CGI abuses Vulnerabilities
Name
Summary
'Les Visiteurs' script injection
Les Visiteurs inc file upload
/cgi-bin directory browsable ?
Is /cgi-bin browsable ?
/doc directory browsable ?
Is /doc browsable ?
/doc/packages directory browsable ?
Is /doc/packages browseable ?
/perl directory browsable ?
Is /perl browsable ?
2BGal SQL Injection
SQL Injection
3Com NBX VoIP NetSet Detection
Tests for 3Com NBX VoIP NetSet Detection
3Com Network Supervisor Directory Traversal Vulnerability
Checks for directory traversal vulnerability in 3Com Network Supervisor
4Images <= 1.7.1 Directory Traversal Vulnerability
Check if 4Images is vulnerable to directory traversal flaws
@lex guestbook remote file include
Checks for @lex guestbook
A1Stats Traversal
Checks if A1Stats reads any file
Aardvark Topsites CONFIG[path] Parameter Remote File Inclusion Vulnerability
Checks for a file include using CONFIG[path] in Aardvark Topsites
Aborior Command Execution
Detects display.cgi
ACal path Parameter Remote File Include Vulnerability
Tries to read /etc/passwd using ACal
Achievo code injection
Checks for the presence of Achievo
ActiveAuction Multiple Vulnerabilities
Checks the version of vBulletin
ActivePerl perlIS.dll Buffer Overflow
Determines if arbitrary commands can be executed thanks to ActivePerl's perlIS.dll
ActiveState Perl directory traversal
Determines if ActivePerl is vulnerable
ActualAnalyzer rf Parameter Remote File Include Vulnerability
Tries to read /etc/passwd using ActualAnalyzer
ad.cgi
Checks for the presence of /cgi-bin/ad.cgi
Adcycle Password Disclosure
Checks for the presence of /cgi-bin/build.cgi
Admbook PHP Code Injection Flaw
Checks for remote PHP code injection in Admbook
AdMentor Login Flaw
AdMentor Login Flaw
admin.cgi overflow
Overflows admin.cgi
Adobe Breeze Directory Traversal Vulnerability
Checks version of Adobe Breeze
Adobe Document Server Default Credentials
Checks for default credentials in Adobe Document Server
Adobe Document Server File URI Resource Access Vulnerability
Tries to write to a file using Adobe Document Server
Adobe Document Server for Reader Extensions < 6.1 Multiple Vulnerabilities
Tries to exploit an XSS flaw in Adobe Document Server for Reader Extensions
ADODB do Command Execution Vulnerability
Checks for do parameter command execution vulnerability in ADODB
ADODB sql Parameter SQL Injection Vulnerability
Checks for sql parameter SQL injection vulnerability in ADODB
Advanced Guestbook Index.PHP SQL Injection Vulnerability
Checks for an SQL injection attack in Advanced Guestbook
Advanced Guestbook phpbb_root_path Parameter Remote File Include Vulnerability
Tries to read /etc/passwd using Advanced Guestbook
Advanced Poll info.php
Checks for the presence of info.php
Advanced Poll Variable Overwriting Vulnerability
Checks if variables can be overwritten with Advanced Poll
aeNovo Database Content Disclosure Vulnerability
Checks for the presence of DB file of aeNovo
album.pl Command Execution
determines the version of album.pl
Alchemy Eye HTTP Command Execution
Determines if arbitrary commands can be executed by Alchemy Eye
Alexandria-dev upload spoofing
Checks for the presence of patch/index.php and docman/new.php
alibaba.pl
Checks for the presence of /cgi-bin/alibaba.pl
AlienForm CGI script
Checks if the AlienForm CGI script is vulnerable
Alkalay.Net Multiple Scripts Arbitrary Command Execution Vulnerabilities
Checks for arbitrary command execution vulnerabilities in multiple scripts from Alkalay.Net
Allaire JRun directory browsing vulnerability
Allaire JRun directory browsing vulnerability
Allaire JRun Directory Listing
Make a request like http://www.example.com/./WEB-INF
Alt-N WebAdmin Multiple Remote Vulnerabilities
Checks for the version of Alt-N WebAdmin
AltaVista Intranet Search
Checks if query?mss=... reads arbitrary files
AMember config[root_dir] Parameter File Include Vulnerability
Checks for config[root_dir] parameter file include vulnerability in AMember
AN HTTPd count.pl file truncation
Creates a file on the remote server
AN-HTTPd tests CGIs
Checks for the presence of several CGIs
anacondaclip CGI vulnerability
Checks for the presence of anacondaclip.pl
AnalogX web server traversal
%2E%2E/%2E%2E/file.txt
AngelineCMS installPath Remote File Include Vulnerability
Tries to read /etc/passwd using AngelineCMS
Anti Nessus defenses
Detects anti Nessus features
AnyForm
Checks for the presence of AnyForm2
Apache for Windows CGI Source Code Disclosure Vulnerability
Tries to read source of print-env.pl with Apache for Windows
Apache Tomcat Directory Listing and File disclosure
Apache Tomcat Directory listing and File Disclosure Bugs
Apache Tomcat source.jsp malformed request information disclosure
Checks for the Tomcat source.jsp malformed request vulnerability
AppServ appserv_root Parameter Remote File Include Vulnerability
Checks for appserv_root parameter remote file include vulnerability in AppServ
aprox portal file disclosure
Checks Aprox Portal
ArGoSoft Mail Server Directory Traversal Vulnerability
Gets the version of the remote ArGoSoft server
ArGoSoft Mail Server multiple flaws
Gets the version of the remote ArGoSoft server
ArGoSoft Mail Server multiple flaws(2)
Gets the version of the remote ArGoSoft server
args.bat
Checks for the presence of /cgi-dos/args.bat
Artmedic Kleinanzeigen File Inclusion Vulnerability
Checks for Artmedic Kleinanzeigen's PHP inclusion vulnerability
artmedic_links5 File Inclusion Vulnerability
Checks for artmedic_links5's PHP inclusion vulnerability
Ashnews Code Injection
Checks for the presence of ashnews.php
ASP Inline Corporate Calendar SQL injection
Checks for the presence of an SQL injection in defer.asp
ASP PortalApp SQL injection
SQL Injection
ASP source using %20 trick
downloads the source of ASP scripts
ASP source using %2e trick
downloads the source of ASP scripts
ASP source using ::$DATA trick
downloads the source of ASP scripts
ASP-Rider SQL Injection
SQL Injection
ASP.NET path disclosure
Tests for ASP.NET Path Disclosure Vulnerability
ASP/ASA source using Microsoft Translate f: bug
downloads the source of IIS scripts such as ASA,ASP
ASP/ASA source using Microsoft Translate f: bug (IIS 5.1)
downloads the source of IIS scripts such as ASA,ASP
ASPjar Guestbook SQL Injection
Checks for the presence of an SQL injection in login.asp
AspUpload vulnerability
Checks for the AspUpload software
aspWebAlbum SQL Injection
SQL Injection
aspWebCalendar SQL Injection
SQL Injection
Asterisk Recording Interface Configuration File Disclosure Vulnerability
Tries to read ARI's configuration file
Asterisk Recording Interface recording Parameter Information Disclosure Vulnerability
Requests a file using ARI's misc/audio.php
Athena Web Registration remote command execution flaw
Checks for Athena Web Registration remote command execution flaw
Atomic Photo Album apa_module_basedir Variable File Include Vulnerability
Checks for apa_module_basedir variable file include vulnerability in Atomic Photo Album
AtomicBoard file reading
Checks for the presence of remotehtmlview.php
ATutor < 1.5.1-pl1 Multiple Flaws
Checks for remote arbitrary command in ATutor
ATutor password reminder SQL injection
Checks for SQL injection in password_reminder.php
auktion.cgi
Checks for the presence of /cgi-bin/auktion.cgi
AutoLinks Pro alpath Parameter File Include Vulnerability
Checks for alpath parameter file include vulnerability in AutoLinks Pro
AutomatedShops WebC.cgi buffer overflows
Checks for the presence of webc.cgi
AutomatedShops WebC.cgi installed
Checks for the presence of webc.cgi
AutoTheme PostNuke Module Multiple Unspecified Vulnerabilities
Checks for multiple unspecified vulnerabilities in AutoTheme PostNuke module
Avenger's News System Command Execution
Avenger's News System Command Execution
Awol code injection
Checks for the presence of includes/awol-condensed.inc.php
AWStats configdir parameter arbitrary cmd exec
Determines the presence of AWStats awstats.pl flaws
AWStats Debug Remote Information Disclosure And Code Execution Vulnerabilities
Determines the presence of a debug output in AWStats
AWStats migrate Parameter Remote File Include Vulnerability
Tries to run a command using AWStats
AWStats rawlog plugin logfile parameter input validation vulnerability
Determines the presence of AWStats awstats.pl
AWStats Referrer Arbitrary Command Execution Vulnerability
Checks for referrer arbitrary command execution vulnerability in AWStats
axis2400 webcams
reads the remote /var/log/messages
b2 cafelog code injection
Checks for the presence of gm-2-b2.php
b2Evolution title SQL Injection
Checks for the presence of an SQL injection in title parameter
Backup CGIs download
Attempts to download the remote CGIs
Barracuda Networks Spam Firewall Multiple Vulnerabilities
Tries to authenticate to Barracuda Networks Spam Firewall
Barracuda Spam Firewall Firmware < 3.1.18 Multiple Vulnerabilities
Checks for multiple vulnerabilities in Barracuda Spam Firewall firmware < 3.1.18
BASE base_maintenance Authentication Bypass Vulnerability
Tries to bypass authentication in BASE
BASE BASE_path Parameter Remote File Include Vulnerability
Tries to read a local file using BASE
BasiliX Arbitrary Command Execution Vulnerability
Checks for arbitrary command execution vulnerability in BasiliX
BasiliX Arbitrary File Disclosure Vulnerability
Checks for arbitrary file disclosure vulnerability in BasiliX
BasiliX Attachment Disclosure Vulnerability
Checks for attachment disclosure vulnerability in BasiliX
BasiliX Detection
Checks for the presence of BasiliX
Basilix includes download
Checks for the presence of include files
BasiliX Message Content Script Injection Vulnerability
Checks for message content script injection vulnerability in BasiliX
BasiliX SQL Injection Vulnerability
Checks for SQL injection vulnerability in BasiliX
Basilix Webmail Dummy Request Vulnerability
Checks for the presence of basilix.php3
bb-hist.sh
Read arbitrary files using the CGI bb-hist.sh
bb-hostsvc.sh
Read arbitrary files using the CGI bb-hostsvc.sh
bBlog <= 0.7.4 Multiple Vulnerabilities
Checks for multiple vulnerabilities in bBlog <= 0.7.4
bBlog SQL injection flaw
Check bBlog version
BBS E-Market File Disclosure
Directory Traversal Attempt
BDPDT Arbitrary File Upload Vulnerabily
Checks for BDPDT's uploadfilepopup.aspx
BEA WebLogic Operator/Admin Password Disclosure Vulnerability
Checks the version of WebLogic
BEA WebLogic Scripts Server scripts Source Disclosure
BEA WebLogic may be tricked into revealing the source code of JSP scripts.
BEA WebLogic Scripts Server scripts Source Disclosure (2)
BEA WebLogic may be tricked into revealing the source code of JSP scripts.
BEA WebLogic Scripts Server scripts Source Disclosure (3)
BEA WebLogic may be tricked into revealing the source code of JSP scripts.
bigconf
Checks for the presence of /cgi-bin/bigconf.cgi
BiTBOARD IMG BBCode Tag JavaScript Injection Vulnerability
Determines the version of BiTBOARD
bizdb1-search.cgi located
Determines the presence of cgi-bin/bizdb1-search.cgi
Bizmail.cgi Mail From Unauthorized Mail Relay Vulnerability
Checks the version of bizmail.cgi
biztalk server flaws
Determines if BizTalk is installed
BlackBoard Internet Newsboard System remote file include flaw
Checks BlackBoard Internet Newsboard System version
Blazix Web Server JSP source disclosure
Attempts to read the source of a jsp page
BLnews code injection
Checks for the presence of objects.inc.php4
Blog Torrent Remote Directory Traversal
Looks for a directory traversal vulnerability in Blog Torrent.
BlueDragon 6.2.1 Multiple Vulnerabilities
Checks for an XSS flaw in BlueDragon Server
BlueShoes APP Parameter Remote File Include Vulnerability
Tries to read a local file with BlueShoes' Google API
boastMachine Remote Arbitrary File Upload Vulnerability
Checks for remote arbitrary file upload vulnerability in boastMachine
Bonsai Mutiple Flaws
Determine if bonsai is vulnerable to xss attack
Brio Unix Directory Traversal
Brio Unix Directory Traversal
BroadBoard SQL Injection
SQL Injection
BroadVision Physical Path Disclosure Vulnerability
Tests for BroadVision Physical Path Disclosure Vulnerability
Brooky CubeCart < 2.0.5
Checks Brooky CubeCart language XSS
BRT CopperExport XP_Publish.PHP SQL Injection Vulnerability
SQL Injection in CopperExport
bttlxeForum SQL injection
Uses a SQL query as a password
Buffer overflow in WebSite Professional's webfind.exe
Buffer overflow attempt
BugPort unspecified attachment handling flaw
Checks for BugPort version
Bugzilla <= 2.18.1 / 2.19.3 Multiple Vulnerabilities
Checks for multiple vulnerabilities in Bugzilla <= 2.18.1 / 2.19.3
Bugzilla Authentication Bypass and Information Disclosure
Checks for the presence of Bugzilla
Bugzilla Detection
Checks for the presence of bugzilla
Bugzilla Information Disclosure Vulnerabilities
Checks for information disclosure vulnerabilities in Bugzilla
Bugzilla Multiple Flaws
Checks for the presence of bugzilla
Bugzilla Multiple Flaws (2)
Checks for the presence of bugzilla
Bugzilla remote arbitrary command execution
Checks for the version of bugzilla
Bugzilla SQL flaws
Checks for the presence of bugzilla
Bugzilla XSS and insecure temporary filenames
Checks for the presence of bugzilla
BulletScript MailList bsml.pl Information Disclosure
Determine if MiniBB can be used to execute arbitrary commands
Burning Board boardids Parameter SQL Injection Vulnerability
Tries to generate a SQL error
Burning Board decode_cookie() SQL Injection Vulnerability
Checks for SQL injection vulnerability in Burning Board Lite
Burning Board Detection
Checks for presence of Burning Board
Burning Board modcp.php SQL Injection Vulnerabilities
Checks for SQL injection vulnerabilities in Burning Board modcp.php script
Burning Board verify_email SQL Injection Vulnerability
Checks for verify_email SQL injection vulnerability in Burning Board
Burning Board wbb_userid parameter SQL Injection Vulnerability
Checks for SQL injection vulnerability in Burning Board Lite
Bypass Axis Storpoint CD authentication
Requests /cd/../config/html/cnf_gi.htm
Cacti < 0.8.6e Multiple Vulnerabilities
Checks for multiple vulnerabilities in Cacti < 0.8.6e
Cacti < 0.8.6f Multiple Vulnerabilities
Checks for multiple vulnerabilities in Cacti < 0.8.6f
Cacti cmd.php Arbitrary Command Execution Vulnerability
Checks if Cacti's cmd.php is remotely accessible
Cacti copy_cacti_user SQL Injection Vulnerability
Checks if Cacti's copy_cacti_user.php is remotely accessible
CactuShop XSS and SQL injection flaws
Checks CactuShop flaws
Cafe Wordpress SQL injection
Checks for the presence of cafe wordpress
CakePHP file Parameter Directory Traversal Vulnerability
Tries to read a local file with CakePHP
Calendar Express Multiple Flaws
Checks Calendar Express XSS and SQL flaws
Calendarix id Parameter SQL Injection Vulnerabilities
Checks for id parameter SQL injection in Calendarix
Calendarix SQL Injection Vulnerability
