Apache Jetspeed Detection

Detection of Apache Jetspeed Open Portal. This script sends an HTTP GET request and tries to get the version from the response. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

jenkins: CSRF vulnerability in some administrative actions (SECURITY-225)

Cross-site request forgery CSRF vulnerability in Jenkins before 1.640 and LTS before 1.625.2 allows remote attackers to hijack the authentication of administrators for requests that have unspecified impact via vectors related to the HTTP GET method...

WordPress OptinMonster Plugin <= 1.1.4.5 - Execution of Arbitrary Shortcodes

Because of this vulnerability, unauthenticated users can execute arbitrary WordPress shortcodes via a simple HTTP GET request. Solution Update the plugin...

Kaltura Video Platform Detection (HTTP)

HTTP based detection of the Kaltura Video Platform. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Xceedium Xsuite Remote Version Detection

Detection of installed version of Xceedium Xsuite. This script sends an HTTP GET request and tries to get the version from the response. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

File Replication Pro Remote Version Detection

Detects the installed version of File Replication Pro. This script sends an HTTP GET request and tries to get the version from the response. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

OpenCms 9.5.2 Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-063 Product: OpenCms Official Maintainer: Alkacon Software GmbH Affected Versions: 9.5.2 Tested Versions: 9.5.2 Vulnerability Type: Cross-Site Scripting CWE-79 Risk Level: Medium Solution Status: Fixed Maintainer Notification:...

Atlassian Bamboo Version Detection

Detects the installed version of Atlassian Bamboo. This script sends an HTTP GET request and tries to get the version from the response. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

CVE-2015-7537

Cross-site request forgery CSRF vulnerability in Jenkins before 1.640 and LTS before 1.625.2 allows remote attackers to hijack the authentication of administrators for requests that have unspecified impact via vectors related to the HTTP GET method...

CVE-2015-7537

Cross-site request forgery CSRF vulnerability in Jenkins before 1.640 and LTS before 1.625.2 allows remote attackers to hijack the authentication of administrators for requests that have unspecified impact via vectors related to the HTTP GET method...

mcart.xls Bitrix Module 6.5.2 - SQL Injection

Advisory ID: HTB23279 Product: mcart.xls Bitrix module Vendor: www.mcart.ru Vulnerable Versions: 6.5.2 and probably prior Tested Version: 6.5.2 Advisory Publication: November 18, 2015 without technical details Vendor Notification: November 18, 2015 Public Disclosure: January 13, 2016 Vulnerabilit...

RIPS Scanner 0.55 Multiple LFI Vulnerabilities

RIPS scanner is prone to multiple local file inclusion LFI vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Http File Server Detection (HTTP)

Detection of installed version of Http file server. This script sends an HTTP GET request and tries to get the version from the response. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

XZERES 442SR Wind Turbine Remote Detection

Detects the installed version of XZERES 442SR Wind Turbine. This script sends an HTTP GET request and tries to get the version from the response. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

vBulletin 5.1.4 - 5.1.9 PreAuth RCE Vulnerability - Active Check

vBulletin is prone to a remote code execution RCE vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

PHP Server Monitor Version Detection

Detects the installed version of PHP Server Monitor. This script sends an HTTP GET request and tries to get the version from the response. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

HTTP GET Without 'Referer' Request Header Detection

Binary data 8997.prm...

HTTP GET Request Invalid 'Referer' Header Detection

Binary data 8998.prm...

PT-2017-52: Information Disclosure in Rockwell Automation Micrologix 1100 and 1400 PLC

The specialists of the Positive Research center have detected an Information Disclosure vulnerability in Rockwell Automation Micrologix 1100 and 1400 PLC. Vulnerability in programmable-logic controllers, caused by sending user credentials to the web server using a HTTP GET method, allows attacker...

ManageEngine ServiceDesk Plus Multiple Vulnerabilities (Oct 2015)

ManageEngine ServiceDesk is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...