Scanned by WebSecurify iOS Edition

Audit the scan to identify true positives and false positive


SQL Injection

SQL Injection (SQLI) is a code injection technique that exploits a security vulnerability occurring in the database layer of a web application. The vulnerability was present when user input was either incorrectly filtered for string literal escape characters embedded in SQL statements or user input was not strongly typed and thereby unexpectedly executed.

solution: Sanitize all user-supplied data before using it as part of database queries.

database: ORACLE

request:

GET http://cybersecology.com/scannertest/SQLi.php?search='%60%2203MDr HTTP/1.1


Cross-site Request Forgery

Cross-site Request Forgery (CSRF) is a type of attack whereby unauthorized commands are transmitted from a user that the application trusts. Unlike Cross-site Scripting (XSS), which exploits the trust a user has for a particular site, CSRF exploits the trust that a site has in a user's browser.

solution: Url and Forms that perform important operations must be protected by random tokens (hidden nonce values). These tokens must be checked for validity at the server before the request is processed.

url: http://cybersecology.com/scannertest/SQLi.htm

form: <form method="GET" action="http://cybersecology.com/scannertest/SQLi.php" enctype="application/x-www-form-urlencoded" autocomplete="on"> ... </form>


Path Disclosure

Various system paths were disclosed within the application client source code or other files. This information could be used by attackers to make an educated guess about the application environment and any inherited weaknesses that may come with it.

solution: It is recommended to re-examine the system path disclosures and remove their reference from the application's source code.

path: /home/content ...

request:

GET http://cybersecology.com/scannertest/SQLi.php?search='%60%2203MDr HTTP/1.1


User Disclosure

Various usernames were disclosed within the application client source code or other files. This information could be used by attackers to attack the login mechanism on the application and supporting infrastructure.

solution: It is recommended to re-examine the username disclosures and remove their reference from the application's source code.

user: home/content ...

request:

GET http://cybersecology.com/scannertest/SQLi.php?search='%60%2203MDr HTTP/1.1


Banner Disclosure

The server or application disclosed its type and version. This information could be used by attackers to make an educated guess about the application environment and any inherited weaknesses that may come with it.

solution: It is recommended to prevent the application from disclosing its type and version.

banner: Server: Apache

request:

GET http://cybersecology.com/scannertest/SQLi.htm HTTP/1.1