July 16, 2021

Is this Nikto scan working correctly?

This nikto scan only gives back a small response and I was expecting much more detail and vulnerabilities as the website has no CSRF token or CSP.

– Nikto v2.1.6/2.1.5

+ Target Host: localhost

+ Target Port: 8080

+ GET Uncommon header ‘content-disposition’ found, with contents: inline;filename=f.txt

+ OPTIONS Allowed HTTP Methods: GET, HEAD, POST, PUT, DELETE, OPTIONS

+ OSVDB-397: GET HTTP method (‘Allow’ Header): ‘PUT’ method could allow clients to save files on the web server.

+ OSVDB-5646: GET HTTP method (‘Allow’ Header): ‘DELETE’ may allow clients to remove files on the web server.

+ OSVDB-3092: GET /login/: This might be interesting.

Thanks.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.