Checks for multiple vulnerabilities in Calendarix
calendar_admin.pl
Checks for the presence of /cgi-bin/calendar_admin.pl
Campas
Checks for the presence of /cgi-bin/campas
Carello detection
Checks for the presence of carello.dll
Cerberus Helpdesk GUI Agent < 2.7.1 Multiple Vulnerabilities
Checks for multiple vulnerabilities in Cerberus Helpdesk GUI Agent < 2.7.1
Cerberus Helpdesk rpc.php Information Disclosure Vulnerability
Gets requestors for a Cerberus ticket
Cerberus Support Center Multiple Vulnerabilities
Checks for multiple vulnerabilities in Cerberus Support Center
cfWebStore SQL injection
SQL Injection
cgi.rb
Checks for the presence of cgi.rb
CGIEmail's CGICso (Send CSO via CGI) Command Execution Vulnerability
Determine if a remote host is vulnerable to the cgicso vulnerability
cgiforum
Checks for the presence of /cgi-bin/cgiforum.pl
CgiMail.exe vulnerability
Checks for the cgimail.exe file
cgitest.exe buffer overrun
Checks for the /cgi-bin/cgitest.exe buffer overrun
cgiWebupdate.exe vulnerability
Checks for the cgiWebupdate.exe file
Checks for listrec.pl
Checks for the listrec.pl CGI
CherryPy staticFilter Directory Traversal Vulnerability
Checks for staticFilter directory traversal vulnerability in CherryPy
ChipMonk Forum SQL Injection
Checks if ChipMonk forum is vulnerable to a SQL injection attack
ChipMunk CMScore SQL Injection
Checks if ChipMunk CMScore is vulnerable to a SQL injection attack
Chora Remote Code Execution Vulnerability
Checks for remote code execution vulnerability in Chora
CitrusDB Remote Authentication Bypass Vulnerability
Determines the presence of CitrusDB
Claroline < 1.5.4 / 1.6.0 Multiple Input Validation Vulnerabilities
Checks for multiple input validation vulnerabilities in Claroline < 1.5.4 / 1.6.0
Claroline Detection
Checks for presence of Claroline
Claroline extAuthSource Parameter Array Remote File Include Vulnerability
Tries to read a local file with Claroline
Claroline includePath Parameter Remote File Include Vulnerability
Tries to read a local file using Claroline
Claroline Multiple Vulnerabilities (2)
Tries to read /etc/passwd using Claroline
Claroline Multiple Vulnerabilities (3)
Tries to read a local file using Claroline
Clever Copy connect.inc Information Disclosure Vulnerability
Reads Clever Copy's admin/connect.inc file
CMS Made Simple nls Parameter File Include Vulnerability
Checks for nls parameter file include vulnerability in CMS Made Simple
Cobalt RaQ2 cgiwrap
Checks for the presence of /cgi-bin/cgiwrap
Cobalt siteUserMod cgi
Checks for the presence of /.cobalt/siteUserMod/siteUserMod.cgi
CodeGrrl Applications Remote File Inclusion Vulnerabilities
Checks for remote file inclusion vulnerabilities in CodeGrrl applications
CodeThatShoppingCart Input Validation Vulnerabilities
Checks for an SQL injection in CodeThatShoppingCart
Cognos Powerplay WE Vulnerability
Checks for the ppdscgi.exe CGI
Cold Fusion Administration Page Overflow
Checks for the presence of /cfide/administrator/index.cfm
ColdFusion Debug Mode
Get ColdFusion Debug Information
ColdFusion Double-Encoded Null Byte Information Disclosure Vulnerability
Tries to retrieve script source code using ColdFusion
ColdFusion Path Disclosure
Checks for a ColdFusion vulnerability
ColdFusion Vulnerability
Checks for a ColdFusion vulnerability
Comersus BackOffice Administrator Authentication Bypass Vulnerability
Checks for administrator authentication bypass vulnerability in Comersus BackOffice
Comersus BackOffice Lite Administrative Bypass
Checks for the presence of a BackOffice Lite Administrative Bypass
Comersus Cart Customer Database Disclosure Vulnerability
Checks for customer database vulnerability in Comersus Cart
Comersus Cart Multiple Vulnerabilities
Checks for multiple vulnerabilities in Comersus Cart
Comersus Login SQL injection
Checks for Comersus
Commerce Server 2002 Authentication Bypass Vulnerability
Checks version of Commerce Server 2002
commerce.cgi
Checks for the presence of /cgi-bin/commerce.cgi
Community Link Pro webeditor login.cgi remote command execution
Checks for Community Link Pro webeditor login.cgi remote execution flaw
Contenido cfg Parameter Remote File Include Vulnerability
Checks for cfg parameter remote file include vulnerability in Contenido
CoolForum SQL Injection flaw
Checks for the presence of CoolForum
CoolForum XSS and SQL Injection Vulnerabilities
Checks for cross-site scripting and SQL injection vulnerabilities in CoolForum
Coppermine Gallery Detection
Checks for the presence of Coppermine Gallery
Coppermine Gallery Remote Command Execution
Checks for the presence of db_input.php
Coppermine Gallery SQL injection
Checks for the presence of db_input.php
Coppermine Gallery Voting Restriction Failure
Checks for the presence of db_input.php
Coppermine Photo Gallery < 1.3.2 Multiple Vulnerabilities
Checks for version of Coppermine Photo Gallery
Coppermine Photo Gallery f Parameter Remote File Include Vulnerability
Checks for f parameter remote file include vulnerability in Coppermine Photo Gallery
Coppermine Photo Gallery file Parameter Local File Include Vulnerability
Tries to read a local file using Coppermine Photo Gallery
Count.cgi
Checks Count.cgi version
counter.exe vulnerability
Checks for the counter.exe file
counter.php file overwrite
Determine if counter.php is present
cPanel Backup File Disclosure
Checks for the version of cpanel
cPanel FrontPage Extension Flaws
Checks for the version of cpanel
cPanel Login Command Execution
Command Injection
cpanel remote command execution
Executes /bin/id
Credit Card Data Disclosure in CitrusDB
Checks for the presence of IO directory of CitrusDB
Cross-Referencing Linux (lxr) file reading
Checks for the presence of /cgi-bin/source
Crystal Report virtual directory traversal
Crystal Report virtual directory traversal
CSNews.cgi vulnerability
Checks for the csnews.cgi file
csSearch.cgi
Checks for the presence of /cgi-bin/csSearch.cgi
ctss.idc check
Checks for the presence of /scripts/tools/ctss.idc
CubeCart 2.0.6 and Earlier Multiple SQL Injection Vulnerabilities
Checks for multiple SQL injection vulnerabilities in CubeCart 2.0.6 and earlier
CubeCart < 3.0.12 Multiple Vulnerabilities
Checks for a XSS flaw in CubeCart
CubeCart < 3.0.13 Multiple Vulnerabilities
Tries to read a local file in CubeCart
CubeCart Detection
Checks for the presence of CubeCart
CubeCart FCKeditor Arbitrary File Upload Vulnerability
Tries to use CubeCart to upload a file with PHP code
CubeCart SQL injection
SQL Injection in CubeCart
CuteNews <= 1.3.6 Multiple Vulnerabilities
Checks for multiple vulnerabilities in CuteNews <= 1.3.6
CuteNews archive Parameter Information Disclosure Vulnerability
Tries to read a file via archive parameter of CuteNews
CuteNews Client-IP Header Code Injection Vulnerability
Checks for Client-IP header code injection vulnerability in CuteNews
CuteNews code injection
Checks for the presence of search.php
CuteNews Debug Info Disclosure
Checks for the presence of cutenews
CuteNews Detection
Checks for presence of CuteNews
CuteNews directory traversal flaw
Checks for CuteNews dir traversal
Cutenews search.php Cross Site Scripting Vulerability
Tries to inject javascript code.
Cuyahoga FCKEditor Security Bypass Vulnerability
Tries to call FCKEditor's upload.php script
CVS/Entries
requests CVS/Entries
CVSTrac cgi.c multiple overflows
Checks for CVSTrac version
CVSTrac chdir() chroot jail escape
Checks for CVSTrac version
CVSTrac CVSROOT/passwd arbitrary account deletion
Checks for CVSTrac version
CVSTrac database plaintext password storage
Checks for CVSTrac version
CVSTrac Detection
Detects the presence of CVSTrac
CVSTrac filediff vulnerability
Checks for CVSTrac version
CVSTrac history.c history_update function overflow
Checks for CVSTrac version
CVSTrac invalid ticket DoS
Checks for CVSTrac version
CVSTrac malformed URI infinite loop DoS
Checks for CVSTrac version
CVSTrac text output formatter DoS
Checks CVSTrac version
CVSTrac ticket title arbitrary command execution
Checks for CVSTrac version
CVSTrac timeline.c timeline_page function overflow
Checks for CVSTrac version
CVSWeb 1.80 gives a shell to cvs committers
Checks if CVSWeb is present and gets its version
CVSweb detection
Determines whether cvsweb.cgi is installed on the remote host
CWmail.exe vulnerability
Checks for the cwmail.exe file
Cyberstrong eShop SQL Injection Vulnerabilities
Checks for an SQL injection in Cyberstrong eShop v4.2
DB4Web directory traversal
Read any file through DB4Web
DB4Web TCP relay
DB4Web debug page allow bounce scan
DBMan CGI server information leakage
Checks if webplus reads local files
dcforum
Checks for the presence of /cgi-bin/dcforum
DCP-Portal Multiple SQL Injection Vulnerabilities
Determines the presence of DCP-Portal
DCP-Portal Path Disclosure
Determine if DCP-Portal displays its physical path
ddicgi.exe vulnerability
Checks for the ddicgi.exe file
DeluxeBB Multiple SQL injection flaws
Checks DeluxeBB version
DeskNow Mail and Collaboration Server Directory Traversal Vulnerabilities
Checks for the presence of an old version of DeskNow
Detects LDU version
LDU detection
Detects Xaraya version
Xaraya detection
DevTrack Web Service UserName SQL Injection Vulnerability
Tries to generate a SQL error using DevTrack Web Service
Digital Scribe login.php SQL Injection flaw
Checks for SQL injection flaw in Digital Scribe
Directory listing through Sambar's search.dll
Checks the presence of search.dll
Directory Manager's edit_image.php
Detects edit_image.php
directory pro web traversal
Checks for the presence of /cgi-bin/directorypro.cgi
directory.php
Checks for the presence of /directory.php
Docebo GLOBALS Variable Overwrite Vulnerability
Checks for file inclusions errors in multiple Docebo applications
Dokeos < 1.6.4 / 2.0.3 Remote File Include Vulnerabilities
Tries to read /etc/passwd using Dokeos
Dokeos extAuthSource Parameter Array Remote File Include Vulnerability
Tries to read a local file with Dokeos
DokuWiki Detection
Checks for presence of DokuWiki
DokuWiki dwpage.php Accessibility Vulnerability
Checks whether DocuWiki dwpage.php is accessible via http
DokuWiki im_convert Arbitrary Code Execution Vulnerability
Executes arbitrary command via DocuWiki im_convert Feature
DokuWiki spellcheck Arbitrary Code Execution Vulnerability
Executes arbitrary PHP code via DocuWiki spellcheck
dotProject docs Directory Information Disclosure Vulnerabilities
Checks for docs directory information disclosure vulnerabilities in dotProject
dotProject Remote File Include Vulnerabilities
Checks for remote file include vulnerabilities in dotProject
Dragonfly CMS currentlang Parameter Local File Include Vulnerability
Checks for currentlang parameter local file include vulnerability in Dragonfly CMS
Dream4 Koobi CMS Index.PHP SQL Injection Vulnerability
Checks for an SQL injection in the Koobi CMS
Drupal Arbitrary PHP Code Execution Vulnerability
Checks version of Drupal
Drupal Captcha Bypass Vulnerability
Tries to bypass captcha when registering as a new user in Drupal
Drupal Comment Code Execution Vulnerability
Tries to execute a command via Drupal
Drupal Comment Preview Code Execution Vulnerability (2)
Tries to execute a command via Drupal
Drupal Detection
Detects Drupal
Drupal Privilege Escalation Vulnerability
Checks version of Drupal
Drupal XML-RPC for PHP Remote Code Injection Vulnerability
Checks for XML-RPC for PHP remote code injection vulnerability in Drupal
DUamazon Pro Multiple SQL Injection Vulnerabilities
Checks for multiple SQL injection vulnerabilities in DUamazon Pro
DUclassmate Multiple SQL Injection Vulnerabilities
Checks for multiple SQL injection vulnerabilities in DUclassmate
DUforum Multiple SQL Injection Vulnerabilities
Checks for multiple SQL injection vulnerabilities in DUforum
Dumpenv
Checks for the presence of /cgi-bin/dumpenv
Dune Web Server Overflow
Checks for Dune Overflow
DUpaypal Pro Multiple SQL Injection Vulnerabilities
Checks for multiple SQL injection vulnerabilities in DUpaypal Pro
DUportal Pro Multiple SQL Injection Vulnerabilities
Checks for multiple SQL injection vulnerabilities in DUportal Pro
DUPortal/DUPortal Pro Multiple SQL Injection Vulnerabilities
Checks for SQL injection vulnerability in DUPortal
DUware iType Parameter SQL Injection Vulnerability
Checks for iType parameter SQL injection vulnerability in DUware
DUware multiple vulnerabilities
Determines if the remote ASP scripts are vulnerable to SQL injection
Dwarf HTTP Server < 1.3.3 Multiple Vulnerabilities
Checks version of Dwarf HTTP Server
E-Shopping Cart Arbitrary Command Execution (WebDiscount)
E-Shopping Cart Arbitrary Command Execution (WebDiscount)
E-Theni code injection
Checks for the presence of aff_list_langue.php
e107 <= 0.617 Multiple Vulnerabilities
Checks for multiple vulnerabilities in e107 <= 0.617
e107 cookie SQL Injection Vulnerability
Tries to bypass authentication in e107 with a special cookie
e107 database dump
e107 flaw
e107 Detection
Checks for the presence of e107
e107 e107language_e107cookie Local File Include Vulnerability
Tries to read a local file with e107
e107 Email Injection Vulnerability
Tries to send arbitrary email with e107
e107 ePing Plugin Arbitrary Code Execution Vulnerability
Checks for arbitrary code execution vulnerability in e107 ePing plugin
e107 eTrace Plugin Arbitrary Code Execution Vulnerability
Checks for arbitrary code execution vulnerability in e107 eTrace plugin
e107 Remote Code Execution Vulnerability
Tries to run a command in e107
e107 resetcore.php SQL Injection
e107 SQL Injection
Easy Address Book Web Server Format String Vulnerability
Tries to crash Easy Address Book Web Server
Easy File Sharing Web Server ACL Bypass
Checks /disk_c
Easy File Sharing Web Server Information Disclosure
Tries to read a local file via EFS
Easy Message Board Command Execution
Checks for Easy Message Board
EasyDynamicPages edp_relative_path Parameter Remote File Include Vulnerability
Checks for the presence of EasyDynamicPages
EasyPHPCalendar serverPath Remote File Include Vulnerabilities
Checks for serverPath remote file include vulnerabilities in EasyPHPCalendar
EasyWeb FileManager Directory Traversal
Determines if EasyWeb FileManager is present
Ecartis Username Spoofing
Checks for the presence of lsg2.cgi
eCommerce Multiple Vulnerabilities
Checks for multiple vulnerabilities in eCommerce
Edgewall Software Trac SQL injection flaw
Checks for SQL injection flaw in Trac
EdiMax AP Hidden Password Check
Edimax Hidden Password Check
eFiction < 2.0.2 Multiple Vulnerabilities
Checks for multiple vulnerabilities in eFiction < 2.0.2
EGroupWare Detection
Detects the presence of EGroupWare
EGroupWare Multiple Vulnerabilitie
Checks for the version of EGroupWare
eLDAPo cleartext passwords
Checks for eLDAPo
ELOG < 2.6.1 Multiple Vulnerabilities
Checks for multiple vulnerabilities in ELOG < 2.6.1
ELOG Web LogBook global Denial of Service
Tries to crash the remote service.
