GeneralInformation

Hostnames	087.93.13.217.in-addr.arpa centrored.com tiendas.centrored.com webmail.centrored.com www.centrored.com www.centrored.info www.centrored.us
Domains	217.in-addr.arpa centrored.com centrored.info centrored.us
Country	Spain
City	Valencia
Organization	DIGITAL VALUE Network
ISP	Digital Value SL
ASN	AS25487

WebTechnologies

CMS

Joomla1.5

JavaScript frameworks

MooTools

Programming languages

PHP

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2009-3215	7.5SQL injection vulnerability in IXXO Cart Standalone before 3.9.6.1, and the IXXO Cart component for Joomla! 1.0.x, allows remote attackers to execute arbitrary SQL commands via the parent parameter.
CVE-2009-1940	4.3Cross-site scripting (XSS) vulnerability in the administrator panel in the com_users core component for Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-1938	4.3Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to database output and the frontend administrative panel.
CVE-2009-1280	6.8Multiple cross-site request forgery (CSRF) vulnerabilities in the com_media component for Joomla! 1.5.x through 1.5.9 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE-2009-1279	2.6Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5 through 1.5.9 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the (1) com_admin component, (2) com_search component when "Gather Search Statistics" is enabled, and (3) the category view in the com_content component.
CVE-2009-0113	5.0Directory traversal vulnerability in attachmentlibrary.php in the XStandard component for Joomla! 1.5.8 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the X_CMS_LIBRARY_PATH HTTP header.
CVE-2008-6299	3.5Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5.7 and earlier allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) the title and description parameters to the com_weblinks module and (2) unspecified vectors in the com_content module related to "article submission."
CVE-2008-4105	7.5JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct "variable injection" attacks and have unspecified other impact.
CVE-2008-4104	5.8Multiple open redirect vulnerabilities in Joomla! 1.5 before 1.5.7 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a "passed in" URL.
CVE-2008-4103	5.0The mailto (aka com_mailto) component in Joomla! 1.5 before 1.5.7 sends e-mail messages without validating the URL, which allows remote attackers to transmit spam.
CVE-2008-4102	7.5Joomla! 1.5 before 1.5.7 initializes PHP's PRNG with a weak seed, which makes it easier for attackers to guess the pseudo-random values produced by PHP's mt_rand function, as demonstrated by guessing password reset tokens, a different vulnerability than CVE-2008-3681.
CVE-2008-3228	7.5Joomla! before 1.5.4 does not configure .htaccess to apply certain security checks that "block common exploits" to SEF URLs, which has unknown impact and remote attack vectors.
CVE-2008-3227	7.5Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability.
CVE-2008-3226	5.0The file caching implementation in Joomla! before 1.5.4 allows attackers to access cached pages via unknown attack vectors.
CVE-2008-3225	10.0Joomla! before 1.5.4 allows attackers to access administration functionality, which has unknown impact and attack vectors related to a missing "LDAP security fix."

OpenPorts

21 22 80 123 443 3306 4949 10000

-588483309 | 2024-05-08T07:44:17.675208

21 / tcp

220 Bienvenido al servicio FTP
530 Login incorrect.
214-The following commands are recognized (* =>'s unimplemented):
214-CWD     XCWD    CDUP    XCUP    SMNT*   QUIT    PORT    PASV    
214-EPRT    EPSV    ALLO*   RNFR    RNTO    DELE    MDTM    RMD     
214-XRMD    MKD     XMKD    PWD     XPWD    SIZE    SYST    HELP    
214-NOOP    FEAT    OPTS    AUTH*   CCC*    CONF*   ENC*    MIC*    
214-PBSZ*   PROT*   TYPE    STRU    MODE    RETR    STOR    STOU    
214-APPE    REST    ABOR    USER    PASS    ACCT*   REIN*   LIST    
214-NLST    STAT    SITE    MLSD    MLST    
214 Direct comments to root@213.149.246.229
211-Features:
 MDTM
 MFMT
 TVFS
 UTF8
 MFF modify;UNIX.group;UNIX.mode;
 MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;
 LANG en-US*
 SITE MKDIR
 SITE RMDIR
 SITE UTIME
 SITE SYMLINK
 REST STREAM
 SITE COPY
 SIZE
211 End

