Vulnerability Assessment & Network Security Forums

The comprehensive list of vulnerabilities in this category are updated on a daily basis.  There are currently 2,554 vulnerability test descriptions and summaries in the database.  Clicking on the name of the vulnerability below will bring up the specific details for each network security test along with recommendations for patching the vulnerability and related discussions.

Home >> Browse Vulnerability Assessment Database >> CGI abuses

Vulnerability assessments available for:
CGI-abuses

Vulnerability Name Vulnerability Description Network Security Threat Type
1) 'Les Visiteurs' script injection Les Visiteurs inc file upload attack
2) /cgi-bin directory browsable ? Is /cgi-bin browsable ? infos
3) /doc directory browsable ? Is /doc browsable ? infos
4) /doc/packages directory browsable ? Is /doc/packages browseable ? infos
5) /perl directory browsable ? Is /perl browsable ? infos
6) 2BGal SQL Injection SQL Injection infos
7) 3Com NBX VoIP NetSet Detection Tests for 3Com NBX VoIP NetSet Detection infos
8) 3Com Network Supervisor Directory Traversal Vulnerability Checks for directory traversal vulnerability in 3Com Network Supervisor attack
9) 4Images <= 1.7.1 Directory Traversal Vulnerability Check if 4Images is vulnerable to directory traversal flaws attack
10) @lex guestbook remote file include Checks for @lex guestbook attack
11) A1Stats Traversal Checks if A1Stats reads any file infos
12) Aardvark Topsites CONFIG[path] Parameter Remote File Inclusion Vulnerability Checks for a file include using CONFIG[path] in Aardvark Topsites attack
13) Aborior Command Execution Detects display.cgi attack
14) ACal path Parameter Remote File Include Vulnerability Tries to read /etc/passwd using ACal attack
15) Achievo code injection Checks for the presence of Achievo attack
16) ActiveAuction Multiple Vulnerabilities Checks the version of vBulletin infos
17) ActivePerl perlIS.dll Buffer Overflow Determines if arbitrary commands can be executed thanks to ActivePerl's perlIS.dll destructive_attack
18) ActiveState Perl directory traversal Determines if ActivePerl is vulnerable attack
19) ActualAnalyzer rf Parameter Remote File Include Vulnerability Tries to read /etc/passwd using ActualAnalyzer attack
20) ad.cgi Checks for the presence of /cgi-bin/ad.cgi infos
21) Adcycle Password Disclosure Checks for the presence of /cgi-bin/build.cgi infos
22) Admbook PHP Code Injection Flaw Checks for remote PHP code injection in Admbook destructive_attack
23) AdMentor Login Flaw AdMentor Login Flaw infos
24) admin.cgi overflow Overflows admin.cgi denial
25) Adobe Breeze Directory Traversal Vulnerability Checks version of Adobe Breeze infos
26) Adobe Document Server Default Credentials Checks for default credentials in Adobe Document Server attack
27) Adobe Document Server File URI Resource Access Vulnerability Tries to write to a file using Adobe Document Server destructive_attack
28) Adobe Document Server for Reader Extensions < 6.1 Multiple Vulnerabilities Tries to exploit an XSS flaw in Adobe Document Server for Reader Extensions attack
29) ADODB do Command Execution Vulnerability Checks for do parameter command execution vulnerability in ADODB attack
30) ADODB sql Parameter SQL Injection Vulnerability Checks for sql parameter SQL injection vulnerability in ADODB attack
31) Advanced Guestbook Index.PHP SQL Injection Vulnerability Checks for an SQL injection attack in Advanced Guestbook infos
32) Advanced Guestbook phpbb_root_path Parameter Remote File Include Vulnerability Tries to read /etc/passwd using Advanced Guestbook attack
33) Advanced Poll info.php Checks for the presence of info.php infos
34) Advanced Poll Variable Overwriting Vulnerability Checks if variables can be overwritten with Advanced Poll attack
35) aeNovo Database Content Disclosure Vulnerability Checks for the presence of DB file of aeNovo infos
36) album.pl Command Execution determines the version of album.pl infos
37) Alchemy Eye HTTP Command Execution Determines if arbitrary commands can be executed by Alchemy Eye infos
38) Alexandria-dev upload spoofing Checks for the presence of patch/index.php and docman/new.php attack
39) alibaba.pl Checks for the presence of /cgi-bin/alibaba.pl infos
40) AlienForm CGI script Checks if the AlienForm CGI script is vulnerable infos
41) Alkalay.Net Multiple Scripts Arbitrary Command Execution Vulnerabilities Checks for arbitrary command execution vulnerabilities in multiple scripts from Alkalay.Net attack
42) Allaire JRun directory browsing vulnerability Allaire JRun directory browsing vulnerability infos
43) Allaire JRun Directory Listing Make a request like http://www.example.com/./WEB-INF infos
44) Alt-N WebAdmin Multiple Remote Vulnerabilities Checks for the version of Alt-N WebAdmin infos
45) AltaVista Intranet Search Checks if query?mss=... reads arbitrary files infos
