Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us

What We Scan For

CGI abuses Vulnerabilities

Name Summary
'Les Visiteurs' script injection Les Visiteurs inc file upload
/cgi-bin directory browsable ? Is /cgi-bin browsable ?
/doc directory browsable ? Is /doc browsable ?
/doc/packages directory browsable ? Is /doc/packages browseable ?
/perl directory browsable ? Is /perl browsable ?
2BGal SQL Injection SQL Injection
3Com NBX VoIP NetSet Detection Tests for 3Com NBX VoIP NetSet Detection
3Com Network Supervisor Directory Traversal Vulnerability Checks for directory traversal vulnerability in 3Com Network Supervisor
4Images <= 1.7.1 Directory Traversal Vulnerability Check if 4Images is vulnerable to directory traversal flaws
@lex guestbook remote file include Checks for @lex guestbook
A1Stats Traversal Checks if A1Stats reads any file
Aardvark Topsites CONFIG[path] Parameter Remote File Inclusion Vulnerability Checks for a file include using CONFIG[path] in Aardvark Topsites
Aborior Command Execution Detects display.cgi
ACal path Parameter Remote File Include Vulnerability Tries to read /etc/passwd using ACal
Achievo code injection Checks for the presence of Achievo
ActiveAuction Multiple Vulnerabilities Checks the version of vBulletin
ActivePerl perlIS.dll Buffer Overflow Determines if arbitrary commands can be executed thanks to ActivePerl's perlIS.dll
ActiveState Perl directory traversal Determines if ActivePerl is vulnerable
ActualAnalyzer rf Parameter Remote File Include Vulnerability Tries to read /etc/passwd using ActualAnalyzer
ad.cgi Checks for the presence of /cgi-bin/ad.cgi
Adcycle Password Disclosure Checks for the presence of /cgi-bin/build.cgi
Admbook PHP Code Injection Flaw Checks for remote PHP code injection in Admbook
AdMentor Login Flaw AdMentor Login Flaw
admin.cgi overflow Overflows admin.cgi
Adobe Breeze Directory Traversal Vulnerability Checks version of Adobe Breeze
Adobe Document Server Default Credentials Checks for default credentials in Adobe Document Server
Adobe Document Server File URI Resource Access Vulnerability Tries to write to a file using Adobe Document Server
Adobe Document Server for Reader Extensions < 6.1 Multiple Vulnerabilities Tries to exploit an XSS flaw in Adobe Document Server for Reader Extensions
ADODB do Command Execution Vulnerability Checks for do parameter command execution vulnerability in ADODB
ADODB sql Parameter SQL Injection Vulnerability Checks for sql parameter SQL injection vulnerability in ADODB
Advanced Guestbook Index.PHP SQL Injection Vulnerability Checks for an SQL injection attack in Advanced Guestbook
Advanced Guestbook phpbb_root_path Parameter Remote File Include Vulnerability Tries to read /etc/passwd using Advanced Guestbook
Advanced Poll info.php Checks for the presence of info.php
Advanced Poll Variable Overwriting Vulnerability Checks if variables can be overwritten with Advanced Poll
aeNovo Database Content Disclosure Vulnerability Checks for the presence of DB file of aeNovo
album.pl Command Execution determines the version of album.pl
Alchemy Eye HTTP Command Execution Determines if arbitrary commands can be executed by Alchemy Eye
Alexandria-dev upload spoofing Checks for the presence of patch/index.php and docman/new.php
alibaba.pl Checks for the presence of /cgi-bin/alibaba.pl
AlienForm CGI script Checks if the AlienForm CGI script is vulnerable
Alkalay.Net Multiple Scripts Arbitrary Command Execution Vulnerabilities Checks for arbitrary command execution vulnerabilities in multiple scripts from Alkalay.Net
Allaire JRun directory browsing vulnerability Allaire JRun directory browsing vulnerability
Allaire JRun Directory Listing Make a request like http://www.example.com/./WEB-INF
Alt-N WebAdmin Multiple Remote Vulnerabilities Checks for the version of Alt-N WebAdmin
AltaVista Intranet Search Checks if query?mss=... reads arbitrary files
AMember config[root_dir] Parameter File Include Vulnerability Checks for config[root_dir] parameter file include vulnerability in AMember
AN HTTPd count.pl file truncation Creates a file on the remote server
AN-HTTPd tests CGIs Checks for the presence of several CGIs
anacondaclip CGI vulnerability Checks for the presence of anacondaclip.pl
AnalogX web server traversal %2E%2E/%2E%2E/file.txt
AngelineCMS installPath Remote File Include Vulnerability Tries to read /etc/passwd using AngelineCMS
Anti Nessus defenses Detects anti Nessus features
AnyForm Checks for the presence of AnyForm2
Apache for Windows CGI Source Code Disclosure Vulnerability Tries to read source of print-env.pl with Apache for Windows
Apache Tomcat Directory Listing and File disclosure Apache Tomcat Directory listing and File Disclosure Bugs
Apache Tomcat source.jsp malformed request information disclosure Checks for the Tomcat source.jsp malformed request vulnerability
AppServ appserv_root Parameter Remote File Include Vulnerability Checks for appserv_root parameter remote file include vulnerability in AppServ
aprox portal file disclosure Checks Aprox Portal
ArGoSoft Mail Server Directory Traversal Vulnerability Gets the version of the remote ArGoSoft server
ArGoSoft Mail Server multiple flaws Gets the version of the remote ArGoSoft server
ArGoSoft Mail Server multiple flaws(2) Gets the version of the remote ArGoSoft server
args.bat Checks for the presence of /cgi-dos/args.bat
Artmedic Kleinanzeigen File Inclusion Vulnerability Checks for Artmedic Kleinanzeigen's PHP inclusion vulnerability
artmedic_links5 File Inclusion Vulnerability Checks for artmedic_links5's PHP inclusion vulnerability
Ashnews Code Injection Checks for the presence of ashnews.php
ASP Inline Corporate Calendar SQL injection Checks for the presence of an SQL injection in defer.asp
ASP PortalApp SQL injection SQL Injection
ASP source using %20 trick downloads the source of ASP scripts
ASP source using %2e trick downloads the source of ASP scripts
ASP source using ::$DATA trick downloads the source of ASP scripts
ASP-Rider SQL Injection SQL Injection
ASP.NET path disclosure Tests for ASP.NET Path Disclosure Vulnerability
ASP/ASA source using Microsoft Translate f: bug downloads the source of IIS scripts such as ASA,ASP
ASP/ASA source using Microsoft Translate f: bug (IIS 5.1) downloads the source of IIS scripts such as ASA,ASP
ASPjar Guestbook SQL Injection Checks for the presence of an SQL injection in login.asp
AspUpload vulnerability Checks for the AspUpload software
aspWebAlbum SQL Injection SQL Injection
aspWebCalendar SQL Injection SQL Injection
Asterisk Recording Interface Configuration File Disclosure Vulnerability Tries to read ARI's configuration file
Asterisk Recording Interface recording Parameter Information Disclosure Vulnerability Requests a file using ARI's misc/audio.php
Athena Web Registration remote command execution flaw Checks for Athena Web Registration remote command execution flaw
Atomic Photo Album apa_module_basedir Variable File Include Vulnerability Checks for apa_module_basedir variable file include vulnerability in Atomic Photo Album
AtomicBoard file reading Checks for the presence of remotehtmlview.php
ATutor < 1.5.1-pl1 Multiple Flaws Checks for remote arbitrary command in ATutor
ATutor password reminder SQL injection Checks for SQL injection in password_reminder.php
auktion.cgi Checks for the presence of /cgi-bin/auktion.cgi
AutoLinks Pro alpath Parameter File Include Vulnerability Checks for alpath parameter file include vulnerability in AutoLinks Pro
AutomatedShops WebC.cgi buffer overflows Checks for the presence of webc.cgi
AutomatedShops WebC.cgi installed Checks for the presence of webc.cgi
AutoTheme PostNuke Module Multiple Unspecified Vulnerabilities Checks for multiple unspecified vulnerabilities in AutoTheme PostNuke module
Avenger's News System Command Execution Avenger's News System Command Execution
Awol code injection Checks for the presence of includes/awol-condensed.inc.php
AWStats configdir parameter arbitrary cmd exec Determines the presence of AWStats awstats.pl flaws
AWStats Debug Remote Information Disclosure And Code Execution Vulnerabilities Determines the presence of a debug output in AWStats
AWStats migrate Parameter Remote File Include Vulnerability Tries to run a command using AWStats
AWStats rawlog plugin logfile parameter input validation vulnerability Determines the presence of AWStats awstats.pl
AWStats Referrer Arbitrary Command Execution Vulnerability Checks for referrer arbitrary command execution vulnerability in AWStats
axis2400 webcams reads the remote /var/log/messages
b2 cafelog code injection Checks for the presence of gm-2-b2.php
b2Evolution title SQL Injection Checks for the presence of an SQL injection in title parameter
Backup CGIs download Attempts to download the remote CGIs
Barracuda Networks Spam Firewall Multiple Vulnerabilities Tries to authenticate to Barracuda Networks Spam Firewall
Barracuda Spam Firewall Firmware < 3.1.18 Multiple Vulnerabilities Checks for multiple vulnerabilities in Barracuda Spam Firewall firmware < 3.1.18
BASE base_maintenance Authentication Bypass Vulnerability Tries to bypass authentication in BASE
BASE BASE_path Parameter Remote File Include Vulnerability Tries to read a local file using BASE
BasiliX Arbitrary Command Execution Vulnerability Checks for arbitrary command execution vulnerability in BasiliX
BasiliX Arbitrary File Disclosure Vulnerability Checks for arbitrary file disclosure vulnerability in BasiliX
BasiliX Attachment Disclosure Vulnerability Checks for attachment disclosure vulnerability in BasiliX
BasiliX Detection Checks for the presence of BasiliX
Basilix includes download Checks for the presence of include files
BasiliX Message Content Script Injection Vulnerability Checks for message content script injection vulnerability in BasiliX
BasiliX SQL Injection Vulnerability Checks for SQL injection vulnerability in BasiliX
Basilix Webmail Dummy Request Vulnerability Checks for the presence of basilix.php3
bb-hist.sh Read arbitrary files using the CGI bb-hist.sh
bb-hostsvc.sh Read arbitrary files using the CGI bb-hostsvc.sh
bBlog <= 0.7.4 Multiple Vulnerabilities Checks for multiple vulnerabilities in bBlog <= 0.7.4
bBlog SQL injection flaw Check bBlog version
BBS E-Market File Disclosure Directory Traversal Attempt
BDPDT Arbitrary File Upload Vulnerabily Checks for BDPDT's uploadfilepopup.aspx
BEA WebLogic Operator/Admin Password Disclosure Vulnerability Checks the version of WebLogic
BEA WebLogic Scripts Server scripts Source Disclosure BEA WebLogic may be tricked into revealing the source code of JSP scripts.
BEA WebLogic Scripts Server scripts Source Disclosure (2) BEA WebLogic may be tricked into revealing the source code of JSP scripts.
BEA WebLogic Scripts Server scripts Source Disclosure (3) BEA WebLogic may be tricked into revealing the source code of JSP scripts.
bigconf Checks for the presence of /cgi-bin/bigconf.cgi
BiTBOARD IMG BBCode Tag JavaScript Injection Vulnerability Determines the version of BiTBOARD
bizdb1-search.cgi located Determines the presence of cgi-bin/bizdb1-search.cgi
Bizmail.cgi Mail From Unauthorized Mail Relay Vulnerability Checks the version of bizmail.cgi
biztalk server flaws Determines if BizTalk is installed
BlackBoard Internet Newsboard System remote file include flaw Checks BlackBoard Internet Newsboard System version
Blazix Web Server JSP source disclosure Attempts to read the source of a jsp page
BLnews code injection Checks for the presence of objects.inc.php4
Blog Torrent Remote Directory Traversal Looks for a directory traversal vulnerability in Blog Torrent.
BlueDragon 6.2.1 Multiple Vulnerabilities Checks for an XSS flaw in BlueDragon Server
BlueShoes APP Parameter Remote File Include Vulnerability Tries to read a local file with BlueShoes' Google API
boastMachine Remote Arbitrary File Upload Vulnerability Checks for remote arbitrary file upload vulnerability in boastMachine
Bonsai Mutiple Flaws Determine if bonsai is vulnerable to xss attack
Brio Unix Directory Traversal Brio Unix Directory Traversal
BroadBoard SQL Injection SQL Injection
BroadVision Physical Path Disclosure Vulnerability Tests for BroadVision Physical Path Disclosure Vulnerability
Brooky CubeCart < 2.0.5 Checks Brooky CubeCart language XSS
BRT CopperExport XP_Publish.PHP SQL Injection Vulnerability SQL Injection in CopperExport
bttlxeForum SQL injection Uses a SQL query as a password
Buffer overflow in WebSite Professional's webfind.exe Buffer overflow attempt
BugPort unspecified attachment handling flaw Checks for BugPort version
Bugzilla <= 2.18.1 / 2.19.3 Multiple Vulnerabilities Checks for multiple vulnerabilities in Bugzilla <= 2.18.1 / 2.19.3
Bugzilla Authentication Bypass and Information Disclosure Checks for the presence of Bugzilla
Bugzilla Detection Checks for the presence of bugzilla
Bugzilla Information Disclosure Vulnerabilities Checks for information disclosure vulnerabilities in Bugzilla
Bugzilla Multiple Flaws Checks for the presence of bugzilla
Bugzilla Multiple Flaws (2) Checks for the presence of bugzilla
Bugzilla remote arbitrary command execution Checks for the version of bugzilla
Bugzilla SQL flaws Checks for the presence of bugzilla
Bugzilla XSS and insecure temporary filenames Checks for the presence of bugzilla
BulletScript MailList bsml.pl Information Disclosure Determine if MiniBB can be used to execute arbitrary commands
Burning Board boardids Parameter SQL Injection Vulnerability Tries to generate a SQL error
Burning Board decode_cookie() SQL Injection Vulnerability Checks for SQL injection vulnerability in Burning Board Lite
Burning Board Detection Checks for presence of Burning Board
Burning Board modcp.php SQL Injection Vulnerabilities Checks for SQL injection vulnerabilities in Burning Board modcp.php script
Burning Board verify_email SQL Injection Vulnerability Checks for verify_email SQL injection vulnerability in Burning Board
Burning Board wbb_userid parameter SQL Injection Vulnerability Checks for SQL injection vulnerability in Burning Board Lite
Bypass Axis Storpoint CD authentication Requests /cd/../config/html/cnf_gi.htm
Cacti < 0.8.6e Multiple Vulnerabilities Checks for multiple vulnerabilities in Cacti < 0.8.6e
Cacti < 0.8.6f Multiple Vulnerabilities Checks for multiple vulnerabilities in Cacti < 0.8.6f
Cacti cmd.php Arbitrary Command Execution Vulnerability Checks if Cacti's cmd.php is remotely accessible
Cacti copy_cacti_user SQL Injection Vulnerability Checks if Cacti's copy_cacti_user.php is remotely accessible
CactuShop XSS and SQL injection flaws Checks CactuShop flaws
Cafe Wordpress SQL injection Checks for the presence of cafe wordpress
CakePHP file Parameter Directory Traversal Vulnerability Tries to read a local file with CakePHP
Calendar Express Multiple Flaws Checks Calendar Express XSS and SQL flaws
Calendarix id Parameter SQL Injection Vulnerabilities Checks for id parameter SQL injection in Calendarix
