Vulnerability Assessment & Network Security Forums



The comprehensive list of vulnerabilities in this category are updated on a daily basis.  There are currently 2,554 vulnerability test descriptions and summaries in the database.  Clicking on the name of the vulnerability below will bring up the specific details for each network security test along with recommendations for patching the vulnerability and related discussions.

Home >> Browse Vulnerability Assessment Database >> Web Servers

Vulnerability assessments available for:
Web-Servers


Vulnerability Name Vulnerability Description Network Security Threat Type
1) /iisadmin is world readable Checks for the presence of /iisadmin infos
2) /iisadmpwd/aexp2.htr Determines whether /iisadmpwd/aexp2.htr is present infos
3) /scripts directory browsable Is /scripts/ listable ? infos
4) /scripts/repost.asp Determines whether /scripts/repost.asp is present infos
5) Apache /server-info accessible Make a request like http://www.example.com/server-info infos
6) Apache /server-status accessible Makes a request like http://www.example.com/server-status infos
7) Apache 2.0.39 Win32 directory traversal Apache 2.0.39 Win32 directory traversal infos
8) Apache < 1.3.27 Checks for version of Apache infos
9) Apache < 1.3.28 Checks for version of Apache infos
10) Apache < 1.3.29 Checks for version of Apache infos
11) Apache < 2.0.43 Checks for version of Apache infos
12) Apache < 2.0.45 Checks for version of Apache mixed
13) Apache < 2.0.46 Checks for version of Apache mixed
14) Apache < 2.0.46 on OS/2 Checks for version of Apache infos
15) Apache < 2.0.47 Checks for version of Apache infos
16) Apache < 2.0.48 Checks for version of Apache infos
17) Apache < 2.0.51 Checks for version of Apache infos
18) Apache <= 1.3.33 htpasswd local overflow Checks for Apache <= 1.3.33 infos
19) Apache = 2.0.51 Checks for version of Apache infos
20) Apache Auth Module SQL Insertion Attack Checks for vulnerable Apache Auth modules infos
21) Apache Connection Blocking Denial of Service Checks for version of Apache infos
22) Apache Directory Listing Checks to see if Apache will provide a directory listing infos
23) Apache Error Log Escape Sequence Injection Checks for Apache Error Log Escape Sequence Injection Vulnerability infos
24) Apache mod_access rule bypass Checks for Apache mod_access Rule Bypass Vulnerability infos
25) Apache mod_include Privilege Escalation Checks for version of Apache infos
26) Apache mod_proxy content-length buffer overflow Checks for version of Apache infos
27) Apache mod_ssl denial of service Checks for version of Apache infos
28) Apache Remote Command Execution via .bat files Tests for presence of Apache Command Execution via .bat vulnerability attack
29) Apache Remote Username Enumeration Vulnerability Checks for the error codes returned by Apache when requesting a non-existant user name infos
30) Apache Tomcat Default Accounts Apache Tomcat Default Accounts attack
31) Apache Tomcat servlet/JSP container default files Checks for Apache Tomcat default files infos
32) Apache-SSL Client Certificate Forging Vulnerability Checks for version of Apache-SSL infos
33) Apache::ASP source.asp Checks for the presence of /site/eg/source.asp infos
34) Authentication bypassing in Lotus Domino Checks if Lotus Domino databases can be accessed by by-passing the required authentication infos
35) BadBlue invalid null byte vulnerability Read BadBlue protected configuration file attack
36) CERN HTTPD access control bypass Determines if web access control can be circumvented infos
37) CERN httpd CGI name heap overflow Ask for a too long CGI name containing a dot destructive_attack
38) CERN httpd problem Attempts to find the location of the remote web root infos
39) Check for bdir.htr files Check for existence of bdir.htr infos
40) Check for dangerous IIS default files Check for existence of viewcode.asp infos
41) Check for IIS .cnf file leakage Check for existence of world-readable .cnf files infos
42) Codebrws.asp Source Disclosure Vulnerability Tests for presence of Codebrws.asp infos
43) Compaq Web Management Server Determines of the remote web server is Compaq Web Management infos
44) Cross-Site Scripting in Cherokee Error Pages Checks for the version of Cherokee infos
45) Directory listing through WebDAV Checks the presence of WebDAV infos
46) Domino HTTP server exposes the set up of the filesystem obtains absolute path to cgi-bin infos
47) Domino traversal \..\..\file.txt attack
48) F5 BIP-IP Cookie Persistence F5 BIP-IP(R) Cookie Persistence infos
49) fpcount.exe overflow Is fpcount.exe installed ? infos
50) Frontpage Overflow (MS03-051) IIS Frontpage MS03-051 infos
51) GeoHttpServer Unauthorized Image Access Vulnerability Checks for unauthorized image access vulnerability in GeoHttpServer infos
52) Hidden WWW server name Tries to discover the web server name infos
53) htimage.exe overflow Is htimage.exe vulnerable to a buffer overflow ? denial
