zenTrack index.php Multiple Parameter Remote File Inclusion
It is possible to make the remote host include php files hosted on a third-party server using the version of zenTrack installed on the remote host. An attacker may use this flaw to inject arbitrary code and to gain a shell with the privileges of the web server on the affected...
0.4AI Score
The remote web server is using URLScan to protect itself, which is a good thing. However since it is possible to determine that URLScan is installed, an attacker may safely assume that the remote web server is Internet Information...
0.1AI Score
WF-Chat User Account Disclosure
The WF-Chat allows an attacker to view information about registered users by requesting the files '!nicks.txt' and...
-0.1AI Score
0.018EPSS
P-News p-news.php Name Field Privilege Escalation
The remote host is running the p-news bulletin board. There is a flaw in the version in use which may allow an attacker who has a 'Member' account to upgrade its privileges to administrator by supplying a malformed...
0.1AI Score
Webfroot shoutbox.php conf Parameter Traversal Local File Inclusion
The remote host is running Webfroot Shoutbox, a PHP application that allows website visitors to leave one another messages. The version of Webfroot Shoutbox installed on the remote host allows an attacker to read arbitrary files and possibly to inject arbitrary PHP code into the remote host and...
0.3AI Score
CafeLog B2 Multiple Script Remote File Inclusion
The remote web server is running CafeLog, a blogging application written in PHP. The 'blogger-2-b2.php' and 'gm-2-b2.php' scripts are affected by a flaw that could allow an attacker to inject code. An attacker could exploit this to execute arbitrary code on the remote host subject to the...
0.2AI Score
Microsoft Media Services ISAPI nsiislog.dll Multiple Overflows
Some versions of IIS shipped with a default file, nsiislog.dll, within the /scripts directory. Nessus has determined that the remote host has the file installed. The NSIISLOG.dll CGI may allow an attacker to execute arbitrary commands on this host, through a buffer...
1.1AI Score
0.962EPSS
BLNews objects.inc.php4 Server[path] Parameter Remote File Inclusion
It is possible to make the remote host include remote PHP files using the BLnews CGI suite. A remote attacker may exploit this to execute arbitrary code with the privileges of the web...
0.4AI Score
0.028EPSS
BlackMoon FTP Server blackmoon.mdb Plaintext Password Disclosure
BlackMoon FTP server is installed on the remote host. FTP usernames and passwords are stored on the server in plaintext in a filed called 'blackmoon.mdb.' Any user with an account on this host may read the credentials stored in this file, and use them to connect to this FTP...
AI Score
0.0004EPSS
Microsoft BizTalk Server Multiple Remote Vulnerabilities
The remote host seems to be running Microsoft BizTalk server. There are two flaws in this software that could allow an attacker to issue a SQL insertion attack or to execute arbitrary code on the remote host. Note that Nessus solely relied on the presence of a Biztalk DLL to issue this alert so...
7.5AI Score
0.016EPSS
CesarFTP settings.ini Authentication Credential Plaintext Disclosure
The remote host is running CesarFTP. Due to a design flaw in the program, the plaintext usernames and passwords of FTP users are stored in the file 'settings.ini'. Any user with an account on this host may read this file and use the password to connect to this FTP...
AI Score
0.026EPSS
The remote host seems to be infected with the 'lovgate' virus which opens a command prompt shell on this...
-0.2AI Score
Sun Java Media Framework (JMF) Arbitrary Code Execution
The remote host is using Sun Microsystems's Java Media Framework (JMF). There is a bug in the version installed that may allow an untrusted applet to crash the Java Virtual Machine it is being run on, or even to gain unauthorized privileges. An attacker could exploit this flaw to execute arbitrary....
0.4AI Score
0.001EPSS
Drag And Zip File Name Handling Overflow
The remote host is running Drag And Zip - a file compression utility. There is a flaw in this program which may allow a remote attacker to execute arbitrary code on this host. To exploit this flaw, an attacker would need to craft a special Zip file and send it to a user on this host. Then, the...
0.2AI Score
Dr.Web File Name Handling Overflow
The remote host is running Dr.Web - an antivirus program. There is a flaw in the remote version of Dr.Web which may make it crash when scanning files whose name is excessively long. An attacker may use this flaw to execute arbitrary code on this host. To exploit it, an attacker would need to send.....
0.1AI Score
DBTools DBManager catalog.mdb Plaintext Local Credential Disclosure
The remote host is running DBManager from DBTool - a GUI to manage MySQL and PostgreSQL databases. This program stores the passwords and IP addresses of the managed databases in an unencrypted file. A local attacker could use the data in this file to log into the managed databases and execute...
-0.3AI Score
CORE-2003-0303: Multiple Vulnerabilities in Mirabilis ICQ client
Core Security Technologies Advisory http://www.coresecurity.com Multiple Vulnerabilities in Mirabilis ICQ client Date Published: 2003-05-05 Last Update: 2003-05-02 Advisory ID: CORE-2003-0303 Bugtraq IDs: 7461, 7462, 7463, 7464, 7465, 7466 CVE Names:...
