www.niiar.ru / 94.127.202.76 port 80
Target IP 94.127.202.76
Target hostname www.niiar.ru
Target Port 80
HTTP Server Apache/2.2.29 (Gentoo) mod_ssl/2.2.29 OpenSSL/1.0.0d Phusion_Passenger/4.0.41 PHP/5.4.42-pl0-gentoo
Site Link (Name) http://www.niiar.ru:80/
Site Link (IP) http://94.127.202.76:80/

URI /
HTTP Method GET
Description Retrieved x-powered-by header: PHP/5.4.42-pl0-gentoo
Test Links http://www.niiar.ru:80/
http://94.127.202.76:80/
OSVDB Entries OSVDB-0
URI /
HTTP Method GET
Description The anti-clickjacking X-Frame-Options header is not present.
Test Links http://www.niiar.ru:80/
http://94.127.202.76:80/
OSVDB Entries OSVDB-0
URI /
HTTP Method GET
Description The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
Test Links http://www.niiar.ru:80/
http://94.127.202.76:80/
OSVDB Entries OSVDB-0
URI /
HTTP Method GET
Description Uncommon header 'x-generator' found, with contents: Drupal 7 (http://drupal.org)
Test Links http://www.niiar.ru:80/
http://94.127.202.76:80/
OSVDB Entries OSVDB-0
URI /
HTTP Method GET
Description The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
Test Links http://www.niiar.ru:80/
http://94.127.202.76:80/
OSVDB Entries OSVDB-0
URI /robots.txt
HTTP Method GET
Description Server leaks inodes via ETags, header found with file /robots.txt, inode: 79268, size: 1550, mtime: Wed Jul 27 13:00:55 2016
Test Links http://www.niiar.ru:80/robots.txt
http://94.127.202.76:80/robots.txt
OSVDB Entries OSVDB-0
URI /install.php
HTTP Method GET
Description Entry '/install.php' in robots.txt returned a non-forbidden or redirect HTTP code (200)
Test Links http://www.niiar.ru:80/install.php
http://94.127.202.76:80/install.php
OSVDB Entries OSVDB-0
URI /xmlrpc.php
HTTP Method GET
Description Entry '/xmlrpc.php' in robots.txt returned a non-forbidden or redirect HTTP code (200)
Test Links http://www.niiar.ru:80/xmlrpc.php
http://94.127.202.76:80/xmlrpc.php
OSVDB Entries OSVDB-0
URI /filter/tips/
HTTP Method GET
Description Entry '/filter/tips/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
Test Links http://www.niiar.ru:80/filter/tips/
http://94.127.202.76:80/filter/tips/
OSVDB Entries OSVDB-0
URI /search/
HTTP Method GET
Description Entry '/search/' in robots.txt returned a non-forbidden or redirect HTTP code (302)
Test Links http://www.niiar.ru:80/search/
http://94.127.202.76:80/search/
OSVDB Entries OSVDB-0
URI /user/password/
HTTP Method GET
Description Entry '/user/password/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
Test Links http://www.niiar.ru:80/user/password/
http://94.127.202.76:80/user/password/
OSVDB Entries OSVDB-0
URI /user/login/
HTTP Method GET
Description Entry '/user/login/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
Test Links http://www.niiar.ru:80/user/login/
http://94.127.202.76:80/user/login/
OSVDB Entries OSVDB-0
URI /?q=filter/tips/
HTTP Method GET
Description Entry '/?q=filter/tips/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
Test Links http://www.niiar.ru:80/?q=filter/tips/
http://94.127.202.76:80/?q=filter/tips/
OSVDB Entries OSVDB-0
URI /?q=search/
HTTP Method GET
Description Entry '/?q=search/' in robots.txt returned a non-forbidden or redirect HTTP code (302)
Test Links http://www.niiar.ru:80/?q=search/
http://94.127.202.76:80/?q=search/
OSVDB Entries OSVDB-0
URI /?q=user/password/
HTTP Method GET
Description Entry '/?q=user/password/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
Test Links http://www.niiar.ru:80/?q=user/password/
http://94.127.202.76:80/?q=user/password/
OSVDB Entries OSVDB-0
URI /?q=user/login/
HTTP Method GET
Description Entry '/?q=user/login/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
Test Links http://www.niiar.ru:80/?q=user/login/
http://94.127.202.76:80/?q=user/login/
OSVDB Entries OSVDB-0
URI /robots.txt
HTTP Method GET
Description "robots.txt" contains 36 entries which should be manually viewed.
