CAGE Web Design | Rolf Van Gelder Security Vulnerabilities
The remote web server is hosting Open Web Analytics, a web application framework for tracking and analyzing website and web application...
1.1AI Score
This script initializes the credentials used for Amazon Web Services checks done via the...
1.6AI Score
The remote host is a McAfee Web Gateway (MWG) Appliance. MWG acts as a proxy server and provides web filtering and monitoring...
1.5AI Score
7.8CVSS
7.5AI Score
0.031EPSS
Junos J-Web, a web application for sending and receiving SMS, was detected on the remote...
7.5AI Score
0.9AI Score
High severity vulnerability that affects io.vertx:vertx-web
In version from 3.0.0 to 3.5.2 of Eclipse Vert.x, the CSRFHandler do not assert that the XSRF Cookie matches the returned XSRF header/form parameter. This allows replay attacks with previously issued tokens which are not expired...
8.8CVSS
3.4AI Score
0.011EPSS
SolarWinds Web Performance Monitor (WPM) Detection (HTTP)
HTTP based detection of SolarWinds Web Performance Monitor ...
7.4AI Score
0.6AI Score
Buffalo TeraStation Web detection
Buffalo TeraStation, a network attached storage (NAS), was detected based on the web...
1.5AI Score
pfSense Web Interface Detection
The web interface for pfSense was detected on the remote host. pfSense is an open source firewall based on...
0.6AI Score
Belkin Web Interface Detection
Nessus was able to detect the web administration interface for a Belkin device on the remote...
1.6AI Score
Barracuda Web Filter Detection
The remote host appears to be a Barracuda Web Filter device, used to control access to websites and applications by end...
2.5AI Score
ClearSCADA Web Server Detection
The remote host is running the ClearSCADA web server, part of a software platform for managing and monitoring remote SCADA...
1.9AI Score
7.8CVSS
7.7AI Score
0.016EPSS
Apache ActiveMQ's default configuration doesn't secure the API web context
In Apache ActiveMQ 6.x, the default configuration doesn't secure the API web context (where the Jolokia JMX REST API and the Message REST API are located). It means that anyone can use these layers without any required authentication. Potentially, anyone can interact with the broker (using Jolokia....
8.5CVSS
7.3AI Score
0.0004EPSS
7.8CVSS
7.7AI Score
0.005EPSS
Apache ActiveMQ's default configuration doesn't secure the API web context
In Apache ActiveMQ 6.x, the default configuration doesn't secure the API web context (where the Jolokia JMX REST API and the Message REST API are located). It means that anyone can use these layers without any required authentication. Potentially, anyone can interact with the broker (using Jolokia....
8.5CVSS
7.3AI Score
0.0004EPSS
7.8CVSS
7.7AI Score
0.007EPSS
Reportico affected by Incorrect Access Control
An issue discovered in Reportico Till 8.1.0 allows attackers to obtain sensitive information via execute_mode parameter of the...
6.3AI Score
0.0004EPSS
Progress Telerik Report Server Web Interface Detection
The web interface for Progress Telerik Report Server was detected on the remote...
7.5AI Score
CVE-2024-33953 WordPress Adventure Journal theme <= 1.7.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt van Andel Adventure Journal allows Stored XSS.This issue affects Adventure Journal: from n/a through...
6.5CVSS
6.9AI Score
0.0004EPSS
(RHSA-2024:2731) Moderate: Red Hat OpenStack Platform 17.1 (python-django) security update
Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY (Don't Repeat Yourself) principle. Security Fix(es): denial-of-service in intcomma template filter (CVE-2024-24680) ...
6.8AI Score
0.001EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt van Andel Adventure Journal allows Stored XSS.This issue affects Adventure Journal: from n/a through...
6.5CVSS
6.6AI Score
0.0004EPSS
Amazon Web Services EC2 Instance Metadata Enumeration (Windows)
The remote host appears to be an Amazon Machine Image. Nessus will attempt to use the metadata API to collect information about the...
