The script here looks like either unique, or not often seen.
I did a quick vulnerability scan, and found few problems.
Host Header Attack
(What is that?)
An attacker can manipulate the Host header as seen by the web application and cause the application to behave in unexpected ways..
There are other minor issues, which are not worth mentioning.
I did a test try by setting HTTP Header input to "evilhostfO7QT33g.com":
File: http://crypto-doubler.pw/api/get-data
Response time: 3.188s
9 Files are Vulnerable:
- /api/get-data
- /bitcoin.php
- /css/tap_project.css
- /dogecoin.php
- /js/App.js
- /js/opentag-122831-1643333.js
- /js/qubit.js
- /js/vendor/modernizr.js
- /litecoin.php
You can contact me for more information:
Email: [email protected]
Skype: devsoftcms
Twitter: https://twitter.com/devsoftcms
