Ian Dunn: xmlrpc.php FILE IS enable it can be used for conducting a Bruteforce attack and Denial of Service(DoS)

Hi Team, The website https://www.iandunn.name has the xmlrpc.php file enabled and could thus be potentially used for such an attack against other victim hosts. Wordpress that have xmlrpc.php enabled for pingbacks, trackbacks, etc. can be made as a part of a huge botnet causing a major DDOS. URL:...

Ian Dunn: Potential Open-Redirection

Steps To Reproduce: ===================== 1 visit : Normal Link. 2 Sign-in with your wordpress account and you will directed to This 3Change the value of the Parameter : redirectto .. To the attacker website let's say : https://vul-example.com 4NOTE THAT : you must URL-encode the vulnerable link...

Ian Dunn: SSL certificate public key less than 2048 bit

One of the SSL certificates used by your SSL server On your personal website: https://iandunn.name/ contains a public key less than 2048 bit long. New Standard for SSL Certificates Industry standards set by the Certification Authority/Browser CA/B Forum require that certificates issued after...