Calendarix SQL Injection Vulnerability Checks for multiple vulnerabilities in Calendarix
calendar_admin.pl Checks for the presence of /cgi-bin/calendar_admin.pl
Campas Checks for the presence of /cgi-bin/campas
Carello detection Checks for the presence of carello.dll
Cerberus Helpdesk GUI Agent < 2.7.1 Multiple Vulnerabilities Checks for multiple vulnerabilities in Cerberus Helpdesk GUI Agent < 2.7.1
Cerberus Helpdesk rpc.php Information Disclosure Vulnerability Gets requestors for a Cerberus ticket
Cerberus Support Center Multiple Vulnerabilities Checks for multiple vulnerabilities in Cerberus Support Center
cfWebStore SQL injection SQL Injection
cgi.rb Checks for the presence of cgi.rb
CGIEmail's CGICso (Send CSO via CGI) Command Execution Vulnerability Determine if a remote host is vulnerable to the cgicso vulnerability
cgiforum Checks for the presence of /cgi-bin/cgiforum.pl
CgiMail.exe vulnerability Checks for the cgimail.exe file
cgitest.exe buffer overrun Checks for the /cgi-bin/cgitest.exe buffer overrun
cgiWebupdate.exe vulnerability Checks for the cgiWebupdate.exe file
Checks for listrec.pl Checks for the listrec.pl CGI
CherryPy staticFilter Directory Traversal Vulnerability Checks for staticFilter directory traversal vulnerability in CherryPy
ChipMonk Forum SQL Injection Checks if ChipMonk forum is vulnerable to a SQL injection attack
ChipMunk CMScore SQL Injection Checks if ChipMunk CMScore is vulnerable to a SQL injection attack
Chora Remote Code Execution Vulnerability Checks for remote code execution vulnerability in Chora
CitrusDB Remote Authentication Bypass Vulnerability Determines the presence of CitrusDB
Claroline < 1.5.4 / 1.6.0 Multiple Input Validation Vulnerabilities Checks for multiple input validation vulnerabilities in Claroline < 1.5.4 / 1.6.0
Claroline Detection Checks for presence of Claroline
Claroline extAuthSource Parameter Array Remote File Include Vulnerability Tries to read a local file with Claroline
Claroline includePath Parameter Remote File Include Vulnerability Tries to read a local file using Claroline
Claroline Multiple Vulnerabilities (2) Tries to read /etc/passwd using Claroline
Claroline Multiple Vulnerabilities (3) Tries to read a local file using Claroline
Clever Copy connect.inc Information Disclosure Vulnerability Reads Clever Copy's admin/connect.inc file
CMS Made Simple nls Parameter File Include Vulnerability Checks for nls parameter file include vulnerability in CMS Made Simple
Cobalt RaQ2 cgiwrap Checks for the presence of /cgi-bin/cgiwrap
Cobalt siteUserMod cgi Checks for the presence of /.cobalt/siteUserMod/siteUserMod.cgi
CodeGrrl Applications Remote File Inclusion Vulnerabilities Checks for remote file inclusion vulnerabilities in CodeGrrl applications
CodeThatShoppingCart Input Validation Vulnerabilities Checks for an SQL injection in CodeThatShoppingCart
Cognos Powerplay WE Vulnerability Checks for the ppdscgi.exe CGI
Cold Fusion Administration Page Overflow Checks for the presence of /cfide/administrator/index.cfm
ColdFusion Debug Mode Get ColdFusion Debug Information
ColdFusion Double-Encoded Null Byte Information Disclosure Vulnerability Tries to retrieve script source code using ColdFusion
ColdFusion Path Disclosure Checks for a ColdFusion vulnerability
ColdFusion Vulnerability Checks for a ColdFusion vulnerability
Comersus BackOffice Administrator Authentication Bypass Vulnerability Checks for administrator authentication bypass vulnerability in Comersus BackOffice
Comersus BackOffice Lite Administrative Bypass Checks for the presence of a BackOffice Lite Administrative Bypass
Comersus Cart Customer Database Disclosure Vulnerability Checks for customer database vulnerability in Comersus Cart
Comersus Cart Multiple Vulnerabilities Checks for multiple vulnerabilities in Comersus Cart
Comersus Login SQL injection Checks for Comersus
Commerce Server 2002 Authentication Bypass Vulnerability Checks version of Commerce Server 2002
commerce.cgi Checks for the presence of /cgi-bin/commerce.cgi
Community Link Pro webeditor login.cgi remote command execution Checks for Community Link Pro webeditor login.cgi remote execution flaw
Contenido cfg Parameter Remote File Include Vulnerability Checks for cfg parameter remote file include vulnerability in Contenido
CoolForum SQL Injection flaw Checks for the presence of CoolForum
CoolForum XSS and SQL Injection Vulnerabilities Checks for cross-site scripting and SQL injection vulnerabilities in CoolForum
Coppermine Gallery Detection Checks for the presence of Coppermine Gallery
Coppermine Gallery Remote Command Execution Checks for the presence of db_input.php
Coppermine Gallery SQL injection Checks for the presence of db_input.php
Coppermine Gallery Voting Restriction Failure Checks for the presence of db_input.php
Coppermine Photo Gallery < 1.3.2 Multiple Vulnerabilities Checks for version of Coppermine Photo Gallery
Coppermine Photo Gallery f Parameter Remote File Include Vulnerability Checks for f parameter remote file include vulnerability in Coppermine Photo Gallery
Coppermine Photo Gallery file Parameter Local File Include Vulnerability Tries to read a local file using Coppermine Photo Gallery
Count.cgi Checks Count.cgi version
counter.exe vulnerability Checks for the counter.exe file
counter.php file overwrite Determine if counter.php is present
cPanel Backup File Disclosure Checks for the version of cpanel
cPanel FrontPage Extension Flaws Checks for the version of cpanel
cPanel Login Command Execution Command Injection
cpanel remote command execution Executes /bin/id
Credit Card Data Disclosure in CitrusDB Checks for the presence of IO directory of CitrusDB
Cross-Referencing Linux (lxr) file reading Checks for the presence of /cgi-bin/source
Crystal Report virtual directory traversal Crystal Report virtual directory traversal
CSNews.cgi vulnerability Checks for the csnews.cgi file
csSearch.cgi Checks for the presence of /cgi-bin/csSearch.cgi
ctss.idc check Checks for the presence of /scripts/tools/ctss.idc
CubeCart 2.0.6 and Earlier Multiple SQL Injection Vulnerabilities Checks for multiple SQL injection vulnerabilities in CubeCart 2.0.6 and earlier
CubeCart < 3.0.12 Multiple Vulnerabilities Checks for a XSS flaw in CubeCart
CubeCart < 3.0.13 Multiple Vulnerabilities Tries to read a local file in CubeCart
CubeCart Detection Checks for the presence of CubeCart
CubeCart FCKeditor Arbitrary File Upload Vulnerability Tries to use CubeCart to upload a file with PHP code
CubeCart SQL injection SQL Injection in CubeCart
CuteNews <= 1.3.6 Multiple Vulnerabilities Checks for multiple vulnerabilities in CuteNews <= 1.3.6
CuteNews archive Parameter Information Disclosure Vulnerability Tries to read a file via archive parameter of CuteNews
CuteNews Client-IP Header Code Injection Vulnerability Checks for Client-IP header code injection vulnerability in CuteNews
CuteNews code injection Checks for the presence of search.php
CuteNews Debug Info Disclosure Checks for the presence of cutenews
CuteNews Detection Checks for presence of CuteNews
CuteNews directory traversal flaw Checks for CuteNews dir traversal
Cutenews search.php Cross Site Scripting Vulerability Tries to inject javascript code.
Cuyahoga FCKEditor Security Bypass Vulnerability Tries to call FCKEditor's upload.php script
CVS/Entries requests CVS/Entries
CVSTrac cgi.c multiple overflows Checks for CVSTrac version
CVSTrac chdir() chroot jail escape Checks for CVSTrac version
CVSTrac CVSROOT/passwd arbitrary account deletion Checks for CVSTrac version
CVSTrac database plaintext password storage Checks for CVSTrac version
CVSTrac Detection Detects the presence of CVSTrac
CVSTrac filediff vulnerability Checks for CVSTrac version
CVSTrac history.c history_update function overflow Checks for CVSTrac version
CVSTrac invalid ticket DoS Checks for CVSTrac version
CVSTrac malformed URI infinite loop DoS Checks for CVSTrac version
CVSTrac text output formatter DoS Checks CVSTrac version
CVSTrac ticket title arbitrary command execution Checks for CVSTrac version
CVSTrac timeline.c timeline_page function overflow Checks for CVSTrac version
CVSWeb 1.80 gives a shell to cvs committers Checks if CVSWeb is present and gets its version
CVSweb detection Determines whether cvsweb.cgi is installed on the remote host
CWmail.exe vulnerability Checks for the cwmail.exe file
Cyberstrong eShop SQL Injection Vulnerabilities Checks for an SQL injection in Cyberstrong eShop v4.2
DB4Web directory traversal Read any file through DB4Web
DB4Web TCP relay DB4Web debug page allow bounce scan
DBMan CGI server information leakage Checks if webplus reads local files
dcforum Checks for the presence of /cgi-bin/dcforum
DCP-Portal Multiple SQL Injection Vulnerabilities Determines the presence of DCP-Portal
DCP-Portal Path Disclosure Determine if DCP-Portal displays its physical path
ddicgi.exe vulnerability Checks for the ddicgi.exe file
DeluxeBB Multiple SQL injection flaws Checks DeluxeBB version
DeskNow Mail and Collaboration Server Directory Traversal Vulnerabilities Checks for the presence of an old version of DeskNow
Detects LDU version LDU detection
Detects Xaraya version Xaraya detection
DevTrack Web Service UserName SQL Injection Vulnerability Tries to generate a SQL error using DevTrack Web Service
Digital Scribe login.php SQL Injection flaw Checks for SQL injection flaw in Digital Scribe
Directory listing through Sambar's search.dll Checks the presence of search.dll
Directory Manager's edit_image.php Detects edit_image.php
directory pro web traversal Checks for the presence of /cgi-bin/directorypro.cgi
directory.php Checks for the presence of /directory.php
Docebo GLOBALS Variable Overwrite Vulnerability Checks for file inclusions errors in multiple Docebo applications
Dokeos < 1.6.4 / 2.0.3 Remote File Include Vulnerabilities Tries to read /etc/passwd using Dokeos
Dokeos extAuthSource Parameter Array Remote File Include Vulnerability Tries to read a local file with Dokeos
DokuWiki Detection Checks for presence of DokuWiki
DokuWiki dwpage.php Accessibility Vulnerability Checks whether DocuWiki dwpage.php is accessible via http
DokuWiki im_convert Arbitrary Code Execution Vulnerability Executes arbitrary command via DocuWiki im_convert Feature
DokuWiki spellcheck Arbitrary Code Execution Vulnerability Executes arbitrary PHP code via DocuWiki spellcheck
dotProject docs Directory Information Disclosure Vulnerabilities Checks for docs directory information disclosure vulnerabilities in dotProject
dotProject Remote File Include Vulnerabilities Checks for remote file include vulnerabilities in dotProject
Dragonfly CMS currentlang Parameter Local File Include Vulnerability Checks for currentlang parameter local file include vulnerability in Dragonfly CMS
Dream4 Koobi CMS Index.PHP SQL Injection Vulnerability Checks for an SQL injection in the Koobi CMS
Drupal Arbitrary PHP Code Execution Vulnerability Checks version of Drupal
Drupal Captcha Bypass Vulnerability Tries to bypass captcha when registering as a new user in Drupal
Drupal Comment Code Execution Vulnerability Tries to execute a command via Drupal
Drupal Comment Preview Code Execution Vulnerability (2) Tries to execute a command via Drupal
Drupal Detection Detects Drupal
Drupal Privilege Escalation Vulnerability Checks version of Drupal
Drupal XML-RPC for PHP Remote Code Injection Vulnerability Checks for XML-RPC for PHP remote code injection vulnerability in Drupal
DUamazon Pro Multiple SQL Injection Vulnerabilities Checks for multiple SQL injection vulnerabilities in DUamazon Pro
DUclassmate Multiple SQL Injection Vulnerabilities Checks for multiple SQL injection vulnerabilities in DUclassmate
DUforum Multiple SQL Injection Vulnerabilities Checks for multiple SQL injection vulnerabilities in DUforum
Dumpenv Checks for the presence of /cgi-bin/dumpenv
Dune Web Server Overflow Checks for Dune Overflow
DUpaypal Pro Multiple SQL Injection Vulnerabilities Checks for multiple SQL injection vulnerabilities in DUpaypal Pro
DUportal Pro Multiple SQL Injection Vulnerabilities Checks for multiple SQL injection vulnerabilities in DUportal Pro
DUPortal/DUPortal Pro Multiple SQL Injection Vulnerabilities Checks for SQL injection vulnerability in DUPortal
DUware iType Parameter SQL Injection Vulnerability Checks for iType parameter SQL injection vulnerability in DUware
DUware multiple vulnerabilities Determines if the remote ASP scripts are vulnerable to SQL injection
Dwarf HTTP Server < 1.3.3 Multiple Vulnerabilities Checks version of Dwarf HTTP Server
E-Shopping Cart Arbitrary Command Execution (WebDiscount) E-Shopping Cart Arbitrary Command Execution (WebDiscount)
E-Theni code injection Checks for the presence of aff_list_langue.php
e107 <= 0.617 Multiple Vulnerabilities Checks for multiple vulnerabilities in e107 <= 0.617
e107 cookie SQL Injection Vulnerability Tries to bypass authentication in e107 with a special cookie
e107 database dump e107 flaw
e107 Detection Checks for the presence of e107
e107 e107language_e107cookie Local File Include Vulnerability Tries to read a local file with e107
e107 Email Injection Vulnerability Tries to send arbitrary email with e107
e107 ePing Plugin Arbitrary Code Execution Vulnerability Checks for arbitrary code execution vulnerability in e107 ePing plugin
e107 eTrace Plugin Arbitrary Code Execution Vulnerability Checks for arbitrary code execution vulnerability in e107 eTrace plugin
e107 Remote Code Execution Vulnerability Tries to run a command in e107
e107 resetcore.php SQL Injection e107 SQL Injection
Easy Address Book Web Server Format String Vulnerability Tries to crash Easy Address Book Web Server
Easy File Sharing Web Server ACL Bypass Checks /disk_c
Easy File Sharing Web Server Information Disclosure Tries to read a local file via EFS
Easy Message Board Command Execution Checks for Easy Message Board
EasyDynamicPages edp_relative_path Parameter Remote File Include Vulnerability Checks for the presence of EasyDynamicPages
EasyPHPCalendar serverPath Remote File Include Vulnerabilities Checks for serverPath remote file include vulnerabilities in EasyPHPCalendar
EasyWeb FileManager Directory Traversal Determines if EasyWeb FileManager is present
Ecartis Username Spoofing Checks for the presence of lsg2.cgi
eCommerce Multiple Vulnerabilities Checks for multiple vulnerabilities in eCommerce
Edgewall Software Trac SQL injection flaw Checks for SQL injection flaw in Trac
EdiMax AP Hidden Password Check Edimax Hidden Password Check
eFiction < 2.0.2 Multiple Vulnerabilities Checks for multiple vulnerabilities in eFiction < 2.0.2
EGroupWare Detection Detects the presence of EGroupWare
EGroupWare Multiple Vulnerabilitie Checks for the version of EGroupWare
eLDAPo cleartext passwords Checks for eLDAPo
ELOG < 2.6.1 Multiple Vulnerabilities Checks for multiple vulnerabilities in ELOG < 2.6.1
ELOG Web LogBook global Denial of Service Tries to crash the remote service.
