GeneralInformation

Hostnames	ec2-46-51-198-249.eu-west-1.compute.amazonaws.com netreviews.eu
Domains	amazonaws.com netreviews.eu
Cloud Provider	Amazon
Cloud Region	eu-west-1
Cloud Service	EC2
Country	Ireland
City	Dublin
Organization	Amazon Web Services, Elastic Compute Cloud, EC2, EU
ISP	Amazon.com, Inc.
ASN	AS16509

WebTechnologies

Analytics

Blogs

CMS

Databases

JavaScript libraries

Programming languages

PHP

Reviews

Security

UI frameworks

WordPress themes

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2022-31629	In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.
CVE-2022-31628	In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2020-11579	5.0An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled.
CVE-2019-9675	6.8An issue was discovered in PHP 7.x before 7.1.27 and 7.3.x before 7.3.3. phar_tar_writeheaders_int in ext/phar/tar.c has a buffer overflow via a long link value. NOTE: The vendor indicates that the link value is used only when an archive contains a symlink, which currently cannot happen: "This issue allows theoretical compromise of security, but a practical attack is usually impossible.
CVE-2019-9641	7.5An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.
CVE-2019-9639	5.0An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable.
CVE-2019-9638	5.0An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len.
CVE-2019-9637	5.0An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data.
CVE-2019-9516	6.8Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations allocate memory for these headers and keep the allocation alive until the session dies. This can consume excess memory.
CVE-2019-9513	7.8Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.
CVE-2019-9511	7.8Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
CVE-2019-9024	5.0An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpc_decode() can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c.
CVE-2019-9023	7.5An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in ext/mbstring/oniguruma/regcomp.c, ext/mbstring/oniguruma/regexec.c, ext/mbstring/oniguruma/regparse.c, ext/mbstring/oniguruma/enc/unicode.c, and ext/mbstring/oniguruma/src/utf32_be.c when a multibyte regular expression pattern contains invalid multibyte sequences.
CVE-2019-9022	5.0An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dns_get_record misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects php_parserr in ext/standard/dns.c for DNS_CAA and DNS_ANY queries.
CVE-2019-9021	7.5An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the file name, a different vulnerability than CVE-2018-20783. This is related to phar_detect_phar_fname_ext in ext/phar/phar.c.
CVE-2019-9020	7.5An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is related to xml_elem_parse_buf in ext/xmlrpc/libxmlrpc/xml_element.c.
CVE-2019-6977	6.8gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data.
CVE-2019-20372	4.3NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.
CVE-2018-20783	5.0In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. This is related to phar_parse_pharfile in ext/phar/phar.c.
CVE-2018-19935	5.0ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty string in the message argument to the imap_mail function.
CVE-2018-19518	8.5University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in PHP and other products, launches an rsh command (by means of the imap_rimap function in c-client/imap4r1.c and the tcp_aopen function in osdep/unix/tcp_unix.c) without preventing argument injection, which might allow remote attackers to execute arbitrary OS commands if the IMAP server name is untrusted input (e.g., entered by a user of a web application) and if rsh has been replaced by a program with different argument semantics. For example, if rsh is a link to ssh (as seen on Debian and Ubuntu systems), then the attack can use an IMAP server name containing a "-oProxyCommand" argument.
CVE-2018-19396	5.0ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attackers to cause a denial of service (application crash) via an unserialize call for the com, dotnet, or variant class.
CVE-2018-19395	5.0ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service (NULL pointer dereference and application crash) because com and com_safearray_proxy return NULL in com_properties_get in ext/com_dotnet/com_handlers.c, as demonstrated by a serialize call on COM("WScript.Shell").
CVE-2018-17082	4.3The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c.
CVE-2018-16845	5.8nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affects nginx if it is built with the ngx_http_mp4_module (the module is not built by default) and the .mp4. directive is used in the configuration file. Further, the attack is only possible if an attacker is able to trigger processing of a specially crafted mp4 file with the ngx_http_mp4_module.
CVE-2017-9120	7.5PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string.
CVE-2017-8923	7.5The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging a script's use of .= with a long string.
CVE-2017-7963	5.0The GNU Multiple Precision Arithmetic Library (GMP) interfaces for PHP through 7.1.4 allow attackers to cause a denial of service (memory consumption and application crash) via operations on long strings. NOTE: the vendor disputes this, stating "There is no security issue here, because GMP safely aborts in case of an OOM condition. The only attack vector here is denial of service. However, if you allow attacker-controlled, unbounded allocations you have a DoS vector regardless of GMP's OOM behavior.
CVE-2017-7272	5.8PHP through 7.1.11 enables potential SSRF in applications that accept an fsockopen or pfsockopen hostname argument with an expectation that the port number is constrained. Because a :port syntax is recognized, fsockopen will use the port number that is specified in the hostname argument, instead of the port number in the second argument of the function.
CVE-2015-9253	6.8An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. The php-fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec, shell_exec, or system) with a non-blocking STDIN stream, causing this master process to consume 100% of the CPU, and consume disk space with a large volume of error logs, as demonstrated by an attack by a customer of a shared-hosting facility.
CVE-2013-2220	7.5Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.
CVE-2007-3205	5.0The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

