/ http://testphp.vulnweb.com/ http://testphp.vulnweb.com/ search.php /search.php http://testphp.vulnweb.com/search.php http://testphp.vulnweb.com/search.php?test=query http://testphp.vulnweb.com/search.php?test=query hpp /hpp/ http://testphp.vulnweb.com/hpp/ http://testphp.vulnweb.com/hpp/?pp=12 params.php /hpp/params.php http://testphp.vulnweb.com/hpp/params.php http://testphp.vulnweb.com/hpp/params.php?aaaa/=1 http://testphp.vulnweb.com/hpp/params.php?p=valid&pp=12 index.php /hpp/index.php http://testphp.vulnweb.com/hpp/index.php http://testphp.vulnweb.com/hpp/index.php?pp=12 test.php /hpp/test.php http://testphp.vulnweb.com/hpp/test.php cart.php /cart.php http://testphp.vulnweb.com/cart.php http://testphp.vulnweb.com/cart.php http://testphp.vulnweb.com/cart.php http://testphp.vulnweb.com/cart.php index.php /index.php http://testphp.vulnweb.com/index.php login.php /login.php http://testphp.vulnweb.com/login.php style.css /style.css http://testphp.vulnweb.com/style.css artists.php /artists.php http://testphp.vulnweb.com/artists.php http://testphp.vulnweb.com/artists.php?artist=1 http://testphp.vulnweb.com/artists.php?artist=2 http://testphp.vulnweb.com/artists.php?artist=3 privacy.php /privacy.php http://testphp.vulnweb.com/privacy.php userinfo.php /userinfo.php http://testphp.vulnweb.com/userinfo.php http://testphp.vulnweb.com/userinfo.php guestbook.php /guestbook.php http://testphp.vulnweb.com/guestbook.php http://testphp.vulnweb.com/guestbook.php categories.php /categories.php http://testphp.vulnweb.com/categories.php Flash /Flash/ http://testphp.vulnweb.com/Flash/ add.swf /Flash/add.swf http://testphp.vulnweb.com/Flash/add.swf add.fla /Flash/add.fla http://testphp.vulnweb.com/Flash/add.fla AJAX /AJAX/ http://testphp.vulnweb.com/AJAX/ index.php /AJAX/index.php http://testphp.vulnweb.com/AJAX/index.php infotitle.php /AJAX/infotitle.php http://testphp.vulnweb.com/AJAX/infotitle.php http://testphp.vulnweb.com/AJAX/infotitle.php http://testphp.vulnweb.com/AJAX/infotitle.php http://testphp.vulnweb.com/AJAX/infotitle.php artists.php /AJAX/artists.php http://testphp.vulnweb.com/AJAX/artists.php infoartist.php /AJAX/infoartist.php http://testphp.vulnweb.com/AJAX/infoartist.php http://testphp.vulnweb.com/AJAX/infoartist.php?id=1 http://testphp.vulnweb.com/AJAX/infoartist.php?id=2 http://testphp.vulnweb.com/AJAX/infoartist.php?id=3 titles.php /AJAX/titles.php http://testphp.vulnweb.com/AJAX/titles.php showxml.php /AJAX/showxml.php http://testphp.vulnweb.com/AJAX/showxml.php http://testphp.vulnweb.com/AJAX/showxml.php styles.css /AJAX/styles.css http://testphp.vulnweb.com/AJAX/styles.css infocateg.php /AJAX/infocateg.php http://testphp.vulnweb.com/AJAX/infocateg.php http://testphp.vulnweb.com/AJAX/infocateg.php?id=1 http://testphp.vulnweb.com/AJAX/infocateg.php?id=2 http://testphp.vulnweb.com/AJAX/infocateg.php?id=3 categories.php /AJAX/categories.php http://testphp.vulnweb.com/AJAX/categories.php htaccess.conf /AJAX/htaccess.conf http://testphp.vulnweb.com/AJAX/htaccess.conf disclaimer.php /disclaimer.php http://testphp.vulnweb.com/disclaimer.php images /images/ http://testphp.vulnweb.com/images/ Mod_Rewrite_Shop /Mod_Rewrite_Shop/ http://testphp.vulnweb.com/Mod_Rewrite_Shop/ images /Mod_Rewrite_Shop/images/ http://testphp.vulnweb.com/Mod_Rewrite_Shop/images/ index.php /Mod_Rewrite_Shop/index.php http://testphp.vulnweb.com/Mod_Rewrite_Shop/index.php rate.php /Mod_Rewrite_Shop/rate.php http://testphp.vulnweb.com/Mod_Rewrite_Shop/rate.php details.php /Mod_Rewrite_Shop/details.php http://testphp.vulnweb.com/Mod_Rewrite_Shop/details.php buy.php /Mod_Rewrite_Shop/buy.php http://testphp.vulnweb.com/Mod_Rewrite_Shop/buy.php .htaccess /Mod_Rewrite_Shop/.htaccess http://testphp.vulnweb.com/Mod_Rewrite_Shop/.htaccess Details /Mod_Rewrite_Shop/Details http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details color-printer /Mod_Rewrite_Shop/Details/color-printer http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/color-printer 3 /Mod_Rewrite_Shop/Details/color-printer/3/ http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/color-printer/3/ web-camera-a4tech /Mod_Rewrite_Shop/Details/web-camera-a4tech http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/web-camera-a4tech 2 /Mod_Rewrite_Shop/Details/web-camera-a4tech/2/ http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/web-camera-a4tech/2/ network-attached-storage-dlink /Mod_Rewrite_Shop/Details/network-attached-storage-dlink http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/network-attached-storage-dlink 1 /Mod_Rewrite_Shop/Details/network-attached-storage-dlink/1/ http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/network-attached-storage-dlink/1/ secured /secured/ http://testphp.vulnweb.com/secured/ newuser.php /secured/newuser.php http://testphp.vulnweb.com/secured/newuser.php http://testphp.vulnweb.com/secured/newuser.php index.php /secured/index.php http://testphp.vulnweb.com/secured/index.php office.htm /secured/office.htm http://testphp.vulnweb.com/secured/office.htm style.css /secured/style.css http://testphp.vulnweb.com/secured/style.css phpinfo.php /secured/phpinfo.php http://testphp.vulnweb.com/secured/phpinfo.php http://testphp.vulnweb.com/secured/phpinfo.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 http://testphp.vulnweb.com/secured/phpinfo.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42 http://testphp.vulnweb.com/secured/phpinfo.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42 database_connect.php /secured/database_connect.php http://testphp.vulnweb.com/secured/database_connect.php office_files /secured/office_files http://testphp.vulnweb.com/secured/office_files filelist.xml /secured/office_files/filelist.xml http://testphp.vulnweb.com/secured/office_files/filelist.xml sendcommand.php /sendcommand.php http://testphp.vulnweb.com/sendcommand.php .idea /.idea/ http://testphp.vulnweb.com/.idea/ misc.xml /.idea/misc.xml http://testphp.vulnweb.com/.idea/misc.xml vcs.xml /.idea/vcs.xml http://testphp.vulnweb.com/.idea/vcs.xml workspace.xml /.idea/workspace.xml http://testphp.vulnweb.com/.idea/workspace.xml .name /.idea/.name http://testphp.vulnweb.com/.idea/.name scopes /.idea/scopes/ http://testphp.vulnweb.com/.idea/scopes/ scope_settings.xml /.idea/scopes/scope_settings.xml http://testphp.vulnweb.com/.idea/scopes/scope_settings.xml acuart.iml /.idea/acuart.iml http://testphp.vulnweb.com/.idea/acuart.iml modules.xml /.idea/modules.xml http://testphp.vulnweb.com/.idea/modules.xml encodings.xml /.idea/encodings.xml http://testphp.vulnweb.com/.idea/encodings.xml CVS /CVS/ http://testphp.vulnweb.com/CVS/ Entries.Log /CVS/Entries.Log http://testphp.vulnweb.com/CVS/Entries.Log Repository /CVS/Repository http://testphp.vulnweb.com/CVS/Repository Root /CVS/Root http://testphp.vulnweb.com/CVS/Root Entries /CVS/Entries