ELOG Web Logbook Multiple Remote Vulnerabilities Determines the presence of ELOG Web Logbook
empower cgi path Attempts to find the location of the remote web root
Emulive Server4 Authentication Bypass Requests the admin page of the remote EmuLive Server4
Emumail WebMail multiple vulnerabilities version test for Emumail
Episodex Guestbook Unauthorized Access and HTML Injection Vulnerability Checks for unathentication access to admin.asp
ePolicy Orchestrator Local Information Disclosure Vulnerability Checks for local information disclosure vulnerability in ePolicy Orchestrator
Etomite CMS id Paramater SQL Injection Tries to generate a SQL error with Etomite CMS
Excite for WebServers Checks for the presence of /cgi-bin/ews
Exhibit Engine list.php SQL Injection Vulnerabilities Checks for SQL injection vulnerability in Exhibit Engine's list.php
Exhibit Engine toroot Parameter Remote File Include Vulnerability Tries to read a local file with Exhibit Engine
Exo PHPDesk id Parameter SQL Injection Vulnerability Tries to generate a SQL error with Exo PHPDesk
Exponent CMS < 0.96.4 Multiple Vulnerabilities Checks for multiple vulnerabilities in Exponent CMS < 0.96.4
Exponent CMS Multiple Cross-Site Scripting Vulnerabilities Checks for the version of Exponent
Exponent CMS view Parameter Local File Include Vulnerability Tries to read a local file in Exponent CMS
Extent RBS ISP Checks for the presence of Extent RBS ISP 2.5
ezPublish config disclosure Determine if ezPublish config file can be retrieved
EZShopper 3.0 Checks for the presence of EZShopper's CGIs
EZsite Forum Discloses Passwords to Remote Users Checks for EZsiteForum.mdb password database
ezUpload <= 2.2 Multiple Vulnerabilities Checks for multiple vulnerabilities in ezUpload <= 2.2
e_Board arbitrary file reading Checks for e_Board
F-Secure Policy Manager Path Disclosure Checks for /fsms/fsmsh.dll
FAQManager Arbitrary File Reading Vulnerability Tests for FAQManager Arbitrary File Reading Vulnerability
Faxsurvey Checks if faxsurvey is vulnerable
FCKeditor Arbitrary File Upload Vulnerability Tries to use upload a file with PHP code using FCKeditor
FCKeditor for PHP-Nuke Arbitrary File Upload Vulnerability Detects arbitrary file upload vulnerability in FCKeditor for PHP-Nuke
Fedora DS Administration Server Information Disclosure Vulnerability Checks for an information disclosure vulnerability in Fedora Directory Server Administration Server
Feedsplitter <= 2006-01-21 Multiple Vulnerabilities Tries to read an invalid XML file with Feedsplitter
File Disclosure in OWL's Workshop Detect OWLS File Disclosure
File Disclosure in PHP Manpage Detect PHP Manpage File Disclosure
File Inclusion Vulnerability in Jaws Detect Jaws File Inclusion Vulnerability
File Inclusion Vulnerability in Pivot Detect Pivot File Inclusion Vulnerability
Finger cgi Checks for the presence of /cgi-bin/finger
Fingerprint web server with favicon.ico Attempt to fingerprint web server with favicon.ico
FishCart SQL injections Checks for the presence of an SQL injection in upstnt.asp
FlatNuke < 2.5.6 Multiple Vulnerabilities Checks for multiple vulnerabilities in FlatNuke < 2.5.6
FlatNuke Form Submission Input Validation Vulnerability Determines if FlatNuke is installed
FlatNuke id Parameter Directory Traversal Vulnerability Checks for id parameter directory traversal vulnerability in FlatNuke
FlexCast Server Terminal Authentication Vulnerability Checks for terminal authentication vulnerability in FlexCast Server
Flyspray adodbpath Parameter Remote File Include Vulnerability Checks for adodbpath parameter remote file include vulnerability in Flyspray
FormHandler.cgi Attempts to read /etc/passwd
formmail.pl Checks for the presence of /cgi-bin/formmail.pl
Forum51/Board51/News51 Users Disclosure Checks for the presence of user.idx
foxweb CGI Checks for the presence of foxweb.exe or foxweb.dll
Free Articles Directory Remote File Inclusion Vulnerability Checks for file includes in Free Articles Directory
ftp.pl shows the listing of any dir Checks for the presence of /cgi-bin/ftp/ftp.pl
FtpLocate fsite Parameter Command Execution Vulnerability Checks for fsite parameter command execution vulnerability in FtpLocate
FUDforum < 2.7.1 Avatar Upload Vulnerability Checks for avatar upload vulnerability in FUDforum < 2.7.1
Fuji Xerox Printing Systems Authentication Bypass Vulnerability Gets version of remote printer
Fusion News X-Forwarded-For Code Injection Vulnerability Checks for X-Forwarded-For code injection vulnerability in Fusion News
Fusion SBX Password Bypass and Command Execution Checks for the presence of a Fusion SBX Password Bypass
Gallery < 2.0.3 Multiple Vulnerabilities Checks for IP spoofing in Gallery
gallery authentication bypass Checks for a bug in gallery
gallery code injection Checks for the presence of includes/needinit.php
gallery code injection (2) Checks for the presence of setup/index.php
gallery code injection (3) Checks for the presence of init.php
Gallery g2_itemId Parameter Directory Traversal Vulnerability Checks for g2_itemId parameter Directory Traversal vulnerability in Gallery
Gallery Install Log Information Disclosure Vulnerability Checks for Gallery install log
Gallery Multiple Vulnerabilities Checks for the presence of login.php
Gallery PostNuke Integration Access Validation Vulnerability Checks for PostNuke integration access validation vulnerability in Gallery
Gallery Script Execution Checks for the version of Gallery
Gallery stepOrder Parameter Local File Include Vulnerabilities Tries to read a file using Gallery stepOrder parameter
Gallery Unspecified HTML Injection Vulnerability Checks for the version of Gallery
Gallery ZipCart File Retrieval Vulnerability Tries to retrieve a file using Gallery's ZipCart module
gCards Multiple Vulnerabilities Checks for directory transversal in gCards index.php script
Geeklog < 1.3.11sr4 / 1.4.0sr1 Multiple Vulnerabilities Checks for multiple vulnerabilities in Geeklog < 1.3.11sr4 / 1.4.0sr1
Geeklog Admin Authentication SQL Injection Vulnerability Tries to bypass administrative authentication in Geeklog
Geeklog FCKeditor Arbitrary File Upload Vulnerability Tries to upload a file with PHP code using Geeklog's FCKeditor
Geeklog session Cookie Authentication Bypass Vulnerability Tries to bypass authentication in Geeklog
GeekLog SQL vulns sends a rotten cookie to the remote host
Geeklog User Comment Retrieval SQL Injection Vulnerability Checks for user comment retrieval SQL injection vulnerability in Geeklog
Geeklog _CONF[path] Parameter Remote File Include Vulnerability Tries to read a local file using Geeklog
Geronimo Console Default Credentials Checks for default credentials in Geronimo console
get32.exe vulnerability Checks for the presence of /cgi-bin/get32.exe
getID3 < 1.7.8-b1 Multiple Vulnerabilities Tries to read a file with getID3's demo.browse.php
GForge Information Disclosure Checks for a flaw in GForge
glimpse Checks for the presence of /cgi-bin/phf
GNU Mailman Multiple Unspecified Remote Vulnerabilities GNU Mailman unspecified vulnerabilities
GNUMP3d < 2.9.6 Multiple Vulnerabilities Checks for multiple vulnerabilities in GNUMP3d < 2.9.6
Google Search Appliance proxystylesheet Parameter Multiple Vulnerabilities Checks for proxystylesheet parameter multiple vulnerabilities in Google Search Appliance
GOsa code injection Checks for the presence of remotehtmlview.php
Goscript command execution Goscript command execution detection
Grandstream Budgetone Default Password Checks for the presence of a Grandstream Budgetone default password
Gravity Board X <= 1.1 Multiple Vulnerabilities Checks for multiple vulnerabilities in Gravity Board X <= 1.1
GroupWise Web Interface 'HELP' hole GroupWise Web Interface 'HELP' hole
GroupWise Web Interface 'HTMLVER' hole GroupWise Web Interface 'HTMLVER' hole
GTcatalog code injection Checks for the presence of index.php
GTcatalog password disclosure Checks for the presence of password.inc
Guestbook Script include_files Parameter Remote File Include Vulnerability Tries to read /etc/passwd using Guestbook Script
guestbook tr3 password storage Checks for the presence of passwd.txt
guestbook.cgi Checks for the presence of /cgi-bin/guestbook.cgi
guestbook.pl Checks for the presence of /cgi-bin/guestbook.pl
GuppY <= 4.5.9 Multiple Vulnerabilities Checks for multiple vulnerabilities in GuppY <= 4.5.9
GuppY pg Parameter Vulnerability Checks for pg parameter flaw in Guppy
Guppy Request Header Injection Vulnerabilities Checks for request header injection vulnerabilities in Guppy
HAMweather daysonly Arbitrary Code Execution Vulnerability Executes arbitrary command via HAMweather
Handler Checks for the presence of /cgi-bin/handler
HappyMall Command Execution Checks for HappyMall
HastyMail HTML Attachement Script Execution Checks for version of HastyMail
Help Center Live module.php local file include flaw Checks HCL local file include flaw
Help Center Live Multiple Vulnerabilities Determines if Help Center Live can include third-party files
Help Center Live Multiple Vulnerabilities (2) Checks for multiple vulnerabilities (2) in Help Center Live
Help Center Live osTicket Module Multiple SQL Injection Vulnerabilities Tries to bypass authentication with a SQL injection attack
HFS+ 'data fork' file access downloads the source of a remote script
Home Free search.cgi directory traversal Attempts GET /cgi-bin/search.cgi?\\..\\..\\file.txt
Horde and IMP test disclosure Checks if test.php is available in Horde or IMP
Horde Default Admin Password Vulnerability Checks for default admin password vulnerability in Horde
Horde Help Viewer Code Execution Vulnerability Tries to run a command using Horde's help viewer
Horde url Parameter File Disclosure Vulnerability Tries to read arbitrary files using Horde
Hosting Controller < 6.1 Hotfix 2.1 Multiple Vulnerabilities Checks for multiple vulnerabilities in Hosting Controller < 6.1 hotfix 2.1
Hosting Controller < 6.1 Hotfix 2.2 Multiple Vulnerabilities Checks for multiple vulnerabilities in Hosting Controller < 6.1 hotfix 2.2
Hosting Controller <= 6.1 Hotfix 2.2 Multiple Vulnerabilities Checks for multiple vulnerabilities in Hosting Controller <= 6.1 Hotfix 2.2
Hosting Controller <= 6.1 Hotfix 2.3 Information Disclosure Vulnerabilities Checks for information disclosure vulnerability in Hosting Controller <= 6.1 Hotfix 2.3
Hosting Controller <= 6.1 Hotfix 3.1 Privilege Escalation Vulnerability Checks version of Hosting Controller
Hosting Controller addsubsite.asp Security Bypass Checks for addsubsite.asp security bypass in Hosting Controller
Hosting Controller Detection Detects Hosting Controller
Hosting Controller ForumID Parameter SQL Injection Vulnerability Checks for a SQL injection flaw in Hosting Controller
Hosting Controller Multiple Information Disclosure Vulnerability Downloads HCDiskQuoteService.csv
Hosting Controller vulnerable ASP pages Checks for the vulnerable instances of Hosting Controller
HotNews code injection Checks for the presence of HotNews
HotOpenTickets Privilege Escalation Checks for HotOpenTicket
HP OpenView Network Node Manager Multiple Remote Command Execution Vulnerabilities Checks for multiple remote command execution vulnerabilities in HP OpenView Network Node Manager
HP Systems Insight Manager Namazu lang Directory Traversal Vulnerability Checks for Namazu lang parameter directory traversal vulnerability in HP Systems Insight Manager
HP Systems Management Homepage Namazu lang Directory Traversal Vulnerability Checks for namazu lang parameter directory traversal vulnerability in HP Systems Management Homepage
HSWeb document path Retrieve the real path using /cgi
hsx directory traversal Checks for the presence of /cgi-bin/hsx.cgi
ht://Dig's htsearch potential exposure/dos htsearch?-c/nonexistent
ht://Dig's htsearch reveals web server path Retrieve the real path using htsearch
htdig Checks if htdig is vulnerable
htgrep Checks for the presence of /cgi-bin/htgrep
Htmlscript Checks for the presence of /cgi-bin/htmlscript
i-Gallery <= 3.3 Multiple Vulnerabilities Checks for multiple vulnerabilities in i-Gallery <= 3.3
i-mall.cgi Checks for the presence of i-mall.cgi
ibillpm.pl Checks for the presence of /cgi-bin/ibillpm.pl
IBM WebSphere Application Server '%20' source disclosure Attempts to read the source of a jsp page
IBM WebSphere Application Server JSP Source Disclosure Attempts to read the source of a jsp page
IBM WebSphere Commerce Remote Information Disclosure Vulnerability Checks for remote information disclosure vulnerability in IBM WebSphere Application Server
IBM Websphere default user information leak Detects Websphere default user information leak
IBM-HTTP-Server View Code IBM-HTTP-Server View Code
IBProArcade index.php SQL Injection Checks for the presence of an SQL injection in index.php
icat Determines the presence of the 'icat' cgi
ICECast FileSystem disclosure Determines if the error code is the same when requesting inexisting and existing dirs
Icecast XSL Parser Multiple Vulnerabilities Checks for XSL parser vulnerabilities in Icecast
IceWarp lang_settings Remote File Include Vulnerabilities Tries to read a local file using IceWarp
IceWarp Web Mail Multiple Flaws Check the version of IceWarp WebMail
IceWarp Web Mail Multiple Flaws (2) Check the version of IceWarp WebMail
IceWarp Web Mail Multiple Flaws (3) Check the version of IceWarp WebMail
IceWarp Web Mail Multiple Flaws (4) Check the version of IceWarp WebMail
ideabox code injection Injects a path
Ideal BB < 1.5.4b Multiple Vulnerabilities Checks version of Ideal BB
IdealBB multiple flaws Checks IdealBB version
idq.dll directory traversal Attempts to read an arbitrary file
iiprotect bypass Determines if iisprotect can be escaped
IIS ASP.NET Application Trace Enabled Checks for ASP.NET application tracing
IIS Global.asa Retrieval Tries to retrieve the global.asa file
IIS phonebook Determines whether phonebook server is installed
IIS possible DoS using ExAir's advsearch Determines the presence of an ExAir ASP
IIS possible DoS using ExAir's query Determines the presence of an ExAir asp
IIS possible DoS using ExAir's search Determines the presence of an ExAir asp
iisPROTECT sql injection Determines if iisPROTECT is password-protected
IkonBoard arbitrary command execution Checks for Ikonboard.cgi
IkonBoard SQL injection vulnerabilties Checks for Ikonboard.cgi
IlohaMail Attachment Upload Vulnerability Checks for Attachment Upload vulnerability in IlohaMail
IlohaMail Contacts Deletion Vulnerability Checks for Contacts Deletion vulnerability in IlohaMail
IlohaMail External Programs Vulnerabilities Checks for External Programs vulnerabilities in IlohaMail
IlohaMail Insecure Install Checks for the presence of conf/conf.inc
IlohaMail Password Disclosure Vulnerability Checks for Password Disclosure vulnerability in IlohaMail
IlohaMail Unspecified Vulnerability Checks the version if Ilohamail
IlohaMail User Parameter Vulnerability Checks for User Parameter vulnerability in IlohaMail
ImageFolio Default Password Logs in as Admin/ImageFolio
imagemap.exe Overflows /cgi-bin/imagemap.exe
imageVue < 16.2 Multiple Vulnerabilities Checks for unauthorized file upload vulnerability in imageVue
IMP Session Hijacking Bug Checks IMP version
IMP SQL injection Checks IMP version
Infinite Mobile Delivery Webmail Multiple vulnerabilities Checks for the presence of Infinite Mobile Delivery
info2www Checks for the presence of /cgi-bin/info2www
infosrch.cgi Checks for the presence of /cgi-bin/infosrch.cgi
Ingo Detection Checks for presence of Ingo
Ingo Foldername Command Execution Vulnerability Checks version number of Ingo
Inktomi Search Physical Path Disclosure Checks for a Inktomi Search vulnerability
INL ulog-php SQL injection Checks for the presence of a SQL injection vulnerability in ulog
inserter.cgi File Inclusion and Command Execution Vulnerabilities Checks for the presence of a file inclusion vulnerability
Instaboard SQL injection Checks for SQL insertion in Instaboad
Interactive Story Directory Traversal Vulnerability Checks for the presence of /cgi-bin/story.pl
Interchange < 5.0.2 / 5.2.1 Multiple Vulnerabilities Checks for multiple vulnerabilities in Interchange < 5.0.2 / 5.2.1
InterScan VirusWall Remote Configuration Vulnerability Check if the remote Interscan is vulnerable to remote reconfiguration.
Interspire ArticleLive Multiple Remote Vulnerabilities Checks for multiple vulnerabilities in Interspire ArticleLive
Invision Community Blog Multiple Input Validation Vulnerabilities Checks for multiple input validation vulnerabilities in Invision Community Blog
Invision Community Blog SQL Injection SQL Injection
Invision Gallery Multiple Input Validation Vulnerabilities Checks for multiple input validation vulnerabilities in Invision Gallery
Invision Gallery st Parameter SQL Injection Vulnerability Checks for st parameter SQL injection vulnerability in Invision Gallery
Invision Power Board 2.x.x < 04-25-06 Multiple Vulnerabilities Checks for ck parameter SQL injection vulnerability in IPB
Invision Power Board < 2.0.4 Multiple Vulnerabilities Checks for multiple vulnerabilities in Invision Power Board < 2.0.4
Invision Power Board Arcade SQL Injection Vulnerability Detect Invision Power Board Arcade SQL Injection
Invision Power Board Calendar SQL Injection Vulnerability Detect Invision Power Board Calender SQL Injection
Invision Power Board CLIENT_IP SQL Injection Vulnerability Checks version of IPB
Invision Power Board Dragoran Portal Plugin site Parameter SQL Injection Vulnerability Checks for site parameter SQL injection vulnerability in Invision Power Board Dragoran Portal Plugin
Invision Power Board Post SQL Injection Vulnerability Detect Invision Power Board Post SQL Injection
Invision Power Board Privilege Escalation Vulnerability / SQL Injection Checks for privilege escalation vulnerability in Invision Power Board
Invision Power Board ssi.php SQL Injection Vulnerability Detect Invision Power Board ssi.php SQL Injection
Invision Power Board st Parameter SQL Injection Vulnerability Checks for st parameter SQL injection vulnerability in Invision Power Board
Invision PowerBoard code injection Checks for root_path include flaw in ipchat.php
ion-p.exe vulnerability Checks for the ion-p.exe file
IPCheck Server Monitor Directory Traversal Vulnerability Checks for directory traversal vulnerability in IPCheck Server Monitor
Ipswitch WhatsUp Professional Authentication bypass detection Checks for Ipswitch WhatsUp Professional Authentication Bypass
Ipswitch WhatsUp Professional Login.asp SQL Injection Vulnerability Checks for SQL injection vulnerability in Ipswitch WhatsUp Professional's Login.asp
Ipswitch WhatsUp Professional Multiple Vulnerabilities Checks for Ipswitch WhatsUp Professional Information Disclosure
IronWebMail Pathname Reference Directory Traversal Vulnerability Tries to read a local file via IronWebMail
ITA Forum Multiple SQL Injection Vulnerabilities SQL Injection in ITA Forum
iXmail arbitrary file upload Checks for iXMail
iXmail SQL injection Checks for iXMail
Jakarta Tomcat Path Disclosure Tests for Tomcat Path Disclosure Vulnerability
JamMail Jammail.pl Remote Arbitrary Command Execution Vulnerability Determines the presence of Jammail.pl remote command execution
Jave Source Code Disclosure Jave Source Code Disclosure check
JAWS Multiple Input Validation Vulnerabilities Checks for a file reading flaw in JAWS
JBoss JMX Console DeploymentFileRepository Directory Traversal Vulnerability Tries to change the JMX Console DeploymentFileRepository's BaseDir
JBoss JMX Console Unrestricted Access Vulnerability Tries to access the JMX and Web Consoles
JBoss Malformed HTTP Request Remote Information Disclosure Attempts to read security policy of a remote JBoss server
JBoss source disclosure Attempts to read the source of a jsp page
JBrowser multiple flaws Checks JBrowser
JCE Admin Component Local File Include Vulnerability Tries to read a local file with JCE Admin Component
JGS-Portal Multiple XSS and SQL injection Vulnerabilities JGS-Portal Multiple XSS and SQL injection Vulnerabilities
Jinzora include_path Parameter Remote File Include Vulnerabilities Tries to read a local file with Jinzora
Jinzora include_path Variable File Include Vulnerabilities Checks for include_path variable file include vulnerabilities in Jinzora
jj cgi Checks for the presence of /cgi-bin/jj
Joomla < 1.0.11 Multiple Vulnerabilities Checks if input to Joomla's administrator page is sanitized
Joomla < 1.0.11 Remote Code Execution Vulnerability Tries to run a command in Joomla
Joomla! < 1.0.8 Multiple Vulnerabilities Checks for path disclosure issue in Joomla!
