Scan report for "opensea.io"

Membership level: Free member
Nikto scan (max 60 sec) (nikto -host opensea.io -maxtime 60)
- Nikto v2.5.0
---------------------------------------------------------------------------
+ Multiple IPs found: 172.64.154.159, 104.18.33.97, 2606:4700:4400::ac40:9a9f, 2606:4700:4400::6812:2161
+ Target IP:          172.64.154.159
+ Target Hostname:    opensea.io
+ Target Port:        80
+ Start Time:         2024-04-20 15:24:25 (GMT-4)
---------------------------------------------------------------------------
+ Server: cloudflare
+ /: IP address found in the '__cf_bm' cookie. The IP is "1.0.1.1".
+ /: IP address found in the 'set-cookie' header. The IP is "1.0.1.1". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ /KTrXvRsB.old: IP address found in the '_cfuvid' cookie. The IP is "0.0.1.1".
+ /KTrXvRsB.2: IP address found in the 'report-to' header. The IP is "1.0.1.1". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ /KTrXvRsB.2: IP address found in the 'content-security-policy-report-only' header. The IP is "1.0.1.1". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ /cgi.cgi/cart32.exe: request cart32.exe/cart32clientlist.
+ /cgis/cart32.exe: request cart32.exe/cart32clientlist.
+ /scripts/cart32.exe: request cart32.exe/cart32clientlist.
+ /cgi-perl/cart32.exe: request cart32.exe/cart32clientlist.
+ /webcgi/classified.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi/classified.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /mpcgi/classified.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /scripts/classified.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /fcgi-bin/classified.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi.cgi/download.cgi: Check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article
+ /webcgi/download.cgi: Check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article
+ /mpcgi/download.cgi: Check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgibin/download.cgi: Check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article
+ /fcgi-bin/download.cgi: Check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-perl/download.cgi: Check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi.cgi/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /webcgi/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /cgi/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /mpcgi/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /cgis/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /scripts/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /fcgi-bin/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /webcgi/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /mpcgi/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /cgibin/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /cgis/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /scripts/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /cgi.cgi/lwgate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /webcgi/lwgate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi/lwgate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgibin/lwgate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /scripts/lwgate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /webcgi/LWGate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /scripts/LWGate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /fcgi-bin/LWGate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /webcgi/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /scripts/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi.cgi/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /mpcgi/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgibin/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgis/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /scripts/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-perl/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-perl/perlshop.cgi: v3.1 by ARPAnet.com; check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article
+ /tiki/tiki-install.php: Tiki 1.7.2 and previous allowed restricted Wiki pages to be viewed via a 'URL trick'. Default login/pass could be admin/admin.
+ /scripts/samples/details.idc: NT ODBC Remote Compromise. See: http://attrition.org/security/advisory/individual/rfp/rfp.9901.nt_odbc
+ /cgi.cgi/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners.
+ /cgi/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners.
+ /cgi-perl/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners.
+ /webcgi/finger: finger other users, may be other commands?.
+ /cgi/finger: finger other users, may be other commands?.
+ /mpcgi/finger: finger other users, may be other commands?.
+ /cgibin/finger: finger other users, may be other commands?.
+ /cgis/finger: finger other users, may be other commands?.
+ /scripts/finger: finger other users, may be other commands?.
+ /fcgi-bin/finger: finger other users, may be other commands?.
+ /cgi.cgi/finger.pl: finger other users, may be other commands?.
+ /webcgi/finger.pl: finger other users, may be other commands?.
+ /mpcgi/finger.pl: finger other users, may be other commands?.
+ /cgibin/finger.pl: finger other users, may be other commands?.
+ /fcgi-bin/finger.pl: finger other users, may be other commands?.
+ /webcgi/get32.exe: This can allow attackers to execute arbitrary commands remotely.
+ /cgis/get32.exe: This can allow attackers to execute arbitrary commands remotely.
+ /fcgi-bin/get32.exe: This can allow attackers to execute arbitrary commands remotely.
+ /cgi-perl/get32.exe: This can allow attackers to execute arbitrary commands remotely.
+ /cgi.cgi/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /cgi/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /mpcgi/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /cgis/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /cgi-perl/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /cgi.cgi/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /webcgi/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /cgi.cgi/photo/protected/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems.
+ /webcgi/photo/protected/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems.
+ /mpcgi/photo/protected/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems.
+ /cgibin/photo/protected/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems.
+ /cgis/photo/protected/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems.
+ /scripts/photo/protected/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems.
+ /fcgi-bin/photo/protected/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems.
+ /cgi-perl/photo/protected/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems.
+ /webcgi/wrap.cgi: Allows viewing of directories.
+ /cgi/wrap.cgi: Allows viewing of directories.
+ /mpcgi/wrap.cgi: Allows viewing of directories.
+ /cgis/wrap.cgi: Allows viewing of directories.
+ /fcgi-bin/wrap.cgi: Allows viewing of directories.
+ /cgi-bin/wrap: Allows viewing of directories.
+ /forums//administrator/config.php: PHP Config file may contain database IDs and passwords.
+ /hola/admin/cms/htmltags.php?datei=./sec/data.php: hola-cms-1.2.9-10 may reveal the administrator ID and password. See: https://vulners.com/exploitdb/EDB-ID:23027
+ /inc/common.load.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1253
+ /cgi.cgi/visadmin.exe: This CGI allows an attacker to crash the web server. Remove it from the CGI directory.
+ /cgi/visadmin.exe: This CGI allows an attacker to crash the web server. Remove it from the CGI directory.
+ /mpcgi/visadmin.exe: This CGI allows an attacker to crash the web server. Remove it from the CGI directory.
+ /cgibin/visadmin.exe: This CGI allows an attacker to crash the web server. Remove it from the CGI directory.
+ /cgis/visadmin.exe: This CGI allows an attacker to crash the web server. Remove it from the CGI directory.
+ /cgi/html2chtml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more.
+ /mpcgi/html2chtml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more.
+ /scripts/html2chtml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more.
+ /cgi-perl/html2chtml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more.
+ /cgi.cgi/html2wml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more.