54) HyperText Transfer Protocol Information Determines the version of HTTP spoken by the remote host infos
55) IIS .HTR ISAPI filter applied Tests for IIS .htr ISAPI filter infos
56) IIS .IDA ISAPI filter applied Tests for IIS .ida ISAPI filter infos
57) IIS 5 .printer ISAPI filter applied Tests for IIS5 .printer ISAPI filter infos
58) IIS 5.0 Sample App reveals physical path of web root IIS 5.0 Sample App reveals physical path of web root infos
59) IIS : Directory listing through WebDAV Checks the presence of the Index Server service infos
60) IIS dangerous sample files Determines whether IIS samples files are installed infos
61) IIS perl.exe problem Attempts to find the location of the remote web root infos
62) IIS Remote Command Execution Determines if arbitrary commands can be executed infos
63) IIS Service Pack - 404 IIS Service Pack Check infos
64) IIS Unicode Remote Command Execution Determines if arbitrary commands can be executed thanks to IIS infos
65) IMail account hijack Checks for version of IMail web interface infos
66) iPlanet Directory Server traversal /\../\../\file.txt attack
67) iPlanet Search Engine File Viewing Attempts to read an arbitrary file using a feature in iPlanet attack
68) Ipswitch Imail WebCalendar Directory Traversal Vulnerability Ipswitch Imail WebCalendar Directory Traversal Vulnerability infos
69) JServ Cross Site Scripting Tests for JServ Cross Site Scripting attack
70) Lotus Domino administration databases Checks if Lotus Domino administration databases can be anonymously accessed infos
71) Lotus Domino Banner Information Disclosure Vulnerability Tests for Lotus Physical Path Disclosure Vulnerability infos
72) Lotus Domino Server Information Disclosure Vulnerabilities Checks for information disclosure vulnerabilities in Lotus Domino Server infos
73) Lotus Notes ?OpenServer Information Disclosure Lotus Notes ?OpenServer Information Disclosure infos
74) Malformed Hit-Highlighting Argument Vulnerability Determines IIS IDA/IDQ Path Reveal vulnerability infos
75) Microsoft .NET Custom Errors Not Set Checks for the error message of the .NET framework infos
76) Microsoft .NET Handlers Enumeration Checks for the version of the .NET framework infos
77) Microsoft .NET Version Information Disclosure Checks for the version of the .NET framework infos
78) Microsoft Frontpage 'authors' exploits Checks for the presence of Microsoft Frontpage extensions infos
79) Microsoft Frontpage dvwssr.dll backdoor Checks for the presence of /_vti_bin/_vti_aut/dvwssr.dll infos
80) Microsoft Frontpage exploits Checks for the presence of Microsoft Frontpage extensions infos
81) Microsoft IIS Cookie information disclosure Microsoft IIS Cookie information disclosure infos
82) Microsoft IIS UNC Mapped Virtual Host Vulnerability Checks IIS for .ASP/.HTR backslash vulnerability. infos
83) Microsoft's Index server reveals ASP source code Checks for a problem in webhits.dll infos
84) mod_frontpage installed Checks for the presence of mod_frontpage infos
85) mod_gzip format string attack mod_gzip detection mixed
86) mod_gzip running mod_gzip detection infos
87) mod_python handle abuse Checks for version of Python infos
88) mod_python malformed query Checks for version of Python infos
89) mod_ssl off by one Checks for version of mod_ssl infos
90) mod_ssl overflow Checks for version of mod_ssl infos
91) mod_survey ENV tags SQL injection mod_survey SQL injection infos
92) Netscape Administration Server admin password Reads admpw infos
93) Netscape FastTrack 'get' 'get / ' gives a directory listing infos
94) Netscape Server ?PageServices bug Make a request like http://www.example.com/?PageServices infos
95) Netscape Server ?wp bug Make a request like http://www.example.com/?wp-cs-dump infos
96) No 404 check Checks if the remote webserver issues 404 errors infos
97) nsiislog.dll DoS Determines the presence of nsiislog.dll denial
98) Passwordless frontpage installation Determines if the remote web server is password protected attack
99) RDS / MDAC Vulnerability (msadcs.dll) located Determines the presence of msadcs.dll infos
100) RDS / MDAC Vulnerability Content-Type overflow Determines the presence of msadcs.dll mixed
101) shtml.exe reveals full path Retrieve the real path using shtml.exe infos
102) VisualRoute Web Server Detection Extracts the banner of the remote visual route server infos
103) Web mirroring Performs a quick web mirror infos
104) Web Server reverse proxy bug Web Server reverse proxy bug infos
105) Web server traversal \..\..\file.txt attack
106) WebDAV Directories Enumeration Determines which directories are DAV enabled infos
107) Zope DocumentTemplate package problem Checks for Zope infos
108) Zope DoS Checks for Zope infos
109) Zope Image Updating Method Checks for Zope infos
110) Zope Installation Path Disclosure Checks for Zope installation directory attack
111) Zope Invalid Query Path Disclosure Checks for Zope Examples directory attack
112) Zope Multiple Vulnerabilities Checks Zope version infos
113) Zope ZClass Permission Mapping Bug Checks Zope version infos