46) AMember config[root_dir] Parameter File Include Vulnerability Checks for config[root_dir] parameter file include vulnerability in AMember attack
47) AN HTTPd count.pl file truncation Creates a file on the remote server attack
48) AN-HTTPd tests CGIs Checks for the presence of several CGIs infos
49) anacondaclip CGI vulnerability Checks for the presence of anacondaclip.pl infos
50) AnalogX web server traversal %2E%2E/%2E%2E/file.txt attack
51) AngelineCMS installPath Remote File Include Vulnerability Tries to read /etc/passwd using AngelineCMS attack
52) Anti Nessus defenses Detects anti Nessus features infos
53) AnyForm Checks for the presence of AnyForm2 infos
54) Apache for Windows CGI Source Code Disclosure Vulnerability Tries to read source of print-env.pl with Apache for Windows attack
55) Apache Tomcat Directory Listing and File disclosure Apache Tomcat Directory listing and File Disclosure Bugs infos
56) Apache Tomcat source.jsp malformed request information disclosure Checks for the Tomcat source.jsp malformed request vulnerability infos
57) AppServ appserv_root Parameter Remote File Include Vulnerability Checks for appserv_root parameter remote file include vulnerability in AppServ attack
58) aprox portal file disclosure Checks Aprox Portal infos
59) ArGoSoft Mail Server Directory Traversal Vulnerability Gets the version of the remote ArGoSoft server infos
60) ArGoSoft Mail Server multiple flaws Gets the version of the remote ArGoSoft server infos
61) ArGoSoft Mail Server multiple flaws(2) Gets the version of the remote ArGoSoft server infos
62) args.bat Checks for the presence of /cgi-dos/args.bat infos
63) Artmedic Kleinanzeigen File Inclusion Vulnerability Checks for Artmedic Kleinanzeigen's PHP inclusion vulnerability infos
64) artmedic_links5 File Inclusion Vulnerability Checks for artmedic_links5's PHP inclusion vulnerability infos
65) Ashnews Code Injection Checks for the presence of ashnews.php attack
66) ASP Inline Corporate Calendar SQL injection Checks for the presence of an SQL injection in defer.asp attack
67) ASP PortalApp SQL injection SQL Injection infos
68) ASP source using %20 trick downloads the source of ASP scripts infos
69) ASP source using %2e trick downloads the source of ASP scripts infos
70) ASP source using ::$DATA trick downloads the source of ASP scripts infos
71) ASP-Rider SQL Injection SQL Injection infos
72) ASP.NET path disclosure Tests for ASP.NET Path Disclosure Vulnerability infos
73) ASP/ASA source using Microsoft Translate f: bug downloads the source of IIS scripts such as ASA,ASP infos
74) ASP/ASA source using Microsoft Translate f: bug (IIS 5.1) downloads the source of IIS scripts such as ASA,ASP infos
75) ASPjar Guestbook SQL Injection Checks for the presence of an SQL injection in login.asp attack
76) AspUpload vulnerability Checks for the AspUpload software attack
77) aspWebAlbum SQL Injection SQL Injection infos
78) aspWebCalendar SQL Injection SQL Injection infos
79) Asterisk Recording Interface Configuration File Disclosure Vulnerability Tries to read ARI's configuration file infos
80) Asterisk Recording Interface recording Parameter Information Disclosure Vulnerability Requests a file using ARI's misc/audio.php attack
81) Athena Web Registration remote command execution flaw Checks for Athena Web Registration remote command execution flaw attack
82) Atomic Photo Album apa_module_basedir Variable File Include Vulnerability Checks for apa_module_basedir variable file include vulnerability in Atomic Photo Album attack
83) AtomicBoard file reading Checks for the presence of remotehtmlview.php attack
84) ATutor < 1.5.1-pl1 Multiple Flaws Checks for remote arbitrary command in ATutor infos
85) ATutor password reminder SQL injection Checks for SQL injection in password_reminder.php attack
86) auktion.cgi Checks for the presence of /cgi-bin/auktion.cgi infos
87) AutoLinks Pro alpath Parameter File Include Vulnerability Checks for alpath parameter file include vulnerability in AutoLinks Pro attack
88) AutomatedShops WebC.cgi buffer overflows Checks for the presence of webc.cgi infos
89) AutomatedShops WebC.cgi installed Checks for the presence of webc.cgi infos
90) AutoTheme PostNuke Module Multiple Unspecified Vulnerabilities Checks for multiple unspecified vulnerabilities in AutoTheme PostNuke module infos
91) Avenger's News System Command Execution Avenger's News System Command Execution infos
92) Awol code injection Checks for the presence of includes/awol-condensed.inc.php attack
93) AWStats configdir parameter arbitrary cmd exec Determines the presence of AWStats awstats.pl flaws infos
94) AWStats Debug Remote Information Disclosure And Code Execution Vulnerabilities Determines the presence of a debug output in AWStats infos
95) AWStats migrate Parameter Remote File Include Vulnerability Tries to run a command using AWStats attack
96) AWStats rawlog plugin logfile parameter input validation vulnerability Determines the presence of AWStats awstats.pl infos