+ /webcgi/html2wml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more.
+ /cgi/html2wml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more.
+ /mpcgi/html2wml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more.
+ /scripts/html2wml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more.
+ /fcgi-bin/html2wml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more.
+ /cgi-perl/html2wml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more.
+ /cgi/echo.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands.
+ /cgis/echo.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands.
+ /fcgi-bin/echo.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands.
+ /cgi-perl/echo.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands.
+ /webcgi/guestbook.cgi: May allow attackers to execute commands as the web daemon.
+ /cgi/guestbook.cgi: May allow attackers to execute commands as the web daemon.
+ /cgibin/guestbook.cgi: May allow attackers to execute commands as the web daemon.
+ /cgi-perl/guestbook.cgi: May allow attackers to execute commands as the web daemon.
+ /webcgi/guestbook.pl: May allow attackers to execute commands as the web daemon.
+ /cgi/guestbook.pl: May allow attackers to execute commands as the web daemon.
+ /mpcgi/guestbook.pl: May allow attackers to execute commands as the web daemon.
+ /fcgi-bin/guestbook.pl: May allow attackers to execute commands as the web daemon.
+ /cgi.cgi/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.
+ /webcgi/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.
+ /cgi/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.
+ /cgis/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.
+ /scripts/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.
+ /cgi-perl/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.
+ /geeklog/users.php: Geeklog prior to 1.3.8-1sr2 contains a SQL injection vulnerability that lets a remote attacker reset admin password. See: https://vulners.com/osvdb/OSVDB:2703
+ /gb/index.php?login=true: gBook may allow admin login by setting the value 'login' equal to 'true'. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1560
+ /guestbook/admin.php: Guestbook admin page available without authentication.
+ /mpcgi/gH.cgi: Web backdoor by gH.
+ /scripts/gH.cgi: Web backdoor by gH.
+ /fcgi-bin/gH.cgi: Web backdoor by gH.
+ /cgi-perl/gH.cgi: Web backdoor by gH.
+ /webcgi/gm-cplog.cgi: GreyMatter log file defaults to mode 666 and contains login and passwords used to update the GM site. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /cgi/gm-cplog.cgi: GreyMatter log file defaults to mode 666 and contains login and passwords used to update the GM site. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /scripts/gm-cplog.cgi: GreyMatter log file defaults to mode 666 and contains login and passwords used to update the GM site. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /webcgi/gm.cgi: GreyMatter blogger may reveal user IDs/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /fcgi-bin/gm.cgi: GreyMatter blogger may reveal user IDs/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /webcgi/AT-admin.cgi: Admin interface.
+ /mpcgi/AT-admin.cgi: Admin interface.
+ /cgibin/AT-admin.cgi: Admin interface.
+ /fcgi-bin/AT-admin.cgi: Admin interface.
+ /mpcgi/auth_data/auth_user_file.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821 https://packetstormsecurity.com/files/32406/xmas.txt.html
+ /cgibin/auth_data/auth_user_file.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821 https://packetstormsecurity.com/files/32406/xmas.txt.html
+ /scripts/auth_data/auth_user_file.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821 https://packetstormsecurity.com/files/32406/xmas.txt.html
+ /fcgi-bin/auth_data/auth_user_file.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821 https://packetstormsecurity.com/files/32406/xmas.txt.html
+ /cgi-perl/auth_data/auth_user_file.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821 https://packetstormsecurity.com/files/32406/xmas.txt.html
+ /cgi.cgi/mt-static/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.
+ /webcgi/mt-static/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.
+ /cgis/mt-static/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.
+ /scripts/mt-static/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.
+ /cgi.cgi/mt/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.
+ /cgi/mt/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.
+ /mpcgi/mt/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.
+ /cgibin/mt/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.
+ /fcgi-bin/mt/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.
+ /cgi-perl/mt/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.
+ /cgi.cgi/banner.cgi: This CGI may allow attackers to read any file on the system.
+ /webcgi/banner.cgi: This CGI may allow attackers to read any file on the system.
+ /mpcgi/banner.cgi: This CGI may allow attackers to read any file on the system.
+ /cgis/banner.cgi: This CGI may allow attackers to read any file on the system.
+ /scripts/banner.cgi: This CGI may allow attackers to read any file on the system.
+ /cgibin/bannereditor.cgi: This CGI may allow attackers to read any file on the system.
+ /cgis/bannereditor.cgi: This CGI may allow attackers to read any file on the system.
+ /scripts/bannereditor.cgi: This CGI may allow attackers to read any file on the system.
+ /cgi.cgi/architext_query.pl: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.
+ /mpcgi/architext_query.pl: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.
+ /fcgi-bin/architext_query.pl: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.
+ /cgi-perl/architext_query.pl: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.
+ /cgi.cgi/bizdb1-search.cgi: This CGI may allow attackers to execute commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0287
+ /mpcgi/bizdb1-search.cgi: This CGI may allow attackers to execute commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0287
+ /cgibin/bizdb1-search.cgi: This CGI may allow attackers to execute commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0287
+ /cgi-perl/bizdb1-search.cgi: This CGI may allow attackers to execute commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0287
+ /mpcgi/blog/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload.
+ /cgibin/blog/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload.
+ /cgis/blog/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload.
+ /scripts/blog/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload.
+ /cgi-perl/blog/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload.
+ /vgn/performance/TMT: Vignette CMS admin/maintenance script available.
+ /vgn/performance/TMT/Report/XML: Vignette CMS admin/maintenance script available.
+ /vgn/previewer: Vignette CMS admin/maintenance script available.
+ /vgn/record/previewer: Vignette CMS admin/maintenance script available.
+ /vgn/vr/Deleting: Vignette CMS admin/maintenance script available.
+ /vgn/vr/Editing: Vignette CMS admin/maintenance script available.
+ /vgn/vr/Saving: Vignette CMS admin/maintenance script available.
+ /vgn/vr/Select: Vignette CMS admin/maintenance script available.
+ /bigconf.cgi: BigIP Configuration CGI.
