I am getting emails from Security Metrics about PCI compliance. My website has 3 failing areas. Here are the failing messages:
- Title: Web server vulnerability Impact: /index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings. Risk Factor: Medium/ CVSS2 Base Score: 5.0
2. Title: Web server vulnerability Impact: /webmail/blank.html: IlohaMail 0.8.10 contains an XSS vulnerability. Previous versions contain other non-descript vulnerabilities. Risk Factor: Medium/ CVSS2 Base Score: 4.0
3. Title: Web server vulnerability Impact: /IlohaMail/blank.html: IlohaMail 0.8.10 contains a XSS vulnerability. Previous versions contain other non-descript vulnerabilities. Risk Factor: Medium/ CVSS2 Base Score: 4.0
Please help, Thank you so much.
Bookmarks