GeneralInformation

Hostnames	ip092042136171.rev.nessus.at schumits.at www.schumits.at
Domains	nessus.at schumits.at
Country	Austria
City	Vienna
Organization	Nessus GmbH
ISP	Nessus GmbH
ASN	AS47692

WebTechnologies

JavaScript libraries

jQuery1.11.2

UI frameworks

Bootstrap

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2020(2)

CVE-2020-11023

6.9In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

CVE-2020-11022

6.9In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

2019(1)

CVE-2019-11358

6.1jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

2015(1)

CVE-2015-9251

6.1jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

OpenPorts

21 80 443

21 / tcp

-1992693521 | 2025-04-07T08:01:11.774626

220 Welcome ftp server
530 Login incorrect.
530 Please login with USER and PASS.
211-Features:
 EPRT
 EPSV
 MDTM
 PASV
 REST STREAM
 SIZE
 TVFS
 UTF8
211 End

80 / tcp

-2100514759 | 2025-04-07T03:45:17.565209

Hashes

hash

31429987

http.dom_hash

1239617585

http.html_hash

-2100514759

http.server_hash

-1340961475

http.title_hash

1522695184

301 Moved Permanently

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 07 Apr 2025 03:45:16 GMT
Content-Type: text/html
Content-Length: 162
Location: https://92.42.136.171/
Accept-Ranges: none
Via: HTTP/1.1 forward.http.proxy:3128
Connection: keep-alive

443 / tcp

-966529597 | 2025-04-07T08:50:25.187738

Hashes

hash

354541287

http.dom_hash

1460764665

http.html_hash

-966529597

http.server_hash

-1340961475

http.title_hash

287338669

Schumits

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 07 Apr 2025 08:50:25 GMT
Content-Type: text/html
Content-Length: 4488
Last-Modified: Wed, 19 Jul 2023 10:25:14 GMT
Connection: keep-alive
ETag: "64b7ba0a-1188"
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:9c:ce:03:e7:fe:0c:c4:d6:f8:e1:cf:33:3e:4a:e0:7d:8e
        Signature Algorithm: ecdsa-with-SHA384
        Issuer: C=US, O=Let's Encrypt, CN=E5
        Validity
            Not Before: Mar 17 00:13:50 2025 GMT
            Not After : Jun 15 00:13:49 2025 GMT
        Subject: CN=schumits.at
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:71:c1:f4:c5:91:bf:c7:5d:f0:f3:72:5e:7f:40:
                    5e:15:11:5b:0e:f3:54:87:64:d9:a2:00:5b:bd:0b:
                    d6:66:4a:01:31:30:c9:5d:ac:ff:52:66:73:69:e5:
                    b7:7e:ec:d2:ec:61:72:34:60:e1:51:d4:91:eb:29:
                    c4:20:ad:b5:83
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                B6:23:C2:E9:DE:E9:2E:BC:FD:3E:A7:91:29:66:27:26:64:E6:03:E9
            X509v3 Authority Key Identifier: 
                9F:2B:5F:CF:3C:21:4F:9D:04:B7:ED:2B:2C:C4:C6:70:8B:D2:D7:0D
            Authority Information Access: 
                OCSP - URI:http://e5.o.lencr.org
                CA Issuers - URI:http://e5.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:schumits.at, DNS:www.schumits.at
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://e5.c.lencr.org/15.crl
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
                                87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
                    Timestamp : Mar 17 01:12:20.653 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:7D:A7:E0:B2:90:D6:1A:7D:24:35:0B:10:
                                B4:82:C1:80:33:29:38:7F:BA:6F:4B:FE:28:8D:C1:E4:
                                EC:D6:A9:9C:02:20:14:37:3A:68:9A:3E:A2:10:12:91:
                                72:AE:B3:2F:C5:46:F8:94:20:28:55:48:96:27:27:D0:
                                91:4A:B7:E5:9B:DA
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Mar 17 01:12:22.462 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:B5:E6:79:83:81:5E:D8:34:8C:39:5A:
                                A5:E0:4D:5F:C3:1C:AD:EA:75:ED:75:A1:C4:10:42:7B:
                                87:D5:01:14:B9:02:20:28:AA:76:53:C8:C0:53:FC:0D:
                                2D:66:FE:DC:9C:73:3A:CD:FE:9E:38:E2:66:39:7C:F8:
                                6E:BE:2D:2C:23:C7:F6
    Signature Algorithm: ecdsa-with-SHA384
    Signature Value:
        30:64:02:30:6a:f3:96:c8:80:30:58:34:fa:47:83:58:3c:a3:
        14:5a:3d:79:39:38:0a:6e:f7:26:40:35:bc:c1:68:e8:36:e8:
        53:84:db:92:c9:04:a8:99:96:94:aa:2a:da:39:59:9a:02:30:
        12:1b:d3:9c:3f:4e:9d:40:79:f5:c1:f1:a9:87:84:c9:ce:cd:
        60:c8:b5:0e:cf:e4:f7:e0:c2:40:25:37:69:2f:d9:c4:f9:64:
        dc:bf:8d:4c:02:8d:c4:11:21:d3:42:30

Vulnerabilities

92.42.136.171

Last Seen: 2025-04-07

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

21 / tcp

-1992693521 | 2025-04-07T08:01:11.774626

80 / tcp

-2100514759 | 2025-04-07T03:45:17.565209

Hashes

nginx

443 / tcp

-966529597 | 2025-04-07T08:50:25.187738

Hashes

nginx

Products

Pricing

Contact Us

92.42.136.171

Last Seen: 2025-04-07

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 443 Latest CVSS

OpenPorts

21 / tcp -1992693521 | 2025-04-07T08:01:11.774626

80 / tcp -2100514759 | 2025-04-07T03:45:17.565209

Hashes

nginx

443 / tcp -966529597 | 2025-04-07T08:50:25.187738

Hashes

nginx

Products

Pricing

Contact Us

Vulnerabilities

21 / tcp

-1992693521 | 2025-04-07T08:01:11.774626

80 / tcp

-2100514759 | 2025-04-07T03:45:17.565209

443 / tcp

-966529597 | 2025-04-07T08:50:25.187738