+ /vgn/style: Vignette server may reveal system information through this file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0401
+ /SiteServer/Admin/commerce/foundation/domain.asp: Displays known domains of which that server is involved. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1769
+ /SiteServer/Admin/commerce/foundation/driver.asp: Displays a list of installed ODBC drivers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1769
+ /SiteServer/Admin/commerce/foundation/DSN.asp: Displays all DSNs configured for selected ODBC drivers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1769
+ /cgi.cgi/moin.cgi?test: MoinMoin 1.1 and prior contain at least two XSS vulnerabilities. Version 1.0 and prior also contains a XSLT related vulnerability. See: http://moinmo.in/MoinMoinDownload
+ /cgis/moin.cgi?test: MoinMoin 1.1 and prior contain at least two XSS vulnerabilities. Version 1.0 and prior also contains a XSLT related vulnerability. See: http://moinmo.in/MoinMoinDownload
+ /bb-dnbd/faxsurvey: This may allow arbitrary command execution.
+ /scripts/tools/dsnform.exe: Allows creation of ODBC Data Source.
+ /scripts/tools/dsnform: Allows creation of ODBC Data Source.
+ /SiteServer/Admin/knowledge/dsmgr/users/GroupManager.asp: Microsoft Site Server script used to create, modify, and potentially delete LDAP users and groups. See: https://securitytracker.com/id/1003420
+ /PDG_Cart/order.log: PDG Commerce log found. See: http://zodi.com/cgi-bin/shopper.cgi?display=intro&template=Intro/commerce.html
+ /ows/restricted%2eshow: OWS may allow restricted files to be viewed by replacing a character with its encoded equivalent.
+ /officescan/cgi/cgiChkMasterPwd.exe: Trend Micro Officescan allows you to skip the login page and access some CGI programs directly. See: https://web.archive.org/web/20030607054822/http://support.microsoft.com/support/exchange/content/whitepapers/owaguide.doc
+ /webcgi/astrocam.cgi: Astrocam 1.4.1 contained buffer overflow. Prior to 2.1.3 contained unspecified security bugs. See: http://www.securityfocus.com/bid/4684
+ /cgibin/astrocam.cgi: Astrocam 1.4.1 contained buffer overflow. Prior to 2.1.3 contained unspecified security bugs. See: http://www.securityfocus.com/bid/4684
+ /cgi-perl/astrocam.cgi: Astrocam 1.4.1 contained buffer overflow. Prior to 2.1.3 contained unspecified security bugs. See: http://www.securityfocus.com/bid/4684
+ /webcgi/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded.
+ /cgis/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded.
+ /cgi-perl/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded.
+ /cgis/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098
+ /scripts/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098
+ /cgi-perl/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098
+ /webcgi/ezadmin.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /mpcgi/ezadmin.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /cgibin/ezadmin.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /scripts/ezadmin.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /cgibin/ezboard.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /cgi-perl/ezboard.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /webcgi/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /cgi/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /cgibin/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /scripts/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /fcgi-bin/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /cgi-perl/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /mpcgi/foxweb.exe: Foxweb 2.5 and below is vulnerable to a buffer overflow (not tested or confirmed). Verify Foxweb is the latest available version. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0762
+ /cgis/foxweb.exe: Foxweb 2.5 and below is vulnerable to a buffer overflow (not tested or confirmed). Verify Foxweb is the latest available version. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0762
+ /cgi.cgi/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x.
+ /cgi/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x.
+ /fcgi-bin/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x.
+ /cgi-perl/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x.
+ /administrator/gallery/uploadimage.php: Mambo PHP Portal/Server 4.0.12 BETA and below may allow upload of any file type simply putting '.jpg' before the real file extension.
+ /cgi/uploader.exe: This CGI allows attackers to upload files to the server and then execute them.
+ /mpcgi/uploader.exe: This CGI allows attackers to upload files to the server and then execute them.
+ /cgis/uploader.exe: This CGI allows attackers to upload files to the server and then execute them.
+ /cgi-perl/uploader.exe: This CGI allows attackers to upload files to the server and then execute them.
+ /upload.asp: An ASP page that allows attackers to upload files to server.
+ /uploadn.asp: An ASP page that allows attackers to upload files to server.
+ /uploadx.asp: An ASP page that allows attackers to upload files to server.
+ /wa.exe: An ASP page that allows attackers to upload files to server.
+ /cgi/fpsrvadm.exe: Potentially vulnerable CGI program.
+ /cgis/fpsrvadm.exe: Potentially vulnerable CGI program.
+ /scripts/fpsrvadm.exe: Potentially vulnerable CGI program.
+ /fcgi-bin/fpsrvadm.exe: Potentially vulnerable CGI program.
+ /cgi-perl/fpsrvadm.exe: Potentially vulnerable CGI program.
+ /vgn/ac/esave: Vignette CMS admin/maintenance script available.
+ /vgn/ac/index: Vignette CMS admin/maintenance script available.
+ /vgn/asp/previewer: Vignette CMS admin/maintenance script available.
+ /vgn/asp/status: Vignette CMS admin/maintenance script available.
+ /vgn/asp/style: Vignette CMS admin/maintenance script available.
+ /vgn/errors: Vignette CMS admin/maintenance script available.
+ /vgn/jsp/controller: Vignette CMS admin/maintenance script available.
+ /vgn/jsp/jspstatus56: Vignette CMS admin/maintenance script available.
+ /vgn/jsp/metadataupdate: Vignette CMS admin/maintenance script available.
+ /vgn/jsp/previewer: Vignette CMS admin/maintenance script available.
+ /vgn/legacy/edit: Vignette CMS admin/maintenance script available.
+ /webcgi/mailit.pl: Sambar may allow anonymous email to be sent from any host via this CGI. See: https://vulners.com/nessus/SAMBAR_MAILIT.NASL
+ /cgi/mailit.pl: Sambar may allow anonymous email to be sent from any host via this CGI. See: https://vulners.com/nessus/SAMBAR_MAILIT.NASL
+ /mpcgi/mailit.pl: Sambar may allow anonymous email to be sent from any host via this CGI. See: https://vulners.com/nessus/SAMBAR_MAILIT.NASL
+ /cgibin/mailit.pl: Sambar may allow anonymous email to be sent from any host via this CGI. See: https://vulners.com/nessus/SAMBAR_MAILIT.NASL
+ /scripts/mailit.pl: Sambar may allow anonymous email to be sent from any host via this CGI. See: https://vulners.com/nessus/SAMBAR_MAILIT.NASL
+ /administrator/config.php: PHP Config file may contain database IDs and passwords.
