Website Vulnerability Scanner Report

 https://www.araruama.rj.gov.br/

The Light Website Scanner didn't check for critical issues like SQLi, XSS, Command Injection, XXE, etc. Upgrade to run Deep scans with
40+ tests and detect more vulnerabilities.

Summary

Overall risk level: Risk ratings: Scan information:

High Critical: 0 Start time: Jan 23, 2025 / 19:38:14 UTC-03
High: 1 Finish time: Jan 23, 2025 / 19:57:58 UTC-03
Medium: 2 Scan duration: 19 min, 44 sec

Low: 7 Tests performed: 38/38

Info: 28 Scan status: Finished

Findings

 Vulnerabilities found for server-side software UNCONFIRMED 

Risk
CVSS CVE Summary Affected software
Level

nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the

implementation of HTTP/2 that can allow for excessive memory consumption.
 7.8 CVE-2018-16843 This issue affects nginx compiled with the ngx_http_v2_module (not compiled nginx 1.14.0
by default) if the 'http2' option of the 'listen' directive is used in a configuration
file.

nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the

implementation of HTTP/2 that can allow for excessive CPU usage. This issue
 7.8 CVE-2018-16844 nginx 1.14.0
affects nginx compiled with the ngx_http_v2_module (not compiled by default)
if the 'http2' option of the 'listen' directive is used in a configuration file.

Some HTTP/2 implementations are vulnerable to window size manipulation

and stream prioritization manipulation, potentially leading to a denial of
service. The attacker requests a large amount of data from a specified
 7.8 CVE-2019-9511 resource over multiple streams. They manipulate window size and stream nginx 1.14.0
priority to force the server to queue the data in 1-byte chunks. Depending on
how efficiently this data is queued, this can consume excess CPU, memory, or
both.

Some HTTP/2 implementations are vulnerable to resource loops, potentially

leading to a denial of service. The attacker creates multiple request streams
 7.8 CVE-2019-9513 nginx 1.14.0
and continually shuffles the priority of the streams in a way that causes
substantial churn to the priority tree. This can consume excess CPU.

NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source
Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions
R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module
that might allow a local attacker to corrupt NGINX worker memory, resulting in
 7.8 CVE-2022-41741 its termination or potential other impact using a specially crafted audio or nginx 1.14.0
video file. The issue affects only NGINX products that are built with the
ngx_http_mp4_module, when the mp4 directive is used in the configuration
file. Further, the attack is possible only if an attacker can trigger processing of
a specially crafted audio or video file with the module ngx_http_mp4_module.

1 / 11
 Bootstrap Cross-Site Scripting (XSS) vulnerability for data-* attributes. More
details at:
https://github.com/advisories/GHSA-vxmc-5x29-h64v
 6.4 CVE-2024-6485 https://nvd.nist.gov/vuln/detail/CVE-2024-6485 Bootstrap 3.3.0

https://github.com/twbs/bootstrap
https://www.herodevs.com/vulnerability-directory/cve-2024-6485

Bootstrap Cross-Site Scripting (XSS) vulnerability. More details at:

https://github.com/advisories/GHSA-9mvj-f7w8-pvh2
https://nvd.nist.gov/vuln/detail/CVE-2024-6484
https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap-sass/CVE-2024-
 6.4 CVE-2024-6484 6484.yml Bootstrap 3.3.0
https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2024-
6484.yml
https://github.com/twbs/bootstrap
https://www.herodevs.com/vulnerability-directory/cve-2024-6484

 4.3 CVE-2018-14040 In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute. bootstrap 3.3.0

In Bootstrap before 4.1.2, XSS is possible in the data-container property of

 4.3 CVE-2018-14042 bootstrap 3.3.0
tooltip.

In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is

 4.3 CVE-2016-10735 possible in the data-target attribute, a different vulnerability than CVE-2018- bootstrap 3.3.0
14041.

