This report holds the results of the Web Penetration Testing performed on Uknowva web application by the SecIQ security team. The details about each task and our findings have been consolidated for this Executive Summary and additional information is contained within the Detailed Vulnerability Information section of this report.
Objective
The objective of this assignment was to perform controlled attack and penetration activities to assess the overall level of security of the uKnowva web application – with the intent to
- Uncover any security issues in the given application.
- Explain the impact and risks associated with the found issues.
- Provide guidance to the team in the prioritization and remediation steps.
2.Executive Summary :
Business-Critical Risks:
The Uknowva web application was identified to have Critical, high risks, which are listed below:
-
It was observed that access control check is missing, allowing to access functions that a low-level user should not have access to.
-
It was observed that Cross Site Request Forgery token was not implemented.
3.Findings Summary:
|
Sr. No
|
Category Name
|
Vulnerability Name
|
Instances
|
Status
|
Severity
|
|
1
|
Injection/Vulnerable Outdated Components
|
SQL Injection Via Vulnerable Plugin
|
Nil
|
Closed
|
Critical
|
|
2
|
Broken Access Control
|
Insecure Direct Object Reference
|
9
|
Closed
|
High
|
|
3
|
Lack of Resources and Rate Limiting
|
Login Brute force
|
1
|
Closed
|
High
|
|
4
|
Injection
|
Open Redirection
|
1
|
Closed
|
High
|
|
5
|
Broken Access Control/ Injection
|
Parameter Pollution
|
2
|
Closed
|
High
|
|
6
|
Injection
|
Stored Cross Site Scripting
|
10
|
Closed
|
High
|
|
7
|
Identification and Authentication Failures
|
Cookie Reusability
|
1
|
Closed
|
Medium
|
|
8
|
Cross Site Request Forgery
|
Cross Site Request Forgery
|
1
|
Closed
|
Medium
|
|
9
|
Injection
|
Cross site Scripting via File Upload
|
9
|
Closed
|
Medium
|
|
10
|
Lack of Resources and Rate Limiting
|
Email Flooding
|
1
|
Closed
|
Medium
|
|
11
|
Forced Browsing
|
Broken Access Control
|
3
|
Open
|
Medium
|
|
12
|
Security Misconfiguration
|
.Git Folder Exposure
|
1
|
Closed
|
Medium
|
|
13
|
Security Misconfiguration/ Broken Access Control
|
Information Exposure Via Log file
|
3
|
Closed
|
Medium
|
|
14
|
Injection
|
Reflected Cross Site Scripting
|
2
|
Closed
|
Medium
|
|
15
|
Security Misconfiguration
|
Cacheable HTTPS response
|
2
|
Closed
|
Low
|
|
16
|
Security Misconfiguration
|
Clickjacking
|
1
|
Closed
|
Low
|
|
17
|
Security Misconfiguration
|
Cookie Set without HTTPOnly Flag
|
1
|
Closed
|
Low
|
|
18
|
Security Misconfiguration
|
HTTP Trace Method is Enabled
|
1
|
Closed
|
Low
|
|
19
|
Security Misconfiguration
|
Session Token in URL
|
3
|
Risk Accepted
|
Low
|
|
20
|
Security Misconfiguration
|
Vulnerable JavaScript Dependency
|
1
|
Closed
|
Low
|
|
21
|
Weak Password Policy
|
Weak Password Policy
|
1
|
Closed
|
Low
|
In case you face any problems, then please write to This email address is being protected from spambots. You need JavaScript enabled to view it., our awesome support team will surely help you!