+ /cgi.cgi/%2e%2e/abyss.conf: The Abyss configuration file was successfully retrieved. Upgrade with the latest version/patches for 1.0. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0544
+ /webcgi/%2e%2e/abyss.conf: The Abyss configuration file was successfully retrieved. Upgrade with the latest version/patches for 1.0. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0544
+ /cgi/%2e%2e/abyss.conf: The Abyss configuration file was successfully retrieved. Upgrade with the latest version/patches for 1.0. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0544
+ /cgis/%2e%2e/abyss.conf: The Abyss configuration file was successfully retrieved. Upgrade with the latest version/patches for 1.0. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0544
+ /scripts/%2e%2e/abyss.conf: The Abyss configuration file was successfully retrieved. Upgrade with the latest version/patches for 1.0. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0544
+ /contents.php?new_language=elvish&mode=select: Requesting a file with an invalid language selection from DC Portal may reveal the system path.
+ /shopa_sessionlist.asp: VP-ASP shopping cart test application is available from the web. This page may give the location of .mdb files which may also be available.
+ /typo3conf/localconf.php: TYPO3 config file found.
+ /cms/typo3conf/localconf.php: TYPO3 config file found.
+ /typo/typo3conf/localconf.php: TYPO3 config file found.
+ /webcart-lite/orders/import.txt: This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web. See: https://packetstormsecurity.com/files/32406/xmas.txt.html
+ /ws_ftp.ini: Can contain saved passwords for FTP sites.
+ /WS_FTP.ini: Can contain saved passwords for FTP sites.
+ /cgi.cgi/MsmMask.exe: MondoSearch 4.4 may allow source code viewing by requesting MsmMask.exe?mask=/filename.asp where 'filename.asp' is a real ASP file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1528
+ /webcgi/MsmMask.exe: MondoSearch 4.4 may allow source code viewing by requesting MsmMask.exe?mask=/filename.asp where 'filename.asp' is a real ASP file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1528
+ /mpcgi/MsmMask.exe: MondoSearch 4.4 may allow source code viewing by requesting MsmMask.exe?mask=/filename.asp where 'filename.asp' is a real ASP file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1528
+ /scripts/MsmMask.exe: MondoSearch 4.4 may allow source code viewing by requesting MsmMask.exe?mask=/filename.asp where 'filename.asp' is a real ASP file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1528
+ /fcgi-bin/MsmMask.exe: MondoSearch 4.4 may allow source code viewing by requesting MsmMask.exe?mask=/filename.asp where 'filename.asp' is a real ASP file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1528
+ /SiteServer/Admin/knowledge/persmbr/VsLsLpRd.asp: Expose various LDAP service and backend configuration parameters. See: https://vulners.com/osvdb/OSVDB:17661
+ /SiteServer/Admin/knowledge/persmbr/VsPrAuoEd.asp: Expose various LDAP service and backend configuration parameters. See: https://vulners.com/osvdb/OSVDB:17662
+ /tvcs/getservers.exe?action=selects1: Following steps 2-4 of this page may reveal a zip file that contains passwords and system details.
+ /nsn/fdir.bas:ShowVolume: You can use ShowVolume and ShowDirectory directly on the Novell server (NW5.1) to view the filesystem without having to log in.
+ /webcgi/addbanner.cgi: This CGI may allow attackers to read any file on the system.
+ /cgi/addbanner.cgi: This CGI may allow attackers to read any file on the system.
+ /mpcgi/addbanner.cgi: This CGI may allow attackers to read any file on the system.
+ /cgis/addbanner.cgi: This CGI may allow attackers to read any file on the system.
+ /cgi-perl/addbanner.cgi: This CGI may allow attackers to read any file on the system.
+ /cgi.cgi/aglimpse.cgi: This CGI may allow attackers to execute remote commands.
+ /mpcgi/aglimpse.cgi: This CGI may allow attackers to execute remote commands.
+ /cgibin/aglimpse.cgi: This CGI may allow attackers to execute remote commands.
+ /scripts/aglimpse.cgi: This CGI may allow attackers to execute remote commands.
+ /fcgi-bin/aglimpse.cgi: This CGI may allow attackers to execute remote commands.
+ /cgi-perl/aglimpse.cgi: This CGI may allow attackers to execute remote commands.
+ /cgi.cgi/aglimpse: This CGI may allow attackers to execute remote commands.
+ /webcgi/aglimpse: This CGI may allow attackers to execute remote commands.
+ /cgi/aglimpse: This CGI may allow attackers to execute remote commands.
+ /mpcgi/aglimpse: This CGI may allow attackers to execute remote commands.
+ /cgis/aglimpse: This CGI may allow attackers to execute remote commands.
+ /scripts/aglimpse: This CGI may allow attackers to execute remote commands.
+ /cgi.cgi/architext_query.cgi: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.
+ /cgi/architext_query.cgi: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.
+ /mpcgi/architext_query.cgi: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.
+ /fcgi-bin/architext_query.cgi: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.
+ /cgi-perl/architext_query.cgi: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.
+ /servlet/SchedulerTransfer: PeopleSoft SchedulerTransfer servlet found, which may allow remote command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0104
+ /cgi.cgi/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands.
+ /webcgi/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands.
+ /cgi/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands.
+ /cgibin/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands.
+ /cgis/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands.
+ /scripts/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands.
+ /webcgi/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands.
+ /mpcgi/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands.
+ /cgibin/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands.
+ /cgis/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands.
+ /scripts/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands.
+ /webcgi/hello.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands.
+ /mpcgi/hello.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands.
+ /cgibin/hello.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands.
+ /cgis/hello.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands.