http://testphp.vulnweb.com/CVS/Entries redir.php /redir.php http://testphp.vulnweb.com/redir.php http://testphp.vulnweb.com/redir.php?r=http://www.eclectasy.com/Fractal-Explorer/index.html _mmServerScripts /_mmServerScripts/ http://testphp.vulnweb.com/_mmServerScripts/ MMHTTPDB.php /_mmServerScripts/MMHTTPDB.php http://testphp.vulnweb.com/_mmServerScripts/MMHTTPDB.php mysql.php /_mmServerScripts/mysql.php http://testphp.vulnweb.com/_mmServerScripts/mysql.php comment.php /comment.php http://testphp.vulnweb.com/comment.php http://testphp.vulnweb.com/comment.php http://testphp.vulnweb.com/comment.php?aid=1 http://testphp.vulnweb.com/comment.php?aid=2 http://testphp.vulnweb.com/comment.php?aid=3 http://testphp.vulnweb.com/comment.php?pid=1 http://testphp.vulnweb.com/comment.php?pid=2 http://testphp.vulnweb.com/comment.php?pid=3 wvstests /wvstests/ http://testphp.vulnweb.com/wvstests/ pmwiki_2_1_19 /wvstests/pmwiki_2_1_19/ http://testphp.vulnweb.com/wvstests/pmwiki_2_1_19/ scripts /wvstests/pmwiki_2_1_19/scripts/ http://testphp.vulnweb.com/wvstests/pmwiki_2_1_19/scripts/ version.php /wvstests/pmwiki_2_1_19/scripts/version.php http://testphp.vulnweb.com/wvstests/pmwiki_2_1_19/scripts/version.php pictures /pictures/ http://testphp.vulnweb.com/pictures/ 6.jpg.tn /pictures/6.jpg.tn http://testphp.vulnweb.com/pictures/6.jpg.tn 3.jpg.tn /pictures/3.jpg.tn http://testphp.vulnweb.com/pictures/3.jpg.tn WS_FTP.LOG /pictures/WS_FTP.LOG http://testphp.vulnweb.com/pictures/WS_FTP.LOG wp-config.bak /pictures/wp-config.bak http://testphp.vulnweb.com/pictures/wp-config.bak ipaddresses.txt /pictures/ipaddresses.txt http://testphp.vulnweb.com/pictures/ipaddresses.txt path-disclosure-win.html /pictures/path-disclosure-win.html http://testphp.vulnweb.com/pictures/path-disclosure-win.html 2.jpg.tn /pictures/2.jpg.tn http://testphp.vulnweb.com/pictures/2.jpg.tn 5.jpg.tn /pictures/5.jpg.tn http://testphp.vulnweb.com/pictures/5.jpg.tn credentials.txt /pictures/credentials.txt http://testphp.vulnweb.com/pictures/credentials.txt 4.jpg.tn /pictures/4.jpg.tn http://testphp.vulnweb.com/pictures/4.jpg.tn 7.jpg.tn /pictures/7.jpg.tn http://testphp.vulnweb.com/pictures/7.jpg.tn path-disclosure-unix.html /pictures/path-disclosure-unix.html http://testphp.vulnweb.com/pictures/path-disclosure-unix.html 1.jpg.tn /pictures/1.jpg.tn http://testphp.vulnweb.com/pictures/1.jpg.tn 8.jpg.tn /pictures/8.jpg.tn http://testphp.vulnweb.com/pictures/8.jpg.tn logout.php /logout.php http://testphp.vulnweb.com/logout.php adm1nPan3l /adm1nPan3l/ http://testphp.vulnweb.com/adm1nPan3l/ index.php /adm1nPan3l/index.php http://testphp.vulnweb.com/adm1nPan3l/index.php admin /admin/ http://testphp.vulnweb.com/admin/ create.sql /admin/create.sql http://testphp.vulnweb.com/admin/create.sql 404.php /404.php http://testphp.vulnweb.com/404.php Templates /Templates/ http://testphp.vulnweb.com/Templates/ main_dynamic_template.dwt.php /Templates/main_dynamic_template.dwt.php http://testphp.vulnweb.com/Templates/main_dynamic_template.dwt.php index.bak /index.bak http://testphp.vulnweb.com/index.bak product.php /product.php http://testphp.vulnweb.com/product.php http://testphp.vulnweb.com/product.php?pic=2 http://testphp.vulnweb.com/product.php?pic=3 http://testphp.vulnweb.com/product.php?pic=4 listproducts.php /listproducts.php http://testphp.vulnweb.com/listproducts.php http://testphp.vulnweb.com/listproducts.php?cat=1 