3.3AI Score
web-corpora.net Cross Site Scripting vulnerability OBB-3882566
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
5.5CVSS
5AI Score
0.001EPSS
5.5CVSS
5AI Score
0.001EPSS
The web user interface for Apache Kylin was detected on the remote...
7.5AI Score
Tableau Server Web UI Detection
The web user interface for Tableau Server was detected on the remote...
0.8AI Score
Netwrix Auditor Web API Detection
Netwrix Auditor, an auditing and optimization solution used for compliance operations was detected on the remote host via the Netwrix Integrator API. Note: HTTP basic authentication credentials are required by the API for reliable detection. Alternatively, when the paranoid setting is enabled the.....
1.4AI Score
ThoughtWorks GoCD Web interface detection
ThoughtWorks GoCD, a CI / CD server, was detected based on the web...
1AI Score
Draytek VigorConnect Web UI Detection
The web application running on the remote web server is Draytek VigorConnect. Draytek VigorConnect is a network management web application for DrayTek...
7.1AI Score
1AI Score
Apache Flink web user interface detected on remote host. Apache Flink is an open-source, unified stream-processing and batch-processing framework developed by the Apache Software...
1.6AI Score
Cisco Aironet Web UI Detection.
Cisco Aironet web user interface detected on remote host. Note that HTTP credentials are required to retrieve the...
1.7AI Score
Apache Pluto Web Interface Detection
The web interface for Apache Pluto was detected on the remote host. Apache Pluto is a portlet specification reference implementation and technology compliance...
2.1AI Score
Embedded HP Web Server Detected
The remote host has been identified as using an HP embedded web...
0.4AI Score
Nokia VitalQIP Web Client Detection
The remote host is running an instance of VitalQIP, an DNS, DHCP, and IP address (DDI) management system. VitalQIP was originally created by Alcatel-Lucent but acquired by...
1.4AI Score
Grandstream Phone Web Interface Detection
Nessus was able to detect the web interface for a Grandstream phone on the remote...
1.1AI Score
Zimbra Collaboration Server Web Detection
The web interface for Zimbra Collaboration Server, an open source messaging and collaboration solution, was detected on the remote host. Note the plugin attempts to retrieve the version information without credentials. However, if HTTP Basic credentials are supplied then an attempt to retrieve the....
1.8AI Score
The web interface for a Dell KACE K1000 appliance was detected on the remote host. The K1000 is used to manage multiple systems via the...
1.7AI Score
Web Site Hosting Malicious Binaries
The MD5 sum of one or more binaries hosted on the remote web server matches known malware. This may indicate that the remote site was compromised. Note that Nessus has only scanned files with the following extensions : exe , dll , scr , drv , sys , bat , cmd , com , cpl , csh , gadget ,...
0.8AI Score
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hans van Eijsden,niwreg ImageMagick Sharpen Resized Images allows Stored XSS.This issue affects ImageMagick Sharpen Resized Images: from n/a through...
5.9CVSS
6.9AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hans van Eijsden,niwreg ImageMagick Sharpen Resized Images allows Stored XSS.This issue affects ImageMagick Sharpen Resized Images: from n/a through...
5.9CVSS
6AI Score
0.0004EPSS
SAP Solution Manager Web Detection
The web interface for SAP Solution Manager was detected on the remote host. SAP Solution Manager is application lifecycle management software. Note: This plugin does not report anything. Instead, it collects information stored in host tags for the future development of this...
0.4AI Score
Tenable Core Web Interface Detection
A Tenable Core Web Interface was detected on the remote...
7.1AI Score
Cisco HyperFlex Web API Detection
The web API for Cisco HyperFlex was detected on the remote...
1AI Score
Cisco Energy Management Web Detection
Cisco Energy Management, a power management solution for IT assets, was detected based on the web...
2.1AI Score