical
Plugin ID:NotTheRealNameE/csv_nikto
Plugin name:Nikto CSV NotTheRealNameEer
Impact:0
Severity:0
Risk:0
Description: Allowed HTTP Methods: OPTIONS, TRACE, GET, HEAD, POST
Solution: No additional details are available.
a4e19f5f617746e54308907fcf22037c

http://NotTheRealName.org/robots.txt

Uncategorized Vulnerability critical

User attention required by: Nikto CSV NotTheRealNameEer

Target:http://NotTheRealName.org/robots.txt
Vulnerability:Uncategorized Vulnerability (generic)
Criticality:critical
Plugin ID:NotTheRealNameE/csv_nikto
Plugin name:Nikto CSV NotTheRealNameEer
Impact:0
Severity:0
Risk:0
Description: Server leaks inodes via ETags, header found with file /robots.txt, fields: 0xec789ea5f9d6ca1:295
Solution: No additional details are available.
ae5ff97eda5bc145b3991603eee8d490

http://NotTheRealName.org/

Uncategorized Vulnerability critical

User attention required by: Nikto CSV NotTheRealNameEer

Target:http://NotTheRealName.org/
Vulnerability:Uncategorized Vulnerability (generic)
Criticality:critical
Plugin ID:NotTheRealNameE/csv_nikto
Plugin name:Nikto CSV NotTheRealNameEer
Impact:0
Severity:0
Risk:0
Description: Cookie ASPSESSIONIDSCDCDAQT created without the httponly flag
Solution: No additional details are available.
bbb3eb7b9e1a51faf2c84987ea9d1f5b

http://NotTheRealName.org/robots.txt

Uncategorized Vulnerability critical

User attention required by: Nikto CSV NotTheRealNameEer

Target:http://NotTheRealName.org/robots.txt
Vulnerability:Uncategorized Vulnerability (generic)
Criticality:critical
Plugin ID:NotTheRealNameE/csv_nikto
Plugin name:Nikto CSV NotTheRealNameEer
Impact:0
Severity:0
Risk:0
Description: \robots.txt\" contains 1 entry which should be manually viewed."
Solution: No additional details are available.
041ffd64d65e24a31175950125b86835

127.0.0.1

Weak SSL/TLS Key low

Weak SSL/TLS Key

Target:127.0.0.1
Vulnerability:Weak SSL/TLS Key (ssl/weak_key)
Criticality:low
Plugin ID:testing/scan/sslscan
Plugin name:SSLScan
Impact:0
Severity:0
Risk:0
Description: An SSL/TLS certificate with a weak cryptographic key was found. This may allow a strategically located attacker to snoop on network traffic, or perform a Man-In-The-Middle attack against unsuspecting users connecting to this host.
Solution: Create a new certificate with stronger cryptographic keys.
f9ac6db137d764ddd058f8317f1018e4

NotTheRealName.org

Weak SSL/TLS Key low

Weak SSL/TLS Key

Target:NotTheRealName.org
Vulnerability:Weak SSL/TLS Key (ssl/weak_key)
Criticality:low
Plugin ID:testing/scan/sslscan
Plugin name:SSLScan
Impact:0
Severity:0
Risk:0
Description: An SSL/TLS certificate with a weak cryptographic key was found. This may allow a strategically located attacker to snoop on network traffic, or perform a Man-In-The-Middle attack against unsuspecting users connecting to this host.
Solution: Create a new certificate with stronger cryptographic keys.