-195850227 | 2024-04-11T09:01:19.820201

22 / tcp

SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u6
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDNk0DSyprH1LHmQXHsrnJffoWokU4DtRxWk46BEOnT0sFE
qMbp70fSIf1Z5FDL0W0GVpIDqHyfiY3/Qt/km23eM0CakxIspRKI2RqF3xwD4cj/WIiNTsS1jS4h
CthtsfjgTDy3ZukNr5dEErpM5v6Rm958VntBc19CJWZ6QYRUCK/ahZKooq6RvqMZ/t49DvaPvXqm
S092k8Oa/zWAWtPa4KP3DCOEqSo/YALVWxlUQ19JYQPd0t6/BPvgGYiVjkSKh75pc2FsnfbQ6+0u
DkbS0QI/d4GdkK7l8vHQk3WVggojnyDwywamfTB2jGm9wSeLf4d5nOoP3UAHCp2kb187
Fingerprint: 0f:69:3e:b8:67:3b:23:2f:03:cf:ed:f1:19:52:4b:c0

Kex Algorithms:
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group-exchange-sha1
	diffie-hellman-group14-sha1
	diffie-hellman-group1-sha1

Server Host Key Algorithms:
	ssh-rsa
	ssh-dss
	ecdsa-sha2-nistp256

Encryption Algorithms:
	aes128-ctr
	aes192-ctr
	aes256-ctr
	arcfour256
	arcfour128
	aes128-cbc
	3des-cbc
	blowfish-cbc
	cast128-cbc
	aes192-cbc
	aes256-cbc
	arcfour
	rijndael-cbc@lysator.liu.se

MAC Algorithms:
	hmac-md5
	hmac-sha1
	umac-64@openssh.com
	hmac-sha2-256
	hmac-sha2-256-96
	hmac-sha2-512
	hmac-sha2-512-96
	hmac-ripemd160
	hmac-ripemd160@openssh.com
	hmac-sha1-96
	hmac-md5-96

Compression Algorithms:
	none
	zlib@openssh.com

-1300556506 | 2024-04-26T15:16:08.425130

80 / tcp

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 15:16:05 GMT
Server: Apache
Cache-Control: max-age=172800
Expires: Sun, 28 Apr 2024 15:16:05 GMT
Vary: Accept-Encoding
Content-Length: 3110
Content-Type: text/html; charset=UTF-8

1689086377 | 2024-04-26T04:02:29.956421

123 / udp

NTP
protocolversion: 3
stratum: 2
leap: 0
precision: -21
rootdelay: 0.0188446044922
rootdisp: 0.0370178222656
refid: 2530631173
reftime: 3923092342.87
poll: 3

-657381887 | 2024-05-09T16:52:06.883569

443 / tcp

HTTP/1.1 200 OK
Date: Thu, 09 May 2024 17:45:16 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
ETag: 6666cd76f96956469e7be39d750cc7d9
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 2d3262ec4c8a541e6ba36afaf5a6bb47=58a8ffe746d62ca2aa4ce6ab293f26e1; path=/
Last-Modified: Thu, 09 May 2024 17:45:16 GMT
Vary: Accept-Encoding
Content-Length: 16134
Content-Type: text/html; charset=UTF-8