In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport

 4.3 CVE-2018-20676 bootstrap 3.3.0
attribute.

In Bootstrap before 3.4.0, XSS is possible in the affix configuration target

 4.3 CVE-2018-20677 bootstrap 3.3.0
property.

jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a

 4.3 CVE-2015-9251 cross-domain Ajax request is performed without the dataType option, causing jquery 1.10.2
text/javascript responses to be executed.

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products,
mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If
 4.3 CVE-2019-11358 jquery 1.10.2
an unsanitized source object contained an enumerable __proto__ property, it
could extend the native Object.prototype.

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing
HTML containing <option> elements from untrusted sources - even after
 4.3 CVE-2020-11023 sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), jquery 1.10.2
.append(), and others) may execute untrusted code. This problem is patched
in jQuery 3.5.0.

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML
from untrusted sources - even after sanitizing it - to one of jQuery's DOM
 4.3 CVE-2020-11022 jquery 1.10.2
manipulation methods (i.e. .html(), .append(), and others) may execute
untrusted code. This problem is patched in jQuery 3.5.0.

XSS in data-target property of scrollspy. More details at:

 4.3 CVE-2018-14041 https://github.com/advisories/GHSA-pj7m-g53m-7638 Bootstrap 3.3.0
https://github.com/twbs/bootstrap/issues/20184

Bootstrap before 4.0.0 is end-of-life and no longer maintained. More details

 N/A N/A at: Bootstrap 3.3.0
https://github.com/twbs/bootstrap/issues/20631

jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates.
 N/A N/A More details at: Jquery 1.10.2
https://github.com/jquery/jquery.com/issues/162

 Details

Risk description:
The risk is that an attacker could search for an appropriate exploit (or create one himself) for any of these vulnerabilities and use it to
attack the system.

Recommendation:
In order to eliminate the risk of these vulnerabilities, we recommend you check the installed software version and upgrade to the latest
version.

Classification:

2 / 11
 CWE : CWE-1026
OWASP Top 10 - 2017 : A9 - Using Components with Known Vulnerabilities
OWASP Top 10 - 2021 : A6 - Vulnerable and Outdated Components

 Insecure cookie setting: missing HttpOnly flag CONFIRMED

Cookie
URL Evidence
Name

The server responded with Set-Cookie header(s) that does not specify the HttpOnly
flag:
https://www.araruama.rj.gov.br/esiclivre/ PHPSESSID Set-Cookie: PHPSESSID=6bdeea012c3ed9eec55c4259ccba9887

Request / Response

 Details

Risk description:
The risk is that an attacker who injects malicious JavaScript code on the page (e.g. by using an XSS attack) can access the cookie and can
send it to another site. In case of a session cookie, this could lead to session hijacking.

Recommendation:
Ensure that the HttpOnly flag is set for all cookies.

References:
https://owasp.org/www-community/HttpOnly

Classification:
CWE : CWE-1004
OWASP Top 10 - 2017 : A6 - Security Misconfiguration
OWASP Top 10 - 2021 : A5 - Security Misconfiguration

 Insecure cookie setting: missing Secure flag CONFIRMED

URL Cookie Name Evidence

Set-Cookie: PHPSESSID=6bdeea012c3ed9eec55c4259ccba9887
https://www.araruama.rj.gov.br/esiclivre/ PHPSESSID
Request / Response

 Details

Risk description:
The risk exists that an attacker will intercept the clear-text communication between the browser and the server and he will steal the cookie
of the user. If this is a session cookie, the attacker could gain unauthorized access to the victim's web session.

Recommendation:
Whenever a cookie contains sensitive information or is a session token, then it should always be passed using an encrypted channel.
Ensure that the secure flag is set for cookies containing such sensitive information.

