287 matches found
Ocean12 Guestbook XSS
The remote server is running Ocean12 GuestBook, a set of scripts to manage an interactive guestbook. An attacker may use this module to inject malicious HTML code in your site, which may be used to steal users' cookies or to simply annoy them. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Justice Guestbook 1.3 Multiple Vulnerabilities
The remote host is running Justice Guestbook. This set of CGI has two vulnerabilities : - It is vulnerable to cross-site scripting attacks in jgb.php3. - If the user requests the file cfooter.php3, he will obtain the physical path of the remote CGI. An attacker may use these flaws to steal the...
My Guest Book (myGuestBk) Multiple Vulnerabilities
The remote web server is hosting myGuestBook. This installation comes with an administrative file in 'myguestBk/admin/index.asp' which lets any user delete old entries. In addition to this, this CGI is vulnerable to a cross-site-scripting attack. %NASLMINLEVEL 70300 C Tenable Network Security, In...
Basit CMS Multiple Script XSS
Basit cms 1.0 has a cross-site scripting bug. An attacker may use it to perform a cross-site scripting attack on this host. In addition to this, it is vulnerable to a SQL insertion attack that could allow an attacker to get the control of your database. %NASLMINLEVEL 70300 written by K-Otik.com...
Mambo Site Server 4.0.10 XSS
An attacker may use the installed version of Mambo Site Server to perform a cross-site scripting attack on this host. %NASLMINLEVEL 70300 This script was completely rewritten by Tenable Network Security, using a new API Message-ID: From: Ertan Kurt To: Subject: Some XSS vulns...
Backup Files Disclosure
By appending various suffixes ie: .old, .bak, , etc... to the names of various files on the remote host, it seems possible to retrieve their contents, which may result in disclosure of sensitive information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. This plugin uses the data collected ...
RSA ClearTrust ct_logon.asp Multiple Parameter XSS
The remote ClearTrust server is vulnerable to a cross-site scripting attack that can be exploited using specially crafted calls to its 'ctlogon.asp' or 'ctlogon.jsp' scripts. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Date: Fri, 14 Mar 2003 18:42:02 -0800 To: [email protected]...
Tomcat /status Information Disclosure
Requesting the URI '/status' gives information about the currently running instance of the remote web server most likely Apache Tomcat. It also allows anybody to reset the current statistics. A remote attacker can use this information to mount further attacks. This script was written by Vincent...
Microsoft IIS ASP ISAPI Filter Multiple Overflows
There's a buffer overflow in the remote web server through the ASP ISAPI filter. It is possible to overflow the remote web server and execute commands as user 'SYSTEM'. C Tenable Network Security, Inc. Thanks to: Marc Maiffret - his post on vuln-dev saved a lot of my time See the Nessus Scripts...
SilverStream Database Structure Disclosure
An unauthenticated, remote attacker can discover the internal structure of the remote SilverStream database by sending a special request. %NASLMINLEVEL 70300 This script was written by Tor Houghton, but I looked at "htdig" by Renaud Deraison Changes by rd: - phrasing in the report - pattern read...
Microsoft ASP.NET Malformed File Request Path Disclosure
ASP.NET is vulnerable to a path disclosure attack. This allows an attacker to determine where the remote web root is physically stored in the remote file system, hence gaining more information about the remote system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Webmin Detection
The remote web server is running Webmin, a web-based interface for system administration for Unix. This script was written by Georges Dagousset See the Nessus Scripts License for details Changes by Tenable: - Revised plugin title, changed family 4/13/2009 - Added CPE, updated version check, updat...
Microsoft IIS ISAPI Filter Multiple Vulnerabilities (MS01-044)
There's a buffer overflow in the remote web server through the ISAPI filter. It is possible to overflow the remote web server and execute commands as user SYSTEM. Additionally, other vulnerabilities exist in the remote web server since it has not been patched. %NASLMINLEVEL 70300 C Tenable Networ...
Web Server HTTP POST Method Handling Remote Overflow DoS
Nessus tests the stability of a remote web service by sending a significantly large HTTP POST and then confirms if the web service is still responsive. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10687; scriptversion "1.25"; scriptcvsdate"Date: 2018/12/21 16:12:09"...
processit CGI Environment Variable Remote Information Disclosure
The 'processit' CGI is installed. processit normally returns all environment variables. This gives an attacker valuable information about the configuration of your web server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if descriptio...
uStorekeeper ustorekeeper.pl file Parameter Traversal Arbitrary File Access
The 'ustorekeeper.pl' CGI script installed on the remote host allows an attacker to read arbitrary files subject to the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription...
SEDUM HTTP Server Long HTTP Request Overflow DoS
It was possible to make the remote web server crash by sending it too much data. An attacker may use this flaw to prevent this host from fulfilling its role. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10637; scriptversion"1.25"; scriptcvsdate"Date: 2018/07/27...
Apache ASP module Apache::ASP source.asp Example File Arbitrary File Creation
The file /site/eg/source.asp is present on the remote Apache web server. This file comes with the Apache::ASP package and allows anyone to write to files in the same directory. An attacker may use this flaw to upload his own scripts and execute arbitrary commands on this host. C Tenable Network...
Microsoft IIS Dangerous Sample Files Detection
Some of the IIS sample files are present. They all contain various security flaws which could allow an attacker to execute arbitrary commands, read arbitrary files or gain valuable information about the remote system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. This script was written by...
Cobalt siteUserMod.cgi Arbitrary Password Modification
The Cobalt 'siteUserMod' CGI appears to be installed on the remote web server. Older versions of this CGI may allow a user with Site Administrator access to change the password of users on the system, such as Site Administrator or regular users, or the admin root user. Note that Nessus has only...