ELOG Web Logbook Multiple Remote Vulnerabilities
Determines the presence of ELOG Web Logbook
empower cgi path
Attempts to find the location of the remote web root
Emulive Server4 Authentication Bypass
Requests the admin page of the remote EmuLive Server4
Emumail WebMail multiple vulnerabilities
version test for Emumail
Episodex Guestbook Unauthorized Access and HTML Injection Vulnerability
Checks for unathentication access to admin.asp
ePolicy Orchestrator Local Information Disclosure Vulnerability
Checks for local information disclosure vulnerability in ePolicy Orchestrator
Etomite CMS id Paramater SQL Injection
Tries to generate a SQL error with Etomite CMS
Excite for WebServers
Checks for the presence of /cgi-bin/ews
Exhibit Engine list.php SQL Injection Vulnerabilities
Checks for SQL injection vulnerability in Exhibit Engine's list.php
Exhibit Engine toroot Parameter Remote File Include Vulnerability
Tries to read a local file with Exhibit Engine
Exo PHPDesk id Parameter SQL Injection Vulnerability
Tries to generate a SQL error with Exo PHPDesk
Exponent CMS < 0.96.4 Multiple Vulnerabilities
Checks for multiple vulnerabilities in Exponent CMS < 0.96.4
Exponent CMS Multiple Cross-Site Scripting Vulnerabilities
Checks for the version of Exponent
Exponent CMS view Parameter Local File Include Vulnerability
Tries to read a local file in Exponent CMS
Extent RBS ISP
Checks for the presence of Extent RBS ISP 2.5
ezPublish config disclosure
Determine if ezPublish config file can be retrieved
EZShopper 3.0
Checks for the presence of EZShopper's CGIs
EZsite Forum Discloses Passwords to Remote Users
Checks for EZsiteForum.mdb password database
ezUpload <= 2.2 Multiple Vulnerabilities
Checks for multiple vulnerabilities in ezUpload <= 2.2
e_Board arbitrary file reading
Checks for e_Board
F-Secure Policy Manager Path Disclosure
Checks for /fsms/fsmsh.dll
FAQManager Arbitrary File Reading Vulnerability
Tests for FAQManager Arbitrary File Reading Vulnerability
Faxsurvey
Checks if faxsurvey is vulnerable
FCKeditor Arbitrary File Upload Vulnerability
Tries to use upload a file with PHP code using FCKeditor
FCKeditor for PHP-Nuke Arbitrary File Upload Vulnerability
Detects arbitrary file upload vulnerability in FCKeditor for PHP-Nuke
Fedora DS Administration Server Information Disclosure Vulnerability
Checks for an information disclosure vulnerability in Fedora Directory Server Administration Server
Feedsplitter <= 2006-01-21 Multiple Vulnerabilities
Tries to read an invalid XML file with Feedsplitter
File Disclosure in OWL's Workshop
Detect OWLS File Disclosure
File Disclosure in PHP Manpage
Detect PHP Manpage File Disclosure
File Inclusion Vulnerability in Jaws
Detect Jaws File Inclusion Vulnerability
File Inclusion Vulnerability in Pivot
Detect Pivot File Inclusion Vulnerability
Finger cgi
Checks for the presence of /cgi-bin/finger
Fingerprint web server with favicon.ico
Attempt to fingerprint web server with favicon.ico
FishCart SQL injections
Checks for the presence of an SQL injection in upstnt.asp
FlatNuke < 2.5.6 Multiple Vulnerabilities
Checks for multiple vulnerabilities in FlatNuke < 2.5.6
FlatNuke Form Submission Input Validation Vulnerability
Determines if FlatNuke is installed
FlatNuke id Parameter Directory Traversal Vulnerability
Checks for id parameter directory traversal vulnerability in FlatNuke
FlexCast Server Terminal Authentication Vulnerability
Checks for terminal authentication vulnerability in FlexCast Server
Flyspray adodbpath Parameter Remote File Include Vulnerability
Checks for adodbpath parameter remote file include vulnerability in Flyspray
FormHandler.cgi
Attempts to read /etc/passwd
formmail.pl
Checks for the presence of /cgi-bin/formmail.pl
Forum51/Board51/News51 Users Disclosure
Checks for the presence of user.idx
foxweb CGI
Checks for the presence of foxweb.exe or foxweb.dll
Free Articles Directory Remote File Inclusion Vulnerability
Checks for file includes in Free Articles Directory
ftp.pl shows the listing of any dir
Checks for the presence of /cgi-bin/ftp/ftp.pl
FtpLocate fsite Parameter Command Execution Vulnerability
Checks for fsite parameter command execution vulnerability in FtpLocate
FUDforum < 2.7.1 Avatar Upload Vulnerability
Checks for avatar upload vulnerability in FUDforum < 2.7.1
Fuji Xerox Printing Systems Authentication Bypass Vulnerability
Gets version of remote printer
Fusion News X-Forwarded-For Code Injection Vulnerability
Checks for X-Forwarded-For code injection vulnerability in Fusion News
Fusion SBX Password Bypass and Command Execution
Checks for the presence of a Fusion SBX Password Bypass
Gallery < 2.0.3 Multiple Vulnerabilities
Checks for IP spoofing in Gallery
gallery authentication bypass
Checks for a bug in gallery
gallery code injection
Checks for the presence of includes/needinit.php
gallery code injection (2)
Checks for the presence of setup/index.php
gallery code injection (3)
Checks for the presence of init.php
Gallery g2_itemId Parameter Directory Traversal Vulnerability
Checks for g2_itemId parameter Directory Traversal vulnerability in Gallery
Gallery Install Log Information Disclosure Vulnerability
Checks for Gallery install log
Gallery Multiple Vulnerabilities
Checks for the presence of login.php
Gallery PostNuke Integration Access Validation Vulnerability
Checks for PostNuke integration access validation vulnerability in Gallery
Gallery Script Execution
Checks for the version of Gallery
Gallery stepOrder Parameter Local File Include Vulnerabilities
Tries to read a file using Gallery stepOrder parameter
Gallery Unspecified HTML Injection Vulnerability
Checks for the version of Gallery
Gallery ZipCart File Retrieval Vulnerability
Tries to retrieve a file using Gallery's ZipCart module
gCards Multiple Vulnerabilities
Checks for directory transversal in gCards index.php script
Geeklog < 1.3.11sr4 / 1.4.0sr1 Multiple Vulnerabilities
Checks for multiple vulnerabilities in Geeklog < 1.3.11sr4 / 1.4.0sr1
Geeklog Admin Authentication SQL Injection Vulnerability
Tries to bypass administrative authentication in Geeklog
Geeklog FCKeditor Arbitrary File Upload Vulnerability
Tries to upload a file with PHP code using Geeklog's FCKeditor
Geeklog session Cookie Authentication Bypass Vulnerability
Tries to bypass authentication in Geeklog
GeekLog SQL vulns
sends a rotten cookie to the remote host
Geeklog User Comment Retrieval SQL Injection Vulnerability
Checks for user comment retrieval SQL injection vulnerability in Geeklog
Geeklog _CONF[path] Parameter Remote File Include Vulnerability
Tries to read a local file using Geeklog
Geronimo Console Default Credentials
Checks for default credentials in Geronimo console
get32.exe vulnerability
Checks for the presence of /cgi-bin/get32.exe
getID3 < 1.7.8-b1 Multiple Vulnerabilities
Tries to read a file with getID3's demo.browse.php
GForge Information Disclosure
Checks for a flaw in GForge
glimpse
Checks for the presence of /cgi-bin/phf
GNU Mailman Multiple Unspecified Remote Vulnerabilities
GNU Mailman unspecified vulnerabilities
GNUMP3d < 2.9.6 Multiple Vulnerabilities
Checks for multiple vulnerabilities in GNUMP3d < 2.9.6
Google Search Appliance proxystylesheet Parameter Multiple Vulnerabilities
Checks for proxystylesheet parameter multiple vulnerabilities in Google Search Appliance
GOsa code injection
Checks for the presence of remotehtmlview.php
Goscript command execution
Goscript command execution detection
Grandstream Budgetone Default Password
Checks for the presence of a Grandstream Budgetone default password
Gravity Board X <= 1.1 Multiple Vulnerabilities
Checks for multiple vulnerabilities in Gravity Board X <= 1.1
GroupWise Web Interface 'HELP' hole
GroupWise Web Interface 'HELP' hole
GroupWise Web Interface 'HTMLVER' hole
GroupWise Web Interface 'HTMLVER' hole
GTcatalog code injection
Checks for the presence of index.php
GTcatalog password disclosure
Checks for the presence of password.inc
Guestbook Script include_files Parameter Remote File Include Vulnerability
Tries to read /etc/passwd using Guestbook Script
guestbook tr3 password storage
Checks for the presence of passwd.txt
guestbook.cgi
Checks for the presence of /cgi-bin/guestbook.cgi
guestbook.pl
Checks for the presence of /cgi-bin/guestbook.pl
GuppY <= 4.5.9 Multiple Vulnerabilities
Checks for multiple vulnerabilities in GuppY <= 4.5.9
GuppY pg Parameter Vulnerability
Checks for pg parameter flaw in Guppy
Guppy Request Header Injection Vulnerabilities
Checks for request header injection vulnerabilities in Guppy
HAMweather daysonly Arbitrary Code Execution Vulnerability
Executes arbitrary command via HAMweather
Handler
Checks for the presence of /cgi-bin/handler
HappyMall Command Execution
Checks for HappyMall
HastyMail HTML Attachement Script Execution
Checks for version of HastyMail
Help Center Live module.php local file include flaw
Checks HCL local file include flaw
Help Center Live Multiple Vulnerabilities
Determines if Help Center Live can include third-party files
Help Center Live Multiple Vulnerabilities (2)
Checks for multiple vulnerabilities (2) in Help Center Live
Help Center Live osTicket Module Multiple SQL Injection Vulnerabilities
Tries to bypass authentication with a SQL injection attack
HFS+ 'data fork' file access
downloads the source of a remote script
Home Free search.cgi directory traversal
Attempts GET /cgi-bin/search.cgi?\\..\\..\\file.txt
Horde and IMP test disclosure
Checks if test.php is available in Horde or IMP
Horde Default Admin Password Vulnerability
Checks for default admin password vulnerability in Horde
Horde Help Viewer Code Execution Vulnerability
Tries to run a command using Horde's help viewer
Horde url Parameter File Disclosure Vulnerability
Tries to read arbitrary files using Horde
Hosting Controller < 6.1 Hotfix 2.1 Multiple Vulnerabilities
Checks for multiple vulnerabilities in Hosting Controller < 6.1 hotfix 2.1
Hosting Controller < 6.1 Hotfix 2.2 Multiple Vulnerabilities
Checks for multiple vulnerabilities in Hosting Controller < 6.1 hotfix 2.2
Hosting Controller <= 6.1 Hotfix 2.2 Multiple Vulnerabilities
Checks for multiple vulnerabilities in Hosting Controller <= 6.1 Hotfix 2.2
Hosting Controller <= 6.1 Hotfix 2.3 Information Disclosure Vulnerabilities
Checks for information disclosure vulnerability in Hosting Controller <= 6.1 Hotfix 2.3
Hosting Controller <= 6.1 Hotfix 3.1 Privilege Escalation Vulnerability
Checks version of Hosting Controller
Hosting Controller addsubsite.asp Security Bypass
Checks for addsubsite.asp security bypass in Hosting Controller
Hosting Controller Detection
Detects Hosting Controller
Hosting Controller ForumID Parameter SQL Injection Vulnerability
Checks for a SQL injection flaw in Hosting Controller
Hosting Controller Multiple Information Disclosure Vulnerability
Downloads HCDiskQuoteService.csv
Hosting Controller vulnerable ASP pages
Checks for the vulnerable instances of Hosting Controller
HotNews code injection
Checks for the presence of HotNews
HotOpenTickets Privilege Escalation
Checks for HotOpenTicket
HP OpenView Network Node Manager Multiple Remote Command Execution Vulnerabilities
Checks for multiple remote command execution vulnerabilities in HP OpenView Network Node Manager
HP Systems Insight Manager Namazu lang Directory Traversal Vulnerability
Checks for Namazu lang parameter directory traversal vulnerability in HP Systems Insight Manager
HP Systems Management Homepage Namazu lang Directory Traversal Vulnerability
Checks for namazu lang parameter directory traversal vulnerability in HP Systems Management Homepage
HSWeb document path
Retrieve the real path using /cgi
hsx directory traversal
Checks for the presence of /cgi-bin/hsx.cgi
ht://Dig's htsearch potential exposure/dos
htsearch?-c/nonexistent
ht://Dig's htsearch reveals web server path
Retrieve the real path using htsearch
htdig
Checks if htdig is vulnerable
htgrep
Checks for the presence of /cgi-bin/htgrep
Htmlscript
Checks for the presence of /cgi-bin/htmlscript
i-Gallery <= 3.3 Multiple Vulnerabilities
Checks for multiple vulnerabilities in i-Gallery <= 3.3
i-mall.cgi
Checks for the presence of i-mall.cgi
ibillpm.pl
Checks for the presence of /cgi-bin/ibillpm.pl
IBM WebSphere Application Server '%20' source disclosure
Attempts to read the source of a jsp page
IBM WebSphere Application Server JSP Source Disclosure
Attempts to read the source of a jsp page
IBM WebSphere Commerce Remote Information Disclosure Vulnerability
Checks for remote information disclosure vulnerability in IBM WebSphere Application Server
IBM Websphere default user information leak
Detects Websphere default user information leak
IBM-HTTP-Server View Code
IBM-HTTP-Server View Code
IBProArcade index.php SQL Injection
Checks for the presence of an SQL injection in index.php
icat
Determines the presence of the 'icat' cgi
ICECast FileSystem disclosure
Determines if the error code is the same when requesting inexisting and existing dirs
Icecast XSL Parser Multiple Vulnerabilities
Checks for XSL parser vulnerabilities in Icecast
IceWarp lang_settings Remote File Include Vulnerabilities
Tries to read a local file using IceWarp
IceWarp Web Mail Multiple Flaws
Check the version of IceWarp WebMail
IceWarp Web Mail Multiple Flaws (2)
Check the version of IceWarp WebMail
IceWarp Web Mail Multiple Flaws (3)
Check the version of IceWarp WebMail
IceWarp Web Mail Multiple Flaws (4)
Check the version of IceWarp WebMail
ideabox code injection
Injects a path
Ideal BB < 1.5.4b Multiple Vulnerabilities
Checks version of Ideal BB
IdealBB multiple flaws
Checks IdealBB version
idq.dll directory traversal
Attempts to read an arbitrary file
iiprotect bypass
Determines if iisprotect can be escaped
IIS ASP.NET Application Trace Enabled
Checks for ASP.NET application tracing
IIS Global.asa Retrieval
Tries to retrieve the global.asa file
IIS phonebook
Determines whether phonebook server is installed
IIS possible DoS using ExAir's advsearch
Determines the presence of an ExAir ASP
IIS possible DoS using ExAir's query
Determines the presence of an ExAir asp
IIS possible DoS using ExAir's search
Determines the presence of an ExAir asp
iisPROTECT sql injection
Determines if iisPROTECT is password-protected
IkonBoard arbitrary command execution
Checks for Ikonboard.cgi
IkonBoard SQL injection vulnerabilties
Checks for Ikonboard.cgi
IlohaMail Attachment Upload Vulnerability
Checks for Attachment Upload vulnerability in IlohaMail
IlohaMail Contacts Deletion Vulnerability
Checks for Contacts Deletion vulnerability in IlohaMail
IlohaMail External Programs Vulnerabilities
Checks for External Programs vulnerabilities in IlohaMail
IlohaMail Insecure Install
Checks for the presence of conf/conf.inc
IlohaMail Password Disclosure Vulnerability
Checks for Password Disclosure vulnerability in IlohaMail
IlohaMail Unspecified Vulnerability
Checks the version if Ilohamail
IlohaMail User Parameter Vulnerability
Checks for User Parameter vulnerability in IlohaMail
ImageFolio Default Password
Logs in as Admin/ImageFolio
imagemap.exe
Overflows /cgi-bin/imagemap.exe
imageVue < 16.2 Multiple Vulnerabilities
Checks for unauthorized file upload vulnerability in imageVue
IMP Session Hijacking Bug
Checks IMP version
IMP SQL injection
Checks IMP version
Infinite Mobile Delivery Webmail Multiple vulnerabilities
Checks for the presence of Infinite Mobile Delivery
info2www
Checks for the presence of /cgi-bin/info2www
infosrch.cgi
Checks for the presence of /cgi-bin/infosrch.cgi
Ingo Detection
Checks for presence of Ingo
Ingo Foldername Command Execution Vulnerability
Checks version number of Ingo
Inktomi Search Physical Path Disclosure
Checks for a Inktomi Search vulnerability
INL ulog-php SQL injection
Checks for the presence of a SQL injection vulnerability in ulog
inserter.cgi File Inclusion and Command Execution Vulnerabilities
Checks for the presence of a file inclusion vulnerability
Instaboard SQL injection
Checks for SQL insertion in Instaboad
Interactive Story Directory Traversal Vulnerability
Checks for the presence of /cgi-bin/story.pl
Interchange < 5.0.2 / 5.2.1 Multiple Vulnerabilities
Checks for multiple vulnerabilities in Interchange < 5.0.2 / 5.2.1
InterScan VirusWall Remote Configuration Vulnerability
Check if the remote Interscan is vulnerable to remote reconfiguration.
Interspire ArticleLive Multiple Remote Vulnerabilities
Checks for multiple vulnerabilities in Interspire ArticleLive
Invision Community Blog Multiple Input Validation Vulnerabilities
Checks for multiple input validation vulnerabilities in Invision Community Blog
Invision Community Blog SQL Injection
SQL Injection
Invision Gallery Multiple Input Validation Vulnerabilities
Checks for multiple input validation vulnerabilities in Invision Gallery
Invision Gallery st Parameter SQL Injection Vulnerability
Checks for st parameter SQL injection vulnerability in Invision Gallery
Invision Power Board 2.x.x < 04-25-06 Multiple Vulnerabilities
Checks for ck parameter SQL injection vulnerability in IPB
Invision Power Board < 2.0.4 Multiple Vulnerabilities
Checks for multiple vulnerabilities in Invision Power Board < 2.0.4
Invision Power Board Arcade SQL Injection Vulnerability
Detect Invision Power Board Arcade SQL Injection
Invision Power Board Calendar SQL Injection Vulnerability
Detect Invision Power Board Calender SQL Injection
Invision Power Board CLIENT_IP SQL Injection Vulnerability
Checks version of IPB
Invision Power Board Dragoran Portal Plugin site Parameter SQL Injection Vulnerability
Checks for site parameter SQL injection vulnerability in Invision Power Board Dragoran Portal Plugin
Invision Power Board Post SQL Injection Vulnerability
Detect Invision Power Board Post SQL Injection
Invision Power Board Privilege Escalation Vulnerability / SQL Injection
Checks for privilege escalation vulnerability in Invision Power Board
Invision Power Board ssi.php SQL Injection Vulnerability
Detect Invision Power Board ssi.php SQL Injection
Invision Power Board st Parameter SQL Injection Vulnerability
Checks for st parameter SQL injection vulnerability in Invision Power Board
Invision PowerBoard code injection
Checks for root_path include flaw in ipchat.php
ion-p.exe vulnerability
Checks for the ion-p.exe file
IPCheck Server Monitor Directory Traversal Vulnerability
Checks for directory traversal vulnerability in IPCheck Server Monitor
Ipswitch WhatsUp Professional Authentication bypass detection
Checks for Ipswitch WhatsUp Professional Authentication Bypass
Ipswitch WhatsUp Professional Login.asp SQL Injection Vulnerability
Checks for SQL injection vulnerability in Ipswitch WhatsUp Professional's Login.asp
Ipswitch WhatsUp Professional Multiple Vulnerabilities
Checks for Ipswitch WhatsUp Professional Information Disclosure
IronWebMail Pathname Reference Directory Traversal Vulnerability
Tries to read a local file via IronWebMail
ITA Forum Multiple SQL Injection Vulnerabilities
SQL Injection in ITA Forum
iXmail arbitrary file upload
Checks for iXMail
iXmail SQL injection
Checks for iXMail
Jakarta Tomcat Path Disclosure
Tests for Tomcat Path Disclosure Vulnerability
JamMail Jammail.pl Remote Arbitrary Command Execution Vulnerability
Determines the presence of Jammail.pl remote command execution
Jave Source Code Disclosure
Jave Source Code Disclosure check
JAWS Multiple Input Validation Vulnerabilities
Checks for a file reading flaw in JAWS
JBoss JMX Console DeploymentFileRepository Directory Traversal Vulnerability
Tries to change the JMX Console DeploymentFileRepository's BaseDir
JBoss JMX Console Unrestricted Access Vulnerability
Tries to access the JMX and Web Consoles
JBoss Malformed HTTP Request Remote Information Disclosure
Attempts to read security policy of a remote JBoss server
JBoss source disclosure
Attempts to read the source of a jsp page
JBrowser multiple flaws
Checks JBrowser
JCE Admin Component Local File Include Vulnerability
Tries to read a local file with JCE Admin Component
JGS-Portal Multiple XSS and SQL injection Vulnerabilities
JGS-Portal Multiple XSS and SQL injection Vulnerabilities
Jinzora include_path Parameter Remote File Include Vulnerabilities
Tries to read a local file with Jinzora
Jinzora include_path Variable File Include Vulnerabilities
Checks for include_path variable file include vulnerabilities in Jinzora
jj cgi
Checks for the presence of /cgi-bin/jj
Joomla < 1.0.11 Multiple Vulnerabilities
Checks if input to Joomla's administrator page is sanitized
Joomla < 1.0.11 Remote Code Execution Vulnerability
Tries to run a command in Joomla
Joomla! < 1.0.8 Multiple Vulnerabilities
Checks for path disclosure issue in Joomla!