Joomla! Detection Checks for presence of Joomla!
JRun directory traversal Attempts directory traversal attack
JRun's viewsource.jsp Determines the presence of the jrun flaw
JWalk server traversal Reads a file outside the web root
K-COLLECT CSV-DB CSV_DB.CGI Remote Command Execution Vulnerability Checks for K-COLLECT CSV-DB remote command execution flaw
Kayako LiveResponse Multiple Input Validation Vulnerabilities Checks for multiple input validation vulnerabilities in Kayako LiveResponse
Kebi Academy Directory Traversal kebi academy is vulnerable to an exploit which lets an attacker view any file that the cgi/httpd user has access to.
KF Web Server /%00 bug Make a request like http://www.example.com/%00
Kietu code injection Checks for the presence of hit.php
KorWeblog Remote Directory Listing Vulnerability Checks the version of the remote KorWeblog
KW whois Checks for the presence of /cgi-bin/whois.cgi
Land Down Under / Seditio id parameter SQL Injection Vulnerability Checks for SQL injection vulnerability in Land Down Under / Seditio
Land Down Under <= 800 Multiple Vulnerabilities Checks for SQL injection in LDU's index.php
Land Down Under <= 801 Multiple Vulnerabilities Checks for SQL injection in LDU's list.php
Land Down Under HTTP Referer SQL Injection Vulnerability Checks for HTTP Referer SQL injection vulnerability in Land Down Under
LedgerSMB / SQL-Ledger script Parameter Arbitrary Command Execution Vulnerability Tries to run a command via LedgerSMB/SQL-Ledger login.pl
LeifWright's blog.cgi command execution Checks for command execution in LeifWright's blog.cgi
LifeType articleId Parameter SQL Injection Vulnerability Tries to exploit SQL injection issue in LifeType
LifeType date Parameter SQL Injection Vulnerability Tries to exploit SQL injection issue in LifeType
LifeType profile Parameter Information Disclosure Vulnerability Tries to read the configuration file for LifeType
lighttpd Script Source Disclosure Vulnerability Checks version of lighttpd
Limbo catid Parameter SQL Injection Vulnerability Tries to affect DB queries in Limbo CMS
Limbo CMS classes_dir Parameter Remote File Include Vulnerability Tries to read /etc/passwd using Limbo CMS
Limbo CMS Itemid Arbitrary Code Execution Vulnerability Injects arbitrary PHP code via Itemid parameter in Limbo CMS
Limbo CMS Multiple Vulnerabilities Checks for multiple vulnerabilities in Limbo
Limbo com_contact File Upload Vulnerability Tries to upload a file with PHP code in Limbo CMS
Limbo com_fm Component PHP Shell Vulnerability Tries to call Limbo's com_fm installer
LinPHA <= 1.0 Multiple Vulnerabilities Checks for multiple vulnerabilities in LinPHA <= 1.0
ListManager < 8.9b Multiple Vulnerabilities Checks for multiple vulnerabilities in ListManager < 8.9b
ListManager Administrative Command Injection Vulnerability Checks for administrative command injection vulnerability in ListManager
ListManager Error Message Information Disclosure Vulnerability Checks for error message information disclosure vulnerability in ListManager
Listserv < 14.3-2005a Multiple Vulnerabilities Checks for multiple vulnerabilities in Listserv < 14.3-2005a
Listserv < 14.5 Multiple Buffer Overflow Vulnerabilities Checks version number of Listserv
LiteCommerce SQL Injection Vulnerabilities Checks LiteCommerce
Looking Glass Multiple Vulnerabilities Checks for multiple vulnerabilities in Looking Glass
Loudblog < 0.42 Multiple Vulnerabilities Tries to read Loudblog's config file
Loudblog backend_settings.php Remote File Include Vulnerability Checks for remote file include vulnerability in Loudblog's backend_settings.php
Loudblog id Parameter SQL Injection Vulnerability Checks for id Parameter SQL injection flaw in Loudblog
Macallan Mail Solution Multiple HTTP vulnerabilities Checks for Macallan Mail Solution version
MacOS X Finder reveals contents of Apache Web directories Checks for .DS_Store
MacOS X Finder reveals contents of Apache Web files MacOS X Finder reveals contents of Apache Web files
Macromedia ColdFusion MX Path Disclosure Vulnerability Macromedia ColdFusion MX Path Disclosure Vulnerability
MailEnable HTTPMail Service Authorization Header DoS Vulnerability Checks for authorization header DoS vulnerability in MailEnable HTTPMail service
MailEnable HTTPMail Service Content-Length Overflow Vulnerability Checks for Content-Length Overflow Vulnerability in MailEnable HTTPMail Service
MailEnable NetWebAdmin Unauthorized Access Vulnerability (ME-10019) Checks version of MailEnable's NETWebAdmin.dll
MailEnable Web Mail Client Multiple Vulnerabilities Checks version of MailEnable
MailGust SQL Injection Vulnerability Check if MailGust is vulnerable to SQL Injection.
Mailman Detection Checks for the presence of Mailman
Mailman Log Spoofing Vulnerability Checks if Mailman filters invalid chars from PATH_INFO
MailMaxWeb Path Disclosure Checks for MailMaxWeb
mailnews.cgi Checks for the presence of mailnews.cgi
mailreader.com directory traversal and arbitrary command execution Checks directory traversal & version number of mailreader.com software
MailWatch authenticate Function SQL Injection Vulnerability Checks for authentication function SQL injection vulnerability in MailWatch
Mambo / Joomla Component / Module mosConfig_absolute_path Parameter Remote File Include Vulnerability Tries to read a local file using Mambo / Joomla components and modules
Mambo Code injection Vulnerability Detect mambo code injection vuln
Mambo Global Variables Unauthorized Access Checks for index.php malformed request vulnerability
Mambo Open Source / Joomla! GLOBALS Variable Remote File Include Vulnerability Tries to read a file using Mambo Open Source / Joomla!
Mambo Open Source / Mambo CMS Detection Checks for presence of Mambo Open Source / Mambo CMS
Mambo Open Source < 4.5.2.3 Multiple Vulnerabilities Checks for multiple vulnerabilities in Mambo Open Source < 4.5.2.3
Mambo Open Source Multiple Vulnerabilities Tries to change mos_user_template cookie in Mambo Open Source
Mambo Open Source Tar.php Remote File Include Vulnerability Detect Tar.php Remote File Include Vulnerability in Mambo Open Source
Mambo Open Source usercookie Parameter SQL Injection Vulnerability Tries to bypass authentication in Mambo Open Source
Mambo Site Server Cookie Validation Checks for the presence of Mambo's flaw
Mantis < 0.19.3 Multiple Flaws Checks for flaws in Mantis < 0.19.3
Mantis Detection Checks for the presence of Mantis
Mantis Multiple Flaws Checks for the version of Mantis
Mantis Multiple Flaws (2) Checks for the version of Mantis
Mantis Multiple Flaws (3) Checks for the version of Mantis
Mantis Multiple Flaws (4) Checks for the version of Mantis
Master Index directory traversal vulnerability Attempts GET /cgi-bin/search/search.cgi?keys=*&prc=any&catigory=../../../../etc
MaxWebPortal <= 1.33 Multiple Vulnerabilities Checks for multiple vulnerabilities in MaxWebPortal <= 1.33
MaxWebPortal <= 1.35 Multiple Vulnerabilities Checks for multiple vulnerabilities in MaxWebPortal <= 1.35
MaxWebPortal memKey Parameter SQL Injection Vulnerability Checks for SQL injection vulnerability in MaxWebPortal's password.asp
McAfee Common Management Agent Directory Traversal Vulnerability Checks version of Common Management Agent
MediaHouse Statistic Server Buffer Overflow Overflow of /ss?
MediaWiki < 1.3.17 / 1.4.11 / 1.5.0 Multiple Vulnerabilities Checks for multiple vulnerabilities in MediaWiki < 1.3.17 / 1.4.11 / 1.5.0
MediaWiki Detection Detects MediaWiki
MediaWiki Multiple Remote Vulnerabilities Test for the version of MedaWiki
MediaWiki Multiple Remote Vulnerabilities (2) Attempts to execute phpinfo() remotely
Mensajeitor Tag Board Admin Bypass Mensajeitor test
MercuryBoard User-Agent SQL Injection Vulnerability Checks for User-Agent remote SQL injection vulnerability in MercuryBoard
MetaCart E-Shop ProductsByCategory.ASP SQL and XSS Injection Vulnerabilities MetaCart E-Shop ProductsByCategory.ASP XSS and SQL injection Vulnerabilities
MiniBB PathToFiles Parameter Remote File Include Vulnerability Tries to read a local file with MiniBB
miniPortail Cookie Admin Access Determine if miniPortail can abused
Minis Remote File Access Checks for a file reading flaw in minis
MiniVend Piped command Checks for the presence of /cgi-bin/simple/view_page
mmstdod.cgi Checks for the presence of /cgi-bin/mmstdod.cgi
Mnemo Detection Checks for presence of Mnemo
Mnogosearch overflows Checks for search.cgi
ModernBill 4.3.0 and older Multiple Vulnerabilities Checks for multiple vulnerabilities in ModernBill 4.3.0 and older
MODx < 0.9.1a Multiple Vulnerabilities Tries to exploit a XSS flaw in MODx
MODx CMS base_path Parameter Remote File Include Vulnerability Tries to read a local file with MODx CMS
Monkey HTTP Daemon < 0.9.1 Multiple Vulnerabilities Checks for multiple vulnerabilities in Monkey HTTP Daemon < 0.9.1
Mono XSP Source Code Disclosure Vulnerability Tries to retrieve ASPX source code using XSP
Monster Top List Remote File Include Checks for file includes in sources/functions.php
Moodle < 1.5.1 Multiple Vulnerabilities Checks for multiple vulnerabilities in Moodle < 1.5.1
Moodle < 1.5.3 Multiple SQL Injection Vulnerabilities Checks for multiple SQL vulnerabilities in Moodle < 1.5.3
Moodle < 1.6.2 Multiple Vulnerabilities Checks if Moodle's jumpto.php requires a sesskey
Moodle Detection Detects Moodle
Moodle SQL injection flaws Determines if Moodle is older than 1.4.3
Moodle tag Parameter SQL Injection Vulnerability Checks for a SQL injection flaw in Moodle Blog feature
Movable Type < 3.2 Multiple Vulnerabilities Checks for multiple vulnerabilities in Movable Type < 3.2
Movable Type config file Checks for the presence of /mt/mt.cfg
Movable Type initialization script found Checks for the existence of /mt/mt-load.cgi
MPM Guestbook file reading Determines MPM Guestbook is installed
MRTG mrtg.cgi File Disclosure checks for mrtg.cgi
MS Personal WebServer ... ......../file.txt
MS Site Server Information Leak Determine if the remote host is vulnerable to a disclosure vuln.
msmmask.exe Checks for the presence of /cgi-bin/msmMask.exe
MSQL CGI overflow Overflows the remote CGI buffer
multihtml cgi Checks for the presence of /cgi-bin/multihtml.pl
Multiple Cross-Site Scripting Vulnerabilities in phpBB2 Plus <= 1.52 Checks for multiple cross-site scripting vulnerabilities in phpBB Plus <= 1.52
Multiple DotNetNuke HTML Injection Vulnerabilities Checks version of DotNetNuke
Multiple Local File Include Vulnerabilities in phpMyAdmin Detect multiple local file include vulnerabilities in phpMyAdmin
Multiple phpShop Vulnerabilities Detect phpShop SQL Injection
Multiple Remote Vulnerabilities in myEvent Checks for file includes in myevent.php
Multiple Remote Vulnerabilities in PhotoPost PHP 5.0 RC3 and Older Checks for multiple remote vulnerabilities in PhotoPost PHP 5.0 RC3 and older
Multiple Remote Vulnerabilities in Zorum <= 3.5 Checks for multiple remote vulnerabilities in Zorum <= 3.5
Multiple SQL Injection Vulnerabilities in iWebNegar SQL Injection
Multiple SQL Injection Vulnerabilities in phpCOIN <= 1.2.2 Checks for multiple SQL injection vulnerabilities in phpCOIN <= 1.2.2
Multiple Vulnerabilities in Active WebCam Webserver 5.5 and older Checks for multiple remote vulnerabilities in Active WebCam webserver 5.5 and older
Multiple Vulnerabilities in ArGoSoft Mail Server Pro <= 1.8.7.6 Checks for multiple vulnerabilities in ArGoSoft Mail Server Pro <= 1.8.7.6
Multiple vulnerabilities in Clever Copy Checks for XSS in results.php
Multiple Vulnerabilities in Merak Webmail / IceWarp Web Mail Checks for Multiple Vulnerabilities in Merak Webmail / IceWarp Web Mail
Multiple Vulnerabilities in MercuryBoard Checks for the presence of an old version of mercuryBoard
Multiple vulnerabilities in OpenConnect WebConnect < 6.5.1 Checks for multiple vulnerabilities in OpenConnect WebConnect < 6.5.1
Multiple Vulnerabilities in paFileDB 3.1 and older Checks for multiple vulnerabilities in paFileDB 3.1 and Older
Multiple Vulnerabilities in paFileDB 3.1 and older (2) Checks for multiple vulnerabilities in paFileDB 3.1 and Older
Multiple vulnerabilities in PHP Surveyor Checks for SQL injection in admin.php
Multiple vulnerabilities in PHP TopSites Tries to access setup.php without authentication
Multiple vulnerabilities in phpBB 2.0.11 and older Multiple vulnerabilities in phpBB version 2.0.11 and older
Multiple vulnerabilities in phpBB 2.0.13 and older Checks for multiple vulnerabilities in phpBB 2.0.13 and older
Multiple vulnerabilities in phpBB 2.0.14 and older Checks for multiple vulnerabilities in phpBB 2.0.14 and older
Multiple vulnerabilities in phpBB <= 2.0.12 Checks for multiple vulnerabilities in phpBB version <= 2.0.12
Multiple Vulnerabilities in phpCOIN 1.2.1b and older Detects multiple vulnerabilities in phpCOIN 1.2.1b and older
Multiple Vulnerabilities in PHPlist <= 2.6.3 Checks version of PHPlist
Multiple Vulnerabilities in PostNuke 0.760 RC2 and older Detects multiple vulnerabilities in PostNuke 0.760 RC2 and older
Multiple Vulnerabilities in PostNuke <= 0.760 RC4a Detects multiple vulnerabilities in PostNuke <= 0.760 RC4a
Multiple Vulnerabilities in PostNuke <= 0.760 RC4b Detects multiple vulnerabilities in PostNuke <= 0.760 RC4b
Multiple Vulnerabilities in XAMPP Checks for the version of XAMPP
Multiple Vulnerabilities in yappa-ng < 2.3.2 Checks for multiple vulnerabilities in yappa-ng < 2.3.2
mvnForum activatemember Cross-Site Scripting Vulnerabilities Checks for an XSS flaw in mvnForum's activatemember script
MyBB < 1.0 Multiple SQL Injection Vulnerabilities Checks for multiple SQL injection vulnerabilities in MyBB < 1.0
MyBB < 1.01 SQL Injection Vulnerabilities Checks for SQL injection vulnerabilities in MyBB < 1.01
MyBB < 1.04 Multiple Vulnerabilities Checks for multiple vulnerabilities in MyBB < 1.04
MyBB <= RC4 Multiple SQL Injection Vulnerabilities Checks for multiple SQL injection vulnerabilities in MyBB <= RC4
MyBB CLIENT-IP SQL Injection Vulnerability Checks for CLIENT-IP SQL injection vulnerability in MyBB
MyBB comma Parameter SQL Injection Vulnerability Checks for comma parameter SQL injection vulnerability in MyBB
MyBB Detection Checks for presence of MyBB
MyBB fid Parameter SQL Injection Vulnerability (2) Checks for fid parameter SQL injection vulnerability in MyBB (2)
MyBB finduser SQL Injection Checks for the presence of a SQL injection in MyBB
MyBB forums Parameter SQL Injection Vulnerability Checks for forums parameter SQL injection vulnerability in MyBB
MyBB Global Variable Overwrite Vulnerability Checks for globals.php SQL injection vulnerability in MyBB
MyBB member.php SQL Injection Vulnerability Checks for SQL injection vulnerability in MyBB's member.php script
MyBB referrer Parameter SQL Injection Vulnerability Checks for referrer parameter SQL injection vulnerability in MyBB
MyBBB rating Parameter SQL Injection Vulnerability Checks for rating parameter SQL injection vulnerability in MyBB
myBloggie Multiple Vulnerabilities Checks for the presence of a myBloggie
MyDMS SQL Injection and Directory Traversal SQL injection against the remote MyDMS installation
myPHPcalendar injection Checks for the presence of contacts.php
myphpnuke code injection Checks for the presence of displayCategory.php
myPHPNuke phptonuke.php Directory Traversal Reads file through phptonuke.php
myphpPageTool code injection Checks for the presence of index.html
MyReview email SQL Injection Vulnerability Checks for SQL injection flaw in MyReview
myServer 0.4.3 / 0.7 Directory Traversal Vulnerability Attempts to retrieve the path '/././..'
