ODBC Tools Multiple Vulnerabilities

Many Web servers ship with default CGI scripts which allow for ODBC access and configuration. Some of these test ODBC tools are present on the remote web server SPDX-FileCopyrightText: 2002 David Kyger Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Snif Cross Site Scripting

The remote host is running the SPDX-FileCopyrightText: 2003 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.11949";...

ShopPlus Arbitrary Command Execution Vulnerability - Active Check

The ShopPlus CGI is prone to a vulnerability that allows execution of arbitrary commands with the security privileges of the web server. SPDX-FileCopyrightText: 2001 SecuriTeam Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

foxweb <= 2.5 CGI Buffer Overflow Vulnerability

The foxweb.dll or foxweb.exe CGI is installed. Versions 2.5 and below of this CGI program have a security flaw that lets an attacker execute arbitrary code on the remote server. SPDX-FileCopyrightText: 2003 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are...

FastCGI samples Cross Site Scripting

Two sample CGI SPDX-FileCopyrightText: 2002 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.10838";...

Sambar /cgi-bin/mailit.pl Vulnerability

The Sambar SPDX-FileCopyrightText: 2000 Hendrik Scholz Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sambar:sambarserver"; ifdescription...

Webnews.exe Buffer Overflow Vulnerability

The remote host appears to be running WebNews, which offers web-based access to Usenet news. This CGI script suffers from a buffer overflow vulnerability. SPDX-FileCopyrightText: 2003 John Lampe Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Trend Micro Emanager .dll Files Vulnerability

The Trend Micro Emanager software resides on this server. Some versions of this software have vulnerable dlls. SPDX-FileCopyrightText: 2003 John Lampe Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Oracle Web Listener 4.0.x 'ows-bin' CGI Vulnerability

Oracle SPDX-FileCopyrightText: 2000 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:weblistener"; ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.10348";...

phpGedView Code injection Vulnerability

The remote host is running phpGedView, a set of CGI scripts which parse GEDCOM 5.5 genealogy files and display them on the internet in a format similar to desktop programs. There are multiple vulnerabilities in this product : - A path disclosure vulnerability, which will give more information abo...

inserter.cgi File Inclusion and Command Execution Vulnerabilities

The remote web server contains the SPDX-FileCopyrightText: 2005 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only From: fireboy fireboy remote command execution in inserter.c...

Detection of various dangerous CGI scripts (HTTP) - Active Check

Various CGI scripts have known vulnerabilities tracked via the via the referenced CVEs. SPDX-FileCopyrightText: 2003 John Lampe Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only Also cove...

SunSolve CD CGI user input validation

Sunsolve CD CGI scripts does not validate user input. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

nph-publish.cgi

The SPDX-FileCopyrightText: 1999 Mathieu Perrin Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.10164";...

webadmin.dll CGI Multiple Vulnerabilities

webadmin.dll was found on your web server. SPDX-FileCopyrightText: 2003 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.11771"...

i-mall.cgi RCE Vulnerability

The script i-mall.cgi is installed. Some versions of this script are vulnerable to remote command execution flaw, due to insufficient user input sanitization. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

Linksys Wireless Internet Camera File Disclosure (2004) - Active Check

The Linksys Wireless Internet Camera contains a CGI that allows remote attackers to disclosue sensitive files stored on the server. SPDX-FileCopyrightText: 2004 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

E-Shopping Cart Arbitrary Command Execution (WebDiscount)

The eShop WebDiscount CGI is installed. A security problem in this CGI allows anyone to execute arbitrary commands with the privileges of the web server. SPDX-FileCopyrightText: 2001 Noam Rathaus SPDX-FileCopyrightText: 2001 SecuriTeam Some text descriptions might be excerpted from a referenced...

e107 Detection

The remote host is running e107, a content management system written in PHP and with a MySQL back-end. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid20129; scriptversion"1.15"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/06/01";...

Web applications security vulnerabilities &#40;PHP, ASP, CGI, Perl, etc&#41;

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...