References:
https://owasp.org/www-project-web-security-testing-guide/stable/4-Web_Application_Security_Testing/06-
Session_Management_Testing/02-Testing_for_Cookies_Attributes.html

Classification:
CWE : CWE-614
OWASP Top 10 - 2017 : A6 - Security Misconfiguration
OWASP Top 10 - 2021 : A5 - Security Misconfiguration

 Missing security header: Strict-Transport-Security CONFIRMED

URL Evidence

Response headers do not include the HTTP Strict-Transport-Security header

https://www.araruama.rj.gov.br/
Request / Response

 Details

3 / 11
 Risk description:
The risk is that lack of this header permits an attacker to force a victim user to initiate a clear-text HTTP connection to the server, thus
opening the possibility to eavesdrop on the network traffic and extract sensitive information (e.g. session cookies).

Recommendation:
The Strict-Transport-Security HTTP header should be sent with each HTTPS response. The syntax is as follows:

Strict-Transport-Security: max-age=<seconds>[; includeSubDomains]

The parameter max-age gives the time frame for requirement of HTTPS in seconds and should be chosen quite high, e.g. several months.
A value below 7776000 is considered as too low by this scanner check.
The flag includeSubDomains defines that the policy applies also for sub domains of the sender of the response.

Classification:
CWE : CWE-693
OWASP Top 10 - 2017 : A6 - Security Misconfiguration
OWASP Top 10 - 2021 : A5 - Security Misconfiguration

 Missing security header: Content-Security-Policy CONFIRMED

URL Evidence

Response does not include the HTTP Content-Security-Policy security header or meta tag
https://www.araruama.rj.gov.br/
Request / Response

 Details

Risk description:
The risk is that if the target application is vulnerable to XSS, lack of this header makes it easily exploitable by attackers.

Recommendation:
Configure the Content-Security-Header to be sent with each HTTP response in order to apply the specific policies needed by the
application.

References:
https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy

Classification:
CWE : CWE-693
OWASP Top 10 - 2017 : A6 - Security Misconfiguration
OWASP Top 10 - 2021 : A5 - Security Misconfiguration

 Missing security header: Referrer-Policy CONFIRMED

URL Evidence

Response headers do not include the Referrer-Policy HTTP security header as well as the <meta> tag with
https://www.araruama.rj.gov.br/ name 'referrer' is not present in the response.
Request / Response

 Details

Risk description:
The risk is that if a user visits a web page (e.g. "http://example.com/pricing/") and clicks on a link from that page going to e.g.
"https://www.google.com", the browser will send to Google the full originating URL in the Referer header, assuming the Referrer-Policy
header is not set. The originating URL could be considered sensitive information and it could be used for user tracking.

Recommendation:
The Referrer-Policy header should be configured on the server side to avoid user tracking and inadvertent information leakage. The value
no-referrer of this header instructs the browser to omit the Referer header entirely.

References:
https://developer.mozilla.org/en-US/docs/Web/Security/Referer_header:_privacy_and_security_concerns

Classification:
CWE : CWE-693
OWASP Top 10 - 2017 : A6 - Security Misconfiguration
OWASP Top 10 - 2021 : A5 - Security Misconfiguration

4 / 11
 Missing security header: X-Content-Type-Options CONFIRMED

URL Evidence

Response headers do not include the X-Content-Type-Options HTTP security header

https://www.araruama.rj.gov.br/
Request / Response

 Details

Risk description:
The risk is that lack of this header could make possible attacks such as Cross-Site Scripting or phishing in Internet Explorer browsers.

Recommendation:
We recommend setting the X-Content-Type-Options header such as X-Content-Type-Options: nosniff .

References:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options

Classification:
CWE : CWE-693
OWASP Top 10 - 2017 : A6 - Security Misconfiguration
OWASP Top 10 - 2021 : A5 - Security Misconfiguration

 Mixed content CONFIRMED

URL Method Parameters Evidence

1 : <img alt="Get Adobe Flash player" src="h

ttp://www.adobe.com/images/shared/download_b
uttons/get_flash_player.gif"/>
2 : <img alt="Pontos Turísticos" src="http:/
/araruama.rj.gov.br/turismo/images/lof1ab.jp
Headers:
g" title="Pontos Turísticos" width="735"/>
User-Agent=Mozilla/5.0 (Windows NT 3 : <img alt="Cultura em Araruama" src="http
10.0; Win64; x64) ://www.araruama.rj.gov.br/turismo/cache/loft
AppleWebKit/537.36 (KHTML, like humbs/735x400-piano.jpg" title="Cultura em A
Gecko) Chrome/108.0.0.0 raruama" width="735"/>
4 : <img alt="Opções de Lazer e Entretenimen
Safari/537.36
https://www.araruama.rj.gov.br/turismo/ GET to" src="http://araruama.rj.gov.br/turismo/i
Cookies: mages/lof3.jpg" title="Opções de Lazer e Ent
PHPSESSID=6bdeea012c3ed9eec55c retenimento" width="735"/>
4259ccba9887 5 : <img alt="Locais de Compra em Araruama"
src="http://araruama.rj.gov.br/turismo/image
fd119e7db2158614c8b845afa272ed7
s/lof4.jpg" title="Locais de Compra em Araru
2=b02fce4fcb07df38a17e26bf854d7 ama" width="735"/>
043 6 : <img alt="Pontos Turísticos" src="http:/
/araruama.rj.g

Request / Response

 Details

Risk description:
The risk is that the insecurely loaded resources (HTTP) on an otherwise secure page (HTTPS) can be intercepted or manipulated by
attackers, potentially leading to eavesdropping or content tampering.

Recommendation:
Ensure that all external resources the page references are loaded using HTTPS.

Classification:
CWE : CWE-311
OWASP Top 10 - 2017 : A6 - Security Misconfiguration
OWASP Top 10 - 2021 : A5 - Security Misconfiguration

 Server software and technology found UNCONFIRMED 

Software / Version Category

jQuery CDN CDN

Bootstrap 3.3.0 UI frameworks

5 / 11
 jQuery 1.10.2 JavaScript libraries

Nginx 1.14.0 Web servers, Reverse proxies

waf Caching

 Details

Risk description:
The risk is that an attacker could use this information to mount specific attacks against the identified software type and version.

Recommendation:
We recommend you to eliminate the information which permits the identification of software platform, technology, server and operating
system: HTTP server headers, HTML meta information, etc.

References:
https://owasp.org/www-project-web-security-testing-guide/stable/4-Web_Application_Security_Testing/01-Information_Gathering/02-
Fingerprint_Web_Server.html

Classification:
OWASP Top 10 - 2017 : A6 - Security Misconfiguration
OWASP Top 10 - 2021 : A5 - Security Misconfiguration

Screenshot:

Figure 1. Website Screenshot

 Server software identified UNCONFIRMED 

URL Page Title Page Size Summary

https://www.araruama.rj.gov.br/icons/README 4.99 KB Apache default file found.

 Details

Risk description:
The risk is that this information could be used by an attacker to mount specific attacks against the server and the application.

Recommendation:
We recommend you to remove these files if they are not needed for business purposes.

Classification:
CWE : CWE-200
OWASP Top 10 - 2017 : A6 - Security Misconfiguration
OWASP Top 10 - 2021 : A5 - Security Misconfiguration

 Security.txt file is missing CONFIRMED

6 / 11
 URL

Missing: https://www.araruama.rj.gov.br/.well-known/security.txt

 Details

Risk description:
There is no particular risk in not having a security.txt file for your server. However, this file is important because it offers a designated
channel for reporting vulnerabilities and security issues.

Recommendation:
We recommend you to implement the security.txt file according to the standard, in order to allow researchers or users report any security
issues they find, improving the defensive mechanisms of your server.