Joomla! Detection
Checks for presence of Joomla!
JRun directory traversal
Attempts directory traversal attack
JRun's viewsource.jsp
Determines the presence of the jrun flaw
JWalk server traversal
Reads a file outside the web root
K-COLLECT CSV-DB CSV_DB.CGI Remote Command Execution Vulnerability
Checks for K-COLLECT CSV-DB remote command execution flaw
Kayako LiveResponse Multiple Input Validation Vulnerabilities
Checks for multiple input validation vulnerabilities in Kayako LiveResponse
Kebi Academy Directory Traversal
kebi academy is vulnerable to an exploit which lets an attacker view any file that the cgi/httpd user has access to.
KF Web Server /%00 bug
Make a request like http://www.example.com/%00
Kietu code injection
Checks for the presence of hit.php
KorWeblog Remote Directory Listing Vulnerability
Checks the version of the remote KorWeblog
KW whois
Checks for the presence of /cgi-bin/whois.cgi
Land Down Under / Seditio id parameter SQL Injection Vulnerability
Checks for SQL injection vulnerability in Land Down Under / Seditio
Land Down Under <= 800 Multiple Vulnerabilities
Checks for SQL injection in LDU's index.php
Land Down Under <= 801 Multiple Vulnerabilities
Checks for SQL injection in LDU's list.php
Land Down Under HTTP Referer SQL Injection Vulnerability
Checks for HTTP Referer SQL injection vulnerability in Land Down Under
LedgerSMB / SQL-Ledger script Parameter Arbitrary Command Execution Vulnerability
Tries to run a command via LedgerSMB/SQL-Ledger login.pl
LeifWright's blog.cgi command execution
Checks for command execution in LeifWright's blog.cgi
LifeType articleId Parameter SQL Injection Vulnerability
Tries to exploit SQL injection issue in LifeType
LifeType date Parameter SQL Injection Vulnerability
Tries to exploit SQL injection issue in LifeType
LifeType profile Parameter Information Disclosure Vulnerability
Tries to read the configuration file for LifeType
lighttpd Script Source Disclosure Vulnerability
Checks version of lighttpd
Limbo catid Parameter SQL Injection Vulnerability
Tries to affect DB queries in Limbo CMS
Limbo CMS classes_dir Parameter Remote File Include Vulnerability
Tries to read /etc/passwd using Limbo CMS
Limbo CMS Itemid Arbitrary Code Execution Vulnerability
Injects arbitrary PHP code via Itemid parameter in Limbo CMS
Limbo CMS Multiple Vulnerabilities
Checks for multiple vulnerabilities in Limbo
Limbo com_contact File Upload Vulnerability
Tries to upload a file with PHP code in Limbo CMS
Limbo com_fm Component PHP Shell Vulnerability
Tries to call Limbo's com_fm installer
LinPHA <= 1.0 Multiple Vulnerabilities
Checks for multiple vulnerabilities in LinPHA <= 1.0
ListManager < 8.9b Multiple Vulnerabilities
Checks for multiple vulnerabilities in ListManager < 8.9b
ListManager Administrative Command Injection Vulnerability
Checks for administrative command injection vulnerability in ListManager
ListManager Error Message Information Disclosure Vulnerability
Checks for error message information disclosure vulnerability in ListManager
Listserv < 14.3-2005a Multiple Vulnerabilities
Checks for multiple vulnerabilities in Listserv < 14.3-2005a
Listserv < 14.5 Multiple Buffer Overflow Vulnerabilities
Checks version number of Listserv
LiteCommerce SQL Injection Vulnerabilities
Checks LiteCommerce
Looking Glass Multiple Vulnerabilities
Checks for multiple vulnerabilities in Looking Glass
Loudblog < 0.42 Multiple Vulnerabilities
Tries to read Loudblog's config file
Loudblog backend_settings.php Remote File Include Vulnerability
Checks for remote file include vulnerability in Loudblog's backend_settings.php
Loudblog id Parameter SQL Injection Vulnerability
Checks for id Parameter SQL injection flaw in Loudblog
Macallan Mail Solution Multiple HTTP vulnerabilities
Checks for Macallan Mail Solution version
MacOS X Finder reveals contents of Apache Web directories
Checks for .DS_Store
MacOS X Finder reveals contents of Apache Web files
MacOS X Finder reveals contents of Apache Web files
Macromedia ColdFusion MX Path Disclosure Vulnerability
Macromedia ColdFusion MX Path Disclosure Vulnerability
MailEnable HTTPMail Service Authorization Header DoS Vulnerability
Checks for authorization header DoS vulnerability in MailEnable HTTPMail service
MailEnable HTTPMail Service Content-Length Overflow Vulnerability
Checks for Content-Length Overflow Vulnerability in MailEnable HTTPMail Service
MailEnable NetWebAdmin Unauthorized Access Vulnerability (ME-10019)
Checks version of MailEnable's NETWebAdmin.dll
MailEnable Web Mail Client Multiple Vulnerabilities
Checks version of MailEnable
MailGust SQL Injection Vulnerability
Check if MailGust is vulnerable to SQL Injection.
Mailman Detection
Checks for the presence of Mailman
Mailman Log Spoofing Vulnerability
Checks if Mailman filters invalid chars from PATH_INFO
MailMaxWeb Path Disclosure
Checks for MailMaxWeb
mailnews.cgi
Checks for the presence of mailnews.cgi
mailreader.com directory traversal and arbitrary command execution
Checks directory traversal & version number of mailreader.com software
MailWatch authenticate Function SQL Injection Vulnerability
Checks for authentication function SQL injection vulnerability in MailWatch
Mambo / Joomla Component / Module mosConfig_absolute_path Parameter Remote File Include Vulnerability
Tries to read a local file using Mambo / Joomla components and modules
Mambo Code injection Vulnerability
Detect mambo code injection vuln
Mambo Global Variables Unauthorized Access
Checks for index.php malformed request vulnerability
Mambo Open Source / Joomla! GLOBALS Variable Remote File Include Vulnerability
Tries to read a file using Mambo Open Source / Joomla!
Mambo Open Source / Mambo CMS Detection
Checks for presence of Mambo Open Source / Mambo CMS
Mambo Open Source < 4.5.2.3 Multiple Vulnerabilities
Checks for multiple vulnerabilities in Mambo Open Source < 4.5.2.3
Mambo Open Source Multiple Vulnerabilities
Tries to change mos_user_template cookie in Mambo Open Source
Mambo Open Source Tar.php Remote File Include Vulnerability
Detect Tar.php Remote File Include Vulnerability in Mambo Open Source
Mambo Open Source usercookie Parameter SQL Injection Vulnerability
Tries to bypass authentication in Mambo Open Source
Mambo Site Server Cookie Validation
Checks for the presence of Mambo's flaw
Mantis < 0.19.3 Multiple Flaws
Checks for flaws in Mantis < 0.19.3
Mantis Detection
Checks for the presence of Mantis
Mantis Multiple Flaws
Checks for the version of Mantis
Mantis Multiple Flaws (2)
Checks for the version of Mantis
Mantis Multiple Flaws (3)
Checks for the version of Mantis
Mantis Multiple Flaws (4)
Checks for the version of Mantis
Master Index directory traversal vulnerability
Attempts GET /cgi-bin/search/search.cgi?keys=*&prc=any&catigory=../../../../etc
MaxWebPortal <= 1.33 Multiple Vulnerabilities
Checks for multiple vulnerabilities in MaxWebPortal <= 1.33
MaxWebPortal <= 1.35 Multiple Vulnerabilities
Checks for multiple vulnerabilities in MaxWebPortal <= 1.35
MaxWebPortal memKey Parameter SQL Injection Vulnerability
Checks for SQL injection vulnerability in MaxWebPortal's password.asp
McAfee Common Management Agent Directory Traversal Vulnerability
Checks version of Common Management Agent
MediaHouse Statistic Server Buffer Overflow
Overflow of /ss?
MediaWiki < 1.3.17 / 1.4.11 / 1.5.0 Multiple Vulnerabilities
Checks for multiple vulnerabilities in MediaWiki < 1.3.17 / 1.4.11 / 1.5.0
MediaWiki Detection
Detects MediaWiki
MediaWiki Multiple Remote Vulnerabilities
Test for the version of MedaWiki
MediaWiki Multiple Remote Vulnerabilities (2)
Attempts to execute phpinfo() remotely
Mensajeitor Tag Board Admin Bypass
Mensajeitor test
MercuryBoard User-Agent SQL Injection Vulnerability
Checks for User-Agent remote SQL injection vulnerability in MercuryBoard
MetaCart E-Shop ProductsByCategory.ASP SQL and XSS Injection Vulnerabilities
MetaCart E-Shop ProductsByCategory.ASP XSS and SQL injection Vulnerabilities
MiniBB PathToFiles Parameter Remote File Include Vulnerability
Tries to read a local file with MiniBB
miniPortail Cookie Admin Access
Determine if miniPortail can abused
Minis Remote File Access
Checks for a file reading flaw in minis
MiniVend Piped command
Checks for the presence of /cgi-bin/simple/view_page
mmstdod.cgi
Checks for the presence of /cgi-bin/mmstdod.cgi
Mnemo Detection
Checks for presence of Mnemo
Mnogosearch overflows
Checks for search.cgi
ModernBill 4.3.0 and older Multiple Vulnerabilities
Checks for multiple vulnerabilities in ModernBill 4.3.0 and older
MODx < 0.9.1a Multiple Vulnerabilities
Tries to exploit a XSS flaw in MODx
MODx CMS base_path Parameter Remote File Include Vulnerability
Tries to read a local file with MODx CMS
Monkey HTTP Daemon < 0.9.1 Multiple Vulnerabilities
Checks for multiple vulnerabilities in Monkey HTTP Daemon < 0.9.1
Mono XSP Source Code Disclosure Vulnerability
Tries to retrieve ASPX source code using XSP
Monster Top List Remote File Include
Checks for file includes in sources/functions.php
Moodle < 1.5.1 Multiple Vulnerabilities
Checks for multiple vulnerabilities in Moodle < 1.5.1
Moodle < 1.5.3 Multiple SQL Injection Vulnerabilities
Checks for multiple SQL vulnerabilities in Moodle < 1.5.3
Moodle < 1.6.2 Multiple Vulnerabilities
Checks if Moodle's jumpto.php requires a sesskey
Moodle Detection
Detects Moodle
Moodle SQL injection flaws
Determines if Moodle is older than 1.4.3
Moodle tag Parameter SQL Injection Vulnerability
Checks for a SQL injection flaw in Moodle Blog feature
Movable Type < 3.2 Multiple Vulnerabilities
Checks for multiple vulnerabilities in Movable Type < 3.2
Movable Type config file
Checks for the presence of /mt/mt.cfg
Movable Type initialization script found
Checks for the existence of /mt/mt-load.cgi
MPM Guestbook file reading
Determines MPM Guestbook is installed
MRTG mrtg.cgi File Disclosure
checks for mrtg.cgi
MS Personal WebServer ...
......../file.txt
MS Site Server Information Leak
Determine if the remote host is vulnerable to a disclosure vuln.
msmmask.exe
Checks for the presence of /cgi-bin/msmMask.exe
MSQL CGI overflow
Overflows the remote CGI buffer
multihtml cgi
Checks for the presence of /cgi-bin/multihtml.pl
Multiple Cross-Site Scripting Vulnerabilities in phpBB2 Plus <= 1.52
Checks for multiple cross-site scripting vulnerabilities in phpBB Plus <= 1.52
Multiple DotNetNuke HTML Injection Vulnerabilities
Checks version of DotNetNuke
Multiple Local File Include Vulnerabilities in phpMyAdmin
Detect multiple local file include vulnerabilities in phpMyAdmin
Multiple phpShop Vulnerabilities
Detect phpShop SQL Injection
Multiple Remote Vulnerabilities in myEvent
Checks for file includes in myevent.php
Multiple Remote Vulnerabilities in PhotoPost PHP 5.0 RC3 and Older
Checks for multiple remote vulnerabilities in PhotoPost PHP 5.0 RC3 and older
Multiple Remote Vulnerabilities in Zorum <= 3.5
Checks for multiple remote vulnerabilities in Zorum <= 3.5
Multiple SQL Injection Vulnerabilities in iWebNegar
SQL Injection
Multiple SQL Injection Vulnerabilities in phpCOIN <= 1.2.2
Checks for multiple SQL injection vulnerabilities in phpCOIN <= 1.2.2
Multiple Vulnerabilities in Active WebCam Webserver 5.5 and older
Checks for multiple remote vulnerabilities in Active WebCam webserver 5.5 and older
Multiple Vulnerabilities in ArGoSoft Mail Server Pro <= 1.8.7.6
Checks for multiple vulnerabilities in ArGoSoft Mail Server Pro <= 1.8.7.6
Multiple vulnerabilities in Clever Copy
Checks for XSS in results.php
Multiple Vulnerabilities in Merak Webmail / IceWarp Web Mail
Checks for Multiple Vulnerabilities in Merak Webmail / IceWarp Web Mail
Multiple Vulnerabilities in MercuryBoard
Checks for the presence of an old version of mercuryBoard
Multiple vulnerabilities in OpenConnect WebConnect < 6.5.1
Checks for multiple vulnerabilities in OpenConnect WebConnect < 6.5.1
Multiple Vulnerabilities in paFileDB 3.1 and older
Checks for multiple vulnerabilities in paFileDB 3.1 and Older
Multiple Vulnerabilities in paFileDB 3.1 and older (2)
Checks for multiple vulnerabilities in paFileDB 3.1 and Older
Multiple vulnerabilities in PHP Surveyor
Checks for SQL injection in admin.php
Multiple vulnerabilities in PHP TopSites
Tries to access setup.php without authentication
Multiple vulnerabilities in phpBB 2.0.11 and older
Multiple vulnerabilities in phpBB version 2.0.11 and older
Multiple vulnerabilities in phpBB 2.0.13 and older
Checks for multiple vulnerabilities in phpBB 2.0.13 and older
Multiple vulnerabilities in phpBB 2.0.14 and older
Checks for multiple vulnerabilities in phpBB 2.0.14 and older
Multiple vulnerabilities in phpBB <= 2.0.12
Checks for multiple vulnerabilities in phpBB version <= 2.0.12
Multiple Vulnerabilities in phpCOIN 1.2.1b and older
Detects multiple vulnerabilities in phpCOIN 1.2.1b and older
Multiple Vulnerabilities in PHPlist <= 2.6.3
Checks version of PHPlist
Multiple Vulnerabilities in PostNuke 0.760 RC2 and older
Detects multiple vulnerabilities in PostNuke 0.760 RC2 and older
Multiple Vulnerabilities in PostNuke <= 0.760 RC4a
Detects multiple vulnerabilities in PostNuke <= 0.760 RC4a
Multiple Vulnerabilities in PostNuke <= 0.760 RC4b
Detects multiple vulnerabilities in PostNuke <= 0.760 RC4b
Multiple Vulnerabilities in XAMPP
Checks for the version of XAMPP
Multiple Vulnerabilities in yappa-ng < 2.3.2
Checks for multiple vulnerabilities in yappa-ng < 2.3.2
mvnForum activatemember Cross-Site Scripting Vulnerabilities
Checks for an XSS flaw in mvnForum's activatemember script
MyBB < 1.0 Multiple SQL Injection Vulnerabilities
Checks for multiple SQL injection vulnerabilities in MyBB < 1.0
MyBB < 1.01 SQL Injection Vulnerabilities
Checks for SQL injection vulnerabilities in MyBB < 1.01
MyBB < 1.04 Multiple Vulnerabilities
Checks for multiple vulnerabilities in MyBB < 1.04
MyBB <= RC4 Multiple SQL Injection Vulnerabilities
Checks for multiple SQL injection vulnerabilities in MyBB <= RC4
MyBB CLIENT-IP SQL Injection Vulnerability
Checks for CLIENT-IP SQL injection vulnerability in MyBB
MyBB comma Parameter SQL Injection Vulnerability
Checks for comma parameter SQL injection vulnerability in MyBB
MyBB Detection
Checks for presence of MyBB
MyBB fid Parameter SQL Injection Vulnerability (2)
Checks for fid parameter SQL injection vulnerability in MyBB (2)
MyBB finduser SQL Injection
Checks for the presence of a SQL injection in MyBB
MyBB forums Parameter SQL Injection Vulnerability
Checks for forums parameter SQL injection vulnerability in MyBB
MyBB Global Variable Overwrite Vulnerability
Checks for globals.php SQL injection vulnerability in MyBB
MyBB member.php SQL Injection Vulnerability
Checks for SQL injection vulnerability in MyBB's member.php script
MyBB referrer Parameter SQL Injection Vulnerability
Checks for referrer parameter SQL injection vulnerability in MyBB
MyBBB rating Parameter SQL Injection Vulnerability
Checks for rating parameter SQL injection vulnerability in MyBB
myBloggie Multiple Vulnerabilities
Checks for the presence of a myBloggie
MyDMS SQL Injection and Directory Traversal
SQL injection against the remote MyDMS installation
myPHPcalendar injection
Checks for the presence of contacts.php
myphpnuke code injection
Checks for the presence of displayCategory.php
myPHPNuke phptonuke.php Directory Traversal
Reads file through phptonuke.php
myphpPageTool code injection
Checks for the presence of index.html
MyReview email SQL Injection Vulnerability
Checks for SQL injection flaw in MyReview
myServer 0.4.3 / 0.7 Directory Traversal Vulnerability
Attempts to retrieve the path '/././..'