+ /fcgi-bin/hello.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands.
+ /cgi-perl/hello.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands.
+ /perl/-e%20print%20Hello: The Perl interpreter on the Novell system may allow any command to be executed. See: http://www.securityfocus.com/bid/5520
+ /quikstore.cgi: A shopping cart.
+ /smg_Smxcfg30.exe?vcc=3560121183d3: This may be a Trend Micro Officescan 'backdoor'.
+ /nsn/..%5Cutil/copy.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/del.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/dsbrowse.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/md.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/rd.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/set.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/type.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/userlist.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /cgis/archie: Gateway to the unix command, may be able to submit extra commands.
+ /scripts/archie: Gateway to the unix command, may be able to submit extra commands.
+ /fcgi-bin/archie: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-perl/archie: Gateway to the unix command, may be able to submit extra commands.
+ /cgi/calendar.pl: Gateway to the unix command, may be able to submit extra commands.
+ /cgibin/calendar.pl: Gateway to the unix command, may be able to submit extra commands.
+ /cgis/calendar.pl: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-perl/calendar.pl: Gateway to the unix command, may be able to submit extra commands.
+ /webcgi/calendar: Gateway to the unix command, may be able to submit extra commands.
+ /cgis/calendar: Gateway to the unix command, may be able to submit extra commands.
+ /fcgi-bin/calendar: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-perl/calendar: Gateway to the unix command, may be able to submit extra commands.
+ /webcgi/date: Gateway to the unix command, may be able to submit extra commands.
+ /cgi/date: Gateway to the unix command, may be able to submit extra commands.
+ /fcgi-bin/date: Gateway to the unix command, may be able to submit extra commands.
+ /cgi.cgi/fortune: Gateway to the unix command, may be able to submit extra commands.
+ /cgi/fortune: Gateway to the unix command, may be able to submit extra commands.
+ /mpcgi/fortune: Gateway to the unix command, may be able to submit extra commands.
+ /scripts/fortune: Gateway to the unix command, may be able to submit extra commands.
+ /cgi.cgi/redirect: Redirects via URL from form.
+ /webcgi/redirect: Redirects via URL from form.
+ /cgibin/redirect: Redirects via URL from form.
+ /scripts/redirect: Redirects via URL from form.
+ /cgi.cgi/uptime: Gateway to the unix command, may be able to submit extra commands.
+ /webcgi/uptime: Gateway to the unix command, may be able to submit extra commands.
+ /cgi/uptime: Gateway to the unix command, may be able to submit extra commands.
+ /mpcgi/uptime: Gateway to the unix command, may be able to submit extra commands.
+ /cgis/uptime: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-perl/uptime: Gateway to the unix command, may be able to submit extra commands.
+ /cgi.cgi/wais.pl: Gateway to the unix command, may be able to submit extra commands.
+ /fcgi-bin/wais.pl: Gateway to the unix command, may be able to submit extra commands.
+ /LOGIN.PWD: MIPCD password file with unencrypted passwords. MIPDCD should not have the web interface enabled.
+ /USER/CONFIG.AP: MIPCD configuration information. MIPCD should not have the web interface enabled.
+ /cgi.cgi/mail: Simple Perl mailing script to send form data to a pre-configured email address.
+ /webcgi/mail: Simple Perl mailing script to send form data to a pre-configured email address.
+ /cgi/mail: Simple Perl mailing script to send form data to a pre-configured email address.
+ /cgis/mail: Simple Perl mailing script to send form data to a pre-configured email address.
+ /scripts/mail: Simple Perl mailing script to send form data to a pre-configured email address.
+ /fcgi-bin/mail: Simple Perl mailing script to send form data to a pre-configured email address.
+ /cgi.cgi/nph-error.pl: Gives more information in error messages.
+ /webcgi/nph-error.pl: Gives more information in error messages.
+ /cgi/nph-error.pl: Gives more information in error messages.
+ /cgibin/nph-error.pl: Gives more information in error messages.
+ /cgis/nph-error.pl: Gives more information in error messages.
+ /scripts/nph-error.pl: Gives more information in error messages.
+ /fcgi-bin/nph-error.pl: Gives more information in error messages.
+ /cgi-perl/nph-error.pl: Gives more information in error messages.
+ /cgi.cgi/query: Echoes back result of your GET.
+ /cgibin/query: Echoes back result of your GET.
+ /cgis/query: Echoes back result of your GET.
+ /fcgi-bin/query: Echoes back result of your GET.
+ /cgi-perl/query: Echoes back result of your GET.
+ /webcgi/test-cgi.tcl: May echo environment variables or give directory listings.
+ /cgi/test-cgi.tcl: May echo environment variables or give directory listings.
+ /cgibin/test-cgi.tcl: May echo environment variables or give directory listings.
+ /fcgi-bin/test-cgi.tcl: May echo environment variables or give directory listings.
+ /cgi.cgi/test-env: May echo environment variables or give directory listings.
+ /mpcgi/test-env: May echo environment variables or give directory listings.
+ /cgibin/test-env: May echo environment variables or give directory listings.
+ /scripts/test-env: May echo environment variables or give directory listings.
+ /cgi-perl/test-env: May echo environment variables or give directory listings.
+ /admin-serv/config/admpw: This file contains the encrypted Netscape admin password. It should not be accessible via the web.
+ /cgi-bin/cgi_process: WASD reveals a lot of system information in this script. It should be removed.
+ /local/httpd$map.conf: WASD reveals the http configuration file. Upgrade to a later version and secure according to the documents on the WASD web site.
+ /tree: WASD Server reveals the entire web root structure and files via this URL. Upgrade to a later version and secure according to the documents on the WASD web site.
+ /cgis/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821 https://packetstormsecurity.com/files/32406/xmas.txt.html
+ /scripts/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821 https://packetstormsecurity.com/files/32406/xmas.txt.html
+ /cgi-perl/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821 https://packetstormsecurity.com/files/32406/xmas.txt.html
+ /cgi.cgi/cgitest.exe: This CGI allows remote users to download other CGI source code. May have a buffer overflow in the User-Agent header.