References:
https://securitytxt.org/

Classification:
OWASP Top 10 - 2017 : A6 - Security Misconfiguration
OWASP Top 10 - 2021 : A5 - Security Misconfiguration

 Login Interface Found CONFIRMED

URL Evidence

<input maxlength="20" name="login" type="text"/>

<input maxlength="100" name="password" type="password"/>
<input class="inputBotao" name="btsub" type="submit" value="Entrar"/>
https://www.araruama.rj.gov.br/esiclivre/

Request / Response

 Details

Risk description:
The risk is that an attacker could use this interface to mount brute force attacks against known passwords and usernames combinations
leaked throughout the web.

Recommendation:
Ensure each interface is not bypassable using common knowledge of the application or leaked credentials using occasional password
audits.

References:
https://pentest-tools.com/network-vulnerability-scanning/password-auditor
http://capec.mitre.org/data/definitions/16.html

Screenshot:

Figure 2. Login Interface

7 / 11
 Spider results

Page Status
URL Method Parameters Page Title
Size Code

Query: 7.35
https://www.araruama.rj.gov.br/esiclivre/ GET Lei de Acesso 200
ref=subM KB

Prefeitura Municipal de 4.03

https://www.araruama.rj.gov.br/ GET 200
Araruama KB

7.35
https://www.araruama.rj.gov.br/esiclivre/ GET Lei de Acesso 200
KB

https://www.araruama.rj.gov.br/img GET Acesso negado 472 B 403

https://www.araruama.rj.gov.br/img/ GET Acesso negado 472 B 403

IPTU 2025 - Prefeitura 3.59

https://www.araruama.rj.gov.br/iptu GET 200
Municipal de Araruama KB

IPTU 2025 - Prefeitura 3.59

https://www.araruama.rj.gov.br/iptu/ GET 200
Municipal de Araruama KB

https://www.araruama.rj.gov.br/iptu/css GET Acesso negado 472 B 403

https://www.araruama.rj.gov.br/iptu/css/ GET Acesso negado 472 B 403

https://www.araruama.rj.gov.br/iptu/img GET Acesso negado 472 B 403

https://www.araruama.rj.gov.br/iptu/img/ GET Acesso negado 472 B 403

Manual Sistema Novo Nfe - 7.43

https://www.araruama.rj.gov.br/manual-nfe-sistema-novo GET 200
Prefeitura Municipal de KB

https://www.araruama.rj.gov.br/manual-nfe-sistema- Manual Sistema Novo Nfe - 7.43

GET 200
novo/ Prefeitura Municipal de KB

https://www.araruama.rj.gov.br/monitoramento/ GET Página Não Encontrada 488 B 404

Query:
https://www.araruama.rj.gov.br/monitoramento/ GET Página Não Encontrada 488 B 404
ref=subM

Prefeitura Municipal de 40.25

https://www.araruama.rj.gov.br/novo GET 200
Araruama KB

Prefeitura Municipal de 40.25

https://www.araruama.rj.gov.br/novo/ GET 200
Araruama KB

Query:
Prefeitura Municipal de
https://www.araruama.rj.gov.br/novo/ GET pg=consulta_processo 23 KB 200
Araruama
ref=subM

Query: Prefeitura Municipal de 40.25

https://www.araruama.rj.gov.br/novo/ GET 200
ref=subM Araruama KB

Prefeitura Municipal de 728.37

https://www.araruama.rj.gov.br/novo/coronavirus GET 200
Araruama KB

Prefeitura Municipal de 728.37

https://www.araruama.rj.gov.br/novo/coronavirus/ GET 200
Araruama KB

https://www.araruama.rj.gov.br/novo/galeria/dicas GET 2B 200

https://www.araruama.rj.gov.br/novo/galeria/dicas/ GET 2B 200

https://www.araruama.rj.gov.br/novo/images/ GET 31 B 200

https://www.araruama.rj.gov.br/novo/js/ GET Acesso negado 472 B 403

Prefeitura Municipal de 24.39

https://www.araruama.rj.gov.br/novo/ouvidoria GET 200
Araruama KB

https://www.araruama.rj.gov.br/novo/owlcarousel GET Acesso negado 472 B 403

https://www.araruama.rj.gov.br/novo/plugins/input-mask/ GET Acesso negado 472 B 403

