Nikto is a pluggable web server and CGI scanner that can perform fast security for information checks; its features include:
Easily updatable CSV-format database checks
Output reports in plain text or HTML.
Available HTTP versions automatic switching
Generic as well as specific server software checks
SSL support
Proxy support
cookies support
Scan Bifur with Nikto
use the following Nikto command to scan the target. Bifur
CVE Research
Using the results from the Nikto scan, we can look up if any of the versions returned have a vulnerability/CVE associated with them. Nginx/1.20.2 did not come up with anything in my searching, but PHP/7.4.29 came up with the following: vulnerability:
Description: Bang Resto 1.0 was discovered to contain multiple SQL injection vulnerabilities via the btnMenuItemID, itemID, itemPrice, menuID, staffID, or itemqty parameter.