97) AWStats Referrer Arbitrary Command Execution Vulnerability Checks for referrer arbitrary command execution vulnerability in AWStats attack
98) axis2400 webcams reads the remote /var/log/messages infos
99) b2 cafelog code injection Checks for the presence of gm-2-b2.php attack
100) b2Evolution title SQL Injection Checks for the presence of an SQL injection in title parameter attack
101) Backup CGIs download Attempts to download the remote CGIs infos
102) Barracuda Networks Spam Firewall Multiple Vulnerabilities Tries to authenticate to Barracuda Networks Spam Firewall attack
103) Barracuda Spam Firewall Firmware < 3.1.18 Multiple Vulnerabilities Checks for multiple vulnerabilities in Barracuda Spam Firewall firmware < 3.1.18 attack
104) BASE base_maintenance Authentication Bypass Vulnerability Tries to bypass authentication in BASE attack
105) BASE BASE_path Parameter Remote File Include Vulnerability Tries to read a local file using BASE attack
106) BasiliX Arbitrary Command Execution Vulnerability Checks for arbitrary command execution vulnerability in BasiliX infos
107) BasiliX Arbitrary File Disclosure Vulnerability Checks for arbitrary file disclosure vulnerability in BasiliX infos
108) BasiliX Attachment Disclosure Vulnerability Checks for attachment disclosure vulnerability in BasiliX infos
109) BasiliX Detection Checks for the presence of BasiliX infos
110) Basilix includes download Checks for the presence of include files infos
111) BasiliX Message Content Script Injection Vulnerability Checks for message content script injection vulnerability in BasiliX infos
112) BasiliX SQL Injection Vulnerability Checks for SQL injection vulnerability in BasiliX infos
113) Basilix Webmail Dummy Request Vulnerability Checks for the presence of basilix.php3 infos
114) bb-hist.sh Read arbitrary files using the CGI bb-hist.sh infos
115) bb-hostsvc.sh Read arbitrary files using the CGI bb-hostsvc.sh infos
116) bBlog <= 0.7.4 Multiple Vulnerabilities Checks for multiple vulnerabilities in bBlog <= 0.7.4 infos
117) bBlog SQL injection flaw Check bBlog version infos
118) BBS E-Market File Disclosure Directory Traversal Attempt infos
119) BDPDT Arbitrary File Upload Vulnerabily Checks for BDPDT's uploadfilepopup.aspx attack
120) BEA WebLogic Operator/Admin Password Disclosure Vulnerability Checks the version of WebLogic infos
121) BEA WebLogic Scripts Server scripts Source Disclosure BEA WebLogic may be tricked into revealing the source code of JSP scripts. infos
122) BEA WebLogic Scripts Server scripts Source Disclosure (2) BEA WebLogic may be tricked into revealing the source code of JSP scripts. infos
123) BEA WebLogic Scripts Server scripts Source Disclosure (3) BEA WebLogic may be tricked into revealing the source code of JSP scripts. infos
124) bigconf Checks for the presence of /cgi-bin/bigconf.cgi infos
125) BiTBOARD IMG BBCode Tag JavaScript Injection Vulnerability Determines the version of BiTBOARD infos
126) bizdb1-search.cgi located Determines the presence of cgi-bin/bizdb1-search.cgi infos
127) Bizmail.cgi Mail From Unauthorized Mail Relay Vulnerability Checks the version of bizmail.cgi infos
128) biztalk server flaws Determines if BizTalk is installed infos
129) BlackBoard Internet Newsboard System remote file include flaw Checks BlackBoard Internet Newsboard System version infos
130) Blazix Web Server JSP source disclosure Attempts to read the source of a jsp page infos
131) BLnews code injection Checks for the presence of objects.inc.php4 attack
132) Blog Torrent Remote Directory Traversal Looks for a directory traversal vulnerability in Blog Torrent. infos
133) BlueDragon 6.2.1 Multiple Vulnerabilities Checks for an XSS flaw in BlueDragon Server attack
134) BlueShoes APP Parameter Remote File Include Vulnerability Tries to read a local file with BlueShoes' Google API attack
135) boastMachine Remote Arbitrary File Upload Vulnerability Checks for remote arbitrary file upload vulnerability in boastMachine infos
136) Bonsai Mutiple Flaws Determine if bonsai is vulnerable to xss attack infos
137) Brio Unix Directory Traversal Brio Unix Directory Traversal infos
138) BroadBoard SQL Injection SQL Injection infos
139) BroadVision Physical Path Disclosure Vulnerability Tests for BroadVision Physical Path Disclosure Vulnerability infos
140) Brooky CubeCart < 2.0.5 Checks Brooky CubeCart language XSS infos
141) BRT CopperExport XP_Publish.PHP SQL Injection Vulnerability SQL Injection in CopperExport infos
142) bttlxeForum SQL injection Uses a SQL query as a password attack
143) Buffer overflow in WebSite Professional's webfind.exe Buffer overflow attempt attack
144) BugPort unspecified attachment handling flaw Checks for BugPort version infos
145) Bugzilla <= 2.18.1 / 2.19.3 Multiple Vulnerabilities Checks for multiple vulnerabilities in Bugzilla <= 2.18.1 / 2.19.3 infos