OpenPorts

80 443

2111682691 | 2024-04-02T04:01:36.386850

80 / tcp

HTTP/1.1 200 OK
Date: Tue, 02 Apr 2024 04:01:35 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 57040
Connection: keep-alive
Server: Apache
X-Powered-By: PHP/7.0.31
Link: <http://46.51.198.249/wp-json/>; rel="https://api.w.org/"
X-Frame-Options: SAMEORIGIN
Vary: Cookie,Accept-Encoding
X-Mod-Pagespeed: 1.13.35.2-0
Cache-Control: max-age=0, no-cache, s-maxage=10

344186283 | 2024-04-24T01:16:44.775258

443 / tcp

HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 01:16:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.14.2
x-srv: EUJCRVRWFkZfABNdBUFdBkJVQQ==
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
x-reset-from: VwcdTQlKUAEHAQcKEkkLCw8CWkoEBxZSShEBFkUUS1AbGF9AWlM=
Set-Cookie: PHPSESSID=u36hb0ms5hj47ddj34j8l34qri; path=/; secure; HttpOnly
Set-Cookie: REFERER=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
Set-Cookie: showPopinCGP=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; samesite=none; secure
Vary: Accept-Encoding

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:3a:9a:f9:82:69:41:de:65:75:ed:ce:65:69:66:e6
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M01
        Validity
            Not Before: Sep 27 00:00:00 2023 GMT
            Not After : Oct 24 23:59:59 2024 GMT
        Subject: CN=netreviews.eu
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e2:c1:f7:80:38:57:3e:cd:f3:50:52:83:70:76:
                    72:61:75:20:04:17:83:d0:e9:a3:55:92:39:9a:b9:
                    71:a2:a0:6a:77:37:ba:84:2f:45:94:20:cb:fe:84:
                    bb:2b:5a:74:60:cf:3e:90:54:09:66:a9:22:4d:9c:
                    38:28:1a:99:c5:c3:07:38:cd:e1:60:ff:b2:fb:73:
                    1d:cf:3d:23:c4:39:8d:76:26:0c:74:34:94:1d:84:
                    40:45:cc:52:ef:43:83:b2:24:af:4f:54:ec:2e:89:
                    2e:ef:70:b3:dc:8f:53:2d:76:05:a0:df:4c:26:02:
                    4e:43:0f:57:c3:a9:49:77:68:06:f3:d2:18:76:cb:
                    00:5d:a2:cc:4d:ff:d5:18:07:07:78:b7:35:cb:9a:
                    b2:12:1a:9d:63:5c:a9:8b:00:32:7a:89:6f:46:af:
                    64:69:e7:b7:47:9f:6d:10:c2:ee:2a:b4:18:95:bb:
                    69:b0:7b:d3:b4:6f:2f:62:95:53:5f:6e:cf:06:48:
                    bf:02:5b:1c:e3:98:b7:f9:ef:46:be:af:f8:af:d6:
                    05:29:24:f8:f3:cc:ea:6d:3c:4d:0c:24:88:0f:55:
                    1e:27:40:5f:ee:47:08:78:33:07:ca:c6:9b:46:e8:
                    5e:3d:2c:84:d3:32:b7:3a:29:67:bf:2d:6a:be:80:
                    bb:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                81:B8:0E:63:8A:89:12:18:E5:FA:3B:3B:50:95:9F:E6:E5:90:13:85
            X509v3 Subject Key Identifier: 
                03:F8:E0:CA:9E:4F:02:D5:26:12:87:5B:29:A9:E4:23:45:9F:4C:79
            X509v3 Subject Alternative Name: 
                DNS:netreviews.eu, DNS:*.overene-recenze.com, DNS:*.valodi-ertekelesek.com, DNS:*.verified-reviews.com, DNS:*.au.verified-reviews.com, DNS:*.opiniones-verificadas.com, DNS:*.opinioes-verificadas.com.br, DNS:*.ar.verified-reviews.com, DNS:*.opiniones-verificadas.com.mx, DNS:*.opiniones-verificadas.com.co, DNS:*.opiniones-verificadas.pe, DNS:*.dostovernie-otzivi.com, DNS:*.echte-beoordelingen.com, DNS:*.verified-reviews.co.uk, DNS:*.opinioes-verificadas.com, DNS:*.netreviews.eu, DNS:*.verifiserte-anmeldelser.com, DNS:*.kakuninzumi-reviews.jp, DNS:*.svn.avis-verifies.com, DNS:*.verified-reviews.co.nz, DNS:*.vahvistetut-arvostelut.com, DNS:*.verificerede-anmeldelser.com, DNS:*.xn--verifierade-omdmen-r3b.com, DNS:*.avis-verifies.com, DNS:*.xn----7wfb6bliug0fdypgd6b9b8d8a2vvf2b.com, DNS:*.xn----e55ev8bh4lo63ajrq.com, DNS:*.gercek-yorumlar.com, DNS:*.prawdziwe-opinie.com, DNS:*.recensioni-verificate.com, DNS:*.cl.opiniones-verificadas.com, DNS:*.dev.netreviews.eu, DNS:*.echte-bewertungen.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.r2m01.amazontrust.com/r2m01.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.r2m01.amazontrust.com