myServer POST Denial of Service Test POST DoS on myServer
My_eGallery code execution Checks for the version of My_eGallery
N/X Web Content Management code injection Checks for the presence of menu.inc.php
Nabopoll path Parameter Remote File Include Vulnerability Checks for path parameter remote file include vulnerability in Nabopoll
Nag Detection Checks for presence of Nag
Namazu Multiple Flaws Checks for the version of Namazu
nbmember.cgi information disclosure Checks for nbmember.cgi
ncbook/book.cgi Checks for the presence of /cgi-bin/ncbook/book.cgi
ndcgi.exe vulnerability Checks for the ndcgi.exe file
NeoMail Session Id Validation Vulnerability Checks for session id validation vulnerability in NeoMail
Netauth Checks for the presence of /cgi-bin/netauth.cgi
NETFile Default Admin User / Password Vulnerability Checks for default admin user / password vulnerability in NETFile FTP/Web Server
NETFile FTP/Web Server Directory Traversal Vulnerabilities Checks for directory traversal vulnerabilities in NETFile FTP/Web Server
NetGear Hidden Password Check NetGear Hidden Password Check
Netquery <= 3.1 Multiple Vulnerabilities Checks for multiple vulnerabilities in Netquery <= 3.1
Netquery <= 3.11 Arbitrary Command Execution Vulnerability Checks for arbitrary command execution vulnerability in Netquery <= 3.11
Netref Cat_for_gen.PHP Remote PHP Script Injection Vulnerability Netref Cat_for_gen.PHP Remote PHP Script Injection Vulnerability
netscape publishingXpert 2 PSUser problem Checks if /PSUser/PSCOErrPage.htm reads any file
NetTools command execution Executed 'id' through index.php
NetworkActiv Web Server Script Source Disclosure Vulnerability Checks version of NetworkActiv Web Server
newdsn.exe check Checks for the presence of /scripts/tools/newdsn.exe
news desk Checks for the presence of /cgi-bin/newsdesk.cgi
NewsScript Access Validation Vulnerability Checks for access validation vulnerability in NewsScript
Noah's Classifieds <= 1.3 Multiple Vulnerabilities Checks for search page SQL injection flaw in Noah's Classifieds
NOCC <= 1.0 Multiple Vulnerabilities Checks for a local file include flaw in NOCC
Non-Existant Page Physical Path Disclosure Vulnerability Tests for a Generic Physical Path Disclosure Vulnerability
Novell eDirectory Host Request Header Overflow Vulnerability Send a special Host request header to eDirectory
Novell Groupwise WebAcc Information Disclosure Novell Groupwise WebAcc Information Disclosure
Novell GroupWise WebAccess Authentication Bypass Checks GroupWare Auth Bypass
Novell Web Server NDS Tree Browsing Novell Web Server NDS Tree Browsing
nph-publish.cgi Checks for the presence of /cgi-bin/nph-publish.cgi
nph-test-cgi Checks for the presence of /cgi-bin/nph-test-cgi
Nucleus CMS DIR_LIBS Parameter Remote File Include Vulnerability Tries to read a local file using Nucleus CMS
Nucleus CMS SQL Injection Nucleus Version Check
Nucleus Multiple Vulnerabilities Nucleus Version Check
Nuked-klan file include Determine if Nuked-klan is vulnerable to a file include attack
Ocean12 ASP Calendar Administrative Access auth bypass test
Ocean12 Database Download Checks for Ocean12 guestbook
ocPortal Remote File Include Determines if ocPortal can include third-party files
ODBC tools check Checks for the presence of ODBC tools
OfficeScan configuration file disclosure Checks for the presence of /officescan/hotdownload/ofscan.ini
OmniHTTPd visadmin exploit Checks for the visadmin.exe cgi
OmniPro HTTPd 2.08 scripts source full disclosure Check the presence of OmniPro HTTPd 2.08 scripts source disclosure.
OneOrZero SQL injection Determines OneOrZero is installed
Open Conference System fullpath Parameter Remote File Include Vulnerabilities Tries to read a local file with OCS
Open WebMail Detection Checks for the presence of Open WebMail
OpenBB SQL injection Tests for SQL Injection
OpenBB XSS and SQL injection flaws Detects openBB version
OpenBiblio < 0.5.2 Multiple Local File Include Vulnerabilities Tries to read a local file in OpenBiblio
OpenCA HTML Injection Checks for the version of OpenCA
OpenCA multiple signature validation bypass Checks for the version of OpenCA
OpenCA signature verification flaw Checks for the version of OpenCA
OpenCms < 6.22 Multiple Vulnerabilities Checks the version of OpenCms
OpenDocMan Access Control Bypass Determines if OpenDocMan is present
OpenEMR fileroot Parameter Remote File Include Vulnerability Tries to read a local file using OpenEMR
openwebmail command execution Determines the version of openwebmail
OrangeHRM txtUserName SQL Injection Vulnerability Tries to bypass OrangeHRM's authentication
Oreon file Parameter Remote File Include Vulnerability Tries to read a local file with Oreon
Orion Application Server JSP Script Source Disclosure Vulnerability Checks version of Orion
osCommerce attributes SQL Injection Vulnerability Checks for SQL injection flaw in osCommerce
osCommerce directory traversal Determine if osCommerce is vulnerable to dir traversal
osCommerce readme_file Parameter File Disclosure Vulnerability Tries to read a file with osCommerce
osCommerce Unprotected Admin Directory Checks for unprotected admin directory in osCommerce
osTicket <= 1.2.7 Multiple Vulnerabilities Checks for multiple vulnerabilities in osTicket <= 1.2.7
osTicket <= 1.3.1 Multiple Vulnerabilities Checks version of osTicket
osTicket Attachment Code Execution Vulnerability Checks for Attachment Code Execution Vulnerability in osTicket
osTicket Attachment Viewing Vulnerability Checks for Attachment Viewing Vulnerability in osTicket
osTicket Large Attachment Vulnerability Checks for Large Attachment Vulnerability in osTicket
osTicket setup.php Accessibility Checks Accessibility of osTicket's setup.php
Outlook Web Access Version Outlook Web Access version check
Outlook Web anonymous access Outlook Web anonymous access
overflow.cgi detection Checks for the presence of a CGI
Owl Intranet Engine <= 0.91 Multiple Vulnerabilities Checks for SQL injection flaw in Owl Intranet Engine
Owl Intranet Engine xrms_file_root Parameter Remote File Include Vulnerability Tries to read /etc/passwd via Owl
Owl Login bypass Determines owl is installed
Owl Multiple Vulnerabilities Determines owl is installed
ows-bin Checks if ows-bin is vulnerable
p-news Admin Access Checks for the presence of p-news.php
P-Synch multiple issues P-Synch issues
paFAQ Multiple Vulnerabilities Checks for multiple vulnerabilities in paFAQ
paFileDB Detection Checks for presence of paFileDB
PAFileDB Error Message Path Disclosure Vulnerability Checks for psFileDB path disclosure
PaFileDB pafiledbcookie SQL Injection Vulnerability Checks for pafiledbcookie SQL injection vulnerability in PaFileDB
paFileDB password hash disclosure Determines the version of paFileDB
paFileDB SQL injection Determine if pafiledb is vulnerable to a SQL injection
pagelog.cgi Checks for the presence of /cgi-bin/pagelog.cgi
Pages Pro CD directory traversal Pages Pro CD directory traversal
Pagesetter id Parameter Information Disclosure Vulnerability Tries to read a local file with Pagesetter
PAJAX < 0.5.2 Multiple Vulnerabilities Tries to execute code using PAJAX
pals-cgi Checks for the presence of /cgi-bin/pals-cgi
paNews admin_setup.php Remote Code Execution Vulnerability Checks for remote code execution in admin_setup.php in paNews
paNews Detection Checks for presence of paNews
paNews Input Validation Vulnerabilities Detects input validation vulnerabilities in paNews
paNews showpost Parameter Cross-Site Scripting Vulnerability Checks version of paNews
PatchLink Update checkid SQL Injection Vulnerability Tries to exploit SQL injection issue in PatchLink Update
PatchLink Update downloadreport Script SQL Injection Vulnerabilities Tries to exploit SQL injection issue in PatchLink Update
PatchLink Update Server nwupload.asp Directory Traversal Vulnerability Tries to write a file using PatchLink Update Server
PatchLink Update Server proxyreg.asp Authentication Bypass Vulnerability Tries to list registered proxy server in PatchLink Update Server
PayPal Store Front code injection Checks for the presence of index.php
PBLang < 4.66z Multiple Vulnerabilities Checks for multiple vulnerabilities in PBLang < 4.66z
PBLang BBS <= 4.65 Multiple Vulnerabilities Checks for multiple vulnerabilities in PBLang BBS <= 4.65
PBLang Multiple Vulnerabilities Checks for multiple vulnerabilities in PBLang
PCCS-Mysql User/Password Exposure Checks for dbconnect.inc
PD9 MegaBBS multiple vulnerabilities Checks for the presence of MegaBBS
PDGSoft Shopping cart vulnerability Checks for PDGSoft Shopping cart executables
perl interpreter can be launched as a CGI checks for the presence of /cgi-bin/perl
perlcal Checks for the presence of /cgi-bin/cal_make.pl
PerlDesk File Inclusion Determines if perldesk is vulnerable to a file inclusion
PerlDesk SQL Injection Vulnerability Checks if PerlDesk is vulnerable to a SQL injection attack
pfdispaly Checks for the presence of /cgi-bin/pfdispaly
PGPMail.pl detection Checks for the presence of PGPMail.pl
phf Checks for the presence of /cgi-bin/phf
Philboard database access Downloads philboard.mdb
Philboard philboard_admin.ASP Authentication Bypass Try to bypass Philboard philboard_admin.ASP Authentication
Phorum Detection Checks for presence of Phorum
phorum's common.php Checks for the presence of Phorum's common.php
PhotoPost Multiple Input Validation Vulnerabilities Checks for multiple input validation vulnerabilities in PhotoPost PHP
PhotoPost PHP Detection Checks for presence of PhotoPost PHP
PhotoPost showgallery.php SQL Injection Checks for the presence of an SQL injection in showgallery.php
php 4.2.x malformed POST Checks for version of PHP
php 4.3.0 Checks for version of PHP
php < 4.3.3 Checks for version of PHP
PHP < 4.4.1 / 5.0.6 Multiple Vulnerabilities Checks for multiple vulnerabilities in PHP < 4.4.1 / 5.0.6
PHP < 4.4.3 / 5.1.4 Multiple Vulnerabilities Checks version of PHP
PHP Advanced Transfer Manager <= 1.21 Multiple Vulnerabilities Checks for multiple vulnerabilities in PHP Advanced Transfer Manager <= 1.21
PHP Advanced Transfer Manager <= 1.30 Multiple Vulnerabilities Checks for multiple vulnerabilities in PHP Advanced Transfer Manager <= 1.30
php arbitrary file upload Checks for version of PHP
PHP Doc System Show Parameter Local File Include Vulnerability Checks for show parameter local file include vulnerability in PHP Doc System
PHP Easy Download admin/save.php Paramater Code Injection Vulnerability Tries to inject PHP code into remote web server.
php file upload Checks for version of PHP
PHP iCalendar Arbitrary File Upload Vulnerability Tries to upload PHP code using PHP iCalendar
PHP iCalendar Cookie Data Local File Include Vulnerability Tries to read a file using PHP iCalendar
PHP iCalendar getdate Parameter Remote File Include Vulnerability Checks for getdate parameter remote file include vulnerability in PHP iCalendar
PHP iCalendar Remote File Inclusion Vulnerability Checks for remote file inclusion vulnerability in PHP iCalendar
php IMAP overflow Checks for version of PHP
PHP Live Helper Multiple Remote File Include Vulnerabilities Tries to read /etc/passwd using PHP Live Helper
PHP Live! Remote Configuration File Include Checks for a flaw in PHP Live! < 2.8.2
php log Checks for version of PHP
PHP Mail Function Header Spoofing Vulnerability Checks for version of PHP
PHP Multiple Unspecified Vulnerabilities Checks for version of PHP
PHP mylog.html/mlog.html read arbitrary file Checks PHP mylog.html/mlog.html arbitrary file access
php PHP_Variables Memory Disclosure Checks for version of PHP
php POST file uploads Checks for version of PHP
PHP Rocket Add-in File Traversal Looks for a directory traversal vulnerability in the PHP Rocket Add-in for FrontPage.