146) Bugzilla Authentication Bypass and Information Disclosure Checks for the presence of Bugzilla infos
147) Bugzilla Detection Checks for the presence of bugzilla infos
148) Bugzilla Information Disclosure Vulnerabilities Checks for information disclosure vulnerabilities in Bugzilla infos
149) Bugzilla Multiple Flaws Checks for the presence of bugzilla infos
150) Bugzilla Multiple Flaws (2) Checks for the presence of bugzilla infos
151) Bugzilla remote arbitrary command execution Checks for the version of bugzilla infos
152) Bugzilla SQL flaws Checks for the presence of bugzilla infos
153) Bugzilla XSS and insecure temporary filenames Checks for the presence of bugzilla infos
154) BulletScript MailList bsml.pl Information Disclosure Determine if MiniBB can be used to execute arbitrary commands infos
155) Burning Board boardids Parameter SQL Injection Vulnerability Tries to generate a SQL error attack
156) Burning Board decode_cookie() SQL Injection Vulnerability Checks for SQL injection vulnerability in Burning Board Lite attack
157) Burning Board Detection Checks for presence of Burning Board infos
158) Burning Board modcp.php SQL Injection Vulnerabilities Checks for SQL injection vulnerabilities in Burning Board modcp.php script infos
159) Burning Board verify_email SQL Injection Vulnerability Checks for verify_email SQL injection vulnerability in Burning Board attack
160) Burning Board wbb_userid parameter SQL Injection Vulnerability Checks for SQL injection vulnerability in Burning Board Lite attack
161) Bypass Axis Storpoint CD authentication Requests /cd/../config/html/cnf_gi.htm infos
162) Cacti < 0.8.6e Multiple Vulnerabilities Checks for multiple vulnerabilities in Cacti < 0.8.6e attack
163) Cacti < 0.8.6f Multiple Vulnerabilities Checks for multiple vulnerabilities in Cacti < 0.8.6f attack
164) Cacti cmd.php Arbitrary Command Execution Vulnerability Checks if Cacti's cmd.php is remotely accessible attack
165) Cacti copy_cacti_user SQL Injection Vulnerability Checks if Cacti's copy_cacti_user.php is remotely accessible attack
166) CactuShop XSS and SQL injection flaws Checks CactuShop flaws infos
167) Cafe Wordpress SQL injection Checks for the presence of cafe wordpress attack
168) CakePHP file Parameter Directory Traversal Vulnerability Tries to read a local file with CakePHP infos
169) Calendar Express Multiple Flaws Checks Calendar Express XSS and SQL flaws infos
170) Calendarix id Parameter SQL Injection Vulnerabilities Checks for id parameter SQL injection in Calendarix attack
171) Calendarix SQL Injection Vulnerability Checks for multiple vulnerabilities in Calendarix attack
172) calendar_admin.pl Checks for the presence of /cgi-bin/calendar_admin.pl infos
173) Campas Checks for the presence of /cgi-bin/campas infos
174) Carello detection Checks for the presence of carello.dll infos
175) Cerberus Helpdesk GUI Agent < 2.7.1 Multiple Vulnerabilities Checks for multiple vulnerabilities in Cerberus Helpdesk GUI Agent < 2.7.1 infos
176) Cerberus Helpdesk rpc.php Information Disclosure Vulnerability Gets requestors for a Cerberus ticket infos
177) Cerberus Support Center Multiple Vulnerabilities Checks for multiple vulnerabilities in Cerberus Support Center attack
178) cfWebStore SQL injection SQL Injection infos
179) cgi.rb Checks for the presence of cgi.rb infos
180) CGIEmail's CGICso (Send CSO via CGI) Command Execution Vulnerability Determine if a remote host is vulnerable to the cgicso vulnerability infos
181) cgiforum Checks for the presence of /cgi-bin/cgiforum.pl infos
182) CgiMail.exe vulnerability Checks for the cgimail.exe file infos
183) cgitest.exe buffer overrun Checks for the /cgi-bin/cgitest.exe buffer overrun denial
184) cgiWebupdate.exe vulnerability Checks for the cgiWebupdate.exe file infos
185) Checks for listrec.pl Checks for the listrec.pl CGI infos
186) CherryPy staticFilter Directory Traversal Vulnerability Checks for staticFilter directory traversal vulnerability in CherryPy attack
187) ChipMonk Forum SQL Injection Checks if ChipMonk forum is vulnerable to a SQL injection attack infos
188) ChipMunk CMScore SQL Injection Checks if ChipMunk CMScore is vulnerable to a SQL injection attack infos
189) Chora Remote Code Execution Vulnerability Checks for remote code execution vulnerability in Chora attack
190) CitrusDB Remote Authentication Bypass Vulnerability Determines the presence of CitrusDB infos
191) Claroline < 1.5.4 / 1.6.0 Multiple Input Validation Vulnerabilities Checks for multiple input validation vulnerabilities in Claroline < 1.5.4 / 1.6.0 attack
192) Claroline Detection Checks for presence of Claroline infos
193) Claroline extAuthSource Parameter Array Remote File Include Vulnerability Tries to read a local file with Claroline attack
194) Claroline includePath Parameter Remote File Include Vulnerability Tries to read a local file using Claroline attack
195) Claroline Multiple Vulnerabilities (2) Tries to read /etc/passwd using Claroline attack