                CA Issuers - URI:http://crt.r2m01.amazontrust.com/r2m01.cer
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Sep 27 00:24:52.464 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:99:4D:25:96:E5:2A:28:7F:E9:8B:4B:
                                07:20:D7:CD:05:5F:B2:3D:B5:A9:B1:2A:CD:C3:E8:E5:
                                C9:23:C0:DF:C9:02:21:00:C6:A5:39:EA:59:25:07:15:
                                10:85:3A:93:B2:34:5A:1D:99:F8:0B:A1:11:ED:66:D4:
                                B9:DE:AF:E8:90:0F:8A:FA
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Sep 27 00:24:52.459 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:18:14:AA:3C:9F:A4:27:C5:7D:10:E9:CA:
                                FD:DA:F0:89:54:60:54:C2:BE:99:CD:EA:EC:FD:A8:67:
                                39:8A:14:16:02:21:00:A9:44:F3:4D:E0:25:F7:8E:6F:
                                AB:2B:0D:48:14:99:A2:3F:00:8C:43:B9:D0:34:F8:6F:
                                1D:F4:02:63:2B:64:60
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
                                91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
                    Timestamp : Sep 27 00:24:52.389 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:07:B7:62:44:BD:E0:27:77:2F:5F:77:48:
                                DD:1E:50:34:0C:D8:F8:46:FB:9A:75:C0:1B:C6:FB:06:
                                A2:39:90:74:02:20:20:2C:39:E5:E7:57:24:5D:FC:2D:
                                7C:FA:84:C8:64:FD:D6:DE:F4:A9:36:07:66:E7:9C:05:
                                A6:89:62:5E:04:5A
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        ba:58:56:3f:be:55:4f:fb:e2:3c:8c:3c:ec:ac:15:dd:08:01:
        c6:9b:00:5a:22:a8:a4:4e:b5:fa:03:61:48:13:55:5e:89:78:
        58:3d:ef:d7:e2:86:b2:1b:8b:7c:c6:80:1c:e3:11:9f:ff:a9:
        21:5a:4e:dc:a6:c8:f4:3f:79:b3:d8:54:71:8c:1c:b3:3f:4a:
        79:9d:0a:4d:3b:d7:89:f0:64:61:d2:cb:b3:97:64:ab:3b:08:
        cd:86:1c:9a:93:30:5c:1f:00:5d:db:e6:ec:91:04:d1:94:ca:
        08:5a:3a:f0:64:2a:2b:bf:59:40:b1:1b:9a:d2:f7:0f:2d:65:
        a2:5e:14:69:81:e6:92:a4:9f:72:53:1e:50:fb:1e:db:22:5a:
        a9:5f:5b:e7:47:38:54:44:9e:a6:3f:d0:1d:6e:c3:9f:75:d4:
        75:89:3f:d2:39:9f:c7:af:8c:a2:62:db:27:67:3c:c4:4b:1c:
        ba:a7:5c:56:81:75:14:ef:1f:d5:cd:10:fa:14:9a:c3:36:b4:
        4a:46:a8:df:27:7c:85:18:44:73:26:38:e8:7a:06:33:08:0c:
        96:15:b9:24:bd:41:46:e1:b7:5a:ab:8d:c8:50:2e:98:bb:fa:
        f7:d7:2e:ee:58:06:a8:25:6a:b0:4d:df:b9:95:2e:c5:3c:3f:
        a5:24:9a:03

46.51.198.249

Last Seen: 2024-04-24

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

2111682691 | 2024-04-02T04:01:36.386850
80 / tcp

344186283 | 2024-04-24T01:16:44.775258
443 / tcp

nginx1.14.2

Products

Pricing

Contact Us

46.51.198.249

Last Seen: 2024-04-24

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

2111682691 | 2024-04-02T04:01:36.386850 80 / tcp

344186283 | 2024-04-24T01:16:44.775258 443 / tcp

nginx1.14.2

Products

Pricing

Contact Us

2111682691 | 2024-04-02T04:01:36.386850
80 / tcp

344186283 | 2024-04-24T01:16:44.775258
443 / tcp