Lot of 50 DDR4 8GB PC4-2666V Laptop Memory RAM Mixed Major Brands picture

Lot of 50 DDR4 8GB PC4-2666V Laptop Memory RAM Mixed Major Brands

$474.99



A-Tech 8GB DDR3 1600 PC3-12800 Laptop SODIMM 204-Pin Memory RAM PC3L DDR3L 1x 8G picture

A-Tech 8GB DDR3 1600 PC3-12800 Laptop SODIMM 204-Pin Memory RAM PC3L DDR3L 1x 8G

$11.99



Patriot Viper Steel 32GB (2 x 16GB) 288-Pin PC RAM DDR4 3600 (PC4 28800) Intel X picture

Patriot Viper Steel 32GB (2 x 16GB) 288-Pin PC RAM DDR4 3600 (PC4 28800) Intel X

$49.49



A-Tech 8GB PC3-12800 Desktop DDR3 1600 MHz Non ECC 240-Pin DIMM Memory RAM 1x 8G picture

A-Tech 8GB PC3-12800 Desktop DDR3 1600 MHz Non ECC 240-Pin DIMM Memory RAM 1x 8G

$11.99



Team T-FORCE VULCAN Z 16GB (2 x 8GB) DDR4 3200 PC Ram Intel XMP 2.0 Memory picture

Team T-FORCE VULCAN Z 16GB (2 x 8GB) DDR4 3200 PC Ram Intel XMP 2.0 Memory

$33.99



HyperX FURY DDR3 8GB 16GB 32GB 1600 MHz PC3-12800 Desktop RAM Memory DIMM 240pin picture

HyperX FURY DDR3 8GB 16GB 32GB 1600 MHz PC3-12800 Desktop RAM Memory DIMM 240pin

$15.85



Mixed Brands/Speeds 4GB PC3/PC3L-10600/12800 DDR3 Laptop Ram Memory picture

Mixed Brands/Speeds 4GB PC3/PC3L-10600/12800 DDR3 Laptop Ram Memory

$0.99



Crucial DDR3L 16GB 1600 8GB 16GB PC3-12800 Laptop SODIMM Memory RAM PC3 16G DDR3 picture

Crucial DDR3L 16GB 1600 8GB 16GB PC3-12800 Laptop SODIMM Memory RAM PC3 16G DDR3

$13.45



A-Tech 128GB 4x 32GB 2Rx4 PC4-21300R DDR4 2666 ECC REG RDIMM Server Memory RAM picture

A-Tech 128GB 4x 32GB 2Rx4 PC4-21300R DDR4 2666 ECC REG RDIMM Server Memory RAM

$151.96



A-Tech 256GB 8x 32GB 2Rx4 PC4-19200R DDR4 2400 ECC REG RDIMM Server Memory RAM picture

A-Tech 256GB 8x 32GB 2Rx4 PC4-19200R DDR4 2400 ECC REG RDIMM Server Memory RAM

$271.92