196) Claroline Multiple Vulnerabilities (3) Tries to read a local file using Claroline attack
197) Clever Copy connect.inc Information Disclosure Vulnerability Reads Clever Copy's admin/connect.inc file attack
198) CMS Made Simple nls Parameter File Include Vulnerability Checks for nls parameter file include vulnerability in CMS Made Simple attack
199) Cobalt RaQ2 cgiwrap Checks for the presence of /cgi-bin/cgiwrap infos
200) Cobalt siteUserMod cgi Checks for the presence of /.cobalt/siteUserMod/siteUserMod.cgi infos
201) CodeGrrl Applications Remote File Inclusion Vulnerabilities Checks for remote file inclusion vulnerabilities in CodeGrrl applications attack
202) CodeThatShoppingCart Input Validation Vulnerabilities Checks for an SQL injection in CodeThatShoppingCart infos
203) Cognos Powerplay WE Vulnerability Checks for the ppdscgi.exe CGI infos
204) Cold Fusion Administration Page Overflow Checks for the presence of /cfide/administrator/index.cfm attack
205) ColdFusion Debug Mode Get ColdFusion Debug Information infos
206) ColdFusion Double-Encoded Null Byte Information Disclosure Vulnerability Tries to retrieve script source code using ColdFusion attack
207) ColdFusion Path Disclosure Checks for a ColdFusion vulnerability infos
208) ColdFusion Vulnerability Checks for a ColdFusion vulnerability infos
209) Comersus BackOffice Administrator Authentication Bypass Vulnerability Checks for administrator authentication bypass vulnerability in Comersus BackOffice attack
210) Comersus BackOffice Lite Administrative Bypass Checks for the presence of a BackOffice Lite Administrative Bypass attack
211) Comersus Cart Customer Database Disclosure Vulnerability Checks for customer database vulnerability in Comersus Cart infos
212) Comersus Cart Multiple Vulnerabilities Checks for multiple vulnerabilities in Comersus Cart attack
213) Comersus Login SQL injection Checks for Comersus infos
214) Commerce Server 2002 Authentication Bypass Vulnerability Checks version of Commerce Server 2002 infos
215) commerce.cgi Checks for the presence of /cgi-bin/commerce.cgi infos
216) Community Link Pro webeditor login.cgi remote command execution Checks for Community Link Pro webeditor login.cgi remote execution flaw infos
217) Contenido cfg Parameter Remote File Include Vulnerability Checks for cfg parameter remote file include vulnerability in Contenido attack
218) CoolForum SQL Injection flaw Checks for the presence of CoolForum infos
219) CoolForum XSS and SQL Injection Vulnerabilities Checks for cross-site scripting and SQL injection vulnerabilities in CoolForum attack
220) Coppermine Gallery Detection Checks for the presence of Coppermine Gallery infos
221) Coppermine Gallery Remote Command Execution Checks for the presence of db_input.php infos
222) Coppermine Gallery SQL injection Checks for the presence of db_input.php infos
223) Coppermine Gallery Voting Restriction Failure Checks for the presence of db_input.php infos
224) Coppermine Photo Gallery < 1.3.2 Multiple Vulnerabilities Checks for version of Coppermine Photo Gallery infos
225) Coppermine Photo Gallery f Parameter Remote File Include Vulnerability Checks for f parameter remote file include vulnerability in Coppermine Photo Gallery attack
226) Coppermine Photo Gallery file Parameter Local File Include Vulnerability Tries to read a local file using Coppermine Photo Gallery attack
227) Count.cgi Checks Count.cgi version infos
228) counter.exe vulnerability Checks for the counter.exe file mixed
229) counter.php file overwrite Determine if counter.php is present infos
230) cPanel Backup File Disclosure Checks for the version of cpanel infos
231) cPanel FrontPage Extension Flaws Checks for the version of cpanel infos
232) cPanel Login Command Execution Command Injection infos
233) cpanel remote command execution Executes /bin/id infos
234) Credit Card Data Disclosure in CitrusDB Checks for the presence of IO directory of CitrusDB infos
235) Cross-Referencing Linux (lxr) file reading Checks for the presence of /cgi-bin/source infos
236) Crystal Report virtual directory traversal Crystal Report virtual directory traversal infos
237) CSNews.cgi vulnerability Checks for the csnews.cgi file infos
238) csSearch.cgi Checks for the presence of /cgi-bin/csSearch.cgi infos
239) ctss.idc check Checks for the presence of /scripts/tools/ctss.idc infos
240) CubeCart 2.0.6 and Earlier Multiple SQL Injection Vulnerabilities Checks for multiple SQL injection vulnerabilities in CubeCart 2.0.6 and earlier attack
241) CubeCart < 3.0.12 Multiple Vulnerabilities Checks for a XSS flaw in CubeCart attack
242) CubeCart < 3.0.13 Multiple Vulnerabilities Tries to read a local file in CubeCart attack
243) CubeCart Detection Checks for the presence of CubeCart infos
244) CubeCart FCKeditor Arbitrary File Upload Vulnerability Tries to use CubeCart to upload a file with PHP code destructive_attack
