By Client Services Team, Indusface

SR No. Vulnerability Title % of vulnerability
1 Application Error message 43%
2 Browsable Web directory 11%
3 Cross Site Scripting 10%
4 Potential Information Leakage 10%
5 SQL Injection 7%
6 Debug feature enabled 6%
7 Possible Sensitive Directories/Files Exposed 4%
8 Source Code Disclosure 3%
9 OS Command Injection 3%
10 Possible Backup File(s) 1%

Application Error message

An attacker can try to force the target website to produce error messages by passing different attack vectors to different parameters and then analyse the errors to get target information.This page contains an error/warning message that may disclose sensitive information.

Browsable web directory

A web directory was found to be browsable, which means that anyone can see the contents of the directory. Browsable directories could allow an attacker to view “hidden” files in the web root, including CGI scripts, data files, or backup pages.

Cross Site Scripting

XSS flaws occur whenever an application takes untrusted data and sends it to a web browser without proper validation and escaping. XSS allows attackers to execute scripts in the victim’s browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites.

Potential Information Leakage

The application uses the ASP.NET 2.0 view state (__VIEWSTATE) feature without encryption to maintain application state. Application designers have been known to put passwords and other sensitive data inside the view state. Therefore, it is a good idea to always use view state encryption in ASP.NET applications.

SQL Injection

Web applications that do not properly sanitize user input before passing it to a database system are vulnerable to SQL injection. The attacker’s hostile data can trick the interpreter into executing unintended commands or accessing unauthorized data.

Debug feature enabled

The ASP.NET application is running in debug mode which allows a remote user to gather information about an application by using the DEBUG verb in an HTTP request. This can leak information including source code, hidden filenames, and detailed error messages.

Possible Sensitive Directories/Files Exposed

These directory/files are not directly linked from the website. This check looks for common sensitive resources like backup directories, database dumps, administration pages, temporary directories. Each one of these directories could help an attacker to learn more about his target.

Source Code Disclosure

Source code disclosure allows a malicious user to obtain the source code of a server-side application from a webpage. Disclosure of source code can be devastating for a web application.

OS Command Injection

A web form contains fields with data that is probably sensitive in nature. This form data is submitted over an unencrypted connection, which could allow hackers to sniff the network and view the data in plaintext.

Possible Backup File(s)

Possible Backup files are usually created by developers to backup their work or by administrators when making backups of the web server.