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:d1:24:25:5e:3d:2a:df:0f:b6:a2:ec:61:55:b0:1f
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3
        Validity
            Not Before: Nov 25 00:00:00 2015 GMT
            Not After : Dec 22 23:59:59 2016 GMT
        Subject: C=ES, ST=Malaga, L=Malaga, O=CENTRO CIBERNETICO DE SERVICIOS DE TECNOLOGIAS DE LA INFORMACION, OU=TIC, CN=centrored.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:db:f6:26:62:56:d5:e2:e0:40:73:e1:60:62:1a:
                    0d:f7:4a:c4:2b:2e:64:17:53:10:9f:ee:a6:2d:c8:
                    b0:8c:ad:4d:77:d3:e0:97:f8:d7:15:a0:a0:d6:6b:
                    45:a8:0e:0b:2a:e9:f8:64:f9:b8:23:90:94:c6:b7:
                    45:b9:66:24:f1:5a:16:be:fe:75:13:3b:21:72:38:
                    59:4f:0e:cb:17:45:4d:a1:e0:d8:36:4c:2f:88:dc:
                    5b:98:c7:ef:96:76:6f:cb:74:72:ab:20:b3:10:f8:
                    16:60:a1:a7:2c:28:3b:79:23:08:a6:fc:7f:bc:3a:
                    93:30:4c:10:cd:f0:4b:e1:40:50:12:48:8f:87:0a:
                    7f:54:34:64:98:4b:20:67:ee:ed:21:7a:3c:89:6f:
                    ea:d0:7b:e7:ce:a3:f7:d1:bd:9d:eb:19:c3:a8:ca:
                    1b:30:83:62:e9:aa:eb:10:6a:8c:28:65:90:98:20:
                    28:90:e3:ed:21:7e:38:fe:f6:97:38:14:65:8f:1f:
                    e7:9d:ef:a6:47:8f:dd:cb:ee:fb:36:98:ec:03:5d:
                    b1:f6:4b:20:2e:45:78:6c:27:43:52:0b:bb:e8:e5:
                    af:d0:98:81:7a:44:3a:14:70:90:9b:c5:a7:73:c7:
                    c3:69:91:14:0f:b9:49:b4:00:65:21:9a:90:29:e0:
                    52:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Alternative Name: 
                DNS:tiendas.centrored.com, DNS:www.centrored.info, DNS:www.centrored.us, DNS:webmail.centrored.com, DNS:centrored.com, DNS:www.centrored.com
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://gn.symcb.com/gn.crl
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.2
                  CPS: https://www.geotrust.com/resources/repository/legal
                  User Notice:
                    Explicit Text: https://www.geotrust.com/resources/repository/legal
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                D2:6F:F7:96:F4:85:3F:72:3C:30:7D:23:DA:85:78:9B:A3:7C:5A:7C
            Authority Information Access: 
                OCSP - URI:http://gn.symcd.com
                CA Issuers - URI:http://gn.symcb.com/gn.crt
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        8f:b4:22:23:0f:bd:20:6d:f7:b1:62:93:2e:d4:21:e5:0f:5b:
        fd:42:29:08:ed:d2:65:64:7c:64:c1:82:6a:65:0a:ef:e1:29:
        c6:30:4c:44:ff:a7:94:07:8b:d0:df:94:ca:23:69:b3:c8:45:
        b8:d1:78:a4:9f:cd:55:a2:d9:5a:98:63:ad:bc:3f:a0:ad:c6:
        1d:1b:98:9e:bc:c1:d7:79:fd:11:1d:3a:b9:cd:b2:2c:05:ba:
        c2:da:57:d7:e1:27:95:3a:8e:62:12:f7:4c:e7:6c:87:a9:b9:
        5f:e3:45:d8:ea:9d:5e:d0:23:e5:b3:0e:f9:2a:8c:ea:24:ff:
        ae:e4:1c:7c:c7:63:10:0c:65:6d:10:e5:53:e8:79:1b:2a:ea:
        e9:89:a3:30:95:35:5d:af:6c:b3:dc:2a:e1:fb:08:a4:7e:3c:
        99:ff:24:79:54:ec:6e:ae:b5:b5:b6:d7:d4:50:a5:2b:a7:03:
        87:b0:98:a9:1a:41:38:0a:67:c9:d7:0e:35:30:c5:9c:ad:23:
        90:fd:6a:a5:12:01:0a:c4:a8:40:47:7e:4d:cc:54:a7:7f:9d:
        99:34:e2:8f:3d:6a:16:4e:5e:22:77:33:f0:e7:50:15:8c:13:
        ee:8b:22:a5:d6:5c:13:a2:e1:cc:6c:2c:c6:5a:a6:a1:1f:bf:
        99:bd:8a:19