php safemode Checks for version of PHP
php socket_iovec_alloc() integer overflow Checks for version of PHP
PHP Support Tickets SQL Injection Vulnerability Checks for SQL injection vulnerability in PHP Support Tickets
PHP Upload Center filename Parameter Directory Traversal Vulnerability Checks for filename parameter directory traversal vulnerability in PHP Upload Center
PHP-Calendar Remote File Include Vulnerability Determines if PHP-Calendar can include third-party files
PHP-Calendar Search.PHP SQL Injection Vulnerability Checks for SQL injection vulnerability in PHP-Calendar search.php
PHP-Fusion < 6.00.110 Multiple SQL Injection Vulnerabilities Checks for SQL injection in PHP-Fusion's register.php
PHP-Fusion <= 6.00.105 Multiple Vulnerabilities Checks for multiple vulnerabilities in PHP-Fusion <= 6.00.105
PHP-Fusion <= 6.00.106 Multiple Vulnerabilities Checks for multiple vulnerabilities in PHP-Fusion <= 6.00.106
PHP-Fusion Database Backup Disclosure Checks the version of the remote PHP-Fusion
PHP-Fusion Detection Checks the location of the remote PHP-Fusion
PHP-Fusion extract() Variable Overwriting Vulnerabilities Tries to overwrite $_SERVER[REMOTE_ADDR] with PHP-Fusion
PHP-Fusion members.php SQL injection Checks the version of the remote PHP-Fusion
PHP-Fusion Viewthread.php Information Disclosure Vulnerability Checks the version of the remote PHP-Fusion
PHP-Kit Multiple Flaws Check for SQL Injection in PHPKIT
PHP-Nuke copying files security vulnerability (admin.php) Determine if a remote host is vulnerable to the admin.php vulnerability
PHP-Nuke Gallery Add-on File View Determine if a remote host is vulnerable to the gallery vulnerability
PHP-Nuke is installed on the remote host Determines if PHP-Nuke is installed on the remote host
PHP-Nuke security vulnerability (bb_smilies.php) Determine if a remote host is vulnerable to the bb_smilies.php vulnerability
PHP-Nuke' opendir Determine if a remote host is vulnerable to the opendir.php vulnerability
php-ping Count Parameter Command Execution Vulnerability Detect PHP Ping Code Execution
php-proxima file reading Determines owl is installed
PHP-Update blog.php Variable Overwriting Vulnerability Checks if variables can be overwritten with PHP-Update's blog.php
php.cgi Checks for the presence of /cgi-bin/php.cgi
php.cgi buffer overrun Checks for the /cgi-bin/php.cgi buffer overrun
PHP.EXE / Apache Win32 Arbitrary File Reading Vulnerability Tests for PHP.EXE / Apache Win32 Arbitrary File Reading Vulnerability
PHP3 Physical Path Disclosure Vulnerability Tests for PHP3 Physical Path Disclosure Vulnerability
php4 multiple flaws Checks for version of PHP
PHP4 Physical Path Disclosure Vulnerability Tests for PHP4 Physical Path Disclosure Vulnerability
php4/5 Vulnerabilities Checks for version of PHP
phpAdsNew / phpPgAds < 2.0.6 Multiple Vulnerabilities Checks for multiple vulnerabilities in phpAdsNew / phpPgAds < 2.0.6
PHPAdsNew code injection Checks for the presence of remotehtmlview.php
phpAdsNew Multiple Vulnerabilities Checks for the presence of a XSS in phpAdsNew
phpAdsNew XML-RPC Library Remote Code Injection Vulnerability Checks for remote code injection vulnerability in phpAdsNew XML-RPC library
phpAlbum data_dir Parameter Remote File Include Vulnerability Tries to read /etc/passwd using phpAlbum
Phpauction <= 2.5 Multiple Vulnerabilities Checks for multiple vulnerabilities in Phpauction <= 2.5
phpauction Admin Authentication Bypass Attempts to bypass phpauction administrative authentication
phpBannerExchange Template Class Local File Include Vulnerability Tries to read a file using phpBannerExchange's template class
phpBB < 2.0.11 Check for the version of phpBB
phpBB < 2.0.22 Multiple Vulnerabilities Tries to pass a 'bad' redirect in via phpBB
phpBB <= 2.0.15 Remote Code Execution Vulnerability Checks for remote code execution vulnerability in phpBB <= 2.0.15
phpBB <= 2.0.16 Nested BBCode URL Tags Cross-Site Scripting Vulnerability Checks for nested BBCode URL tags cross-site scripting vulnerability in phpBB <= 2.0.16
phpBB <= 2.0.17 Multiple Vulnerabilities Checks for multiple vulnerabilities in phpBB <= 2.0.17
phpBB Component phpbb_root_path Parameter Remote File Include Vulnerabilities Tries to read a local file using the phpBB Component
phpBB Detection Check for phpBB version
phpBB Fetch All < 2.0.12 Check for phpBB Fetch All version
phpBB File Upload Script Vulnerability Checks for file upload script vulnerability in phpBB
phpBB Knowledge Base Module SQL Injection Vulnerability Checks for SQL injection vulnerability in phpBB Knowledge Base module
phpBB Module phpbb_root_path Parameter Remote File Include Vulnerability Tries to read a local file using phpBB modules
phpBB Photo Album Module <= 2.0.53 Multiple Vulnerabilities Checks for multiple vulnerabilities in phpBB Photo Album Module <= 2.0.53
phpBB remote PHP file include vulnerability Checks for the presence of admin_cash.php
phpBugTracker bug.php SQL Injection Checks for the presence of an SQL Injection bug in phpBugTracker
PHPCatalog SQL injection SQL Injection
phpCOIN < 1.2.2 2005-12-13 Fix-File Multiple Vulnerabilities Checks for multiple vulnerabilities in phpCOIN < 1.2.2 2005-12-13 fix-file
phpCOIN _CCFG Parameter Remote File Include Vulnerability Tries to read a local file with phpCOIN
phpCommunityCalendar Multiple Vulnerabilities Checks for the presence of a phpCommunityCalendar
phpdig Code injection Vulnerability Detect phpdig code injection vuln
phpDig Vulnerability Checks the version of phpMyAdmin
phpDocumentor <= 1.3.0 RC4 Local And Remote File Inclusion Vulnerability Check if phpDocumentor is vulnerable to remote file inclusion flaws
PHPFM Arbitrary File Upload Vulnerability Checks for arbitrary file upload vulnerability in PHPFM
phpFormGenerator Arbitrary File Upload Vulnerability Tries to execute arbitrary code using phpFormGenator
phpGedView arbitrary file reading Checks Aprox Portal
phpGedView Code injection Vulnerability Detect phpGedView Include() Vulnerability
PhpGedView PGV_BASE_DIRECTORY Parameter Remote File Include Vulnerability Checks for PGV_BASE_DIRECTORY parameter remote file include vulnerability in PhpGedView
PhpGroupWare Addressbook < 0.9.16 Unspecified Flaw Checks for PhpGroupWare version
PhpGroupWare arbitrary command execution Checks for PhpGroupWare version
PhpGroupWare calendar server side script execution Checks for PhpGroupWare version
PhpGroupWare Detection Checks for PhpGroupWare
PhpGroupWare index.php HTML injection vulnerabilities Checks for PhpGroupWare version
PhpGroupWare multiple HTML injection vulnerabilities Checks for PhpGroupWare version
PhpGroupWare multiple module SQL injection vulnerabilities Checks for PhpGroupWare version
PhpGroupWare plaintext cookie authentication credentials vulnerability Checks for PhpGroupWare version
PhpGroupWare unspecified remote file include vulnerability Checks for PhpGroupWare version
phpinfo.php Checks for the presence of phpinfo.php
PHPix directory traversal vulnerability PHPix directory traversal vulnerability
phpix remote command execution Detect phpix cmd execution
phpLDAPadmin Anonymous Bind Security Bypass Vulnerability Checks for anonymous bind security bypass vulnerability in phpLDAPadmin
phpLDAPadmin custom_welcome_page Parameter File Include Vulnerability Checks for custom_welcome_page parameter file include vulnerability in phpLDAPadmin
PHPLinks Multiple Input Validation Vulnerabilities Checks for the presence of PHPLinks
PHPlist database_module Parameter Local File Include Vulnerability Tries to read /etc/passwd using PHPlist
PHPlist Detection Checks for presence of PHPlist
phpListPro returnpath Remote File Include Vulnerabilities Checks for file includes in phpListPro's config.php
phpMyAdmin < 2.6.4-pl3 Multiple Vulnerabilities Checks for multiple vulnerabilities in phpMyAdmin < 2.6.4-pl3
phpMyAdmin < 2.9.1 Multiple Vulnerabilities Tries to pass in a numeric key in phpMyAdmin
phpMyAdmin arbitrary file reading (2) Checks phpMyAdmin
phpMyAdmin arbitrary files reading Checks for the presence of sql.php
phpMyAdmin Detection Checks for the presence of phpMyAdmin
phpMyAdmin import_blacklist Variable Overwriting Vulnerability Tries to read a local file using phpMyAdmin
phpMyAdmin multiple flaws Checks for the presence of phpMyAdmin
phpMyAdmin Multiple Remote Vulnerabilities Checks the version of phpMyAdmin
phpMyAdmin remote command execution Checks the version of phpMyAdmin
PHPMyAdmin subform File Inclusion Vulnerability Checks for subform file inclusion vulnerability in PHPMyAdmin
phpMyAgenda rootagenda Parameter File Include Vulnerability Checks for a possible file inclusion flaw in phpMyAgenda
PHPMyBackupPro Input Validation Issues Fetches the version of phpMyBackupPro
phpMyChat Information Disclosure Checks for the presence of an Information Disclosure in phpMyChat
phpMyConferences lvc_include_dir Parameter Remote File Include Vulnerability Tries to read a local file with phpMyConferences
phpMyExplorer dir traversal phpMyExplorer dir traversal
phpMyFAQ < 1.5.2 Multiple Vulnerabilities Checks for multiple vulnerabilities in phpMyFAQ < 1.5.2
phpMyFAQ < 1.6.10 File Upload Vulnerability Tries to bypass authentication with phpMyFAQ's ImageManager plugin
phpMyFAQ < 1.6.8 Multiple SQL Injection Vulnerabilities Checks for SQL injection in phpMyFAQ
phpMyFAQ action parameter arbitrary file disclosure vulnerability Check the version of phpMyFAQ
phpMyFAQ Detection Checks for presence of phpMyFAQ
phpMyFAQ Image Upload Authentication Bypass Check the version of phpMyFAQ
phpMyFAQ username SQL Injection Vulnerability Checks for username SQL injection vulnerability in phpMyFAQ
PHPMyWebHosting SQL Injection Vulnerability Checks for the presence of PHPMyWebhosting
PHPNews auth.php Remote File Include Vulnerability Detects remote file include vulnerability in auth.php in PHPNews
PHPNews auth.php SQL Injection Vulnerability Checks for auth.php SQL injection vulnerability in PHPNews
PHPNews prevnext Parameter SQL Injection Vulnerability Checks for prevnext parameter SQL injection vulnerability in PHPNews
PHPNews sendtofriend.php SQL injection Makes a request to the remote host by supplying the mid paramter in the url
phpPgAdmin arbitrary files reading Checks for the presence of sql.php
phpPgAdmin formLanguage Parameter Local File Include Vulnerability Checks for formLanguage parameter directory traversal vulnerability in phpPgAdmin
phpPGAds HTTP Response Splitting Vulnerability Checks for the presence of phpPGAds/phpAdsNew
phpping code execution Checks for the presence of phpping
PHProjekt <= 5.1 Multiple Remote File Include Vulnerabilities Tries to read a local file using PHProjekt
PHProjekt path_pre Parameter Remote File Include Vulnerability Tries to read /etc/passwd using PHProjekt
PHProjekt Unspecified Authentication Bypass Vulnerability Uses a form-POST method to enter the configuration page
PHProxy Detection Checks for the presence of PHProxy
phpRPC Library Remote Code Execution Vulnerability Checks for remote code execution in phpRPC library
phpSecurePages cfgProgDir Variable File Include Vulnerabilities Checks for cfgProgDir variable file include vulnerabilities in phpSecurePages
PHPSurveyor sid SQL Injection Flaw Checks for PHPSurveyor sid SQL injection flaw
phpSysInfo < 2.4.1 Multiple Vulnerabilities Checks for multiple vulnerabilities in phpSysInfo < 2.4.1
phpwcms Multiple Vulnerabilities Checks for multiple vulnerabilities in phpwcms
phpwcms spaw_root Parameter Remote File Include Vulnerability Tries to read a local file using phpwcms
phpWebFTP language Parameter Local File Include Vulnerability Tries to read /etc/passwd using phpWebFTP
phpWebLog Cross Site Scripting Checks for the presence of a phpWebLog XSS
phpWebNotes t_path_core Parameter File Include Vulnerability Checks for t_path_core parameter file include vulnerability in phpWebNotes
phpWebSite <= 0.10.1 Multiple Vulnerabilities Detects multiple vulnerabilities in phpWebSite <= 0.10.1
phpWebSite Arbitrary PHP File Upload as Image File Vulnerability Detects arbitrary PHP file upload as image file vulnerability in phpWebSite
phpWebSite Detection Checks for the presence of phpWebSite
phpWebSite hub_dir Parameter Local File Include Vulnerability Tries to read /etc/passwd using phpWebSite
phpWebSite multiple flaws SQL Injection and more.
phpWebSite Search Module SQL Injection Vulnerability Detects search module SQL injection vulnerability in phpWebSite
phpWebThings editor_insert_bottom Parameter Remote File Include Vulnerability Tries to read a local file with phpWebThings
phpWebThings forum Parameter SQL Injection Vulnerabilities Check if phpWebThings is vulnerable to SQL Injection attacks
PHPWind Board Remote File Include Vulnerability Checks for the presence of PHPWind Board.
PHPX username Parameter SQL Injection Vulnerability Checks for username parameter SQL injection vulnerability in PHPX
Pi3Web tstisap.dll overflow Checks for the presence of /isapi/tstisapi.dll
ping.asp Checks for the presence of ping.asp
Pinnacle ShowCenter Skin DoS Checks skin DoS in Pinnacle ShowCenter
PIX Firewall Manager Directory Traversal \..\..\file.txt
Pixelpost < 1.5 RC1 Multiple Vulnerabilities Tries to inject SQL code via Pixelpost's showimage parameter
Pixelpost category Parameter SQL Injection Vulnerability Tries to exploit SQL injection issue in Pixelpost
PJreview_Neo.cgi arbitrary file reading Checks Aprox Portal
Plain Old Webserver Directory Traversal Vulnerability Tries to read a file using POW
PlaySMS Cookie SQL Injection Tests for the PlaySMS SQL Injection
Plogger config Parameter Remote File Include Vulnerability Checks for config parameter remote file include vulnerability in Plogger
Plone Unprotected MembershipTool Methods Vulnerability Tries to change profiles using Plone
Plume CMS <= 1.0.2 Remote File Inclusion Vulnerability Check if Plume CMS is vulnerable to a file inclusion flaw
PlusMail vulnerability Checks for the presence of /cgi-bin/plusmail
pmachine code injection Checks for the presence of lib.inc.php
pmachine code injection (2) Checks for the presence of mail_autocheck.php
PmWiki < 2.1 beta 21 Multiple Vulnerabilities Checks for multiple vulnerabilities in PmWiki < 2.1 beta 21
PmWiki < 2.1.21 Global Variables Overwrite Vulnerability Checks for a remote file include flaw in PmWiki
Polar HelpDesk Authentication ByPass Checks for PolarHelpDesk
Poll It v2.0 cgi Checks for the presence of /cgi-bin/pollit/Poll_It_SSI_v2.0.cgi
popper_mod Checks if popper_mod is vulnerable
Post-Nuke information disclosure Determine if a remote host is vulnerable to the opendir.php vulnerability
Post-Nuke information disclosure (2) Determine if a remote host is vulnerable to the opendir.php vulnerability
Post-Nuke Multiple XSS Determines if post-nuke is vulnerable to XSS
Post-Nuke pnTresMailer Directory Traversal Determines if pnTresMailer is vulnerable to a Directory Traversal
Post-Nuke Rating System Denial Of Service Determine if a remote host is vulnerable to the postnuke rating dos vulnerability
Post-Nuke SQL injection Determines if post-nuke is vulnerable to SQL injection
Poster version.two privilege escalation Determines owl is installed
PostNuke < 0.762 Multiple Vulnerabilities Checks for admin access bypass issue in PostNuke
PostNuke Detection Detects the presence of PostNuke
PostNuke Install Script Determines if post-nuke's install.php is readable
PostNuke PNphpBB2 phpbb_root_path Parameter Remote File Include Vulnerability Tries to read a file with PNphpBB2 Module
Power Up Information Disclosure Power Up Information Disclosure
PowerPortal Path Dislcosure Checks for the presence of an Path Disclosure bug in PowerPortal
PowerPortal Private Message HTML Injection Checks the version of the remote PowerPortal Installation
PowerPortal SQL Injection Checks the version of the remote PowerPortal Installation
PPA ppa_root_path Variable File Include Vulnerability Checks for ppa_root_path variable file include vulnerability in PPA
printenv Checks for the presence of /cgi-bin/printenv
processit Checks for the presence of /cgi-bin/processit
ProductCart Multiple Input Validation Vulnerabilities Checks for multiple input validation vulnerabilities in ProductCart
ProductCart Multiple SQL Injection Vulnerabilities (2) Checks for multiple SQL injection vulnerabilities (2) in ProductCart
ProductCart SQL Injection Determine if ProductCart is vulnerable to a sql injection attack
Psunami.CGI Command Execution Checks for Psunami.CGI
PT News Unauthorized Administrative Access Determine if PTNews grants administrative access to everyone
PunBB < 1.2.6 Multiple Vulnerabilities Detects multiple vulnerabilities in PunBB < 1.2.6
PunBB < 1.2.7 Multiple Vulnerabilities Checks for multiple vulnerabilities in PunBB < 1.2.7
PunBB < 1.2.8 Multiple Vulnerabilities Checks for multiple vulnerabilities in PunBB < 1.2.8
PunBB detection Checks for presence of PunBB
PunBB Input Validation Vulnerabilities Detects input validation vulnerabilities in PunBB
PunBB language Paramater Local File Include Vulnerability Tries to read a local file with PunBB
PunBB old_searches Parameter SQL Injection Vulnerability Checks for old_searches parameter SQL injection vulnerability in PunBB
PunBB profile.php SQL Injection Vulnerability Checks for SQL injection vulnerability in PunBB's profile.php
PunBB search dropdown information disclosure Checks for PunBB version for information disclosure
PWSPHP XSS Checks XSS in PWSPHP
Qualiteam X-Cart remote command execution Checks Qualiteam X-Cart
quickstore traversal Checks for the presence of /cgi-bin/quickstore.cgi
quickstore traversal (2) Checks for the presence of /cgi-bin/quickstore.cgi
Quicktime/Darwin Remote Admin Exploit Checks Quicktime/Darwin server for parse_xml.cgi
QWikiwiki directory traversal vulnerability Checks for the presence of a File Inclusion Vulnerability
RaidenHTTPD directory traversal RaidenHTTPD directory traversal
RaidenHTTPD Script Source Disclosure Vulnerability Checks version of RaidenHTTPD
RaidenHTTPD SoftParserFileXml Remote File Include Vulnerability Tries to run a command with RaidenHTTPD
RCBlog post Parameter Directory Traversal Vulnerability Checks for directory transversal in RCBlog index.php script
Read any file thanks to ~nobody/ Checks for the presence of /~nobody/etc/passwd
readfile.tcl checks for readfile.tcl
Reading CGI script sources using /cgi-bin-sdb Checks for the presence of /cgi-bin-sdb/
readmsg.php detection Checks for the presence of Cobal Cube webmail
RealServer default.cfg file search RealServer default.cfg file search
RedHat 6.0 cachemgr.cgi Checks whether the cachemgr.cgi is installed and accessible.