myServer POST Denial of Service
Test POST DoS on myServer
My_eGallery code execution
Checks for the version of My_eGallery
N/X Web Content Management code injection
Checks for the presence of menu.inc.php
Nabopoll path Parameter Remote File Include Vulnerability
Checks for path parameter remote file include vulnerability in Nabopoll
Nag Detection
Checks for presence of Nag
Namazu Multiple Flaws
Checks for the version of Namazu
nbmember.cgi information disclosure
Checks for nbmember.cgi
ncbook/book.cgi
Checks for the presence of /cgi-bin/ncbook/book.cgi
ndcgi.exe vulnerability
Checks for the ndcgi.exe file
NeoMail Session Id Validation Vulnerability
Checks for session id validation vulnerability in NeoMail
Netauth
Checks for the presence of /cgi-bin/netauth.cgi
NETFile Default Admin User / Password Vulnerability
Checks for default admin user / password vulnerability in NETFile FTP/Web Server
NETFile FTP/Web Server Directory Traversal Vulnerabilities
Checks for directory traversal vulnerabilities in NETFile FTP/Web Server
NetGear Hidden Password Check
NetGear Hidden Password Check
Netquery <= 3.1 Multiple Vulnerabilities
Checks for multiple vulnerabilities in Netquery <= 3.1
Netquery <= 3.11 Arbitrary Command Execution Vulnerability
Checks for arbitrary command execution vulnerability in Netquery <= 3.11
Netref Cat_for_gen.PHP Remote PHP Script Injection Vulnerability
Netref Cat_for_gen.PHP Remote PHP Script Injection Vulnerability
netscape publishingXpert 2 PSUser problem
Checks if /PSUser/PSCOErrPage.htm reads any file
NetTools command execution
Executed 'id' through index.php
NetworkActiv Web Server Script Source Disclosure Vulnerability
Checks version of NetworkActiv Web Server
newdsn.exe check
Checks for the presence of /scripts/tools/newdsn.exe
news desk
Checks for the presence of /cgi-bin/newsdesk.cgi
NewsScript Access Validation Vulnerability
Checks for access validation vulnerability in NewsScript
Noah's Classifieds <= 1.3 Multiple Vulnerabilities
Checks for search page SQL injection flaw in Noah's Classifieds
NOCC <= 1.0 Multiple Vulnerabilities
Checks for a local file include flaw in NOCC
Non-Existant Page Physical Path Disclosure Vulnerability
Tests for a Generic Physical Path Disclosure Vulnerability
Novell eDirectory Host Request Header Overflow Vulnerability
Send a special Host request header to eDirectory
Novell Groupwise WebAcc Information Disclosure
Novell Groupwise WebAcc Information Disclosure
Novell GroupWise WebAccess Authentication Bypass
Checks GroupWare Auth Bypass
Novell Web Server NDS Tree Browsing
Novell Web Server NDS Tree Browsing
nph-publish.cgi
Checks for the presence of /cgi-bin/nph-publish.cgi
nph-test-cgi
Checks for the presence of /cgi-bin/nph-test-cgi
Nucleus CMS DIR_LIBS Parameter Remote File Include Vulnerability
Tries to read a local file using Nucleus CMS
Nucleus CMS SQL Injection
Nucleus Version Check
Nucleus Multiple Vulnerabilities
Nucleus Version Check
Nuked-klan file include
Determine if Nuked-klan is vulnerable to a file include attack
Ocean12 ASP Calendar Administrative Access
auth bypass test
Ocean12 Database Download
Checks for Ocean12 guestbook
ocPortal Remote File Include
Determines if ocPortal can include third-party files
ODBC tools check
Checks for the presence of ODBC tools
OfficeScan configuration file disclosure
Checks for the presence of /officescan/hotdownload/ofscan.ini
OmniHTTPd visadmin exploit
Checks for the visadmin.exe cgi
OmniPro HTTPd 2.08 scripts source full disclosure
Check the presence of OmniPro HTTPd 2.08 scripts source disclosure.
OneOrZero SQL injection
Determines OneOrZero is installed
Open Conference System fullpath Parameter Remote File Include Vulnerabilities
Tries to read a local file with OCS
Open WebMail Detection
Checks for the presence of Open WebMail
OpenBB SQL injection
Tests for SQL Injection
OpenBB XSS and SQL injection flaws
Detects openBB version
OpenBiblio < 0.5.2 Multiple Local File Include Vulnerabilities
Tries to read a local file in OpenBiblio
OpenCA HTML Injection
Checks for the version of OpenCA
OpenCA multiple signature validation bypass
Checks for the version of OpenCA
OpenCA signature verification flaw
Checks for the version of OpenCA
OpenCms < 6.22 Multiple Vulnerabilities
Checks the version of OpenCms
OpenDocMan Access Control Bypass
Determines if OpenDocMan is present
OpenEMR fileroot Parameter Remote File Include Vulnerability
Tries to read a local file using OpenEMR
openwebmail command execution
Determines the version of openwebmail
OrangeHRM txtUserName SQL Injection Vulnerability
Tries to bypass OrangeHRM's authentication
Oreon file Parameter Remote File Include Vulnerability
Tries to read a local file with Oreon
Orion Application Server JSP Script Source Disclosure Vulnerability
Checks version of Orion
osCommerce attributes SQL Injection Vulnerability
Checks for SQL injection flaw in osCommerce
osCommerce directory traversal
Determine if osCommerce is vulnerable to dir traversal
osCommerce readme_file Parameter File Disclosure Vulnerability
Tries to read a file with osCommerce
osCommerce Unprotected Admin Directory
Checks for unprotected admin directory in osCommerce
osTicket <= 1.2.7 Multiple Vulnerabilities
Checks for multiple vulnerabilities in osTicket <= 1.2.7
osTicket <= 1.3.1 Multiple Vulnerabilities
Checks version of osTicket
osTicket Attachment Code Execution Vulnerability
Checks for Attachment Code Execution Vulnerability in osTicket
osTicket Attachment Viewing Vulnerability
Checks for Attachment Viewing Vulnerability in osTicket
osTicket Large Attachment Vulnerability
Checks for Large Attachment Vulnerability in osTicket
osTicket setup.php Accessibility
Checks Accessibility of osTicket's setup.php
Outlook Web Access Version
Outlook Web Access version check
Outlook Web anonymous access
Outlook Web anonymous access
overflow.cgi detection
Checks for the presence of a CGI
Owl Intranet Engine <= 0.91 Multiple Vulnerabilities
Checks for SQL injection flaw in Owl Intranet Engine
Owl Intranet Engine xrms_file_root Parameter Remote File Include Vulnerability
Tries to read /etc/passwd via Owl
Owl Login bypass
Determines owl is installed
Owl Multiple Vulnerabilities
Determines owl is installed
ows-bin
Checks if ows-bin is vulnerable
p-news Admin Access
Checks for the presence of p-news.php
P-Synch multiple issues
P-Synch issues
paFAQ Multiple Vulnerabilities
Checks for multiple vulnerabilities in paFAQ
paFileDB Detection
Checks for presence of paFileDB
PAFileDB Error Message Path Disclosure Vulnerability
Checks for psFileDB path disclosure
PaFileDB pafiledbcookie SQL Injection Vulnerability
Checks for pafiledbcookie SQL injection vulnerability in PaFileDB
paFileDB password hash disclosure
Determines the version of paFileDB
paFileDB SQL injection
Determine if pafiledb is vulnerable to a SQL injection
pagelog.cgi
Checks for the presence of /cgi-bin/pagelog.cgi
Pages Pro CD directory traversal
Pages Pro CD directory traversal
Pagesetter id Parameter Information Disclosure Vulnerability
Tries to read a local file with Pagesetter
PAJAX < 0.5.2 Multiple Vulnerabilities
Tries to execute code using PAJAX
pals-cgi
Checks for the presence of /cgi-bin/pals-cgi
paNews admin_setup.php Remote Code Execution Vulnerability
Checks for remote code execution in admin_setup.php in paNews
paNews Detection
Checks for presence of paNews
paNews Input Validation Vulnerabilities
Detects input validation vulnerabilities in paNews
paNews showpost Parameter Cross-Site Scripting Vulnerability
Checks version of paNews
PatchLink Update checkid SQL Injection Vulnerability
Tries to exploit SQL injection issue in PatchLink Update
PatchLink Update downloadreport Script SQL Injection Vulnerabilities
Tries to exploit SQL injection issue in PatchLink Update
PatchLink Update Server nwupload.asp Directory Traversal Vulnerability
Tries to write a file using PatchLink Update Server
PatchLink Update Server proxyreg.asp Authentication Bypass Vulnerability
Tries to list registered proxy server in PatchLink Update Server
PayPal Store Front code injection
Checks for the presence of index.php
PBLang < 4.66z Multiple Vulnerabilities
Checks for multiple vulnerabilities in PBLang < 4.66z
PBLang BBS <= 4.65 Multiple Vulnerabilities
Checks for multiple vulnerabilities in PBLang BBS <= 4.65
PBLang Multiple Vulnerabilities
Checks for multiple vulnerabilities in PBLang
PCCS-Mysql User/Password Exposure
Checks for dbconnect.inc
PD9 MegaBBS multiple vulnerabilities
Checks for the presence of MegaBBS
PDGSoft Shopping cart vulnerability
Checks for PDGSoft Shopping cart executables
perl interpreter can be launched as a CGI
checks for the presence of /cgi-bin/perl
perlcal
Checks for the presence of /cgi-bin/cal_make.pl
PerlDesk File Inclusion
Determines if perldesk is vulnerable to a file inclusion
PerlDesk SQL Injection Vulnerability
Checks if PerlDesk is vulnerable to a SQL injection attack
pfdispaly
Checks for the presence of /cgi-bin/pfdispaly
PGPMail.pl detection
Checks for the presence of PGPMail.pl
phf
Checks for the presence of /cgi-bin/phf
Philboard database access
Downloads philboard.mdb
Philboard philboard_admin.ASP Authentication Bypass
Try to bypass Philboard philboard_admin.ASP Authentication
Phorum Detection
Checks for presence of Phorum
phorum's common.php
Checks for the presence of Phorum's common.php
PhotoPost Multiple Input Validation Vulnerabilities
Checks for multiple input validation vulnerabilities in PhotoPost PHP
PhotoPost PHP Detection
Checks for presence of PhotoPost PHP
PhotoPost showgallery.php SQL Injection
Checks for the presence of an SQL injection in showgallery.php
php 4.2.x malformed POST
Checks for version of PHP
php 4.3.0
Checks for version of PHP
php < 4.3.3
Checks for version of PHP
PHP < 4.4.1 / 5.0.6 Multiple Vulnerabilities
Checks for multiple vulnerabilities in PHP < 4.4.1 / 5.0.6
PHP < 4.4.3 / 5.1.4 Multiple Vulnerabilities
Checks version of PHP
PHP Advanced Transfer Manager <= 1.21 Multiple Vulnerabilities
Checks for multiple vulnerabilities in PHP Advanced Transfer Manager <= 1.21
PHP Advanced Transfer Manager <= 1.30 Multiple Vulnerabilities
Checks for multiple vulnerabilities in PHP Advanced Transfer Manager <= 1.30
php arbitrary file upload
Checks for version of PHP
PHP Doc System Show Parameter Local File Include Vulnerability
Checks for show parameter local file include vulnerability in PHP Doc System
PHP Easy Download admin/save.php Paramater Code Injection Vulnerability
Tries to inject PHP code into remote web server.
php file upload
Checks for version of PHP
PHP iCalendar Arbitrary File Upload Vulnerability
Tries to upload PHP code using PHP iCalendar
PHP iCalendar Cookie Data Local File Include Vulnerability
Tries to read a file using PHP iCalendar
PHP iCalendar getdate Parameter Remote File Include Vulnerability
Checks for getdate parameter remote file include vulnerability in PHP iCalendar
PHP iCalendar Remote File Inclusion Vulnerability
Checks for remote file inclusion vulnerability in PHP iCalendar
php IMAP overflow
Checks for version of PHP
PHP Live Helper Multiple Remote File Include Vulnerabilities
Tries to read /etc/passwd using PHP Live Helper
PHP Live! Remote Configuration File Include
Checks for a flaw in PHP Live! < 2.8.2
php log
Checks for version of PHP
PHP Mail Function Header Spoofing Vulnerability
Checks for version of PHP
PHP Multiple Unspecified Vulnerabilities
Checks for version of PHP
PHP mylog.html/mlog.html read arbitrary file
Checks PHP mylog.html/mlog.html arbitrary file access
php PHP_Variables Memory Disclosure
Checks for version of PHP
php POST file uploads
Checks for version of PHP
PHP Rocket Add-in File Traversal
Looks for a directory traversal vulnerability in the PHP Rocket Add-in for FrontPage.