0.5AI Score
0.106EPSS
Firewall UDP Packet Source Port 53 Ruleset Bypass
It is possible to bypass the rules of the remote firewall by sending UDP packets with a source port equal to 53. An attacker may use this flaw to inject UDP packets to the remote hosts, in spite of the presence of a...
6.4AI Score
0.009EPSS
Multiple Vulnerabilities in Mirabilis ICQ Client
Advisory Information: Date Published: 2003-05-05 Last Update: 2003-05-02 Advisory ID: CORE-2003-0303 Bugtraq IDs: 7461, 7462, 7463, 7464, 7465, 7466 CVE Names: CAN-2003-0235, CAN-2003-0236, CAN-2003-0237, CAN-2003-0238, CAN-2003-0239 CERT: VU#936164, VU#792988, VU#829860, VU#367156, VU#967316,...
7.7AI Score
0.106EPSS
Microsoft Internet Explorer does not adequately validate window ornament parameters in dialog frames
Overview A vulnerability in the way Microsoft Internet Explorer (IE) handles window ornament parameters in dialog frames allows script from a dialog frame in one domain to execute in a different domain, including the Local Machine Zone. The script could read certain local files and data (i.e....
0.2AI Score
0.007EPSS
ScriptLogic Multiple Service Remote Privilege Escalation
The ScriptLogic service is running on this port. There is a flaw in versions up to 4.05 of this service which may allow an attacker to write arbitrary values in the remote registry with administrator privileges, which can be used to gain a shell on this host. *** Since Nessus was unable to...
0.2AI Score
0.019EPSS
Microsoft Internet Explorer does not adequately validate source of dialog frame
Overview Microsoft Internet Explorer (IE) allows script from a dialog frame in one domain to execute in a different domain, including the Local Machine Zone. The script could read certain local files and data (i.e. cookies) from other web sites. In the presence of other vulnerabilities (VU#626395,....
0.1AI Score
EPSS
Heap overflow in Snort "stream4" preprocessor
Overview The Snort "stream4" preprocessor module contains a vulnerability that allows remote attackers to execute arbitrary code with the privileges of the user running Snort, typically root. Description Researchers at CORE Security Technologies have discovered a remotely exploitable heap overflow....
1.4AI Score
0.36EPSS
phPay admin/phpinfo.php Information Disclosure
The remote host is running phPay, an online shop management system. This package contains multiple information leakages that could allow an attacker to obtain the physical path of the installation on the remote host or even the exact version of the components used by the remote host by using the...
-0.5AI Score
-----BEGIN PGP SIGNED MESSAGE----- Title: Flaw in Microsoft VM Could Enable System Compromise (816093) Date: 09 April 2003 Software: Microsoft VM Impact: Allow attacker to execute code of his or her choice Max Risk: Critical Bulletin: MS03-011 Microsoft...
-0.1AI Score
Coppermine Photo Gallery Multiple Extension File Upload Arbitrary PHP Code Execution
The remote host is running Coppermine Gallery - a set of PHP scripts designed to handle galleries of pictures. This product has a vulnerability which allows an attacker to upload a rogue jpeg file which may contain PHP commands. A remote attacker could use this to execute arbitrary commands in...
0.3AI Score
AutomatedShops WebC.cgi Multiple Overflows
The remote host is running a version of AutomatedShops's webc.cgi that is older than version 5.020. This CGI is vulnerable to a remote buffer overflow (up to version 5.005 included) and to a local one (up to version 5.010 included). An attacker may use this flaw to execute arbitrary code on the...
0.8AI Score
Kerberos 5 < 1.3.5 Multiple Vulnerabilities
The remote host is running Kerberos 5. There are multiple flaws that affect this product. Make sure you are running the latest version with the latest patches. Note that Nessus could not check for any of the flaws and solely relied on the presence of the service to issue an alert, so this might be....
9.8CVSS
0.4AI Score
0.214EPSS
ScozBook scozbook/add.php Multiple Parameter XSS
The remote host is running ScozBook This set of CGI has two vulnerabilities : It is vulnerable to cross-site scripting attacks (in add.php) If the user requests view.php with a crafted PG Variable, he will obtain the physical path of the remote CGI An attacker may use these flaws...
0.1AI Score
0.017EPSS
Beanwebb's Guestbook 1.0 Multiple Vulnerabilities
The remote host is running Beanwebb's Guestbook. This set of CGIs has two vulnerabilities : Anyone can access the admin page (admin.php) It is vulnerable to cross-site scripting attacks (in add.php) An attacker may use these flaws to steal the cookies of your users or to inject fake...
-0.1AI Score
Ecartis HTML Field Manipulation Arbitrary User Password Reset
The remote host is running the Ecartis Mailing List Manager web interface (lsg2.cgi). According to its version number, there is a vulnerability that allows an authenticated user to change anyone's password, including the list administrators. An authenticated attacker could exploit this to take...
0.3AI Score
0.012EPSS
Justice Guestbook 1.3 Multiple Vulnerabilities
The remote host is running Justice Guestbook. This set of CGI has two vulnerabilities : It is vulnerable to cross-site scripting attacks (in jgb.php3). If the user requests the file cfooter.php3, he will obtain the physical path of the remote CGI. An attacker may use these flaws to...