Redhat Stronghold File System Disclosure Redhat Stronghold File System Disclosure
Remote Code Execution in ezContents Detect ezContents Code Execution
Resin Directory Traversal Vulnerability Tries to retrieve boot.ini using Resin
Resin DOS device path disclosure Tests for Resin path disclosure vulnerability
Resin traversal \..\..\file.txt
Resin viewfile Servlet File Disclosure Vulnerability Tries to get the absolute installation path of Resin
Rich Media E-Commerce Stores Sensitive Information Insecurely Rich Media E-Commerce Stores Sensitive Information Insecurely
RiSearch Arbitrary File Access Determines the presence of RiSearch show.pl
RM SafetyNet Plus XSS Checks RM SafetyNet Plus XSS
ROADS' search.pl Checks for the presence of /cgi-bin/search.pl
Robots.txt Information Disclosure Checks for a web server's robots.txt
rot13sj.cgi Checks for rot13sj.cgi
Roxen counter module Roxen counter module installed ?
Roxen Server /%00/ bug Make a request like http://www.example.com/%00/
rpm_query CGI checks for rpm_query
Ruby on Rails Routing Denial of Service Vulnerability Tries to hang Ruby on Rails
RunCMS <= 1.2 Multiple Vulnerabilities Checks for multiple vulnerabilities in RunCMS <= 1.2
RunCms bbPath Parameter Remote File Include Vulnerability Checks for bbPath parameter remote file include vulnerability in RunCms
RunCMS Remote Arbitrary File Upload Vulnerability Checks for remote arbitrary file upload vulnerability in RunCMS
Sambar /cgi-bin/mailit.pl installed ? Checks for the presence of /cgi-bin/mailit
Sambar /sysadmin directory 2 Sambar webserver installed ?
Sambar CGIs path disclosure Some CGIs reveal the web server installation directory
Sambar default CGI info disclosure Tests for testcgi.exe and environ.pl
Sambar sendmail /session/sendmail Sambar /session/sendmail mailer installed ?
Sambar Web Server CGI scripts Checks for the presence of /cgi-bin/{hello,echo}.bat
Sambar webserver pagecount hole Make a request like http://www.example.com/session/pagecount
SandSurfer User Authentication Vulnerability Checks for SandSurfer
SAP Internet Graphics Server Directory Traversal Vulnerability Attempts to read /etc/passwd
Savant cgitest.exe buffer overflow Savant cgitest.exe buffer overflow
Savant original form CGI access Determine if a remote host is Savant web server, and whether it is vulnerable to attack
SaveWebPortal <= 3.4 Multiple Vulnerabilities Checks for SaveWebportal arbitrary file inclusion
Sawmill < 7.1.6 Multiple Vulnerabilities Checks for multiple vulnerabilities in Sawmill < 7.1.6
SAXoPRESS url Parameter Directory Traversal Vulnerability Tries to retrieve a file using SAXoPRESS
sBLOG keyword Parameter SQL Injection Vulnerability Checks for keyword parameter SQL injection in sBLOG
ScanMail file check Checks for the presence ScanMail files
Scout Portal Toolkit forumid Parameter SQL Injection Vulnerability Checks for forumid parameter SQL injection in Scount Portal Toolkit
sdbsearch.cgi Determines the presence of the sdbsearch.cgi
Seditio Detection Checks for presence of Seditio
Segue CMS themesdir Parameter Remote File Include Vulnerability Tries to read a local file with Segue CMS
Sendcard SQL injection Checks for SQL injection in the id field in sendcard.php
sendtemp.pl Checks for the presence of /cgi-bin/sendtemp.pl
Serendipity < 0.8.1 Multiple Vulnerabilities Checks for multiple vulnerabilities in Serendipity < 0.8.1
Serendipity Detection Checks for presence of Serendipity
Serendipity exit.php SQL Injection Vulnerabilities Checks for SQL injection vulnerabilities in Serendipity exit.php
Serendipity serendipity[charset] Parameter Local File Include Vulnerabilities Tries to read a local file with Serendipity
Serendipity SQL Injections Checks for SQL injection vulnerability in Serendipity
Serendipity XML-RPC for PHP Remote Code Injection Vulnerability Checks for XML-RPC for PHP remote code injection vulnerability in Serendipity
ServletExec 4.1 / JRun ISAPI DoS Tests for ServletExec 4.1 ISAPI DoS
ServletExec 4.1 ISAPI File Reading Tests for ServletExec File Reading
ServletExec 4.1 ISAPI Physical Path Disclosure Tests for ServletExec 4.1 ISAPI Path Disclosure
SGallery idimage SQL Injection Checks for the presence of an SQL injection in idimage parameter
sgdynamo_path sgdynamo.exe Path Disclosure
sglMerchant Information Disclosure Vulnerability sglMerchant Information Disclosure Vulnerability
Shells in /cgi-bin Checks for the presence of various shells in /cgi-bin
ShopCartCGI arbitrary file reading Checks ShopCart
ShopPlus Arbitrary Command Execution ShopPlus Arbitrary Command Execution
ShowCode possible Determines the presence of showcode.asp
Silent-Storm Portal Multiple Input Validation Vulnerabilities Checks for vulnerabilities in Silent-Storm Portal
SilverNews < 2.0.4 Multiple Vulnerabilities Checks for multiple vulnerabilities in SilverNews < 2.0.4
SilverStream database structure Checks if SilverStream database structure is visible.
SilverStream directory listing Checks if SilverStream directory listings are disabled.
SimpGB Guestbook.PHP SQL Injection Vulnerability Checks for SQL injection in SimpGB
Simple Form Mail Relaying via Subject Tags Vulnerability Checks for Mail Relaying via Subject Tags Vulnerability in Simple Form
Simple Form Mail Relaying Vulnerability Checks for Mail Relaying Vulnerability in Simple Form
Simple Machines Forum Avatar Information Disclosure Vulnerability Checks for avatar code execution vulnerability in Simple Machines Forum
Simple Machines Forum msg Parameter SQL Injection Vulnerability Checks for msg parameter SQL injection vulnerability in Simple Machines Forum
Simple PHP Blog <= 0.4.0 Multiple Vulnerabilities Checks for multiple vulnerabilities in Simple PHP Blog <= 0.4.0
Simple PHP Blog blog_language Parameter Local File Include Vulnerability Tries to read a file using Simple PHP Blog
SimpleBBS name Parameter Arbitrary Command Execution Vulnerability Checks for name parameter arbitrary command execution vulnerability in SimpleBBS
SimpleBBS users disclosure Checks for the presence of users.php
SimpleBoard / Joomlaboard sbp Parameter Remote File Include Vulnerabilities Tries to read a local file using SimpleBoard / Joomlaboard
SimpleChat information disclosure Checks for the presence of data/usr
Simplicity oF Upload language Parameter File Include Vulnerability Checks for language parameter file include vulnerability in Simplicity oF Upload
Simplog <= 0.9.2 Multiple Vulnerabilities Tries to read /etc/passwd using Simplog
Singapore Gallery Multiple Flaws The presence of Singapore Gallery
Singapore MD5 Administrative Password Disclosure Checks adminusers.csv presence
SIR GNUBoard Remote File Inclusion Checks for the presence of index.php
Site@School cmsdir Parameter Remote File Include Vulnerabilities Tries to read a local file with Site@School
SiteBuilder-FX admindir Parameter Remote File Include Vulnerability Tries to read a local file using SiteBuilder-FX
SiteEnable XSS and SQL Injection Vulnerabilities Checks for XSS and SQL injection vulnerabilities in SiteEnable
Siteframe LOCAL_PATH Remote File Include Vulnerability Checks for LOCAL_PATH remote file include vulnerability in Siteframe
Siteman Page User Database Privilege Escalation Vulnerability Checks SiteMan's version
Sitemap.xml File and Directory Enumeration Checks for a web server's sitemap.xml
SiteMinder HTML Page Injection Vulnerability Checks for a flaw in SiteMinder
SIX Webboard's generate.cgi Checks for the presence of /cgi-bin/webboard/generate.cgi
Skull-Splitter Guestbook Multiple HTML Injection Vulnerabilities Skull-Splitter Guestbook Multiple HTML Injection Vulnerabilities
SLMail WebMail overflows Determines if the remote SLWebMail server is flawed
smb2www installed smb2www Command Execution
smb2www remote command execution smb2www Command Execution
Snapstream PVS web directory traversal Snapstream web directory traversal
Snif File Disclosure Checks for the version of Snif
Snitz Forums 2000 SQL injection Determine Snitz forums version
Snitz Forums Cmd execution Determine if Snitz forums is vulnerable to a cmd exec flaw
Snoop Servlet path disclosure Attempts to enumerate physical path
sojourn.cgi Checks for the presence of /cgi-bin/sojourn.cgi
SonicWall SOHO Web Interface XSS Checks SonicWall SOHO Web Interface XSS
SparkleBlog SQL Injection Checks for the presence of an SQL injection in id parameter
Sphider settings_dir Parameter Remote File Include Vulnerability Tries to read /etc/passwd using Sphider
SPiD lang_path Remote File Include Vulnerability Checks for lang_path variable file include vulnerability in SPiD
SpiderSales Shopping Cart SQL injection Checks for the presence of SpiderSales Shopping cart
spin_client.cgi buffer overrun Checks for the /cgi-bin/spin_client.cgi buffer overrun
SPIP < 1.8.2-g SQL Injection and XSS Flaws Checks for SPIP SQL injection flaw
Spyke Flaws Checks for the presence of info.dat
SQL Disclosure in Invision Power Board Detect IPB SQL Disclosure
SQL injection in Antiboard SQL Injection
SQL injection in JPortal SQL Injection
SQL injection in phpBB SQL Injection
SQL injection in phpBB (2) SQL Injection
SQL injection in phpBB (3) SQL Injection
SQL injection in phpBB Login Form SQL Injection
SQL injection in ReviewPost PHP Pro SQL Injection
SQL injection in XPression Software SQL Injection
SQL injection in XTreme ASP Photo Gallery SQL Injection in XTreme ASP Photo Gallery
SQL injections in Photopost PHP Pro SQL Injection
SQLiteManager SQLiteManager_currentTheme Cookie Local File Include Vulnerability Tries to read a local file with SQLiteManager
SQLQHit Directory Structure Disclosure SQLQHit Directory Stracture Disclosure
Squirrelcart cart_isp_root Remote File Include Vulnerability Tries to read a local file using Squirrelcart
SquirrelCart SQL Injection SQL Injection in Squirrelcart
SquirrelMail < 1.4.6 Multiple Vulnerabilities Checks for IMAP command injection in SquirrelMail
SquirrelMail < 1.45 Multiple Vulnerabilities Checks for multiple vulnerabilities in SquirrelMail < 1.45
SquirrelMail base_uri Parameter Information Disclosure Vulnerability Tries to change path parameter used by SquirrelMail cookies
SquirrelMail decodeHeader HTML injection vulnerability Check Squirrelmail for HTML injection vulnerability
SquirrelMail Detection Checks for the presence of SquirrelMail
SquirrelMail plugins Parameter Local File Include Vulnerability Tries to read file using SquirrelMail
SquirrelMail S/MIME Plug-in Remote Command Execution Vulnerability Checks for remote command execution vulnerability in SquirrelMail S/MIME Plugin
SquirrelMail session_expired_post Arbitrary Variables Overwriting Vulnerability Tries to overwrite a variable SquirrelMail
SquirrelMail's Multiple Flaws Determine if squirrelmail reads arbitrary files
Stadtaus Form Mail Script Remote File Include Vulnerability Detects file include vulnerabilities in Stadtaus' PHP Scripts
StellarDocs Path Disclosure SQL Injection and more.
StockMan Shopping Cart Command Execution determines the version of shop.plx
StockMan Shopping Cart Path disclosure determines the remote root path
store.cgi Checks for the presence of /cgi-bin/store.cgi
Stronghold Swish Checks for the presence of cgi-bin/search
Sugar Open Source Detection Checks for presence of Sugar Open Source
SugarCRM <= 4.0 beta Remote File Inclusion Vulnerability Check if SugarCRM is vulnerable to Directory Traversal and Remote File Inclusion
SugarCRM <= 4.2.0a Multiple Remote File Include Vulnerabilities Tries to read a local file using SugarCRM
SugarSales Remote File Access Checks for a file reading flaw in SugarSales
Sun Server Console Authentication Bypass Vulnerability Tries to authenticate to Server Console as admin/admin
Sun's Java Web Server remote command execution Checks for the presence of /servlet/sunexamples.BBoardServlet
SunONE Application Server source disclosure Attempts to read the source of a jsp page
SunSolve CD CGI user input validation SunSolve CD CGI scripts are vulnerable to a few user input validation problems
Super Guestbook config disclosure Checks for superguestconfig
Super-M Son hServer Directory Traversal Super-M Son hServer is vulnerable to an exploit which lets an attacker view any file that the web server has access to.