Test Links http://www.niiar.ru:80/robots.txt
http://94.127.202.76:80/robots.txt
OSVDB Entries OSVDB-0
URI #TEMPL_URI#
HTTP Method #TEMPL_HTTP_METHOD#
Description #TEMPL_MSG#
Test Links #TEMPL_ITEM_NAME_LINK#
#TEMPL_ITEM_IP_LINK#
OSVDB Entries OSVDB-#TEMPL_OSVDB#
URI #TEMPL_URI#
HTTP Method #TEMPL_HTTP_METHOD#
Description #TEMPL_MSG#
Test Links #TEMPL_ITEM_NAME_LINK#
#TEMPL_ITEM_IP_LINK#
OSVDB Entries OSVDB-#TEMPL_OSVDB#
URI #TEMPL_URI#
HTTP Method #TEMPL_HTTP_METHOD#
Description #TEMPL_MSG#
Test Links #TEMPL_ITEM_NAME_LINK#
#TEMPL_ITEM_IP_LINK#
OSVDB Entries OSVDB-#TEMPL_OSVDB#
URI #TEMPL_URI#
HTTP Method #TEMPL_HTTP_METHOD#
Description #TEMPL_MSG#
Test Links #TEMPL_ITEM_NAME_LINK#
#TEMPL_ITEM_IP_LINK#
OSVDB Entries OSVDB-#TEMPL_OSVDB#
URI #TEMPL_URI#
HTTP Method #TEMPL_HTTP_METHOD#
Description #TEMPL_MSG#
Test Links #TEMPL_ITEM_NAME_LINK#
#TEMPL_ITEM_IP_LINK#
OSVDB Entries OSVDB-#TEMPL_OSVDB#
URI #TEMPL_URI#
HTTP Method #TEMPL_HTTP_METHOD#
Description #TEMPL_MSG#
Test Links #TEMPL_ITEM_NAME_LINK#
#TEMPL_ITEM_IP_LINK#
OSVDB Entries OSVDB-#TEMPL_OSVDB#
URI /
HTTP Method AHGHWHGH
Description Web Server returns a valid response with junk HTTP methods, this may cause false positives.
Test Links http://www.niiar.ru:80/
http://94.127.202.76:80/
OSVDB Entries OSVDB-0
URI /
HTTP Method DEBUG
Description DEBUG HTTP verb may show server debugging information. See http://msdn.microsoft.com/en-us/library/e8z01xdh%28VS.80%29.aspx for details.
Test Links http://www.niiar.ru:80/
http://94.127.202.76:80/
OSVDB Entries OSVDB-0
URI #TEMPL_URI#
HTTP Method #TEMPL_HTTP_METHOD#
Description #TEMPL_MSG#
Test Links #TEMPL_ITEM_NAME_LINK#
#TEMPL_ITEM_IP_LINK#
OSVDB Entries OSVDB-#TEMPL_OSVDB#
URI /news/news.mdb
HTTP Method GET
Description /news/news.mdb: Web Wiz Site News release v3.06 admin password database is available and unencrypted.
