2293 matches found
Mantis multiple unspecified XSS
The remote web server contains a PHP application that is prone to cross-site scripting attacks. Description : According to its banner, the remote version of Mantis contains a flaw in the handling of some types of input. Because of this, an attacker may be able to cause arbitrary HTML and script...
PHPix directory traversal vulnerability
PHPix program allows an attacker to read arbitrary files on the remote web server, prefixing the pathname of the file with ..%2F..%2F.. Example: GET /Album/?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0 will return all the files that are nested within /etc...
Check for Apache Multiple / vulnerability
Certain versions of Apache for Win32 have a bug wherein remote users can list directory entries. Specifically, by appending multiple /'s to the HTTP GET command, the remote Apache server will list all files and subdirectories within the web root as defined in httpd.conf. OpenVAS Vulnerability Tes...
SiteScope Web Managegment Server Detection (HTTP)
The remote web server is running the SiteScope Management web server. SPDX-FileCopyrightText: 2005 Noam Rathaus / SecuriTeam Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
Hidden WWW Server Name (HTTP)
It seems that the remote web server tries to hide its version or name. However, using a special crafted request, the scanner was able to discover it. SPDX-FileCopyrightText: 2005 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respectiv...
YusASP Web Asset Manager Vulnerability
YusASP Web Asset Manager is a complete file manager for your website. If left uprotected, the YusASP allows you to anage the remote server SPDX-FileCopyrightText: 2005 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
Checks for listrec.pl
The SPDX-FileCopyrightText: 2001 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.10769"; scriptversion"2023-08-01T13:29:10+0000"...
AIX maintenance level
This plugin makes sure the remote AIX server is running the newest maintenance package. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
SOCKS4A Hostname Overflow DoS Vulnerability
It was possible to kill the remote SOCKS4A server by sending a request with a too long hostname. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...
MySQL Eventum Multiple flaws
The remote host seems to be running MySQL Eventum, a user-friendly and flexible issue tracking system written in PHP. The remote version of this software is vulnerable to cross-site scripting attacks, through multiple scripts. With a specially crafted URL, an attacker can use the remote server to...
JS.Scob.Trojan or Download.Ject Trojan
JS.Scob.Trojan or Download.Ject Trojan were detected. SPDX-FileCopyrightText: 2004 Jeff Adams Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
dwhttpd format string
The remote web server is vulnerable to a format string attack. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
YaCy Peer-To-Peer Search Engine XSS
The remote host contains a peer-to-peer search engine that is prone to cross-site scripting attacks. Description : The remote host runs YaCy, a peer-to-peer distributed web search engine and caching web proxy. The remote version of this software is vulnerable to multiple cross-site scripting due ...
bBlog SQL injection flaw
The remote server runs a version of bBlog which is as old as or older than version 0.7.4. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
foxweb <= 2.5 CGI Buffer Overflow Vulnerability
The foxweb.dll or foxweb.exe CGI is installed. Versions 2.5 and below of this CGI program have a security flaw that lets an attacker execute arbitrary code on the remote server. SPDX-FileCopyrightText: 2003 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are...
Horde IMP < 3.2.4 Content-Type XSS Vulnerability
The remote server is running at least one instance of Horde IMP whose version number is between 2.0 and 3.2.3 inclusive. SPDX-FileCopyrightText: 2004 George A. Theall Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Sgdynamo 'sgdynamo.exe' Physical Path Disclosure Vulnerability
The CGI SPDX-FileCopyrightText: 2003 Scott Shebby Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.11954";...
SSL/TLS: Certificate Expiry
The remote server SPDX-FileCopyrightText: 2005 George A. Theall Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.15901";...
ReadDesign checker
This plugin checks for ReadDesign vulns on the remote web server. SPDX-FileCopyrightText: 2005 Net-Square Solutions Pvt Ltd. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
WorldClient for MDaemon Server Detection
We detected the remote web server is running WorldClient for MDaemon. This web server enables attackers with the proper username and password combination to access locally stored mailboxes. In addition, earlier versions of WorldClient suffer from buffer overflow vulnerabilities, and web traversal...