Huskies
Сообщений: 196
Оценки: 11
Присоединился: 2011-03-09 15:00:00.773333
|
Здравствуйте. Просканировал тут accunetix'om сайтик доставки еды и нашел там такие уязвимости(сайт zakaz.me). Что тут можно сделать? Взлом реален? Если да, то как? Буду очень благодарен: Alerts summary [image]grey-u-r.gif[/image] Error message on page
[*]/wp-content/themes/wp-paintart/wp-paintart/index.php Directory Listing
[*]/wp-content/themes/wp-paintart
[*]/wp-content/themes/wp-paintart/wp-paintart/images Possible sensitive directories
[*]/cgi-bin
[*]/wp-admin
[*]/wp-content TRACE method is enabled
[*]Web Server Password type input with autocomplete enabled
[*]/wp-login.php (5ced517d2fda8e261de6025ce71c67a2)
[*]/wp-login.php (d6497cf9ab1cd6ef9865a789df0795a7) Possible server path disclosure (Unix)
[*]/wp-content/themes/wp-paintart/wp-paintart/index.php Suspicious comment
[*]/wp-comments-post.php (1f641bb3278b31536ed0633e14b7dfea)
[*]/wp-comments-post.php (a443be47d601720a185116341a12a8e2)
[*]/wp-comments-post.php (eeea0497d5d1632ce4758ce8d4648583)
Error message on page [image]orange-u-r.gif[/image][image]sev-orange.png[/image] Vulnerability description This page contains an error/warning message that may disclose sensitive information.The message can also contain the location of the file that produced the unhandled exception.
This may be a false positive if the error message is found in documentation pages. This vulnerability affects [b][color="#da00"]/wp-content/themes/wp-paintart/wp-paintart/index.php[/color][/b]. Discovered by: Scripting (Text_Search.script). The impact of this vulnerability The error messages may disclose sensitive information. This information can be used to launch further attacks.
Attack details
Pattern found: [color="blue"]<b>Fatal error</b>: Call to undefined function get_header() in <b>/home/zakazme/public_html/wp-content/themes/wp-paintart/wp-paintart/index.php</b> on line <b>1</b><br />[/color]
|