0.2AI Score
0.025EPSS
CC GuestBook cc_guestbook.pl Multiple Parameter XSS
The remote host is running cc_guestbook.pl, a guestbook written in Perl. This CGI is vulnerable to a cross-site scripting attack. An attacker may use this flaw to steal the cookies of your...
-0.2AI Score
0.002EPSS
E-theni aff_liste_langue.php rep_include Parameter Remote File Inclusion
It is possible to make the remote host include PHP files hosted on a third-party server using E-Theni. An attacker may use this flaw to inject arbitrary code in the remote host and gain a shell with the privileges of the web...
0.3AI Score
0.054EPSS
Alexandria-dev Multiple Script Upload Spoofing Arbitrary File Access
The remote host seems to be running Alexandria-Dev, an open source project management system. The CGIs 'docman/new.php' and 'patch/index.php' can be used by an attacker with the proper credentials to upload a file and trick the server about its real location on the disk. Therefore, an attacker may....
-0.4AI Score
Advanced Poll info.php Remote Information Disclosure
The remote host is running Chien Kien Uong's Advanced Poll, a simple Poll system using PHP. By default, this utility includes a file named 'info.php' that makes a call to 'phpinfo()' and displays a lot of information about the remote host and how PHP is configured. An attacker may use this flaw...
6.5AI Score
0.021EPSS
My Guest Book (myGuestBk) Multiple Vulnerabilities
The remote web server is hosting myGuestBook. This installation comes with an administrative file in 'myguestBk/admin/index.asp' which lets any user delete old entries. In addition to this, this CGI is vulnerable to a cross-site-scripting...
0.4AI Score
SimpleChat Information Disclosure
It is possible to retrieve list of users currently connected to the remote SimpleChat server by requesting the file 'data/usr'. An attacker may use this flaw to obtain the IP address of every user currently...
AI Score
O'Reilly WebSite Pro args.bat Arbitrary Command Execution
The CGI 'args.bat' (and/or 'args.cmd') is installed. This CGI has a well known security flaw that lets an attacker upload arbitrary files on the remote web...
0.4AI Score
0.002EPSS
VChat Multiple Remote Vulnerabilities
It is possible to retrieve the log of all the chat sessions that have occurred on the remote vchat server by requesting the file vchat/msg.txt An attacker may use this flaw to read past chat sessions and possibly harass its participants. In addition to this, another flaw in the same product may...
AI Score
Leif Wright ad.cgi file Parameter Arbitrary Command Execution
The CGI 'ad.cgi' is installed. This CGI has a well known security flaw that lets an attacker execute arbitrary commands with the privileges of the http daemon (usually root or...
1.1AI Score
0.048EPSS
Adcycle build.cgi Remote Password Disclosure
The CGI 'build.cgi' is installed. This CGI has a well known security flaw that lets an attacker obtain the password of the remote AdCycle database or delete...
-0.2AI Score
0.003EPSS
Matt Wright textcounter.pl Arbitrary Command Execution
The CGI 'textcounter' is installed. This CGI has a well known security flaw that lets an attacker execute arbitrary commands with the privileges of the http daemon (usually root or...
1AI Score
0.04EPSS
WebDAV is an industry standard extension to the HTTP specification. It adds a capability for authorized users to remotely add and manage the content of a web server. If you do not use this extension, you should disable...
-0.2AI Score
SPI ADVISORY: Remote Administration of BEA WebLogic Server and Express
Remote Administration of BEA WebLogic Server and Express Release Date: March 18, 2003 Severity: High Systems Affected: • WebLogic Server and Express 6.0 • WebLogic Server and Express 6.1 • WebLogic Server and Express 7.0 Description: SPI Labs and S21sec have identified a...
0.7AI Score
Ximian Evolution 1.x - UUEncoding Parsing Memory Corruption
Ximian Evolution 1.x - UUEncoding Parsing Memory...
0.1AI Score
Samba contains buffer overflow in SMB/CIFS packet fragment reassembly code
Overview A buffer overflow vulnerability has been discovered in Samba. An updated version has been released. Description A remotely exploitable buffer overflow vulnerability was discoved to affect Samba versions 2.0.x through 2.2.7a. From their bulletin: The SuSE security audit team, in...
0.2AI Score
0.97EPSS
7.4AI Score
EPSS
Irix Performance Copilot Service Information Disclosure
The service 'IRIX performance copilot' is running. This service discloses sensitive information about the remote host, and may be used by an attacker to perform a local denial of service. *** This warning may be a false positive since the presence *** of the bug was not verified...
-1AI Score
0.029EPSS
Microsoft IIS fpcount.exe CGI Remote Overflow
Nessus detected the 'fpcount.exe' CGI on the remote web server. Some versions of this CGI have a remote buffer overflow vulnerability. A remote attacker could exploit it to crash the web server, or possibly execute arbitrary code. *** Nessus did not actually check for this flaw, but solely relied.....
1.4AI Score
0.756EPSS