Académique Documents
Professionnel Documents
Culture Documents
Page 1 of 16
Table of Contents
Contents
1
1.2
2.1.2
2.1.3
2.1.4
2.1.5
2.1.6
2.1.7
2.1.8
Page 2 of 16
1.1
Security Assessment
HIGH
04
Vulnerabilities Identified
MEDIUM
03
Page 3 of 16
LOW
01
1.2
Security Assessment
The below graph shows the total number of vulnerabilities discovered for High and Medium severity levels
lev
during current security assessments:
4
3
High
Medium
1
Low
1
0
Current Assessment
Page 4 of 16
Recommendation : Move all of the critical forms and pages to HTTPS and do not serve them over HTTP.
Page 5 of 16
Severity
POC
Page 6 of 16
Recommendation
Input Validation:
It is recommended to use a standard server as well as client side input
validation mechanism to validate all input data for length, type, syntax,
and business rules before accepting the data to be stored.
Output Encoding:
It is recommended that all user-supplied data is appropriately entity
encoded (either HTML or XML depending on the output mechanism)
before rendered on HTML Page. For PHP, htmlentities() or
htmlspecialcharacters() functions can be used to avoid cross site scripting.
Page 7 of 16
Page 8 of 16
Recommendation: Proper input validation is required. Use html entities in order to ban special
Characters given by an attacker
Page 9 of 16
Site crawlers can be used or one can spider the host/target to know sensitive information like
configuration settings, hidden urls, confidential documents etc. In the process of extracting sensitive
information malicious user can obtain information about admin related files as well.
Severity
Impact
High
At the time of crawling attacker can gain a list of various php files lying on the server. One of them is
deletecity.php. To delete any citys name from the database is the function of this file. This is admin level
functionality
Page 10 of 16
POC
Page 11 of 16
Recommendation: Move all of the critical forms and pages to HTTPS and do not serve them over HTTP.
Page 12 of 16
Recommendation: Implement proper access controls over the urls so that an attacker cannot parse
through the urls to get the sensitive information
Page 13 of 16
Abstract An attacker can bypass the privileges by performing a brute force , dictionary, syllable and hybrid methods
to gain unauthorized access to the web page.
Severity
Medium
An issue exists in BookUrShow Application that could allow an unauthorized user to brute force the
Impact
password of user accounts when Web Publishing is enabled.
POC
Recommendation:
1. Ensure that users follow proper password policies such as using hard to guess passwords.
2. HTTP basic authentication is generally not considered a secure mechanism and should be run over
a SSL-enabled port
Page 14 of 16
POC
Recommendation:
1. Password length should be minimum 8 characters.
2. Password characters should be a combination of alphanumeric characters.
Page 15 of 16
Page 16 of 16