1783180089 | 2024-05-05T22:06:00.829491

3306 / tcp

MySQL:
  Protocol Version: 10
  Version: 5.5.55-0+deb7u1-log
  Capabilities: 63487
  Server Language: 8
  Server Status: 2
  Extended Server Capabilities: 32783
  Authentication Plugin: mysql_native_password

-559365598 | 2024-05-09T01:16:54.062527

10000 / tcp

HTTP/1.0 200 Document follows
Date: Thu, 9 May 2024 02:10:03 GMT
Server: MiniServ/1.840
Connection: close
Set-Cookie: testing=1; path=/; secure; httpOnly
pragma: no-cache
Expires: Thu, 1 Jan 1970 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self'; child-src 'self'
Content-type: text/html; Charset=iso-8859-1

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            c1:ac:a5:95:13:dc:c9:0a
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: O=Webmin Webserver on hawking, CN=*/emailAddress=root@hawking
        Validity
            Not Before: May 28 15:36:50 2013 GMT
            Not After : May 27 15:36:50 2018 GMT
        Subject: O=Webmin Webserver on hawking, CN=*/emailAddress=root@hawking
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b2:ec:cf:aa:2b:41:80:e7:aa:2d:0f:93:61:d6:
                    0a:7f:75:ca:4b:f0:99:f1:12:62:e8:d5:67:60:53:
                    05:6d:c4:74:58:74:50:6b:2b:e2:80:fd:83:4b:aa:
                    5a:f3:37:62:50:9e:ff:81:3d:52:e5:76:4e:9f:75:
                    81:b3:40:7e:8c:32:9b:94:fa:5f:9a:01:ca:32:b9:
                    e4:ad:e4:93:c9:77:49:22:9e:98:00:fa:c4:b6:c6:
                    a2:40:bd:f9:72:2e:67:a1:0b:0d:02:63:1c:f2:a7:
                    9d:eb:71:c6:24:bf:a8:ac:60:af:b4:27:d8:b2:31:
                    58:d2:be:b8:12:44:20:ec:09:a1:d3:16:7b:e7:06:
                    f0:07:27:d7:e4:9b:2c:f6:d5:b0:eb:e3:5a:ee:e4:
                    42:88:98:19:a4:63:ce:d4:85:8e:bd:17:6c:d0:2b:
                    a3:84:88:32:36:fd:d3:58:f0:25:ad:a7:fb:f2:1c:
                    5b:d2:9e:a4:cd:d2:c9:75:b5:b2:0a:c1:b8:89:d7:
                    0a:eb:46:2f:e2:73:bc:58:3e:1f:7c:78:8a:e5:01:
                    4a:81:a3:5b:b8:6c:b3:5a:2e:7b:1b:ce:6b:90:08:
                    11:b3:b0:9d:13:d5:5a:aa:e6:80:95:1f:2e:98:45:
                    6e:42:bf:15:ff:f1:36:fd:6c:cc:8b:c1:c0:07:85:
                    95:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                98:F8:EE:A6:24:C2:18:16:C9:FA:21:57:49:EA:7B:41:75:E0:4F:A4
            X509v3 Authority Key Identifier: 
                98:F8:EE:A6:24:C2:18:16:C9:FA:21:57:49:EA:7B:41:75:E0:4F:A4
            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha1WithRSAEncryption
    Signature Value:
        0a:39:3a:62:1b:2a:35:ac:a3:e7:fe:21:6b:c7:75:43:84:7b:
        33:90:e7:be:b8:e5:b7:c6:0c:b0:db:ea:b7:2b:33:a6:c5:bd:
        ef:96:9a:75:7a:05:fb:37:fd:68:ba:34:07:50:11:d1:48:05:
        ae:d4:5c:3c:e9:af:c9:05:56:28:2e:cf:11:55:ef:22:6d:e3:
        e9:d2:17:f8:15:44:60:73:25:7c:b4:7d:09:cd:b3:90:24:12:
        aa:54:45:69:14:a7:67:e4:01:8e:5c:0a:23:27:ed:6c:bd:49:
        58:80:86:59:3a:d3:f6:89:e1:fc:bb:84:df:7a:fd:65:4e:91:
        33:d3:25:7d:aa:84:0a:ff:39:6e:32:37:c8:4c:c1:14:76:ad:
        86:06:56:72:6b:71:99:2e:3a:6b:fc:35:f1:f1:3b:b9:05:1f:
        30:77:a7:70:00:c1:a4:78:27:cb:ad:bf:e3:85:4d:c1:94:7b:
        9d:40:ab:e2:d7:48:19:d5:0c:a9:95:fe:ea:6f:c0:01:7b:4f:
        cf:33:6e:c6:10:11:56:28:c1:c7:50:8b:10:20:ab:20:57:51:
        95:a7:19:f3:c0:18:fd:c9:b1:08:a9:03:ca:d5:64:dd:b4:34:
        79:44:2e:88:61:f4:68:98:44:ea:fd:d6:6b:1a:d3:21:26:29:
        d4:b1:4a:8c