http://testphp.vulnweb.com/listproducts.php?cat=2 http://testphp.vulnweb.com/listproducts.php?cat=4 http://testphp.vulnweb.com/listproducts.php?artist=2 http://testphp.vulnweb.com/listproducts.php?artist=1 http://testphp.vulnweb.com/listproducts.php?artist=3 clientaccesspolicy.xml /clientaccesspolicy.xml http://testphp.vulnweb.com/clientaccesspolicy.xml showimage.php /showimage.php http://testphp.vulnweb.com/showimage.php http://testphp.vulnweb.com/showimage.php?file=./pictures/4.jpg&size=160 http://testphp.vulnweb.com/showimage.php?file=./pictures/2.jpg&size=160 http://testphp.vulnweb.com/showimage.php?file=./pictures/3.jpg&size=160 http://testphp.vulnweb.com/showimage.php?file=./pictures/6.jpg&size=160 http://testphp.vulnweb.com/showimage.php?file=./pictures/5.jpg&size=160 http://testphp.vulnweb.com/showimage.php?file=./pictures/1.jpg&size=160 http://testphp.vulnweb.com/showimage.php?file=./pictures/7.jpg&size=160 signup.php /signup.php http://testphp.vulnweb.com/signup.php clearguestbook.php /clearguestbook.php http://testphp.vulnweb.com/clearguestbook.php bxss /bxss/ http://testphp.vulnweb.com/bxss/ cleanDatabase.php /bxss/cleanDatabase.php http://testphp.vulnweb.com/bxss/cleanDatabase.php index.php /bxss/index.php http://testphp.vulnweb.com/bxss/index.php test.js /bxss/test.js http://testphp.vulnweb.com/bxss/test.js adminPan3l /bxss/adminPan3l/ http://testphp.vulnweb.com/bxss/adminPan3l/ index.php /bxss/adminPan3l/index.php http://testphp.vulnweb.com/bxss/adminPan3l/index.php style.css /bxss/adminPan3l/style.css http://testphp.vulnweb.com/bxss/adminPan3l/style.css vuln.php /bxss/vuln.php http://testphp.vulnweb.com/bxss/vuln.php http://testphp.vulnweb.com/bxss/vuln.php?id=1 database_connect.php /bxss/database_connect.php http://testphp.vulnweb.com/bxss/database_connect.php crossdomain.xml /crossdomain.xml http://testphp.vulnweb.com/crossdomain.xml Connections /Connections/ http://testphp.vulnweb.com/Connections/ DB_Connection.php /Connections/DB_Connection.php http://testphp.vulnweb.com/Connections/DB_Connection.php database_connect.php /database_connect.php http://testphp.vulnweb.com/database_connect.php medias /medias http://testphp.vulnweb.com/medias img /medias/img http://testphp.vulnweb.com/medias/img css /medias/css http://testphp.vulnweb.com/medias/css main.css /medias/css/main.css http://testphp.vulnweb.com/medias/css/main.css js /medias/js http://testphp.vulnweb.com/medias/js common_functions.js /medias/js/common_functions.js http://testphp.vulnweb.com/medias/js/common_functions.js

<empty>
Form action: http://testphp.vulnweb.com/search.php?test=query
Form method: POST

Form inputs:

• searchFor [Text]
• goButton [Submit]

]]>

0 This alert may be a false positive, manual confirmation is required.
Cross-site request forgery, also known as a one-click attack or session riding and abbreviated as CSRF or XSRF, is a type of malicious exploit of a website whereby unauthorized commands are transmitted from a user that the website trusts.

Acunetix WVS found a HTML form with no apparent CSRF protection implemented. Consult details for more information about the affected HTML form.]]>

0
The server didn't return an X-Frame-Options header which means that this website could be at risk of a clickjacking attack. The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a <frame> or <iframe>. Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded into other sites. ]]>