Hmm, well I&#39;m not familiar with nikto, but it has to be more than an issue with signature detection.<br>There is no such Drupal file as userinfo.php, but it is a Xoops file, so something is up.<br><br><div class="gmail_quote">
On Sun, May 22, 2011 at 7:57 AM, Jarry <span dir="ltr">&lt;<a href="mailto:mr.jarry@gmail.com">mr.jarry@gmail.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
I believe I have posted to the right list, as all I have<br>
on my web is Drupal. I suppose, nikto was just wrong<br>
in CMS signature detection...<br>
<font color="#888888"><br>
Jarry<br>
</font><div class="im"><br>
On 22. 5. 2011 12:35, William Smith wrote:<br>
&gt; You may get lucky and someone might happen to know the answer to this,<br>
&gt; but I believe that you&#39;ve posted to the wrong list.<br>
&gt; This is a Drupal support list, not Xoops.<br>
&gt;<br>
</div><div class="im">&gt; &lt;mailto:<a href="mailto:mr.jarry@gmail.com">mr.jarry@gmail.com</a>&gt;&gt; wrote:<br>
&gt;<br>
&gt;     Hi,<br>
&gt;     I just scanned my web with nikto and received this message:<br>
&gt;<br>
&gt;     + /userinfo.php?uid=1;: Xoops portal gives detailed error<br>
&gt;     messages including SQL syntax and may allow an exploit<br>
&gt;<br>
&gt;     So my question is: how can I turn these detailed messages off?<br>
<br>
<br>
</div>--<br>
<div><div></div><div class="h5">_______________________________________________________________<br>
This mailbox accepts e-mails only from selected mailing-lists!<br>
Everything else is considered to be spam and therefore deleted.<br>
--<br>
[ Drupal support list | <a href="http://lists.drupal.org/" target="_blank">http://lists.drupal.org/</a> ]<br>
</div></div></blockquote></div><br>