245) CubeCart SQL injection SQL Injection in CubeCart attack
246) CuteNews <= 1.3.6 Multiple Vulnerabilities Checks for multiple vulnerabilities in CuteNews <= 1.3.6 infos
247) CuteNews archive Parameter Information Disclosure Vulnerability Tries to read a file via archive parameter of CuteNews attack
248) CuteNews Client-IP Header Code Injection Vulnerability Checks for Client-IP header code injection vulnerability in CuteNews mixed
249) CuteNews code injection Checks for the presence of search.php attack
250) CuteNews Debug Info Disclosure Checks for the presence of cutenews infos
251) CuteNews Detection Checks for presence of CuteNews infos
252) CuteNews directory traversal flaw Checks for CuteNews dir traversal infos
253) Cutenews search.php Cross Site Scripting Vulerability Tries to inject javascript code. attack
254) Cuyahoga FCKEditor Security Bypass Vulnerability Tries to call FCKEditor's upload.php script infos
255) CVS/Entries requests CVS/Entries infos
256) CVSTrac cgi.c multiple overflows Checks for CVSTrac version infos
257) CVSTrac chdir() chroot jail escape Checks for CVSTrac version infos
258) CVSTrac CVSROOT/passwd arbitrary account deletion Checks for CVSTrac version infos
259) CVSTrac database plaintext password storage Checks for CVSTrac version infos
260) CVSTrac Detection Detects the presence of CVSTrac infos
261) CVSTrac filediff vulnerability Checks for CVSTrac version attack
262) CVSTrac history.c history_update function overflow Checks for CVSTrac version infos
263) CVSTrac invalid ticket DoS Checks for CVSTrac version infos
264) CVSTrac malformed URI infinite loop DoS Checks for CVSTrac version attack
265) CVSTrac text output formatter DoS Checks CVSTrac version infos
266) CVSTrac ticket title arbitrary command execution Checks for CVSTrac version infos
267) CVSTrac timeline.c timeline_page function overflow Checks for CVSTrac version infos
268) CVSWeb 1.80 gives a shell to cvs committers Checks if CVSWeb is present and gets its version infos
269) CVSweb detection Determines whether cvsweb.cgi is installed on the remote host infos
270) CWmail.exe vulnerability Checks for the cwmail.exe file infos
271) Cyberstrong eShop SQL Injection Vulnerabilities Checks for an SQL injection in Cyberstrong eShop v4.2 attack
272) DB4Web directory traversal Read any file through DB4Web attack
273) DB4Web TCP relay DB4Web debug page allow bounce scan attack
274) DBMan CGI server information leakage Checks if webplus reads local files infos
275) dcforum Checks for the presence of /cgi-bin/dcforum infos
276) DCP-Portal Multiple SQL Injection Vulnerabilities Determines the presence of DCP-Portal infos
277) DCP-Portal Path Disclosure Determine if DCP-Portal displays its physical path infos
278) ddicgi.exe vulnerability Checks for the ddicgi.exe file denial
279) DeluxeBB Multiple SQL injection flaws Checks DeluxeBB version infos
280) DeskNow Mail and Collaboration Server Directory Traversal Vulnerabilities Checks for the presence of an old version of DeskNow infos
281) Detects LDU version LDU detection infos
282) Detects Xaraya version Xaraya detection infos
283) DevTrack Web Service UserName SQL Injection Vulnerability Tries to generate a SQL error using DevTrack Web Service attack
284) Digital Scribe login.php SQL Injection flaw Checks for SQL injection flaw in Digital Scribe infos
285) Directory listing through Sambar's search.dll Checks the presence of search.dll infos
286) Directory Manager's edit_image.php Detects edit_image.php infos
287) directory pro web traversal Checks for the presence of /cgi-bin/directorypro.cgi infos
288) directory.php Checks for the presence of /directory.php infos
289) Docebo GLOBALS Variable Overwrite Vulnerability Checks for file inclusions errors in multiple Docebo applications attack
290) Dokeos < 1.6.4 / 2.0.3 Remote File Include Vulnerabilities Tries to read /etc/passwd using Dokeos attack
291) Dokeos extAuthSource Parameter Array Remote File Include Vulnerability Tries to read a local file with Dokeos attack
292) DokuWiki Detection Checks for presence of DokuWiki infos
293) DokuWiki dwpage.php Accessibility Vulnerability Checks whether DocuWiki dwpage.php is accessible via http infos
294) DokuWiki im_convert Arbitrary Code Execution Vulnerability Executes arbitrary command via DocuWiki im_convert Feature destructive_attack
295) DokuWiki spellcheck Arbitrary Code Execution Vulnerability Executes arbitrary PHP code via DocuWiki spellcheck attack
296) dotProject docs Directory Information Disclosure Vulnerabilities Checks for docs directory information disclosure vulnerabilities in dotProject infos
297) dotProject Remote File Include Vulnerabilities Checks for remote file include vulnerabilities in dotProject attack
298) Dragonfly CMS currentlang Parameter Local File Include Vulnerability Checks for currentlang parameter local file include vulnerability in Dragonfly CMS attack
