IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.9 TLS Downgrade Vulnerability (CVE-2018-1719)

The IBM WebSphere Application Server running on the remote host is version 8.5.x prior to 8.5.5.15, or 9.0.0.x prior to 9.0.0.9. It is, therefore, potentially affected by TLS downgrade vulnerability. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid125595;...

Apache Struts 2 'action:' Parameter Prefix Security Constraint Bypass

The remote web application appears to use Struts 2, a web framework used for creating Java web applications. The version of Struts 2 in use is affected by a security constraint bypass vulnerability due to a flaw in the action mapping mechanism. Under certain unspecified conditions, an attacker...

Apache Struts 2 struts2-showcase edit-person.action Persistent XSS

The remote web server hosts struts2-showcase, a demonstration application for the Struts 2 framework. Input passed via the 'name' and 'lastName' parameters to 'edit-person.action' is not properly sanitized, which can allow for arbitrary HTML and script code to be loaded onto the system and execut...

Apache OFBiz Default Credentials

Nessus was able to login to the remote Apache OFBiz application by providing default credentials. A remote attacker can exploit this issue to perform administrative actions. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Hyperic HQ Web GUI Default Credentials

It is possible to log into the remote Hyperic HQ installation using its default credentials. A remote attacker could exploit this to gain administrative control of the application. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Infoblox IPAM Appliance Default Credentials

The remote host appears to be running Infoblox IPAM appliance. Nessus was able to log into the remote web console using default credentials. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid42212; scriptversion"1.12...

Basic Analysis and Security Engine Authentication Check

Basic Analysis and Security Engine BASE is installed on the remote system. It is possible to access the remote web application without any authentication. This allows anyone to not only browse anomalous network traffic but also obtain detailed information about the underlying OS, installed versio...

phpGroupWare < 0.9.16 Addressbook Unspecified Vulnerability

The remote host seems to be running PhpGroupWare, a multi-user groupware suite written in PHP. This version is prone to an unspecified flaw related to its addressbook. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

OpenBB < 1.0.9 Multiple Vulnerabilities

The remote host seems to be running OpenBB, a forum management system written in PHP. The remote version of this software is vulnerable to cross-site scripting attacks, and SQL injection flaws. Using a specially crafted URL, an attacker may execute arbitrary commands against the remote SQL databa...

PwsPHP profil.php id Parameter XSS

The remote host runs PWSPHP Portail Web System a CMS written in PHP. The remote version of this software is vulnerable to cross-site scripting attack due to a lack of sanity checks on the 'skin' parameter in the script SettingsBase.php. With a specially crafted URL, an attacker could use the remo...

ASP PortalApp Multiple SQL Injection

The remote host is running ASP PortalApp, a web application software written in ASP. There is a flaw in the remote software that could allow anyone to inject arbitrary SQL commands, which could in turn be used to gain administrative access on the remote host. In addition, a path disclosure and...

FuseTalk Forum img src Tag XSS

The remote host is using FuseTalk, a web-based discussion forum. A vulnerability exists in the script 'tombstone.cfm' that could allow an attacker to execute arbitrary HTML and script code in the context of the user's browser. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

phpGroupWare index.php Addressbook XSS

The remote host seems to be running PhpGroupWare, a multi-user groupware suite written in PHP. This version is reportedly prone to multiple HTML injection vulnerabilities. The issues present themselves due to a lack of sufficient input validation performed on form fields used by PHPGroupWare...

pod.board 1.1 Multiple Script XSS

The remote host is hosting the Pod.Board CGI suite, a set of PHP scripts designed to manage online forums. There is a cross-site scripting issue in this suite that could allow an attacker to steal the cookies of your legitimate users, by luring them into clicking on a rogue URL. %NASLMINLEVEL 703...

PostNuke Glossary Module page Parameter SQL Injection

The remote host is running a version of PostNuke which is vulnerable to a SQL injection attack. An attacker may use this flaw to gain the control of the database of this host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if descriptio...

PostNuke Sections Module Information Disclosure

The remote host is running PostNuke. It is possible to use the CMS to determine the full path to its installation on the server or the name of the database used, by doing a request like : /modules.php?op=modload&name=Sections&file=index&req=viewarticle&artid= An attacker may use these flaws to ga...

PostNuke Members_List Module Information Disclosure

The remote host is running PostNuke. It is possible to use the CMS to determine the full path to its installation on the server or the name of the database used, by doing a request like : /modules.php?op=modload&name=MembersList&file=index&letter=All&sortby=foobar An attacker may use these flaws ...

Oracle 9iAS mod_plsql Multiple Procedures XSS

The modplsql module supplied with Oracle9iAS allows cross-site scripting attacks to be performed. %NASLMINLEVEL 70300 This script was written by Matt Moore See the Nessus Scripts License for details Changes by Tenable: - Revised plugin title, commented incorrect CVE/BID 5/21/09 - Revised plugin...

Commerce.CGI Shopping Cart commerce.cgi page Parameter Traversal Arbitrary File Access

The 'commerce.cgi' CGI is installed. This CGI has a well known security flaw that lets an attacker read arbitrary files with the privileges of the web server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid10612;...