+ /webcgi/cgitest.exe: This CGI allows remote users to download other CGI source code. May have a buffer overflow in the User-Agent header.
+ /mpcgi/cgitest.exe: This CGI allows remote users to download other CGI source code. May have a buffer overflow in the User-Agent header.
+ /cgibin/cgitest.exe: This CGI allows remote users to download other CGI source code. May have a buffer overflow in the User-Agent header.
+ /cgis/cgitest.exe: This CGI allows remote users to download other CGI source code. May have a buffer overflow in the User-Agent header.
+ /examples/servlet/AUX: Apache Tomcat versions below 4.1 may be vulnerable to DoS by repeatedly requesting this file.
+ /webcgi/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools may be vulnerable to a DoS by requesting hpnst.exe?c=p+i=hpnst.exe multiple times. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0169
+ /mpcgi/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools may be vulnerable to a DoS by requesting hpnst.exe?c=p+i=hpnst.exe multiple times. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0169
+ /cgis/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools may be vulnerable to a DoS by requesting hpnst.exe?c=p+i=hpnst.exe multiple times. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0169
+ /scripts/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools may be vulnerable to a DoS by requesting hpnst.exe?c=p+i=hpnst.exe multiple times. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0169
+ /fcgi-bin/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools may be vulnerable to a DoS by requesting hpnst.exe?c=p+i=hpnst.exe multiple times. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0169
+ /cgi-perl/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools may be vulnerable to a DoS by requesting hpnst.exe?c=p+i=hpnst.exe multiple times. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0169
+ /contents/extensions/asp/1: The IIS system may be vulnerable to a DOS. See: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/MS02-018
+ /cgi.cgi/Pbcgi.exe?bcgiu4: Sambar may be vulnerable to a DOS when a long string is passed to Pbcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128
+ /webcgi/Pbcgi.exe?bcgiu4: Sambar may be vulnerable to a DOS when a long string is passed to Pbcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128
+ /scripts/Pbcgi.exe?bcgiu4: Sambar may be vulnerable to a DOS when a long string is passed to Pbcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128
+ /mpcgi/testcgi.exe: Sambar may be vulnerable to a DOS when a long string is passed to testcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128
+ /cgis/testcgi.exe: Sambar may be vulnerable to a DOS when a long string is passed to testcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128
+ /cgi-win/cgitest.exe: This CGI may allow the server to be crashed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128
+ /cgi/snorkerz.bat: Arguments passed to DOS CGI without checking.
+ /scripts/snorkerz.bat: Arguments passed to DOS CGI without checking.
+ /cgi-perl/snorkerz.bat: Arguments passed to DOS CGI without checking.
+ /cgi-shl/win-c-sample.exe: win-c-sample.exe has a buffer overflow.
+ /cgi.cgi/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756
+ /mpcgi/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756
+ /fcgi-bin/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756
+ /phpBB/My_eGallery/public/displayCategory.php: My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6795
+ /cgi.cgi/classifieds/index.cgi: My Classifieds pre 2.12 is vulnerable to SQL injection attacks.
+ /scripts/classifieds/index.cgi: My Classifieds pre 2.12 is vulnerable to SQL injection attacks.
+ /author.asp: May be FactoSystem CMS, which could include SQL injection problems that could not be tested remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1499
+ /cgi/myguestbook.cgi?action=view: myGuestBook 1.0 may be vulnerable to Cross Site Scripting (XSS) in posted contents. Upgrade to the latest version.
+ /mpcgi/myguestbook.cgi?action=view: myGuestBook 1.0 may be vulnerable to Cross Site Scripting (XSS) in posted contents. Upgrade to the latest version.
+ /fcgi-bin/myguestbook.cgi?action=view: myGuestBook 1.0 may be vulnerable to Cross Site Scripting (XSS) in posted contents. Upgrade to the latest version.
+ /webcgi/diagnose.cgi: This COWS (CGI Online Worldweb Shopping) script may give system information to attackers, and may be vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1680
+ /cgi/diagnose.cgi: This COWS (CGI Online Worldweb Shopping) script may give system information to attackers, and may be vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1680
+ /mpcgi/diagnose.cgi: This COWS (CGI Online Worldweb Shopping) script may give system information to attackers, and may be vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1680
+ /cgibin/diagnose.cgi: This COWS (CGI Online Worldweb Shopping) script may give system information to attackers, and may be vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1680
+ /scripts/diagnose.cgi: This COWS (CGI Online Worldweb Shopping) script may give system information to attackers, and may be vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1680
+ /fcgi-bin/diagnose.cgi: This COWS (CGI Online Worldweb Shopping) script may give system information to attackers, and may be vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1680
+ /modules.php?letter=%22%3E%3Cimg%20src=javascript:alert(document.cookie);%3E&op=modload&name=Members_List&file=index: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS).
+ /anthill/login.php: Anthill bug tracking system may be installed. Versions lower than 0.1.6.1 allow XSS and may allow users to bypass login requirements.
+ /webcgi/title.cgi: HNS's title.cgi is vulnerable to Cross Site Scripting (XSS http://www.cert.org/advisories/CA-2000-02.html) in version 2.00 and earlier, and Lite 0.8 and earlier. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2115
+ /mpcgi/title.cgi: HNS's title.cgi is vulnerable to Cross Site Scripting (XSS http://www.cert.org/advisories/CA-2000-02.html) in version 2.00 and earlier, and Lite 0.8 and earlier. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2115
+ /cgis/title.cgi: HNS's title.cgi is vulnerable to Cross Site Scripting (XSS http://www.cert.org/advisories/CA-2000-02.html) in version 2.00 and earlier, and Lite 0.8 and earlier. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2115
+ /scripts/title.cgi: HNS's title.cgi is vulnerable to Cross Site Scripting (XSS http://www.cert.org/advisories/CA-2000-02.html) in version 2.00 and earlier, and Lite 0.8 and earlier. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2115
+ /cgi-perl/title.cgi: HNS's title.cgi is vulnerable to Cross Site Scripting (XSS http://www.cert.org/advisories/CA-2000-02.html) in version 2.00 and earlier, and Lite 0.8 and earlier. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2115
+ /cgi.cgi/compatible.cgi: This COWS (CGI Online Worldweb Shopping) script may give system information to attackers, and may be vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1680
+ /webcgi/compatible.cgi: This COWS (CGI Online Worldweb Shopping) script may give system information to attackers, and may be vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1680
+ /cgi/compatible.cgi: This COWS (CGI Online Worldweb Shopping) script may give system information to attackers, and may be vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1680
+ /mpcgi/compatible.cgi: This COWS (CGI Online Worldweb Shopping) script may give system information to attackers, and may be vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1680
+ /scripts/compatible.cgi: This COWS (CGI Online Worldweb Shopping) script may give system information to attackers, and may be vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1680
+ /cgi.cgi/probecontrol.cgi?command=enable&username=cancer&password=killer: This might be interesting: has been seen in web logs from a scanner.