299) Dream4 Koobi CMS Index.PHP SQL Injection Vulnerability Checks for an SQL injection in the Koobi CMS infos
300) Drupal Arbitrary PHP Code Execution Vulnerability Checks version of Drupal infos
301) Drupal Captcha Bypass Vulnerability Tries to bypass captcha when registering as a new user in Drupal attack
302) Drupal Comment Code Execution Vulnerability Tries to execute a command via Drupal attack
303) Drupal Comment Preview Code Execution Vulnerability (2) Tries to execute a command via Drupal attack
304) Drupal Detection Detects Drupal infos
305) Drupal Privilege Escalation Vulnerability Checks version of Drupal infos
306) Drupal XML-RPC for PHP Remote Code Injection Vulnerability Checks for XML-RPC for PHP remote code injection vulnerability in Drupal attack
307) DUamazon Pro Multiple SQL Injection Vulnerabilities Checks for multiple SQL injection vulnerabilities in DUamazon Pro infos
308) DUclassmate Multiple SQL Injection Vulnerabilities Checks for multiple SQL injection vulnerabilities in DUclassmate infos
309) DUforum Multiple SQL Injection Vulnerabilities Checks for multiple SQL injection vulnerabilities in DUforum infos
310) Dumpenv Checks for the presence of /cgi-bin/dumpenv infos
311) Dune Web Server Overflow Checks for Dune Overflow mixed
312) DUpaypal Pro Multiple SQL Injection Vulnerabilities Checks for multiple SQL injection vulnerabilities in DUpaypal Pro infos
313) DUportal Pro Multiple SQL Injection Vulnerabilities Checks for multiple SQL injection vulnerabilities in DUportal Pro infos
314) DUPortal/DUPortal Pro Multiple SQL Injection Vulnerabilities Checks for SQL injection vulnerability in DUPortal attack
315) DUware iType Parameter SQL Injection Vulnerability Checks for iType parameter SQL injection vulnerability in DUware attack
316) DUware multiple vulnerabilities Determines if the remote ASP scripts are vulnerable to SQL injection infos
317) Dwarf HTTP Server < 1.3.3 Multiple Vulnerabilities Checks version of Dwarf HTTP Server infos
318) E-Shopping Cart Arbitrary Command Execution (WebDiscount) E-Shopping Cart Arbitrary Command Execution (WebDiscount) infos
319) E-Theni code injection Checks for the presence of aff_list_langue.php attack
320) e107 <= 0.617 Multiple Vulnerabilities Checks for multiple vulnerabilities in e107 <= 0.617 attack
321) e107 cookie SQL Injection Vulnerability Tries to bypass authentication in e107 with a special cookie attack
322) e107 database dump e107 flaw infos
323) e107 Detection Checks for the presence of e107 infos
324) e107 e107language_e107cookie Local File Include Vulnerability Tries to read a local file with e107 attack
325) e107 Email Injection Vulnerability Tries to send arbitrary email with e107 attack
326) e107 ePing Plugin Arbitrary Code Execution Vulnerability Checks for arbitrary code execution vulnerability in e107 ePing plugin attack
327) e107 eTrace Plugin Arbitrary Code Execution Vulnerability Checks for arbitrary code execution vulnerability in e107 eTrace plugin attack
328) e107 Remote Code Execution Vulnerability Tries to run a command in e107 attack
329) e107 resetcore.php SQL Injection e107 SQL Injection infos
330) Easy Address Book Web Server Format String Vulnerability Tries to crash Easy Address Book Web Server denial
331) Easy File Sharing Web Server ACL Bypass Checks /disk_c infos
332) Easy File Sharing Web Server Information Disclosure Tries to read a local file via EFS attack
333) Easy Message Board Command Execution Checks for Easy Message Board infos
334) EasyDynamicPages edp_relative_path Parameter Remote File Include Vulnerability Checks for the presence of EasyDynamicPages attack
335) EasyPHPCalendar serverPath Remote File Include Vulnerabilities Checks for serverPath remote file include vulnerabilities in EasyPHPCalendar attack
336) EasyWeb FileManager Directory Traversal Determines if EasyWeb FileManager is present infos
337) Ecartis Username Spoofing Checks for the presence of lsg2.cgi infos
338) eCommerce Multiple Vulnerabilities Checks for multiple vulnerabilities in eCommerce attack
339) Edgewall Software Trac SQL injection flaw Checks for SQL injection flaw in Trac infos
340) EdiMax AP Hidden Password Check Edimax Hidden Password Check infos
341) eFiction < 2.0.2 Multiple Vulnerabilities Checks for multiple vulnerabilities in eFiction < 2.0.2 attack
342) EGroupWare Detection Detects the presence of EGroupWare infos
343) EGroupWare Multiple Vulnerabilitie Checks for the version of EGroupWare infos
344) eLDAPo cleartext passwords Checks for eLDAPo infos
345) ELOG < 2.6.1 Multiple Vulnerabilities Checks for multiple vulnerabilities in ELOG < 2.6.1 attack
346) ELOG Web LogBook global Denial of Service Tries to crash the remote service. denial
347) ELOG Web Logbook Multiple Remote Vulnerabilities Determines the presence of ELOG Web Logbook infos
348) empower cgi path Attempts to find the location of the remote web root infos