Test Links http://www.niiar.ru:80/news/news.mdb
http://94.127.202.76:80/news/news.mdb
OSVDB Entries OSVDB-0
URI /?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000
HTTP Method GET
Description /?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
Test Links http://www.niiar.ru:80/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000
http://94.127.202.76:80/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000
OSVDB Entries OSVDB-12184
URI /?=PHPE9568F36-D428-11d2-A769-00AA001ACF42
HTTP Method GET
Description /?=PHPE9568F36-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
Test Links http://www.niiar.ru:80/?=PHPE9568F36-D428-11d2-A769-00AA001ACF42
http://94.127.202.76:80/?=PHPE9568F36-D428-11d2-A769-00AA001ACF42
OSVDB Entries OSVDB-12184
URI /?=PHPE9568F34-D428-11d2-A769-00AA001ACF42
HTTP Method GET
Description /?=PHPE9568F34-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
Test Links http://www.niiar.ru:80/?=PHPE9568F34-D428-11d2-A769-00AA001ACF42
http://94.127.202.76:80/?=PHPE9568F34-D428-11d2-A769-00AA001ACF42
OSVDB Entries OSVDB-12184
URI /?=PHPE9568F35-D428-11d2-A769-00AA001ACF42
HTTP Method GET
Description /?=PHPE9568F35-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
Test Links http://www.niiar.ru:80/?=PHPE9568F35-D428-11d2-A769-00AA001ACF42
http://94.127.202.76:80/?=PHPE9568F35-D428-11d2-A769-00AA001ACF42
OSVDB Entries OSVDB-12184
URI /news
HTTP Method GET
Description /news: This might be interesting...
Test Links http://www.niiar.ru:80/news
http://94.127.202.76:80/news
OSVDB Entries OSVDB-3092
URI /service/
HTTP Method GET
Description Uncommon header 'link' found, with contents: </node/84>; rel="shortlink",</service>; rel="canonical"
Test Links http://www.niiar.ru:80/service/
http://94.127.202.76:80/service/
OSVDB Entries OSVDB-0
URI /service/
HTTP Method GET
Description /service/: This might be interesting...
Test Links http://www.niiar.ru:80/service/
http://94.127.202.76:80/service/
OSVDB Entries OSVDB-3092
URI /test.txt
HTTP Method GET
Description /test.txt: This might be interesting...
Test Links http://www.niiar.ru:80/test.txt
http://94.127.202.76:80/test.txt
OSVDB Entries OSVDB-3092
URI /user/
HTTP Method GET
Description /user/: This might be interesting...
Test Links http://www.niiar.ru:80/user/
http://94.127.202.76:80/user/
OSVDB Entries OSVDB-3092
URI /icons/
HTTP Method GET
Description /icons/: Directory indexing found.
Test Links http://www.niiar.ru:80/icons/
http://94.127.202.76:80/icons/
OSVDB Entries OSVDB-3268
URI /install.php
HTTP Method GET
Description /install.php: Drupal install.php file found.
Test Links http://www.niiar.ru:80/install.php
http://94.127.202.76:80/install.php
OSVDB Entries OSVDB-3092
URI /install.php
HTTP Method GET
Description /install.php: install.php file found.
Test Links http://www.niiar.ru:80/install.php
http://94.127.202.76:80/install.php
OSVDB Entries OSVDB-3092
URI /xmlrpc.php
HTTP Method GET
Description /xmlrpc.php: xmlrpc.php was found.
Test Links http://www.niiar.ru:80/xmlrpc.php
http://94.127.202.76:80/xmlrpc.php
OSVDB Entries OSVDB-3092
URI /icons/README
HTTP Method GET
Description /icons/README: Apache default file found.
Test Links http://www.niiar.ru:80/icons/README
http://94.127.202.76:80/icons/README
OSVDB Entries OSVDB-3233
URI /sites/all/libraries/tinymce/examples/
HTTP Method GET
Description /sites/all/libraries/tinymce/examples/: Drupal install of TinyMCE examples found, check for file uploads.
Test Links http://www.niiar.ru:80/sites/all/libraries/tinymce/examples/
http://94.127.202.76:80/sites/all/libraries/tinymce/examples/
OSVDB Entries OSVDB-0

Host Summary
Start Time 2017-02-20 07:15:27
End Time 2017-02-20 08:16:36
Elapsed Time 3669 seconds
Statistics 7557 requests, 0 errors, 42 findings

Scan Summary
Software Details Nikto 2.1.6
CLI Options -o nikto-niiar.htm -host www.niiar.ru
Hosts Tested 1
Start Time Mon Feb 20 07:15:25 2017
End Time Mon Feb 20 08:16:36 2017
Elapsed Time 3671 seconds