SWC Overflow Checks for the presence of /cgi-bin/swc
Sybase EAServer Default Administrator password Checks for default administrator password in Sybase EAServer
Symantec AntiVirus Scan Engine Multiple Remote Vulnerabilities Checks if Symantec Scan Engine is vulnerable
Sympa invalid LDAP password DoS Checks for sympa version
Sympa queue utility privilege escalation vulnerability Checks for sympa version
Sympa unauthorised list creation security issue Checks for sympa version
Sympa wwsympa do_search_list Overflow DoS Checks for sympa version
Synchrologic User account information disclosure Determines if Synchrologic is installed
SysCP < 1.2.11 Multiple Script Execution Vulnerabilities Checks for multiple script execution vulnerabilities in SysCP < 1.2.11
Sysinfo name Parameter Code Execution Vulnerability Tries to execute arbitrary code using Sysinfo
TalentSoft Web+ Input Validation Bug Vulnerability Checks if webplus reads any file
Talentsoft Web+ reveals install path Checks for Webplus install path disclosure
TalentSoft Web+ version detection Get the version of Web+ CGI
technote's main.cgi Checks for the presence of /technote/main.cgi
tektronix's _ncl_items.shtml Checks for the presence of _ncl_*.shtml
Terminal Services Web Detection Find instances of tsweb
test-cgi Checks for the presence of /cgi-bin/test-cgi
Tests for Nimda Worm infected HTML files Tests for Nimda Worm infected HTML files
texis.exe information disclosure Checks for texis.exe
texis.exe path disclosure Checks for texis.exe
textcounter.pl Checks for the presence of /cgi-bin/textcounter.pl
TextPortal Default Passwords Logs into the remote TextPortal interface
The Includer remote command execution flaw The Includer remote command execution detection
ThinClientServer Admin Account Creation Vulnerability Tries to create an account in ThinClientServer
TikiWiki < 1.8.6 / 1.9.1 Multiple Vulnerabilities Checks for multiple vulnerabilities in TikiWiki < 1.8.6 / 1.9.1
TikiWiki jhot.php Arbitrary File Uploads Vulnerability Tries to run a command through TikiWiki
TikiWiki multiple input validation vulnerabilities Checks the version of TikiWiki
TikiWiki multiple remote unspecified flaws Checks the version of TikiWiki
TikiWiki Unauthorized Page Access Checks the version of TikiWiki
TIPS MailPost Multiple Flaws Test the remote mailpost.exe
Tivoli LDACGI Directory Traversal IBM Tivoli Directory Traversal
toendaCMS < 0.6.2.1 Multiple Vulnerabilities Checks for multiple vulnerabilities in toendaCMS < 0.6.2.1
Tomcat 4.x JSP Source Exposure Tomcat 4.x JSP Source Exposure
Tomcat's /admin is world readable Checks for the presence of /admin
Tomcat's snoop servlet gives too much information Checks for the presence of /examples/jsp/snp/anything.snp
TorrentTrader SQL Injection Checks for the presence of SQL injection in TorrentTrader
TowerBlog Admin Bypass Checks for the presence of a TowerBlog Admin Bypassing
TrackerCam Multiple Remote Vulnerabilities Checks for flaws in TrackerCam
Trend Micro Emanager software check Check for certain Trend Micro dlls
Trend Micro ServerProtect for Linux splx_2376_info Cookie Authentication Bypass Vulnerability Tries to bypass authentication with SPLX
TrendMicro ControlManager Multiple Vulnerabilities Checks for ControlManager version
TrendMicro OfficeScan Multiple Vulnerabilities Checks for OfficeScan stack overflows
TrueGalerie admin access logs into the remote TrueGalerie installation
tst.bat CGI vulnerability Checks for the presence of /cgi-bin/tst.bat
ttawebtop Checks for the presence of /cgi-bin/ttawebtop.cgi
ttCMS code injection Attempts to include a file
ttforum multiple flaws Determines if ttforum is vulnerable to code injection
Turba Detection Checks for presence of Turba
Turba Path Disclosure Checks for status.php
Turbo Seek files reading Checks for the presence of tseekdir.cgi
TWiki configure Script Arbitrary Command Execution Vulnerability Tries to run a command using TWiki
TWiki Detection Checks for presence of TWiki
TWiki filename Parameter Directory Traversal Vulnerability Tries to read a local file with TWiki
TWiki Multiple Vulnerabilties Checks for the presence of TWiki
typo3 arbitrary file reading Reads /etc/passwd
TYPO3 cmw_linklist Extension SQL Injection Vulnerability Detects SQL injection vulnerability in TYPO3 CMW Linklist extension
TYPO3 userUid Arbitrary Command Execution Vulnerability Tries to run a command via TYPO3
UBB.threads < 6.5.2 beta Multiple Vulnerabilities Checks for multiple vulnerabilities in UBB.threads < 6.5.2 beta
UBB.threads debug Parameter Cross-Site Scripting Vulnerability Tries to exploit an XSS flaw in UBB.threads
UBB.threads Detection Checks for presence of UBB.threads
UBB.threads doeditconfig Command Injection Vulnerability Tries to exploit an command injection flaw in UBB.threads
UBB.threads dosearch.php SQL injection SQL Injection in UBB.threads
UBB.threads editpost.php SQL Injection Vulnerability Checks for SQL injection vulnerability in UBB.threads editpost.php
UBB.threads thispath Parameter Remote File Include Vulnerability Tries to read a local file using UBB.threads
Uebimiau Session Directory Disclosure Checks for the presence of sessions directory of UebiMiau
Ultimate PHP Board admin_ip.php code injection Checks for UPB
Ultimate PHP Board Information Leak Checks for UPB
Ultimate PHP Board username Parameter Arbitrary Command Execution Vulnerability Tries to run a command with Ultimate PHP Board
Ultimate PHP Board users.dat Information Disclosure Tries to get the users.dat file and checks UPB version
Ultimate PHP Board ViewForum.PHP SQL injection and XSS flaws Checks for UPB
UltraSeek 3.1.x Remote DoS Hangs the remote UltraSeek server for some time
Ultraseek < 5.7 Multiple Vulnerabilities Checks for Ultraseek < 5.7
Unify eWave ServletExec 3.0C file upload Unify eWave ServletExec 3.0C file upload
Unknown CGIs arguments torture Tortures the arguments of the remote CGIs
Unpassworded iiprotect administrative interface Determines if iisprotect is password-protected
Unprotected SiteScope Service Unprotected SiteScope Service
Upload cgi Checks for the presence of /cgi-bin/upload.cgi
uploader.exe Checks for the presence of /cgi-win/uploader.exe
UploadLite cgi Checks for the presence of /cgi-bin/upload.cgi
US Robotics Disclosed Password Check US Robotics Password Check
ustorekeeper file reading Checks for the presence of ustorekeeper.pl
Various dangerous cgi scripts Checks for dangerous cgi scripts
vBulletin <= 3.0.9 Multiple Vulnerabilities Checks for multiple vulnerabilities in vBulletin <= 3.0.9
vbulletin calendar SQL Injection Vulnerability Detect vBulletin Calendar SQL Injection
vBulletin Detection Checks for the presence of vBulletin
vBulletin Email Field Cross-Site Scripting Vulnerability Checks version number of vBulletin
vBulletin Forumdisplay.PHP Remote Command Execution Vulnerability Checks for vBulletin Forumdisplay.PHP Remote Command Execution Vulnerability
vBulletin Init.PHP unspecified vulnerability Checks the version of vBulletin
vBulletin last10.php SQL Injection Checks for the presence of an SQL and Last10
vBulletin Misc.PHP PHP Script Code Execution Vulnerability Executes phpinfo() on the remote host
vBulletin SQL injection Issue Checks the version of vBulletin
vBulletin's Calender Command Execution Vulnerability vBulletin's Calender Command Execution Vulnerability
vCard match Parameter Remote File Inclusion Vulnerability Checks for match parameter remote file inclusion vulnerability in vCard
VChat information disclosure Checks for the presence of vchat/msg.txt
Verity Ultraseek search request XSS Checks Verity Ultraseek search request XSS
VHCS check_login Authentication Bypass Vulnerability Tries to access a restricted script using VHCS
VHCS include_path Parameter Remote File Include Vulnerability Tries to read a local file using VHCS
VideoDB Multiple Vulnerabilities Checks for the version of VideoDB
ViewCVS HTTP Response Splitting viewcvs flaw
viewpage.php arbitrary file reading viewpage.php is vulnerable to an exploit which lets an attacker view any file that the cgi/httpd user has access to.
view_source Checks for the presence of /cgi-bin/view_source
Vignette Application Portal Information Disclosure Request /portal/diag
Vignette StoryServer Information Disclosure Checks the version of the remote Vignette StoryServer
Vignette StoryServer TCL code injection Checks the version of the remote Vignette StoryServer
viralator Checks for the presence of /cgi-bin/viralator.cgi
ViRobot Linux Server filescan Authentication Bypass Vulnerability Checks for authentication bypass vulnerability in ViRobot Linux Server's filescan component
ViRobot Linux Server Remote Buffer Overflow Vulnerability Checks for remote buffer overflow vulnerability in ViRobot Linux Server
VirusWall's catinfo overflow Overflow in catinfo
VisNetic / Merak Mail Server multiple flaws Checks for VisNetic Mail Server arbitrary script include
VP-ASP shopsearch SQL injection Checks for the presence of VP-ASP
VP-ASP SQL Injection (2) Performs a SQL injection against the remote shopping cart
vpasswd.cgi Checks for the presence of vpasswd.cgi
vpopmail.php command execution Determines the version of vpopmail.php
VsSetCookie.exe vulnerability Checks for the VsSetCookie.exe file
vTiger multiple flaws Checks for authentication bypass in vTiger
w-Agora <= 4.2.0 Multiple Vulnerabilities Checks for multiple vulnerabilities in w-Agora <= 4.2.0
w-Agora inc_dir Parameter Remote File Include Vulnerabilities Tries to read a local file using w-Agora
w-Agora remote directory traversal flaw Checks for directory traversal in w-Agora
w-Agora Site parameter remote directory traversal flaw Checks for directory traversal in w-Agora
w3-msql overflow Overflow in w3-msql
way-board Checks for the presence of /cgi-bin/way-board
Web DBM Remote Buffer Overflow Vulnerability Gets version of Web DBM
Web Server load balancer detection Web Server load balancer detection
Web Wiz Forums database disclosure Checks for wwforum.mdb
Web Wiz Site News / Compulsize Media CNU5 database disclosure Checks for news.mdb
Web Wiz txtUserName Parameter SQL Injection Vulnerability Checks for txtUserName Parameter SQL injection vulnerability in Web Wiz products
WEB-INF folder accessible Tests for WEB-INF folder access
WebActive world readable log file Requests /active.log
WebAdmin < 3.2.5 Multiple Vulnerabilities Checks version of WebAdmin
WebAdmin < 3.2.6 MDaemon Account Hijacking Vulnerability Checks version of WebAdmin
webadmin.dll detection Checks for the presence of webadmin.dll
webadmin.php detection Try to read /etc/passwd through webadmin.php
WEBalbum Local File Include Vulnerability Checks for file includes in index.php
WebAPP Apage.CGI remote command execution flaw Checks for apage.cgi remote command execution flaw
WebAPP Detection Checks for presence of WebAPP
WebAPP Directory Traversal Checks for a directory traversal bug in WebAPP
WebAPP File Disclosure Vulnerability Checks for file disclosure vulnerability in WebAPP
WebCalendar < 1.0.2 Multiple Vulnerabilities Checks for multiple vulnerabilities in WebCalendar < 1.0.2
WebCalendar assistant_edit.php Unauthorized Access Vulnerability Checks for assistant_edit.php unauthorized access vulnerability in WebCalendar
WebCalendar Detection Checks for presence of WebCalendar
WebCalendar file reading Checks for file reading flaw in WebCalendar
WebCalendar includedir Parameter Remote File Include Vulnerability Checks for includedir parameter remote file include vulnerability in WebCalendar
WebCalendar SQL Injection Checks for the presence of an SQL injection in view_topic.php
WebCalendar SQL Injection Vulnerability Sends a malformed cookie to the remote host
WebCalendar User Account Enumeration Disclosure Issue Checks for WebCalendar User Account Enumeration Disclosure weakness
Webcart misconfiguration Checks for the webcart misconfiguration
webcart.cgi Detects webcart.cgi
Webchat code injection Checks for the presence of Webchat's defines.php
webdist.cgi Checks for the presence of webdist.cgi
webdriver Checks for the presence of Webdriver
webERP Configuration File Remote Access Determines if webERP is installed
Webfroot shoutbox file inclusion Checks for the presence of shoutbox.php
webgais Checks for the presence of /cgi-bin/webgais
WebGUI < 6.7.3 Multiple Command Execution Vulnerabilities Checks for multiple command execution vulnerabilities in WebGUI < 6.7.3
WebGUI < 6.7.6 arbitrary command execution Checks for arbitrary remote command execution in WebGUI < 6.7.6
WebGUI Unspecified Vulnerability Checks the version of WebGUI
WebHints remote command execution flaw Checks for WebHints remote command execution flaw
WEBInsta CMS templates_dir Parameter Remote File Include Vulnerability Tries to read a local file using WEBInsta CMS
WebLibs File Disclosure Checks for the presence of a WebLibs File Disclosure
WebLogic < 8.1 SP3 Multiple Vulnerabilities Checks the version of WebLogic
WebLogic clear-text passwords Checks the version of WebLogic
WebLogic management servlet Checks the version of WebLogic
WebLogic source code disclosure Checks for WebLogic file disclosures
WebMatic Security Vulnerability Checks the version of WebMatic
Webmin / Usermin Arbitrary File Disclosure Vulnerability Tries to read a local file using miniserv.pl
Webmin / Usermin Null Filtering Vulnerabilities Checks if nulls in a URL are filtered by miniserv.pl
Webnews.exe vulnerability Checks for the Webnews.exe file
websendmail Checks for the presence of /cgi-bin/websendmail
Website Baker Admin Login SQL Injection Vulnerability Checks for admin login SQL injection vulnerability in Website Baker
Website Baker REMEMBER_KEY Cookie SQL Injection Vulnerability Tries to bypass authentication with Website Baker
WebSite pro reveals the physical file path of web directories Attempts to find the location of the remote web root
WebsitePro buffer overflow Checks for WebSitePro
WebSpeed remote configuration Checks if webspeed can be administered
webspirs.cgi Checks for the presence of webspirs.cgi
WebStores 2000 browse_item_details.asp SQL injection WebStores 2000 SQL injection
webwho plus Checks if webwho.pl is vulnerable
WF-Chat User Account Disclosure Checks for the presence of !pwds.txt
WhatsUp Gold <= 8.04 Multiple Vulnerabilities Checks for multiple vulnerabilities in WhatsUp Gold <= 8.04
Whatsup Gold vulnerable CGI Checks for the presence of /_maincfgret.cgi
WHM AutoPilot Multiple Vulnerabilities Determines if WHM AutoPilot can include third-party files
whois_raw Checks if whois_raw.cgi is vulnerable
WihPhoto file reading Checks for the presence of remotehtmlview.php
Wikka Local File Include Vulnerability Tries to read a local file in Wikka
Windmail.exe allows any user to execute arbitrary commands Checks for the presence of windmail.exe
Winmail Mail Server Information Disclosure Checks for the presence of an Information Disclosure in Winmail Mail Server
Winmail Server <= 4.2 Build 0824 Multiple Vulnerabilities Checks for multiple vulnerabilities in Winmail Server <= 4.2 Build 0824
Winmail Server Unspecified Webmail Vulnerability Checks version of Winmail Server
Woltlab Burning Board SQL injection flaw Checks SQL injection flaw in Woltlab Burning Board Database module
Woppoware PostMaster <= 4.2.2 Multiple Vulnerabilities Checks for multiple vulnerabilities in Woppoware PostMaster <= 4.2.2
Wordit Logbook File Disclosure Vulnerability Checks for the presence of logbook.pl
WordPress < 1.5.1 Multiple Vulnerabilities Checks for multiple vulnerabilities in WordPress < 1.5.1
WordPress < 1.5.1.2 Multiple Vulnerabilities Checks for multiple vulnerabilities in WordPress < 1.5.1.2
WordPress cache_lastpostdate Parameter PHP Code Injection Vulnerability Checks for cache_lastpostdate parameter PHP code injection vulnerability in WordPress
WordPress cat_ID SQL Injection Vulnerability Checks for cat_ID SQL injection vulnerability in WordPress
WordPress code/sql injection Checks for the presence of WordPress
WordPress Cross-Site Scripting / SQL Injection Checks for the presence of WordPress
WordPress Detection Checks for presence of WordPress
WordPress HTTP Splitting Vulnerability Checks for HTTP response splitting vulnerability in WordPress < 1.2.1
WordPress Multiple Flaws (XSS, HTML Injection, SQL Injection) Checks for multiple flaws in WordPress < 1.2.2
WordPress Pingback Information Disclosure Vulnerability Tries to access a local file via WordPress' Pingback
WordPress Trackback Charset Decoding SQL Injection Vulnerability Checks for SQL injection in WordPress
WordPress Trackback tb_id Parameter SQL Injection Vulnerability Tries to generate a SQL error
WowBB <= 1.61 multiple flaws Checks WowBB version
WowBB view_user.php SQL Injection Flaw Checks for SQL injection flaw in wowBB
wpoison (nasl version) Some common SQL injection techniques
WPS wps_shop.cgi remote command execution flaw Checks for WPS wps_shop.cgi remote command execution flaw
wrap Checks for the presence of /cgi-bin/wrap
wwwboard passwd.txt Checks for the presence of /wwwboard/passwd.txt
wwwwais Checks for the presence of /cgi-bin/wwwwais
X-Cart Multiple Vulnerabilities Checks for multiple vulnerabilities in X-Cart
x-news 1 Check if version of x-news 1.x is installed
X7 Chat help_file Parameter Local File Include Vulnerability Tries to read a local file using X7 Chat
X7 Chat old_prefix SQL Injection Vulnerability Checks for SQL injection flaw in X7 Chat
Xaraya module Parameter Directory Traversal Vulnerability Checks for module parameter directory traversal vulnerability in Xaraya
Xerver < 4.20 Multiple Vulnerabilities Checks for multiple vulnerabilities in Xerver < 4.20
XMB Forum < 1.9.2 Multiple Vulnerabilities Checks for multiple vulnerabilities in XMB Forum < 1.9.2
XMB SQL Injection Determine if XMB forums is vulnerable to a sql injection attack
Xoops < 2.0.12 Multiple Vulnerabilities Checks for multiple vulnerabilities in Xoops < 2.0.12
Xoops Detection Detects Xoops
Xoops Incontent Module Directory Traversal Vulnerability Checks for the presence of Xoops Incontent module
Xoops Multiple Vulnerabilities Checks for Xoops
xoops nocommon Parameter Local File Include Vulnerability Tries to read a local file using Xoops
XOOPS xoopsConfig Parameter Local File Inclusion Vulnerabilities Checks for xoopsConfig parameter local file inclusion vulnerabilities in XOOPS
YaBB Information Disclosure Checks for the presence of YaBB.pl
YaBB SE Command Execution Determine if YaBB SE can be used to execute arbitrary commands
YaBB XSS and Administrator Command Execution Checks YaBB.pl XSS
YaPiG <= 0.9.5b Multiple Vulnerabilities Checks for multiple vulnerabilities in YaPiG <= 0.9.5b
YaPiG Multiple Flaws Checks for YaPiG version
YaPiG Password Protected Directory Access Flaw Checks for YaPiG version
YaPiG Remote Server-Side Script Execution Vulnerability Checks for YaPiG version
Yawcam Directory Traversal Checks for directory traversal in Yawcam
Yaws Remote Source Code Disclosure Vulnerability Downloads the source of .yaws scripts
YusASP Web Asset Manager Vulnerability Checks for the presence of a YusASP Web Asset vulnerability
Zanfi CMS Lite Remote File Include Determines if Zanfi CMS can include third-party files
Zen Cart admin_email Parameter SQL Injection Vulnerability Checks for admin_email parameter SQL injection vulnerability in Zen Cart
Zen Cart autoLoadConfig Remote File Include Vulnerability Tries to read a local file with Zen Cart
Zen Cart custom SQL Injection Vulnerability Checks for SQL injection flaw in Zen Cart
zentrack code injection Checks for the presence of zenTrack's index.php
zenTrack Files Reading Checks for the presence of zenTrack's index.php
Zeroboard flaws Checks for Zeroboard flaws
Zeroboard flaws (2) Checks for Zeroboard flaws
Zeus shows the content of the cgi scripts Checks for Zeus
ZixForum Database Disclosure Checks for ZixForum.mdb
zml.cgi Directory Traversal zml.cgi is vulnerable to an exploit which lets an attacker view any file that the cgi/httpd user has access to.
ZPanel page Parameter Remote File Include Vulnerabilities Tries to read a local file with ZPanel


Vulnerability Scanning Solutions, LLC.