349) Emulive Server4 Authentication Bypass Requests the admin page of the remote EmuLive Server4 infos
350) Emumail WebMail multiple vulnerabilities version test for Emumail infos
351) Episodex Guestbook Unauthorized Access and HTML Injection Vulnerability Checks for unathentication access to admin.asp infos
352) ePolicy Orchestrator Local Information Disclosure Vulnerability Checks for local information disclosure vulnerability in ePolicy Orchestrator infos
353) Etomite CMS id Paramater SQL Injection Tries to generate a SQL error with Etomite CMS attack
354) Excite for WebServers Checks for the presence of /cgi-bin/ews infos
355) Exhibit Engine list.php SQL Injection Vulnerabilities Checks for SQL injection vulnerability in Exhibit Engine's list.php attack
356) Exhibit Engine toroot Parameter Remote File Include Vulnerability Tries to read a local file with Exhibit Engine attack
357) Exo PHPDesk id Parameter SQL Injection Vulnerability Tries to generate a SQL error with Exo PHPDesk attack
358) Exponent CMS < 0.96.4 Multiple Vulnerabilities Checks for multiple vulnerabilities in Exponent CMS < 0.96.4 attack
359) Exponent CMS Multiple Cross-Site Scripting Vulnerabilities Checks for the version of Exponent attack
360) Exponent CMS view Parameter Local File Include Vulnerability Tries to read a local file in Exponent CMS attack
361) Extent RBS ISP Checks for the presence of Extent RBS ISP 2.5 infos
362) ezPublish config disclosure Determine if ezPublish config file can be retrieved infos
363) EZShopper 3.0 Checks for the presence of EZShopper's CGIs infos
364) EZsite Forum Discloses Passwords to Remote Users Checks for EZsiteForum.mdb password database infos
365) ezUpload <= 2.2 Multiple Vulnerabilities Checks for multiple vulnerabilities in ezUpload <= 2.2 attack
366) e_Board arbitrary file reading Checks for e_Board infos
367) F-Secure Policy Manager Path Disclosure Checks for /fsms/fsmsh.dll infos
368) FAQManager Arbitrary File Reading Vulnerability Tests for FAQManager Arbitrary File Reading Vulnerability attack
369) Faxsurvey Checks if faxsurvey is vulnerable infos
370) FCKeditor Arbitrary File Upload Vulnerability Tries to use upload a file with PHP code using FCKeditor destructive_attack
371) FCKeditor for PHP-Nuke Arbitrary File Upload Vulnerability Detects arbitrary file upload vulnerability in FCKeditor for PHP-Nuke mixed
372) Fedora DS Administration Server Information Disclosure Vulnerability Checks for an information disclosure vulnerability in Fedora Directory Server Administration Server attack
373) Feedsplitter <= 2006-01-21 Multiple Vulnerabilities Tries to read an invalid XML file with Feedsplitter attack
374) File Disclosure in OWL's Workshop Detect OWLS File Disclosure infos
375) File Disclosure in PHP Manpage Detect PHP Manpage File Disclosure infos
376) File Inclusion Vulnerability in Jaws Detect Jaws File Inclusion Vulnerability infos
377) File Inclusion Vulnerability in Pivot Detect Pivot File Inclusion Vulnerability infos
378) Finger cgi Checks for the presence of /cgi-bin/finger infos
379) Fingerprint web server with favicon.ico Attempt to fingerprint web server with favicon.ico infos
380) FishCart SQL injections Checks for the presence of an SQL injection in upstnt.asp attack
381) FlatNuke < 2.5.6 Multiple Vulnerabilities Checks for multiple vulnerabilities in FlatNuke < 2.5.6 destructive_attack
382) FlatNuke Form Submission Input Validation Vulnerability Determines if FlatNuke is installed infos
383) FlatNuke id Parameter Directory Traversal Vulnerability Checks for id parameter directory traversal vulnerability in FlatNuke attack
384) FlexCast Server Terminal Authentication Vulnerability Checks for terminal authentication vulnerability in FlexCast Server infos
385) Flyspray adodbpath Parameter Remote File Include Vulnerability Checks for adodbpath parameter remote file include vulnerability in Flyspray attack
386) FormHandler.cgi Attempts to read /etc/passwd attack
387) formmail.pl Checks for the presence of /cgi-bin/formmail.pl infos
388) Forum51/Board51/News51 Users Disclosure Checks for the presence of user.idx attack
389) foxweb CGI Checks for the presence of foxweb.exe or foxweb.dll infos
390) Free Articles Directory Remote File Inclusion Vulnerability Checks for file includes in Free Articles Directory attack
391) ftp.pl shows the listing of any dir Checks for the presence of /cgi-bin/ftp/ftp.pl infos
392) FtpLocate fsite Parameter Command Execution Vulnerability Checks for fsite parameter command execution vulnerability in FtpLocate attack
393) FUDforum < 2.7.1 Avatar Upload Vulnerability Checks for avatar upload vulnerability in FUDforum < 2.7.1 infos
394) Fuji Xerox Printing Systems Authentication Bypass Vulnerability Gets version of remote printer infos
395) Fusion News X-Forwarded-For Code Injection Vulnerability Checks for X-Forwarded-For code injection vulnerability in Fusion News mixed
396) Fusion SBX Password Bypass and Command Execution