php safemode
Checks for version of PHP
php socket_iovec_alloc() integer overflow
Checks for version of PHP
PHP Support Tickets SQL Injection Vulnerability
Checks for SQL injection vulnerability in PHP Support Tickets
PHP Upload Center filename Parameter Directory Traversal Vulnerability
Checks for filename parameter directory traversal vulnerability in PHP Upload Center
PHP-Calendar Remote File Include Vulnerability
Determines if PHP-Calendar can include third-party files
PHP-Calendar Search.PHP SQL Injection Vulnerability
Checks for SQL injection vulnerability in PHP-Calendar search.php
PHP-Fusion < 6.00.110 Multiple SQL Injection Vulnerabilities
Checks for SQL injection in PHP-Fusion's register.php
PHP-Fusion <= 6.00.105 Multiple Vulnerabilities
Checks for multiple vulnerabilities in PHP-Fusion <= 6.00.105
PHP-Fusion <= 6.00.106 Multiple Vulnerabilities
Checks for multiple vulnerabilities in PHP-Fusion <= 6.00.106
PHP-Fusion Database Backup Disclosure
Checks the version of the remote PHP-Fusion
PHP-Fusion Detection
Checks the location of the remote PHP-Fusion
PHP-Fusion extract() Variable Overwriting Vulnerabilities
Tries to overwrite $_SERVER[REMOTE_ADDR] with PHP-Fusion
PHP-Fusion members.php SQL injection
Checks the version of the remote PHP-Fusion
PHP-Fusion Viewthread.php Information Disclosure Vulnerability
Checks the version of the remote PHP-Fusion
PHP-Kit Multiple Flaws
Check for SQL Injection in PHPKIT
PHP-Nuke copying files security vulnerability (admin.php)
Determine if a remote host is vulnerable to the admin.php vulnerability
PHP-Nuke Gallery Add-on File View
Determine if a remote host is vulnerable to the gallery vulnerability
PHP-Nuke is installed on the remote host
Determines if PHP-Nuke is installed on the remote host
PHP-Nuke security vulnerability (bb_smilies.php)
Determine if a remote host is vulnerable to the bb_smilies.php vulnerability
PHP-Nuke' opendir
Determine if a remote host is vulnerable to the opendir.php vulnerability
php-ping Count Parameter Command Execution Vulnerability
Detect PHP Ping Code Execution
php-proxima file reading
Determines owl is installed
PHP-Update blog.php Variable Overwriting Vulnerability
Checks if variables can be overwritten with PHP-Update's blog.php
php.cgi
Checks for the presence of /cgi-bin/php.cgi
php.cgi buffer overrun
Checks for the /cgi-bin/php.cgi buffer overrun
PHP.EXE / Apache Win32 Arbitrary File Reading Vulnerability
Tests for PHP.EXE / Apache Win32 Arbitrary File Reading Vulnerability
PHP3 Physical Path Disclosure Vulnerability
Tests for PHP3 Physical Path Disclosure Vulnerability
php4 multiple flaws
Checks for version of PHP
PHP4 Physical Path Disclosure Vulnerability
Tests for PHP4 Physical Path Disclosure Vulnerability
php4/5 Vulnerabilities
Checks for version of PHP
phpAdsNew / phpPgAds < 2.0.6 Multiple Vulnerabilities
Checks for multiple vulnerabilities in phpAdsNew / phpPgAds < 2.0.6
PHPAdsNew code injection
Checks for the presence of remotehtmlview.php
phpAdsNew Multiple Vulnerabilities
Checks for the presence of a XSS in phpAdsNew
phpAdsNew XML-RPC Library Remote Code Injection Vulnerability
Checks for remote code injection vulnerability in phpAdsNew XML-RPC library
phpAlbum data_dir Parameter Remote File Include Vulnerability
Tries to read /etc/passwd using phpAlbum
Phpauction <= 2.5 Multiple Vulnerabilities
Checks for multiple vulnerabilities in Phpauction <= 2.5
phpauction Admin Authentication Bypass
Attempts to bypass phpauction administrative authentication
phpBannerExchange Template Class Local File Include Vulnerability
Tries to read a file using phpBannerExchange's template class
phpBB < 2.0.11
Check for the version of phpBB
phpBB < 2.0.22 Multiple Vulnerabilities
Tries to pass a 'bad' redirect in via phpBB
phpBB <= 2.0.15 Remote Code Execution Vulnerability
Checks for remote code execution vulnerability in phpBB <= 2.0.15
phpBB <= 2.0.16 Nested BBCode URL Tags Cross-Site Scripting Vulnerability
Checks for nested BBCode URL tags cross-site scripting vulnerability in phpBB <= 2.0.16
phpBB <= 2.0.17 Multiple Vulnerabilities
Checks for multiple vulnerabilities in phpBB <= 2.0.17
phpBB Component phpbb_root_path Parameter Remote File Include Vulnerabilities
Tries to read a local file using the phpBB Component
phpBB Detection
Check for phpBB version
phpBB Fetch All < 2.0.12
Check for phpBB Fetch All version
phpBB File Upload Script Vulnerability
Checks for file upload script vulnerability in phpBB
phpBB Knowledge Base Module SQL Injection Vulnerability
Checks for SQL injection vulnerability in phpBB Knowledge Base module
phpBB Module phpbb_root_path Parameter Remote File Include Vulnerability
Tries to read a local file using phpBB modules
phpBB Photo Album Module <= 2.0.53 Multiple Vulnerabilities
Checks for multiple vulnerabilities in phpBB Photo Album Module <= 2.0.53
phpBB remote PHP file include vulnerability
Checks for the presence of admin_cash.php
phpBugTracker bug.php SQL Injection
Checks for the presence of an SQL Injection bug in phpBugTracker
PHPCatalog SQL injection
SQL Injection
phpCOIN < 1.2.2 2005-12-13 Fix-File Multiple Vulnerabilities
Checks for multiple vulnerabilities in phpCOIN < 1.2.2 2005-12-13 fix-file
phpCOIN _CCFG Parameter Remote File Include Vulnerability
Tries to read a local file with phpCOIN
phpCommunityCalendar Multiple Vulnerabilities
Checks for the presence of a phpCommunityCalendar
phpdig Code injection Vulnerability
Detect phpdig code injection vuln
phpDig Vulnerability
Checks the version of phpMyAdmin
phpDocumentor <= 1.3.0 RC4 Local And Remote File Inclusion Vulnerability
Check if phpDocumentor is vulnerable to remote file inclusion flaws
PHPFM Arbitrary File Upload Vulnerability
Checks for arbitrary file upload vulnerability in PHPFM
phpFormGenerator Arbitrary File Upload Vulnerability
Tries to execute arbitrary code using phpFormGenator
phpGedView arbitrary file reading
Checks Aprox Portal
phpGedView Code injection Vulnerability
Detect phpGedView Include() Vulnerability
PhpGedView PGV_BASE_DIRECTORY Parameter Remote File Include Vulnerability
Checks for PGV_BASE_DIRECTORY parameter remote file include vulnerability in PhpGedView
PhpGroupWare Addressbook < 0.9.16 Unspecified Flaw
Checks for PhpGroupWare version
PhpGroupWare arbitrary command execution
Checks for PhpGroupWare version
PhpGroupWare calendar server side script execution
Checks for PhpGroupWare version
PhpGroupWare Detection
Checks for PhpGroupWare
PhpGroupWare index.php HTML injection vulnerabilities
Checks for PhpGroupWare version
PhpGroupWare multiple HTML injection vulnerabilities
Checks for PhpGroupWare version
PhpGroupWare multiple module SQL injection vulnerabilities
Checks for PhpGroupWare version
PhpGroupWare plaintext cookie authentication credentials vulnerability
Checks for PhpGroupWare version
PhpGroupWare unspecified remote file include vulnerability
Checks for PhpGroupWare version
phpinfo.php
Checks for the presence of phpinfo.php
PHPix directory traversal vulnerability
PHPix directory traversal vulnerability
phpix remote command execution
Detect phpix cmd execution
phpLDAPadmin Anonymous Bind Security Bypass Vulnerability
Checks for anonymous bind security bypass vulnerability in phpLDAPadmin
phpLDAPadmin custom_welcome_page Parameter File Include Vulnerability
Checks for custom_welcome_page parameter file include vulnerability in phpLDAPadmin
PHPLinks Multiple Input Validation Vulnerabilities
Checks for the presence of PHPLinks
PHPlist database_module Parameter Local File Include Vulnerability
Tries to read /etc/passwd using PHPlist
PHPlist Detection
Checks for presence of PHPlist
phpListPro returnpath Remote File Include Vulnerabilities
Checks for file includes in phpListPro's config.php
phpMyAdmin < 2.6.4-pl3 Multiple Vulnerabilities
Checks for multiple vulnerabilities in phpMyAdmin < 2.6.4-pl3
phpMyAdmin < 2.9.1 Multiple Vulnerabilities
Tries to pass in a numeric key in phpMyAdmin
phpMyAdmin arbitrary file reading (2)
Checks phpMyAdmin
phpMyAdmin arbitrary files reading
Checks for the presence of sql.php
phpMyAdmin Detection
Checks for the presence of phpMyAdmin
phpMyAdmin import_blacklist Variable Overwriting Vulnerability
Tries to read a local file using phpMyAdmin
phpMyAdmin multiple flaws
Checks for the presence of phpMyAdmin
phpMyAdmin Multiple Remote Vulnerabilities
Checks the version of phpMyAdmin
phpMyAdmin remote command execution
Checks the version of phpMyAdmin
PHPMyAdmin subform File Inclusion Vulnerability
Checks for subform file inclusion vulnerability in PHPMyAdmin
phpMyAgenda rootagenda Parameter File Include Vulnerability
Checks for a possible file inclusion flaw in phpMyAgenda
PHPMyBackupPro Input Validation Issues
Fetches the version of phpMyBackupPro
phpMyChat Information Disclosure
Checks for the presence of an Information Disclosure in phpMyChat
phpMyConferences lvc_include_dir Parameter Remote File Include Vulnerability
Tries to read a local file with phpMyConferences
phpMyExplorer dir traversal
phpMyExplorer dir traversal
phpMyFAQ < 1.5.2 Multiple Vulnerabilities
Checks for multiple vulnerabilities in phpMyFAQ < 1.5.2
phpMyFAQ < 1.6.10 File Upload Vulnerability
Tries to bypass authentication with phpMyFAQ's ImageManager plugin
phpMyFAQ < 1.6.8 Multiple SQL Injection Vulnerabilities
Checks for SQL injection in phpMyFAQ
phpMyFAQ action parameter arbitrary file disclosure vulnerability
Check the version of phpMyFAQ
phpMyFAQ Detection
Checks for presence of phpMyFAQ
phpMyFAQ Image Upload Authentication Bypass
Check the version of phpMyFAQ
phpMyFAQ username SQL Injection Vulnerability
Checks for username SQL injection vulnerability in phpMyFAQ
PHPMyWebHosting SQL Injection Vulnerability
Checks for the presence of PHPMyWebhosting
PHPNews auth.php Remote File Include Vulnerability
Detects remote file include vulnerability in auth.php in PHPNews
PHPNews auth.php SQL Injection Vulnerability
Checks for auth.php SQL injection vulnerability in PHPNews
PHPNews prevnext Parameter SQL Injection Vulnerability
Checks for prevnext parameter SQL injection vulnerability in PHPNews
PHPNews sendtofriend.php SQL injection
Makes a request to the remote host by supplying the mid paramter in the url
phpPgAdmin arbitrary files reading
Checks for the presence of sql.php
phpPgAdmin formLanguage Parameter Local File Include Vulnerability
Checks for formLanguage parameter directory traversal vulnerability in phpPgAdmin
phpPGAds HTTP Response Splitting Vulnerability
Checks for the presence of phpPGAds/phpAdsNew
phpping code execution
Checks for the presence of phpping
PHProjekt <= 5.1 Multiple Remote File Include Vulnerabilities
Tries to read a local file using PHProjekt
PHProjekt path_pre Parameter Remote File Include Vulnerability
Tries to read /etc/passwd using PHProjekt
PHProjekt Unspecified Authentication Bypass Vulnerability
Uses a form-POST method to enter the configuration page
PHProxy Detection
Checks for the presence of PHProxy
phpRPC Library Remote Code Execution Vulnerability
Checks for remote code execution in phpRPC library
phpSecurePages cfgProgDir Variable File Include Vulnerabilities
Checks for cfgProgDir variable file include vulnerabilities in phpSecurePages
PHPSurveyor sid SQL Injection Flaw
Checks for PHPSurveyor sid SQL injection flaw
phpSysInfo < 2.4.1 Multiple Vulnerabilities
Checks for multiple vulnerabilities in phpSysInfo < 2.4.1
phpwcms Multiple Vulnerabilities
Checks for multiple vulnerabilities in phpwcms
phpwcms spaw_root Parameter Remote File Include Vulnerability
Tries to read a local file using phpwcms
phpWebFTP language Parameter Local File Include Vulnerability
Tries to read /etc/passwd using phpWebFTP
phpWebLog Cross Site Scripting
Checks for the presence of a phpWebLog XSS
phpWebNotes t_path_core Parameter File Include Vulnerability
Checks for t_path_core parameter file include vulnerability in phpWebNotes
phpWebSite <= 0.10.1 Multiple Vulnerabilities
Detects multiple vulnerabilities in phpWebSite <= 0.10.1
phpWebSite Arbitrary PHP File Upload as Image File Vulnerability
Detects arbitrary PHP file upload as image file vulnerability in phpWebSite
phpWebSite Detection
Checks for the presence of phpWebSite
phpWebSite hub_dir Parameter Local File Include Vulnerability
Tries to read /etc/passwd using phpWebSite
phpWebSite multiple flaws
SQL Injection and more.
phpWebSite Search Module SQL Injection Vulnerability
Detects search module SQL injection vulnerability in phpWebSite
phpWebThings editor_insert_bottom Parameter Remote File Include Vulnerability
Tries to read a local file with phpWebThings
phpWebThings forum Parameter SQL Injection Vulnerabilities
Check if phpWebThings is vulnerable to SQL Injection attacks
PHPWind Board Remote File Include Vulnerability
Checks for the presence of PHPWind Board.
PHPX username Parameter SQL Injection Vulnerability
Checks for username parameter SQL injection vulnerability in PHPX
Pi3Web tstisap.dll overflow
Checks for the presence of /isapi/tstisapi.dll
ping.asp
Checks for the presence of ping.asp
Pinnacle ShowCenter Skin DoS
Checks skin DoS in Pinnacle ShowCenter
PIX Firewall Manager Directory Traversal
\..\..\file.txt
Pixelpost < 1.5 RC1 Multiple Vulnerabilities
Tries to inject SQL code via Pixelpost's showimage parameter
Pixelpost category Parameter SQL Injection Vulnerability
Tries to exploit SQL injection issue in Pixelpost
PJreview_Neo.cgi arbitrary file reading
Checks Aprox Portal
Plain Old Webserver Directory Traversal Vulnerability
Tries to read a file using POW
PlaySMS Cookie SQL Injection
Tests for the PlaySMS SQL Injection
Plogger config Parameter Remote File Include Vulnerability
Checks for config parameter remote file include vulnerability in Plogger
Plone Unprotected MembershipTool Methods Vulnerability
Tries to change profiles using Plone
Plume CMS <= 1.0.2 Remote File Inclusion Vulnerability
Check if Plume CMS is vulnerable to a file inclusion flaw
PlusMail vulnerability
Checks for the presence of /cgi-bin/plusmail
pmachine code injection
Checks for the presence of lib.inc.php
pmachine code injection (2)
Checks for the presence of mail_autocheck.php
PmWiki < 2.1 beta 21 Multiple Vulnerabilities
Checks for multiple vulnerabilities in PmWiki < 2.1 beta 21
PmWiki < 2.1.21 Global Variables Overwrite Vulnerability
Checks for a remote file include flaw in PmWiki
Polar HelpDesk Authentication ByPass
Checks for PolarHelpDesk
Poll It v2.0 cgi
Checks for the presence of /cgi-bin/pollit/Poll_It_SSI_v2.0.cgi
popper_mod
Checks if popper_mod is vulnerable
Post-Nuke information disclosure
Determine if a remote host is vulnerable to the opendir.php vulnerability
Post-Nuke information disclosure (2)
Determine if a remote host is vulnerable to the opendir.php vulnerability
Post-Nuke Multiple XSS
Determines if post-nuke is vulnerable to XSS
Post-Nuke pnTresMailer Directory Traversal
Determines if pnTresMailer is vulnerable to a Directory Traversal
Post-Nuke Rating System Denial Of Service
Determine if a remote host is vulnerable to the postnuke rating dos vulnerability
Post-Nuke SQL injection
Determines if post-nuke is vulnerable to SQL injection
Poster version.two privilege escalation
Determines owl is installed
PostNuke < 0.762 Multiple Vulnerabilities
Checks for admin access bypass issue in PostNuke
PostNuke Detection
Detects the presence of PostNuke
PostNuke Install Script
Determines if post-nuke's install.php is readable
PostNuke PNphpBB2 phpbb_root_path Parameter Remote File Include Vulnerability
Tries to read a file with PNphpBB2 Module
Power Up Information Disclosure
Power Up Information Disclosure
PowerPortal Path Dislcosure
Checks for the presence of an Path Disclosure bug in PowerPortal
PowerPortal Private Message HTML Injection
Checks the version of the remote PowerPortal Installation
PowerPortal SQL Injection
Checks the version of the remote PowerPortal Installation
PPA ppa_root_path Variable File Include Vulnerability
Checks for ppa_root_path variable file include vulnerability in PPA
printenv
Checks for the presence of /cgi-bin/printenv
processit
Checks for the presence of /cgi-bin/processit
ProductCart Multiple Input Validation Vulnerabilities
Checks for multiple input validation vulnerabilities in ProductCart
ProductCart Multiple SQL Injection Vulnerabilities (2)
Checks for multiple SQL injection vulnerabilities (2) in ProductCart
ProductCart SQL Injection
Determine if ProductCart is vulnerable to a sql injection attack
Psunami.CGI Command Execution
Checks for Psunami.CGI
PT News Unauthorized Administrative Access
Determine if PTNews grants administrative access to everyone
PunBB < 1.2.6 Multiple Vulnerabilities
Detects multiple vulnerabilities in PunBB < 1.2.6
PunBB < 1.2.7 Multiple Vulnerabilities
Checks for multiple vulnerabilities in PunBB < 1.2.7
PunBB < 1.2.8 Multiple Vulnerabilities
Checks for multiple vulnerabilities in PunBB < 1.2.8
PunBB detection
Checks for presence of PunBB
PunBB Input Validation Vulnerabilities
Detects input validation vulnerabilities in PunBB
PunBB language Paramater Local File Include Vulnerability
Tries to read a local file with PunBB
PunBB old_searches Parameter SQL Injection Vulnerability
Checks for old_searches parameter SQL injection vulnerability in PunBB
PunBB profile.php SQL Injection Vulnerability
Checks for SQL injection vulnerability in PunBB's profile.php
PunBB search dropdown information disclosure
Checks for PunBB version for information disclosure
PWSPHP XSS
Checks XSS in PWSPHP
Qualiteam X-Cart remote command execution
Checks Qualiteam X-Cart
quickstore traversal
Checks for the presence of /cgi-bin/quickstore.cgi
quickstore traversal (2)
Checks for the presence of /cgi-bin/quickstore.cgi
Quicktime/Darwin Remote Admin Exploit
Checks Quicktime/Darwin server for parse_xml.cgi
QWikiwiki directory traversal vulnerability
Checks for the presence of a File Inclusion Vulnerability
RaidenHTTPD directory traversal
RaidenHTTPD directory traversal
RaidenHTTPD Script Source Disclosure Vulnerability
Checks version of RaidenHTTPD
RaidenHTTPD SoftParserFileXml Remote File Include Vulnerability
Tries to run a command with RaidenHTTPD
RCBlog post Parameter Directory Traversal Vulnerability
Checks for directory transversal in RCBlog index.php script
Read any file thanks to ~nobody/
Checks for the presence of /~nobody/etc/passwd
readfile.tcl
checks for readfile.tcl
Reading CGI script sources using /cgi-bin-sdb
Checks for the presence of /cgi-bin-sdb/
readmsg.php detection
Checks for the presence of Cobal Cube webmail
RealServer default.cfg file search
RealServer default.cfg file search
RedHat 6.0 cachemgr.cgi
Checks whether the cachemgr.cgi is installed and accessible.
