CVE-2023-5505

The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the job-specific backup folder. This allows authenticated attackers to store backups in arbitrary folders on the server provided they can be written to by the server. Additionally,...

Apache Tomcat Default Files

The default error page, default index page, example JSPs, and/or example servlets are installed on the remote Apache Tomcat server. These files should be removed as they may help an attacker uncover information about the remote Tomcat install or host itself. No source data...

Default nginx HTTP Server Settings

The remote webserver contains default settings such as enabled server tokens and/or default files such as the default index or error pages. These items could potentially leak useful information about the server installation. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

Spaghetti v0.1.1 - Web Application Security Scanner

Spaghetti is a web application security scanner tool. It is designed to find various default and insecure files, configurations, and misconfigurations. Spaghetti is built on python2.7 and can run on any platform which has a Python environment. Installation $ git clone...

Spaghetti - Web Application Security Scanner

Spaghetti is a web application security scanner tool. It is designed to find various default and insecure files, configurations and misconfigurations. Spaghetti is built on python2.7 and can run on any platform which has a Python environment. Installation $ git clone...

[Web-Sorrow v1.5] Versatile security scanner for the information disclosure and fingerprinting phases of pentesting

Web-Sorrow is a perl based tool for misconfiguration, version detection, enumeration, and server information scanning. It's entirely focused on Enumeration and collecting Info on the target server. Web-Sorrow is a "safe to run" program, meaning it is not designed to be an exploit or perform any...

http-cakephp-version NSE Script

Obtains the CakePHP version of a web application built with the CakePHP framework by fingerprinting default files shipped with the CakePHP framework. This script queries the files 'vendors.php', 'cake.generic.css', 'cake.icon.png' and 'cake.icon.gif' to try to obtain the version of the CakePHP...

vis.pl.txt

Hackers Center Security Group http://www.hackerscenter.com/ spher3's Security Advisory Multiple transversal bug in vis.pl -------------------------------------------------------------------------- Description: Vis.pl is a perl script which manages files in order to show these; you can find it in...

Novell Netbasic Scripting Server Directory Traversal

Novell Netbasic Scripting Server is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2004 David Kyger Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apache Tomcat servlet/JSP container default files

The Apache Tomcat servlet/JSP container has default files installed. SPDX-FileCopyrightText: 2004 David Kyger Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:tomcat...

Netscape Enterprise Server default files

Netscape Enterprise Server has default files installed. Default files were found on the Netscape Enterprise Server. These files should be removed as they may help an attacker to guess the exact version of the Netscape Server which is running on this host. OpenVAS Vulnerability Test $Id:...

Check for dangerous IIS default files

The file viewcode.asp is a default IIS files which can give a malicious user a lot of unnecessary information about your file system or source files. Specifically, viewcode.asp can allow a remote user to potentially read any file on a webserver hard drive. Example,...

Microsoft IIS Dangerous Default Files - Active Check

The file viewcode.asp is a default IIS files which can give a malicious user a lot of unnecessary information about your file system or source files. Specifically, viewcode.asp can allow a remote user to potentially read any file on a webserver hard drive. Example:...

Netscape Enterprise Server Default Files (HTTP)

Netscape Enterprise Server has default files installed. SPDX-FileCopyrightText: 2004 David Kyger Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft IIS 'bdir.htr' Default Files - Active Check

The file bdir.htr is a default IIS files which can give a malicious user a lot of unnecessary information about your file system. SPDX-FileCopyrightText: 2003 John Lampe Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Apache Tomcat Default Files

The default error page, default index page, example JSPs and/or example servlets are installed on the remote Apache Tomcat server. These files should be removed as they may help an attacker uncover information about the remote Tomcat install or host itself. C Tenable Network Security, Inc. Based ...

Netscape Enterprise Server Default Files Present

Default files were found on the Netscape Enterprise Server. These files should be removed as they may help an attacker to guess the exact version of the Netscape Server that is running on this host. %NASLMINLEVEL 70300 This script was written by David Kyger See the Nessus Scripts License for...

Novonyx Web Server Multiple Sample Application Files Present

Novell NetWare default Novonyx web server files. A default installation of Novell 5.x will install the Novonyx web server. Numerous web server files included with this installation could reveal system information. This script was written by David Kyger See the Nessus Scripts License for details...