+ /webcgi/probecontrol.cgi?command=enable&username=cancer&password=killer: This might be interesting: has been seen in web logs from a scanner.
+ /mpcgi/probecontrol.cgi?command=enable&username=cancer&password=killer: This might be interesting: has been seen in web logs from a scanner.
+ /cgibin/probecontrol.cgi?command=enable&username=cancer&password=killer: This might be interesting: has been seen in web logs from a scanner.
+ /scripts/probecontrol.cgi?command=enable&username=cancer&password=killer: This might be interesting: has been seen in web logs from a scanner.
+ /cgibin/probecontrol.cgi?command=enable&userNikto=cancer&password=killer: This might be interesting: has been seen in web logs from a scanner.
+ /scripts/probecontrol.cgi?command=enable&userNikto=cancer&password=killer: This might be interesting: has been seen in web logs from a scanner.
+ /fcgi-bin/probecontrol.cgi?command=enable&userNikto=cancer&password=killer: This might be interesting: has been seen in web logs from a scanner.
+ /cgi.cgi/retrieve_password.pl: retrieve_password.pl in DCForum 6.x and 2000 generates predictable new passwords based on a sessionID. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0226
+ /cgi/retrieve_password.pl: retrieve_password.pl in DCForum 6.x and 2000 generates predictable new passwords based on a sessionID. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0226
+ /cgi-perl/retrieve_password.pl: retrieve_password.pl in DCForum 6.x and 2000 generates predictable new passwords based on a sessionID. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0226
+ /cgi.cgi/wwwadmin.pl: Administration CGI?.
+ /cgibin/wwwadmin.pl: Administration CGI?.
+ /scripts/wwwadmin.pl: Administration CGI?.
+ /cgi-perl/wwwadmin.pl: Administration CGI?.
+ /cgi.cgi/webmap.cgi: nmap front end... could be fun.
+ /cgibin/webmap.cgi: nmap front end... could be fun.
+ /cgis/webmap.cgi: nmap front end... could be fun.
+ /fcgi-bin/webmap.cgi: nmap front end... could be fun.
+ /cbms/editclient.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/.
+ /cbms/realinv.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/.
+ /cbms/usersetup.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/.
+ /webcgi/admin/admin.cgi: May be ImageFolio Pro administration CGI. Default login is Admin/ImageFolio.
+ /cgis/admin/admin.cgi: May be ImageFolio Pro administration CGI. Default login is Admin/ImageFolio.
+ /scripts/admin/admin.cgi: May be ImageFolio Pro administration CGI. Default login is Admin/ImageFolio.
+ /fcgi-bin/admin/admin.cgi: May be ImageFolio Pro administration CGI. Default login is Admin/ImageFolio.
+ /cgi-perl/admin/admin.cgi: May be ImageFolio Pro administration CGI. Default login is Admin/ImageFolio.
+ /webcgi/admin/setup.cgi: May be ImageFolio Pro setup CGI. Default login is Admin/ImageFolio.
+ /cgibin/admin/setup.cgi: May be ImageFolio Pro setup CGI. Default login is Admin/ImageFolio.
+ /scripts/admin/setup.cgi: May be ImageFolio Pro setup CGI. Default login is Admin/ImageFolio.
+ /fcgi-bin/admin/setup.cgi: May be ImageFolio Pro setup CGI. Default login is Admin/ImageFolio.
+ /cgi-perl/admin/setup.cgi: May be ImageFolio Pro setup CGI. Default login is Admin/ImageFolio.
+ /cgi.cgi/mt-static/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload.
+ /mpcgi/mt-static/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload.
+ /cgibin/mt-static/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload.
+ /cgis/mt-static/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload.
+ /scripts/mt-static/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload.
+ /cgi-perl/mt-static/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload.
+ /cgi.cgi/mt/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload.
+ /webcgi/mt/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload.
+ /cgis/mt/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload.
+ /cgi-perl/mt/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload.
+ /webcgi/dbman/db.cgi?db=no-db: This CGI allows remote attackers to view system information.
+ /mpcgi/dbman/db.cgi?db=no-db: This CGI allows remote attackers to view system information.
+ /cgis/dbman/db.cgi?db=no-db: This CGI allows remote attackers to view system information.
+ /fcgi-bin/dbman/db.cgi?db=no-db: This CGI allows remote attackers to view system information.
+ /mpcgi/dcshop/auth_data/auth_user_file.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821 https://packetstormsecurity.com/files/32406/xmas.txt.html
+ /scripts/dcshop/auth_data/auth_user_file.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821 https://packetstormsecurity.com/files/32406/xmas.txt.html
+ /cgi-perl/dcshop/auth_data/auth_user_file.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821 https://packetstormsecurity.com/files/32406/xmas.txt.html
+ /dcshop/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821 https://packetstormsecurity.com/files/32406/xmas.txt.html
+ /webcgi/dcshop/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821 https://packetstormsecurity.com/files/32406/xmas.txt.html
+ /mpcgi/dcshop/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821 https://packetstormsecurity.com/files/32406/xmas.txt.html
+ /cgibin/dcshop/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821 https://packetstormsecurity.com/files/32406/xmas.txt.html
+ /cgis/dcshop/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821 https://packetstormsecurity.com/files/32406/xmas.txt.html
+ /scripts/dcshop/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821 https://packetstormsecurity.com/files/32406/xmas.txt.html
+ /fcgi-bin/dcshop/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821 https://packetstormsecurity.com/files/32406/xmas.txt.html
+ /cgibin/dumpenv.pl: This CGI gives a lot of information to attackers.
