Lucene search
+L

287 matches found

Tenable Nessus
Tenable Nessus
added 2011/11/18 12:0 a.m.105 views

PHP ip2long Function String Validation Weakness

According to its banner, the 'ip2long' function in the version of PHP installed on the remote host may incorrectly validate an arbitrary string and return a valid network IP address. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

5CVSS7.4AI score0.05639EPSS
Exploits1References3
ThreatPost
ThreatPost
added 2011/11/08 2:23 p.m.7 views

Demo of Charlie Miller's iOS Code-Signing Bug

Security researcher Charlie Miller of Accuvant discovered a vulnerability in the Apple iOS software that enables him to use an app he placed in the iTunes App Store to download unsigned code from a remote Web server and run it on any iOS device. In this video, he demonstrates the app and the way...

2.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/10/20 12:0 a.m.38 views

MODx < 2.0.3-pl class_key Parameter Local File Inclusion

The version of MODx installed on the remote host fails to sanitize user-supplied input to the 'classkey' parameter of the 'manager/controllers/default/resource/tvs.php' script before using it to include PHP code. Using a specially crafted request, a remote, unauthenticated attacker may be able to...

4.3CVSS5.9AI score0.17028EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2011/10/14 12:0 a.m.162 views

ManageEngine ADSelfService Plus Detection

ManageEngine ADSelfService Plus, a web-based self-service password management application written in Java, is running on the remote host. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid56509; scriptversion"1.10"; scriptsetattributeattribute:"pluginmodificationdate",...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2011/09/13 12:0 a.m.23 views

OpenAdmin Tool for Informix informixserver Parameter XSS

The instance of OpenAdmin Tool for Informix hosted on the remote web server fails to sanitize user input to the 'informixserver' parameter of its 'index.php' script before using it to generate dynamic HTML output. An attacker may be able to leverage this issue to inject arbitrary HTML or script...

4.3CVSS5.5AI score0.03011EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2011/05/02 12:0 a.m.123 views

HP SiteScope Detection

The remote host is running HP SiteScope, an agentless network monitoring application. HP SiteScope was formerly known as Mercury SiteScope. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid53621; scriptversion"1.14"; scriptsetattributeattribute:"pluginmodificationdate"...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2011/04/15 12:0 a.m.32 views

MediaWiki API XSS

A cross-site scripting vulnerability exists in this installation of MediaWiki that allows an attacker to execute arbitrary script code in the browser of an unsuspecting user. Such script code could steal authentication credentials and be used to launch other attacks. %NASLMINLEVEL 70300 C Tenable...

4.3CVSS5.6AI score0.01711EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2011/03/14 12:0 a.m.122 views

IBM Sametime Detection

IBM Sametime, a web conferencing, instant messaging, and scheduling application, is running on the remote web server. Note that IBM Sametime was formerly known as Lotus Sametime. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid52658; scriptversion"1.5";...

5.5AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2011/03/01 12:0 a.m.40 views

CGI Generic XSS (persistent, 3rd Pass)

The remote web server hosts one or more CGI scripts that fail to adequately sanitize request strings containing malicious JavaScript. By leveraging this issue, an attacker may be able to cause arbitrary HTML and script code to be executed in a user's browser within the security context of the...

5.7AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2011/02/04 12:0 a.m.37 views

PRTG Network Monitor Detection

PRTG Network Monitor, a web-based tool for displaying network and bandwidth usage data, is hosted on the remote web server. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid51874; scriptversion"1.9"; scriptsetattributeattribute:"pluginmodificationdate",...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2010/11/24 12:0 a.m.60 views

Adobe Flash Media Server Version Detection

Adobe Flash Media Server, a data and media server that serves applications to Flash Player, appears to be running on the remote host and is reporting its version number in HTTP headers. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid50705; scriptversion"1.8";...

5.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2010/11/23 12:0 a.m.19 views

Novell GroupWise WebAccess Accessible

The remote web server is a Novell GroupWise WebAccess console. By allowing unauthenticated access to this web server, anyone may be able read status, configuration or log files pertaining to GroupWise WebAccess. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid50693;...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2010/11/08 12:0 a.m.34 views

eLouai's Force Download Script file Parameter File Disclosure

The version of eLouai's Force Download Script hosted on the remote web server does not sanitize user-supplied input to the 'file' parameter before using it to return the contents of a file. An unauthenticated, remote attacker can exploit this issue to disclose the contents of sensitive files on t...

5.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/10/20 12:0 a.m.29 views

Super Simple Blog Script entry Parameter SQL Injection

The remote Super Simple Blog Script install hosted on the remote web server is affected by a SQL injection vulnerability because its 'comments.php' script does not properly sanitize input to the 'entry' parameter before using it a database query. Regardless of PHP's 'magicquotesgpc' setting, an...

6.8CVSS5.9AI score0.01953EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2010/10/04 12:0 a.m.43 views

External URLs

Nessus gathered HREF links to external sites by crawling the remote web server. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid49704; scriptversion"$Revision: 1.3 $"; scriptcvsdate"$Date: 2011/08/19 19:59:18 $"; scriptnameenglish:"External URLs";...

5.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/09/17 12:0 a.m.96 views

OpenX Open Flash Chart ofc_upload_image.php File Upload Arbitrary Code Execution

The third-party Open Flash Chart component included with the version of OpenX hosted on the remote web server allows an unauthenticated attacker to upload arbitrary files to the affected system, by default in a web-accessible directory. While Nessus has not verified this, it is likely that an...

7.5CVSS5.9AI score0.75838EPSS
Exploits8References4
Tenable Nessus
Tenable Nessus
added 2010/08/16 12:0 a.m.13 views

Oracle Business Process Management Detection

The remote web server is running Oracle formerly BEA Business Process Management BPM Suite, a set of tools for creating, executing, and optimizing business processes. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid48338; scriptversion"1.8"; scriptcvsdate"Date:...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2010/06/07 12:0 a.m.18 views

Symphony Detection

Symphony, an XSLT-powered, open source content management system, is hosted on the remote web server. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid46818; scriptversion"1.9"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/06/01";...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2010/05/24 12:0 a.m.15 views

NolaPro Detection

The remote web server hosts NolaPro, a web-based business management application written in PHP. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid46703; scriptversion"1.7"; scriptcvsdate"Date: 2019/11/22"; scriptnameenglish:"NolaPro Detection";...

5.4AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2010/05/14 12:0 a.m.494 views

r57shell Backdoor Detection

At least one instance of r57shell is hosted on the remote web server. This is a PHP script that acts as a backdoor and provides a convenient set of tools for attacking the affected host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

5.6AI score
Exploits0
Rows per page
Query Builder