217.13.93.87

Last Seen: 2024-05-09

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-588483309 | 2024-05-08T07:44:17.675208
21 / tcp

-195850227 | 2024-04-11T09:01:19.820201
22 / tcp

OpenSSH6.0p1 Debian 4+deb7u6

-1300556506 | 2024-04-26T15:16:08.425130
80 / tcp

Apache httpd

1689086377 | 2024-04-26T04:02:29.956421
123 / udp

-657381887 | 2024-05-09T16:52:06.883569
443 / tcp

Apache httpd

1783180089 | 2024-05-05T22:06:00.829491
3306 / tcp

MySQL5.5.55-0+deb7u1-log

-559365598 | 2024-05-09T01:16:54.062527
10000 / tcp

Webmin

Products

Pricing

Contact Us

217.13.93.87

Last Seen: 2024-05-09

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-588483309 | 2024-05-08T07:44:17.675208 21 / tcp

-195850227 | 2024-04-11T09:01:19.820201 22 / tcp

OpenSSH6.0p1 Debian 4+deb7u6

-1300556506 | 2024-04-26T15:16:08.425130 80 / tcp

Apache httpd

1689086377 | 2024-04-26T04:02:29.956421 123 / udp

-657381887 | 2024-05-09T16:52:06.883569 443 / tcp

Apache httpd

1783180089 | 2024-05-05T22:06:00.829491 3306 / tcp

MySQL5.5.55-0+deb7u1-log

-559365598 | 2024-05-09T01:16:54.062527 10000 / tcp

Webmin

Products

Pricing

Contact Us

-588483309 | 2024-05-08T07:44:17.675208
21 / tcp

-195850227 | 2024-04-11T09:01:19.820201
22 / tcp

-1300556506 | 2024-04-26T15:16:08.425130
80 / tcp

1689086377 | 2024-04-26T04:02:29.956421
123 / udp

-657381887 | 2024-05-09T16:52:06.883569
443 / tcp

1783180089 | 2024-05-05T22:06:00.829491
3306 / tcp

-559365598 | 2024-05-09T01:16:54.062527
10000 / tcp