8 / 11
 https://www.araruama.rj.gov.br/transparencia/ GET 86 B 200

https://www.araruama.rj.gov.br/transparencia/coronavirus GET 86 B 200

Bem-vindo Araruama Turismo 22.02

https://www.araruama.rj.gov.br/turismo/ GET 200
- Bem-vindo a Araruama KB

https://www.araruama.rj.gov.br/vacina GET Página Não Encontrada 488 B 404

Query:
https://www.araruama.rj.gov.br/vacina/ GET Página Não Encontrada 488 B 404
ref=subM

 Details

Risk description:
The table contains all the unique pages the scanner found. The duplicated URLs are not available here as scanning those is considered
unnecessary

Recommendation:
We recommend to advanced users to make sure the scan properly detected most of the URLs in the application.

References:
All the URLs the scanner found, including duplicates (available for 90 days after the scan date)

 Website is accessible.

 Nothing was found for client access policies.

 Nothing was found for robots.txt file.

 Outdated JavaScript libraries were merged into server-side software vulnerabilities.

 Nothing was found for use of untrusted certificates.

 Nothing was found for enabled HTTP debug methods.

 Nothing was found for administration consoles.

 Nothing was found for information disclosure.

 Nothing was found for sensitive files.

 Nothing was found for interesting files.

 Nothing was found for enabled HTTP OPTIONS method.

 Nothing was found for secure communication.

 Nothing was found for directory listing.

9 / 11
 Nothing was found for error messages.

 Nothing was found for debug messages.

 Nothing was found for code comments.

 Nothing was found for Insecure Direct Object Reference.

 Nothing was found for domain too loose set for cookies.

 Nothing was found for internal error code.

 Nothing was found for Server Side Request Forgery.

 Nothing was found for Open Redirect.

 Nothing was found for Exposed Backup Files.

 Nothing was found for unsafe HTTP header Content Security Policy.

 Nothing was found for OpenAPI files.

 Nothing was found for file upload.

Scan coverage information

List of tests performed (38/38)

 Starting the scan...
 Checking for missing HTTP header - Strict-Transport-Security...
 Checking for missing HTTP header - Content Security Policy...
 Checking for missing HTTP header - Referrer...
 Checking for missing HTTP header - X-Content-Type-Options...
 Spidering target...
 Checking for website technologies...
 Checking for vulnerabilities of server-side software...
 Checking for client access policies...
 Checking for robots.txt file...
 Checking for absence of the security.txt file...
 Checking for outdated JavaScript libraries...
 Checking for use of untrusted certificates...
 Checking for enabled HTTP debug methods...
 Checking for administration consoles...
 Checking for information disclosure... (this might take a few hours)
 Checking for software identification...
 Checking for sensitive files...
 Checking for interesting files... (this might take a few hours)
 Checking for login interfaces...

10 / 11
  Checking for HttpOnly flag of cookie...
 Checking for Secure flag of cookie...
 Checking for mixed content between HTTP and HTTPS...
 Checking for enabled HTTP OPTIONS method...
 Checking for secure communication...
 Checking for directory listing...
 Checking for error messages...
 Checking for debug messages...
 Checking for code comments...
 Checking for Insecure Direct Object Reference...
 Checking for domain too loose set for cookies...
 Checking for internal error code...
 Checking for Server Side Request Forgery...
 Checking for Open Redirect...
 Checking for Exposed Backup Files...
 Checking for unsafe HTTP header Content Security Policy...
 Checking for OpenAPI files...
 Checking for file upload...

Scan parameters
target: https://www.araruama.rj.gov.br/
scan_type: Light
authentication: False

Scan stats
Unique Injection Points Detected: 905
URLs spidered: 49
Total number of HTTP requests: 15401
Average time until a response was
11ms
received:
Total number of HTTP request errors: 412

11 / 11