Redhat Stronghold File System Disclosure
Redhat Stronghold File System Disclosure
Remote Code Execution in ezContents
Detect ezContents Code Execution
Resin Directory Traversal Vulnerability
Tries to retrieve boot.ini using Resin
Resin DOS device path disclosure
Tests for Resin path disclosure vulnerability
Resin traversal
\..\..\file.txt
Resin viewfile Servlet File Disclosure Vulnerability
Tries to get the absolute installation path of Resin
Rich Media E-Commerce Stores Sensitive Information Insecurely
Rich Media E-Commerce Stores Sensitive Information Insecurely
RiSearch Arbitrary File Access
Determines the presence of RiSearch show.pl
RM SafetyNet Plus XSS
Checks RM SafetyNet Plus XSS
ROADS' search.pl
Checks for the presence of /cgi-bin/search.pl
Robots.txt Information Disclosure
Checks for a web server's robots.txt
rot13sj.cgi
Checks for rot13sj.cgi
Roxen counter module
Roxen counter module installed ?
Roxen Server /%00/ bug
Make a request like http://www.example.com/%00/
rpm_query CGI
checks for rpm_query
Ruby on Rails Routing Denial of Service Vulnerability
Tries to hang Ruby on Rails
RunCMS <= 1.2 Multiple Vulnerabilities
Checks for multiple vulnerabilities in RunCMS <= 1.2
RunCms bbPath Parameter Remote File Include Vulnerability
Checks for bbPath parameter remote file include vulnerability in RunCms
RunCMS Remote Arbitrary File Upload Vulnerability
Checks for remote arbitrary file upload vulnerability in RunCMS
Sambar /cgi-bin/mailit.pl installed ?
Checks for the presence of /cgi-bin/mailit
Sambar /sysadmin directory 2
Sambar webserver installed ?
Sambar CGIs path disclosure
Some CGIs reveal the web server installation directory
Sambar default CGI info disclosure
Tests for testcgi.exe and environ.pl
Sambar sendmail /session/sendmail
Sambar /session/sendmail mailer installed ?
Sambar Web Server CGI scripts
Checks for the presence of /cgi-bin/{hello,echo}.bat
Sambar webserver pagecount hole
Make a request like http://www.example.com/session/pagecount
SandSurfer User Authentication Vulnerability
Checks for SandSurfer
SAP Internet Graphics Server Directory Traversal Vulnerability
Attempts to read /etc/passwd
Savant cgitest.exe buffer overflow
Savant cgitest.exe buffer overflow
Savant original form CGI access
Determine if a remote host is Savant web server, and whether it is vulnerable to attack
SaveWebPortal <= 3.4 Multiple Vulnerabilities
Checks for SaveWebportal arbitrary file inclusion
Sawmill < 7.1.6 Multiple Vulnerabilities
Checks for multiple vulnerabilities in Sawmill < 7.1.6
SAXoPRESS url Parameter Directory Traversal Vulnerability
Tries to retrieve a file using SAXoPRESS
sBLOG keyword Parameter SQL Injection Vulnerability
Checks for keyword parameter SQL injection in sBLOG
ScanMail file check
Checks for the presence ScanMail files
Scout Portal Toolkit forumid Parameter SQL Injection Vulnerability
Checks for forumid parameter SQL injection in Scount Portal Toolkit
sdbsearch.cgi
Determines the presence of the sdbsearch.cgi
Seditio Detection
Checks for presence of Seditio
Segue CMS themesdir Parameter Remote File Include Vulnerability
Tries to read a local file with Segue CMS
Sendcard SQL injection
Checks for SQL injection in the id field in sendcard.php
sendtemp.pl
Checks for the presence of /cgi-bin/sendtemp.pl
Serendipity < 0.8.1 Multiple Vulnerabilities
Checks for multiple vulnerabilities in Serendipity < 0.8.1
Serendipity Detection
Checks for presence of Serendipity
Serendipity exit.php SQL Injection Vulnerabilities
Checks for SQL injection vulnerabilities in Serendipity exit.php
Serendipity serendipity[charset] Parameter Local File Include Vulnerabilities
Tries to read a local file with Serendipity
Serendipity SQL Injections
Checks for SQL injection vulnerability in Serendipity
Serendipity XML-RPC for PHP Remote Code Injection Vulnerability
Checks for XML-RPC for PHP remote code injection vulnerability in Serendipity
ServletExec 4.1 / JRun ISAPI DoS
Tests for ServletExec 4.1 ISAPI DoS
ServletExec 4.1 ISAPI File Reading
Tests for ServletExec File Reading
ServletExec 4.1 ISAPI Physical Path Disclosure
Tests for ServletExec 4.1 ISAPI Path Disclosure
SGallery idimage SQL Injection
Checks for the presence of an SQL injection in idimage parameter
sgdynamo_path
sgdynamo.exe Path Disclosure
sglMerchant Information Disclosure Vulnerability
sglMerchant Information Disclosure Vulnerability
Shells in /cgi-bin
Checks for the presence of various shells in /cgi-bin
ShopCartCGI arbitrary file reading
Checks ShopCart
ShopPlus Arbitrary Command Execution
ShopPlus Arbitrary Command Execution
ShowCode possible
Determines the presence of showcode.asp
Silent-Storm Portal Multiple Input Validation Vulnerabilities
Checks for vulnerabilities in Silent-Storm Portal
SilverNews < 2.0.4 Multiple Vulnerabilities
Checks for multiple vulnerabilities in SilverNews < 2.0.4
SilverStream database structure
Checks if SilverStream database structure is visible.
SilverStream directory listing
Checks if SilverStream directory listings are disabled.
SimpGB Guestbook.PHP SQL Injection Vulnerability
Checks for SQL injection in SimpGB
Simple Form Mail Relaying via Subject Tags Vulnerability
Checks for Mail Relaying via Subject Tags Vulnerability in Simple Form
Simple Form Mail Relaying Vulnerability
Checks for Mail Relaying Vulnerability in Simple Form
Simple Machines Forum Avatar Information Disclosure Vulnerability
Checks for avatar code execution vulnerability in Simple Machines Forum
Simple Machines Forum msg Parameter SQL Injection Vulnerability
Checks for msg parameter SQL injection vulnerability in Simple Machines Forum
Simple PHP Blog <= 0.4.0 Multiple Vulnerabilities
Checks for multiple vulnerabilities in Simple PHP Blog <= 0.4.0
Simple PHP Blog blog_language Parameter Local File Include Vulnerability
Tries to read a file using Simple PHP Blog
SimpleBBS name Parameter Arbitrary Command Execution Vulnerability
Checks for name parameter arbitrary command execution vulnerability in SimpleBBS
SimpleBBS users disclosure
Checks for the presence of users.php
SimpleBoard / Joomlaboard sbp Parameter Remote File Include Vulnerabilities
Tries to read a local file using SimpleBoard / Joomlaboard
SimpleChat information disclosure
Checks for the presence of data/usr
Simplicity oF Upload language Parameter File Include Vulnerability
Checks for language parameter file include vulnerability in Simplicity oF Upload
Simplog <= 0.9.2 Multiple Vulnerabilities
Tries to read /etc/passwd using Simplog
Singapore Gallery Multiple Flaws
The presence of Singapore Gallery
Singapore MD5 Administrative Password Disclosure
Checks adminusers.csv presence
SIR GNUBoard Remote File Inclusion
Checks for the presence of index.php
Site@School cmsdir Parameter Remote File Include Vulnerabilities
Tries to read a local file with Site@School
SiteBuilder-FX admindir Parameter Remote File Include Vulnerability
Tries to read a local file using SiteBuilder-FX
SiteEnable XSS and SQL Injection Vulnerabilities
Checks for XSS and SQL injection vulnerabilities in SiteEnable
Siteframe LOCAL_PATH Remote File Include Vulnerability
Checks for LOCAL_PATH remote file include vulnerability in Siteframe
Siteman Page User Database Privilege Escalation Vulnerability
Checks SiteMan's version
Sitemap.xml File and Directory Enumeration
Checks for a web server's sitemap.xml
SiteMinder HTML Page Injection Vulnerability
Checks for a flaw in SiteMinder
SIX Webboard's generate.cgi
Checks for the presence of /cgi-bin/webboard/generate.cgi
Skull-Splitter Guestbook Multiple HTML Injection Vulnerabilities
Skull-Splitter Guestbook Multiple HTML Injection Vulnerabilities
SLMail WebMail overflows
Determines if the remote SLWebMail server is flawed
smb2www installed
smb2www Command Execution
smb2www remote command execution
smb2www Command Execution
Snapstream PVS web directory traversal
Snapstream web directory traversal
Snif File Disclosure
Checks for the version of Snif
Snitz Forums 2000 SQL injection
Determine Snitz forums version
Snitz Forums Cmd execution
Determine if Snitz forums is vulnerable to a cmd exec flaw
Snoop Servlet path disclosure
Attempts to enumerate physical path
sojourn.cgi
Checks for the presence of /cgi-bin/sojourn.cgi
SonicWall SOHO Web Interface XSS
Checks SonicWall SOHO Web Interface XSS
SparkleBlog SQL Injection
Checks for the presence of an SQL injection in id parameter
Sphider settings_dir Parameter Remote File Include Vulnerability
Tries to read /etc/passwd using Sphider
SPiD lang_path Remote File Include Vulnerability
Checks for lang_path variable file include vulnerability in SPiD
SpiderSales Shopping Cart SQL injection
Checks for the presence of SpiderSales Shopping cart
spin_client.cgi buffer overrun
Checks for the /cgi-bin/spin_client.cgi buffer overrun
SPIP < 1.8.2-g SQL Injection and XSS Flaws
Checks for SPIP SQL injection flaw
Spyke Flaws
Checks for the presence of info.dat
SQL Disclosure in Invision Power Board
Detect IPB SQL Disclosure
SQL injection in Antiboard
SQL Injection
SQL injection in JPortal
SQL Injection
SQL injection in phpBB
SQL Injection
SQL injection in phpBB (2)
SQL Injection
SQL injection in phpBB (3)
SQL Injection
SQL injection in phpBB Login Form
SQL Injection
SQL injection in ReviewPost PHP Pro
SQL Injection
SQL injection in XPression Software
SQL Injection
SQL injection in XTreme ASP Photo Gallery
SQL Injection in XTreme ASP Photo Gallery
SQL injections in Photopost PHP Pro
SQL Injection
SQLiteManager SQLiteManager_currentTheme Cookie Local File Include Vulnerability
Tries to read a local file with SQLiteManager
SQLQHit Directory Structure Disclosure
SQLQHit Directory Stracture Disclosure
Squirrelcart cart_isp_root Remote File Include Vulnerability
Tries to read a local file using Squirrelcart
SquirrelCart SQL Injection
SQL Injection in Squirrelcart
SquirrelMail < 1.4.6 Multiple Vulnerabilities
Checks for IMAP command injection in SquirrelMail
SquirrelMail < 1.45 Multiple Vulnerabilities
Checks for multiple vulnerabilities in SquirrelMail < 1.45
SquirrelMail base_uri Parameter Information Disclosure Vulnerability
Tries to change path parameter used by SquirrelMail cookies
SquirrelMail decodeHeader HTML injection vulnerability
Check Squirrelmail for HTML injection vulnerability
SquirrelMail Detection
Checks for the presence of SquirrelMail
SquirrelMail plugins Parameter Local File Include Vulnerability
Tries to read file using SquirrelMail
SquirrelMail S/MIME Plug-in Remote Command Execution Vulnerability
Checks for remote command execution vulnerability in SquirrelMail S/MIME Plugin
SquirrelMail session_expired_post Arbitrary Variables Overwriting Vulnerability
Tries to overwrite a variable SquirrelMail
SquirrelMail's Multiple Flaws
Determine if squirrelmail reads arbitrary files
Stadtaus Form Mail Script Remote File Include Vulnerability
Detects file include vulnerabilities in Stadtaus' PHP Scripts
StellarDocs Path Disclosure
SQL Injection and more.
StockMan Shopping Cart Command Execution
determines the version of shop.plx
StockMan Shopping Cart Path disclosure
determines the remote root path
store.cgi
Checks for the presence of /cgi-bin/store.cgi
Stronghold Swish
Checks for the presence of cgi-bin/search
Sugar Open Source Detection
Checks for presence of Sugar Open Source
SugarCRM <= 4.0 beta Remote File Inclusion Vulnerability
Check if SugarCRM is vulnerable to Directory Traversal and Remote File Inclusion
SugarCRM <= 4.2.0a Multiple Remote File Include Vulnerabilities
Tries to read a local file using SugarCRM
SugarSales Remote File Access
Checks for a file reading flaw in SugarSales
Sun Server Console Authentication Bypass Vulnerability
Tries to authenticate to Server Console as admin/admin
Sun's Java Web Server remote command execution
Checks for the presence of /servlet/sunexamples.BBoardServlet
SunONE Application Server source disclosure
Attempts to read the source of a jsp page
SunSolve CD CGI user input validation
SunSolve CD CGI scripts are vulnerable to a few user input validation problems
Super Guestbook config disclosure
Checks for superguestconfig
Super-M Son hServer Directory Traversal
Super-M Son hServer is vulnerable to an exploit which lets an attacker view any file that the web server has access to.
SWC Overflow
Checks for the presence of /cgi-bin/swc
Sybase EAServer Default Administrator password
Checks for default administrator password in Sybase EAServer
Symantec AntiVirus Scan Engine Multiple Remote Vulnerabilities
Checks if Symantec Scan Engine is vulnerable
Sympa invalid LDAP password DoS
Checks for sympa version
Sympa queue utility privilege escalation vulnerability
Checks for sympa version
Sympa unauthorised list creation security issue
Checks for sympa version
Sympa wwsympa do_search_list Overflow DoS
Checks for sympa version
Synchrologic User account information disclosure
Determines if Synchrologic is installed
SysCP < 1.2.11 Multiple Script Execution Vulnerabilities
Checks for multiple script execution vulnerabilities in SysCP < 1.2.11
Sysinfo name Parameter Code Execution Vulnerability
Tries to execute arbitrary code using Sysinfo
TalentSoft Web+ Input Validation Bug Vulnerability
Checks if webplus reads any file
Talentsoft Web+ reveals install path
Checks for Webplus install path disclosure
TalentSoft Web+ version detection
Get the version of Web+ CGI
technote's main.cgi
Checks for the presence of /technote/main.cgi
tektronix's _ncl_items.shtml
Checks for the presence of _ncl_*.shtml
Terminal Services Web Detection
Find instances of tsweb
test-cgi
Checks for the presence of /cgi-bin/test-cgi
Tests for Nimda Worm infected HTML files
Tests for Nimda Worm infected HTML files
texis.exe information disclosure
Checks for texis.exe
texis.exe path disclosure
Checks for texis.exe
textcounter.pl
Checks for the presence of /cgi-bin/textcounter.pl
TextPortal Default Passwords
Logs into the remote TextPortal interface
The Includer remote command execution flaw
The Includer remote command execution detection
ThinClientServer Admin Account Creation Vulnerability
Tries to create an account in ThinClientServer
TikiWiki < 1.8.6 / 1.9.1 Multiple Vulnerabilities
Checks for multiple vulnerabilities in TikiWiki < 1.8.6 / 1.9.1
TikiWiki jhot.php Arbitrary File Uploads Vulnerability
Tries to run a command through TikiWiki
TikiWiki multiple input validation vulnerabilities
Checks the version of TikiWiki
TikiWiki multiple remote unspecified flaws
Checks the version of TikiWiki
TikiWiki Unauthorized Page Access
Checks the version of TikiWiki
TIPS MailPost Multiple Flaws
Test the remote mailpost.exe
Tivoli LDACGI Directory Traversal
IBM Tivoli Directory Traversal
toendaCMS < 0.6.2.1 Multiple Vulnerabilities
Checks for multiple vulnerabilities in toendaCMS < 0.6.2.1
Tomcat 4.x JSP Source Exposure
Tomcat 4.x JSP Source Exposure
Tomcat's /admin is world readable
Checks for the presence of /admin
Tomcat's snoop servlet gives too much information
Checks for the presence of /examples/jsp/snp/anything.snp
TorrentTrader SQL Injection
Checks for the presence of SQL injection in TorrentTrader
TowerBlog Admin Bypass
Checks for the presence of a TowerBlog Admin Bypassing
TrackerCam Multiple Remote Vulnerabilities
Checks for flaws in TrackerCam
Trend Micro Emanager software check
Check for certain Trend Micro dlls
Trend Micro ServerProtect for Linux splx_2376_info Cookie Authentication Bypass Vulnerability
Tries to bypass authentication with SPLX
TrendMicro ControlManager Multiple Vulnerabilities
Checks for ControlManager version
TrendMicro OfficeScan Multiple Vulnerabilities
Checks for OfficeScan stack overflows
TrueGalerie admin access
logs into the remote TrueGalerie installation
tst.bat CGI vulnerability
Checks for the presence of /cgi-bin/tst.bat
ttawebtop
Checks for the presence of /cgi-bin/ttawebtop.cgi
ttCMS code injection
Attempts to include a file
ttforum multiple flaws
Determines if ttforum is vulnerable to code injection
Turba Detection
Checks for presence of Turba
Turba Path Disclosure
Checks for status.php
Turbo Seek files reading
Checks for the presence of tseekdir.cgi
TWiki configure Script Arbitrary Command Execution Vulnerability
Tries to run a command using TWiki
TWiki Detection
Checks for presence of TWiki
TWiki filename Parameter Directory Traversal Vulnerability
Tries to read a local file with TWiki
TWiki Multiple Vulnerabilties
Checks for the presence of TWiki
typo3 arbitrary file reading
Reads /etc/passwd
TYPO3 cmw_linklist Extension SQL Injection Vulnerability
Detects SQL injection vulnerability in TYPO3 CMW Linklist extension
TYPO3 userUid Arbitrary Command Execution Vulnerability
Tries to run a command via TYPO3
UBB.threads < 6.5.2 beta Multiple Vulnerabilities
Checks for multiple vulnerabilities in UBB.threads < 6.5.2 beta
UBB.threads debug Parameter Cross-Site Scripting Vulnerability
Tries to exploit an XSS flaw in UBB.threads
UBB.threads Detection
Checks for presence of UBB.threads
UBB.threads doeditconfig Command Injection Vulnerability
Tries to exploit an command injection flaw in UBB.threads
UBB.threads dosearch.php SQL injection
SQL Injection in UBB.threads
UBB.threads editpost.php SQL Injection Vulnerability
Checks for SQL injection vulnerability in UBB.threads editpost.php
UBB.threads thispath Parameter Remote File Include Vulnerability
Tries to read a local file using UBB.threads
Uebimiau Session Directory Disclosure
Checks for the presence of sessions directory of UebiMiau
Ultimate PHP Board admin_ip.php code injection
Checks for UPB
Ultimate PHP Board Information Leak
Checks for UPB
Ultimate PHP Board username Parameter Arbitrary Command Execution Vulnerability
Tries to run a command with Ultimate PHP Board
Ultimate PHP Board users.dat Information Disclosure
Tries to get the users.dat file and checks UPB version
Ultimate PHP Board ViewForum.PHP SQL injection and XSS flaws
Checks for UPB
UltraSeek 3.1.x Remote DoS
Hangs the remote UltraSeek server for some time
Ultraseek < 5.7 Multiple Vulnerabilities
Checks for Ultraseek < 5.7
Unify eWave ServletExec 3.0C file upload
Unify eWave ServletExec 3.0C file upload
Unknown CGIs arguments torture
Tortures the arguments of the remote CGIs
Unpassworded iiprotect administrative interface
Determines if iisprotect is password-protected
Unprotected SiteScope Service
Unprotected SiteScope Service
Upload cgi
Checks for the presence of /cgi-bin/upload.cgi
uploader.exe
Checks for the presence of /cgi-win/uploader.exe
UploadLite cgi
Checks for the presence of /cgi-bin/upload.cgi
US Robotics Disclosed Password Check
US Robotics Password Check
ustorekeeper file reading
Checks for the presence of ustorekeeper.pl
Various dangerous cgi scripts
Checks for dangerous cgi scripts
vBulletin <= 3.0.9 Multiple Vulnerabilities
Checks for multiple vulnerabilities in vBulletin <= 3.0.9
vbulletin calendar SQL Injection Vulnerability
Detect vBulletin Calendar SQL Injection
vBulletin Detection
Checks for the presence of vBulletin
vBulletin Email Field Cross-Site Scripting Vulnerability
Checks version number of vBulletin
vBulletin Forumdisplay.PHP Remote Command Execution Vulnerability
Checks for vBulletin Forumdisplay.PHP Remote Command Execution Vulnerability
vBulletin Init.PHP unspecified vulnerability
Checks the version of vBulletin
vBulletin last10.php SQL Injection
Checks for the presence of an SQL and Last10
vBulletin Misc.PHP PHP Script Code Execution Vulnerability
Executes phpinfo() on the remote host
vBulletin SQL injection Issue
Checks the version of vBulletin
vBulletin's Calender Command Execution Vulnerability
vBulletin's Calender Command Execution Vulnerability
vCard match Parameter Remote File Inclusion Vulnerability
Checks for match parameter remote file inclusion vulnerability in vCard
VChat information disclosure
Checks for the presence of vchat/msg.txt
Verity Ultraseek search request XSS
Checks Verity Ultraseek search request XSS
VHCS check_login Authentication Bypass Vulnerability
Tries to access a restricted script using VHCS
VHCS include_path Parameter Remote File Include Vulnerability
Tries to read a local file using VHCS
VideoDB Multiple Vulnerabilities
Checks for the version of VideoDB
ViewCVS HTTP Response Splitting
viewcvs flaw
viewpage.php arbitrary file reading
viewpage.php is vulnerable to an exploit which lets an attacker view any file that the cgi/httpd user has access to.
view_source
Checks for the presence of /cgi-bin/view_source
Vignette Application Portal Information Disclosure
Request /portal/diag
Vignette StoryServer Information Disclosure
Checks the version of the remote Vignette StoryServer
Vignette StoryServer TCL code injection
Checks the version of the remote Vignette StoryServer
viralator
Checks for the presence of /cgi-bin/viralator.cgi
ViRobot Linux Server filescan Authentication Bypass Vulnerability
Checks for authentication bypass vulnerability in ViRobot Linux Server's filescan component
ViRobot Linux Server Remote Buffer Overflow Vulnerability
Checks for remote buffer overflow vulnerability in ViRobot Linux Server
VirusWall's catinfo overflow
Overflow in catinfo
VisNetic / Merak Mail Server multiple flaws
Checks for VisNetic Mail Server arbitrary script include
VP-ASP shopsearch SQL injection
Checks for the presence of VP-ASP
VP-ASP SQL Injection (2)
Performs a SQL injection against the remote shopping cart
vpasswd.cgi
Checks for the presence of vpasswd.cgi
vpopmail.php command execution
Determines the version of vpopmail.php
VsSetCookie.exe vulnerability
Checks for the VsSetCookie.exe file
vTiger multiple flaws
Checks for authentication bypass in vTiger
w-Agora <= 4.2.0 Multiple Vulnerabilities
Checks for multiple vulnerabilities in w-Agora <= 4.2.0
w-Agora inc_dir Parameter Remote File Include Vulnerabilities
Tries to read a local file using w-Agora
w-Agora remote directory traversal flaw
Checks for directory traversal in w-Agora
w-Agora Site parameter remote directory traversal flaw
Checks for directory traversal in w-Agora
w3-msql overflow
Overflow in w3-msql
way-board
Checks for the presence of /cgi-bin/way-board
Web DBM Remote Buffer Overflow Vulnerability
Gets version of Web DBM
Web Server load balancer detection
Web Server load balancer detection
Web Wiz Forums database disclosure
Checks for wwforum.mdb
Web Wiz Site News / Compulsize Media CNU5 database disclosure
Checks for news.mdb
Web Wiz txtUserName Parameter SQL Injection Vulnerability
Checks for txtUserName Parameter SQL injection vulnerability in Web Wiz products
WEB-INF folder accessible
Tests for WEB-INF folder access
WebActive world readable log file
Requests /active.log
WebAdmin < 3.2.5 Multiple Vulnerabilities
Checks version of WebAdmin
WebAdmin < 3.2.6 MDaemon Account Hijacking Vulnerability
Checks version of WebAdmin
webadmin.dll detection
Checks for the presence of webadmin.dll
webadmin.php detection
Try to read /etc/passwd through webadmin.php
WEBalbum Local File Include Vulnerability
Checks for file includes in index.php
WebAPP Apage.CGI remote command execution flaw
Checks for apage.cgi remote command execution flaw
WebAPP Detection
Checks for presence of WebAPP
WebAPP Directory Traversal
Checks for a directory traversal bug in WebAPP
WebAPP File Disclosure Vulnerability
Checks for file disclosure vulnerability in WebAPP
WebCalendar < 1.0.2 Multiple Vulnerabilities
Checks for multiple vulnerabilities in WebCalendar < 1.0.2
WebCalendar assistant_edit.php Unauthorized Access Vulnerability
Checks for assistant_edit.php unauthorized access vulnerability in WebCalendar
WebCalendar Detection
Checks for presence of WebCalendar
WebCalendar file reading
Checks for file reading flaw in WebCalendar
WebCalendar includedir Parameter Remote File Include Vulnerability
Checks for includedir parameter remote file include vulnerability in WebCalendar
WebCalendar SQL Injection
Checks for the presence of an SQL injection in view_topic.php
WebCalendar SQL Injection Vulnerability
Sends a malformed cookie to the remote host
WebCalendar User Account Enumeration Disclosure Issue
Checks for WebCalendar User Account Enumeration Disclosure weakness
Webcart misconfiguration
Checks for the webcart misconfiguration
webcart.cgi
Detects webcart.cgi
Webchat code injection
Checks for the presence of Webchat's defines.php
webdist.cgi
Checks for the presence of webdist.cgi
webdriver
Checks for the presence of Webdriver
webERP Configuration File Remote Access
Determines if webERP is installed
Webfroot shoutbox file inclusion
Checks for the presence of shoutbox.php
webgais
Checks for the presence of /cgi-bin/webgais
WebGUI < 6.7.3 Multiple Command Execution Vulnerabilities
Checks for multiple command execution vulnerabilities in WebGUI < 6.7.3
WebGUI < 6.7.6 arbitrary command execution
Checks for arbitrary remote command execution in WebGUI < 6.7.6
WebGUI Unspecified Vulnerability
Checks the version of WebGUI
WebHints remote command execution flaw
Checks for WebHints remote command execution flaw
WEBInsta CMS templates_dir Parameter Remote File Include Vulnerability
Tries to read a local file using WEBInsta CMS
WebLibs File Disclosure
Checks for the presence of a WebLibs File Disclosure
WebLogic < 8.1 SP3 Multiple Vulnerabilities
Checks the version of WebLogic
WebLogic clear-text passwords
Checks the version of WebLogic
WebLogic management servlet
Checks the version of WebLogic
WebLogic source code disclosure
Checks for WebLogic file disclosures
WebMatic Security Vulnerability
Checks the version of WebMatic
Webmin / Usermin Arbitrary File Disclosure Vulnerability
Tries to read a local file using miniserv.pl
Webmin / Usermin Null Filtering Vulnerabilities
Checks if nulls in a URL are filtered by miniserv.pl
Webnews.exe vulnerability
Checks for the Webnews.exe file
websendmail
Checks for the presence of /cgi-bin/websendmail
Website Baker Admin Login SQL Injection Vulnerability
Checks for admin login SQL injection vulnerability in Website Baker
Website Baker REMEMBER_KEY Cookie SQL Injection Vulnerability
Tries to bypass authentication with Website Baker
WebSite pro reveals the physical file path of web directories
Attempts to find the location of the remote web root
WebsitePro buffer overflow
Checks for WebSitePro
WebSpeed remote configuration
Checks if webspeed can be administered
webspirs.cgi
Checks for the presence of webspirs.cgi
WebStores 2000 browse_item_details.asp SQL injection
WebStores 2000 SQL injection
webwho plus
Checks if webwho.pl is vulnerable
WF-Chat User Account Disclosure
Checks for the presence of !pwds.txt
WhatsUp Gold <= 8.04 Multiple Vulnerabilities
Checks for multiple vulnerabilities in WhatsUp Gold <= 8.04
Whatsup Gold vulnerable CGI
Checks for the presence of /_maincfgret.cgi
WHM AutoPilot Multiple Vulnerabilities
Determines if WHM AutoPilot can include third-party files
whois_raw
Checks if whois_raw.cgi is vulnerable
WihPhoto file reading
Checks for the presence of remotehtmlview.php
Wikka Local File Include Vulnerability
Tries to read a local file in Wikka
Windmail.exe allows any user to execute arbitrary commands
Checks for the presence of windmail.exe
Winmail Mail Server Information Disclosure
Checks for the presence of an Information Disclosure in Winmail Mail Server
Winmail Server <= 4.2 Build 0824 Multiple Vulnerabilities
Checks for multiple vulnerabilities in Winmail Server <= 4.2 Build 0824
Winmail Server Unspecified Webmail Vulnerability
Checks version of Winmail Server
Woltlab Burning Board SQL injection flaw
Checks SQL injection flaw in Woltlab Burning Board Database module
Woppoware PostMaster <= 4.2.2 Multiple Vulnerabilities
Checks for multiple vulnerabilities in Woppoware PostMaster <= 4.2.2
Wordit Logbook File Disclosure Vulnerability
Checks for the presence of logbook.pl
WordPress < 1.5.1 Multiple Vulnerabilities
Checks for multiple vulnerabilities in WordPress < 1.5.1
WordPress < 1.5.1.2 Multiple Vulnerabilities
Checks for multiple vulnerabilities in WordPress < 1.5.1.2
WordPress cache_lastpostdate Parameter PHP Code Injection Vulnerability
Checks for cache_lastpostdate parameter PHP code injection vulnerability in WordPress
WordPress cat_ID SQL Injection Vulnerability
Checks for cat_ID SQL injection vulnerability in WordPress
WordPress code/sql injection
Checks for the presence of WordPress
WordPress Cross-Site Scripting / SQL Injection
Checks for the presence of WordPress
WordPress Detection
Checks for presence of WordPress
WordPress HTTP Splitting Vulnerability
Checks for HTTP response splitting vulnerability in WordPress < 1.2.1
WordPress Multiple Flaws (XSS, HTML Injection, SQL Injection)
Checks for multiple flaws in WordPress < 1.2.2
WordPress Pingback Information Disclosure Vulnerability
Tries to access a local file via WordPress' Pingback
WordPress Trackback Charset Decoding SQL Injection Vulnerability
Checks for SQL injection in WordPress
WordPress Trackback tb_id Parameter SQL Injection Vulnerability
Tries to generate a SQL error
WowBB <= 1.61 multiple flaws
Checks WowBB version
WowBB view_user.php SQL Injection Flaw
Checks for SQL injection flaw in wowBB
wpoison (nasl version)
Some common SQL injection techniques
WPS wps_shop.cgi remote command execution flaw
Checks for WPS wps_shop.cgi remote command execution flaw
wrap
Checks for the presence of /cgi-bin/wrap
wwwboard passwd.txt
Checks for the presence of /wwwboard/passwd.txt
wwwwais
Checks for the presence of /cgi-bin/wwwwais
X-Cart Multiple Vulnerabilities
Checks for multiple vulnerabilities in X-Cart
x-news 1
Check if version of x-news 1.x is installed
X7 Chat help_file Parameter Local File Include Vulnerability
Tries to read a local file using X7 Chat
X7 Chat old_prefix SQL Injection Vulnerability
Checks for SQL injection flaw in X7 Chat
Xaraya module Parameter Directory Traversal Vulnerability
Checks for module parameter directory traversal vulnerability in Xaraya
Xerver < 4.20 Multiple Vulnerabilities
Checks for multiple vulnerabilities in Xerver < 4.20
XMB Forum < 1.9.2 Multiple Vulnerabilities
Checks for multiple vulnerabilities in XMB Forum < 1.9.2
XMB SQL Injection
Determine if XMB forums is vulnerable to a sql injection attack
Xoops < 2.0.12 Multiple Vulnerabilities
Checks for multiple vulnerabilities in Xoops < 2.0.12
Xoops Detection
Detects Xoops
Xoops Incontent Module Directory Traversal Vulnerability
Checks for the presence of Xoops Incontent module
Xoops Multiple Vulnerabilities
Checks for Xoops
xoops nocommon Parameter Local File Include Vulnerability
Tries to read a local file using Xoops
XOOPS xoopsConfig Parameter Local File Inclusion Vulnerabilities
Checks for xoopsConfig parameter local file inclusion vulnerabilities in XOOPS
YaBB Information Disclosure
Checks for the presence of YaBB.pl
YaBB SE Command Execution
Determine if YaBB SE can be used to execute arbitrary commands
YaBB XSS and Administrator Command Execution
Checks YaBB.pl XSS
YaPiG <= 0.9.5b Multiple Vulnerabilities
Checks for multiple vulnerabilities in YaPiG <= 0.9.5b
YaPiG Multiple Flaws
Checks for YaPiG version
YaPiG Password Protected Directory Access Flaw
Checks for YaPiG version
YaPiG Remote Server-Side Script Execution Vulnerability
Checks for YaPiG version
Yawcam Directory Traversal
Checks for directory traversal in Yawcam
Yaws Remote Source Code Disclosure Vulnerability
Downloads the source of .yaws scripts
YusASP Web Asset Manager Vulnerability
Checks for the presence of a YusASP Web Asset vulnerability
Zanfi CMS Lite Remote File Include
Determines if Zanfi CMS can include third-party files
Zen Cart admin_email Parameter SQL Injection Vulnerability
Checks for admin_email parameter SQL injection vulnerability in Zen Cart
Zen Cart autoLoadConfig Remote File Include Vulnerability
Tries to read a local file with Zen Cart
Zen Cart custom SQL Injection Vulnerability
Checks for SQL injection flaw in Zen Cart
zentrack code injection
Checks for the presence of zenTrack's index.php
zenTrack Files Reading
Checks for the presence of zenTrack's index.php
Zeroboard flaws
Checks for Zeroboard flaws
Zeroboard flaws (2)
Checks for Zeroboard flaws
Zeus shows the content of the cgi scripts
Checks for Zeus
ZixForum Database Disclosure
Checks for ZixForum.mdb
zml.cgi Directory Traversal
zml.cgi is vulnerable to an exploit which lets an attacker view any file that the cgi/httpd user has access to.
ZPanel page Parameter Remote File Include Vulnerabilities
Tries to read a local file with ZPanel