+ /scripts/dumpenv.pl: This CGI gives a lot of information to attackers.
+ /webcgi/mkilog.exe: This CGI can give an attacker a lot of information.
+ /cgi/mkilog.exe: This CGI can give an attacker a lot of information.
+ /mpcgi/mkilog.exe: This CGI can give an attacker a lot of information.
+ /cgibin/mkilog.exe: This CGI can give an attacker a lot of information.
+ /fcgi-bin/mkilog.exe: This CGI can give an attacker a lot of information.
+ /cgi-perl/mkilog.exe: This CGI can give an attacker a lot of information.
+ /mpcgi/mkplog.exe: This CGI can give an attacker a lot of information.
+ /cgis/mkplog.exe: This CGI can give an attacker a lot of information.
+ /scripts/mkplog.exe: This CGI can give an attacker a lot of information.
+ /fcgi-bin/mkplog.exe: This CGI can give an attacker a lot of information.
+ /cgi.cgi/processit.pl: This CGI returns environment variables, giving attackers valuable information.
+ /cgi/processit.pl: This CGI returns environment variables, giving attackers valuable information.
+ /scripts/processit.pl: This CGI returns environment variables, giving attackers valuable information.
+ /fcgi-bin/processit.pl: This CGI returns environment variables, giving attackers valuable information.
+ /webcgi/rpm_query: This CGI allows anyone to see the installed RPMs.
+ /mpcgi/rpm_query: This CGI allows anyone to see the installed RPMs.
+ /scripts/rpm_query: This CGI allows anyone to see the installed RPMs.
+ /cgi-perl/rpm_query: This CGI allows anyone to see the installed RPMs.
+ /webcgi/shop/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821
+ /cgi/shop/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821
+ /mpcgi/shop/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821
+ /cgis/shop/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0821
+ /cgi.cgi/ws_ftp.ini: Can contain saved passwords for ftp sites.
+ /cgi/ws_ftp.ini: Can contain saved passwords for ftp sites.
+ /mpcgi/ws_ftp.ini: Can contain saved passwords for ftp sites.
+ /cgibin/ws_ftp.ini: Can contain saved passwords for ftp sites.
+ /cgi-perl/ws_ftp.ini: Can contain saved passwords for ftp sites.
+ /cgi.cgi/WS_FTP.ini: Can contain saved passwords for ftp sites.
+ /webcgi/WS_FTP.ini: Can contain saved passwords for ftp sites.
+ /cgibin/WS_FTP.ini: Can contain saved passwords for ftp sites.
+ /cgis/WS_FTP.ini: Can contain saved passwords for ftp sites.
+ /scripts/WS_FTP.ini: Can contain saved passwords for ftp sites.
+ /admin/cplogfile.log: DevBB 1.0 final log file is readable remotely. Upgrade to the latest version. See: http://www.mybboard.com
+ /chat/!nicks.txt: WF-Chat 1.0 Beta allows retrieval of user information. See: OSVDB-59646
+ /chat/!pwds.txt: WF-Chat 1.0 Beta allows retrieval of user information. See: OSVDB-59645
+ /chat/data/usr: SimpleChat! 1.3 allows retrieval of user information. See: OSVDB-53304
+ /config.php: PHP Config file may contain database IDs and passwords.
+ /cgi.cgi/view-source?view-source: This allows remote users to view source code.
+ /cgis/view-source?view-source: This allows remote users to view source code.
+ /fcgi-bin/view-source?view-source: This allows remote users to view source code.
+ /webcgi/scoadminreg.cgi: This script (part of UnixWare WebTop) may have a local root exploit. It is also an system admin script and should be protected via the web. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0311
+ /cgi/scoadminreg.cgi: This script (part of UnixWare WebTop) may have a local root exploit. It is also an system admin script and should be protected via the web. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0311
+ /cgibin/scoadminreg.cgi: This script (part of UnixWare WebTop) may have a local root exploit. It is also an system admin script and should be protected via the web. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0311
+ /cgis/scoadminreg.cgi: This script (part of UnixWare WebTop) may have a local root exploit. It is also an system admin script and should be protected via the web. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0311
+ /scripts/scoadminreg.cgi: This script (part of UnixWare WebTop) may have a local root exploit. It is also an system admin script and should be protected via the web. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0311
+ /webcgi/SGB_DIR/superguestconfig: Super GuestBook 1.0 from lasource.r2.ru stores the admin password in a plain text file. See: OSVDB-4663
+ /scripts/SGB_DIR/superguestconfig: Super GuestBook 1.0 from lasource.r2.ru stores the admin password in a plain text file. See: OSVDB-4663
+ /fcgi-bin/SGB_DIR/superguestconfig: Super GuestBook 1.0 from lasource.r2.ru stores the admin password in a plain text file. See: OSVDB-4663
+ /webcgi/icat: Multiple versions of icat allow attackers to read arbitrary files. Make sure the latest version is running.
+ /mpcgi/icat: Multiple versions of icat allow attackers to read arbitrary files. Make sure the latest version is running.
+ /scripts/icat: Multiple versions of icat allow attackers to read arbitrary files. Make sure the latest version is running.
+ /cgi-perl/icat: Multiple versions of icat allow attackers to read arbitrary files. Make sure the latest version is running.
+ /cgi.cgi/nph-showlogs.pl?files=../../&filter=.*&submit=Go&linecnt=500&refresh=0: nCUBE Server Manager 1.0 nph-showlogs.pl directory traversal bug.
+ /webcgi/nph-showlogs.pl?files=../../&filter=.*&submit=Go&linecnt=500&refresh=0: nCUBE Server Manager 1.0 nph-showlogs.pl directory traversal bug.
+ /cgi/nph-showlogs.pl?files=../../&filter=.*&submit=Go&linecnt=500&refresh=0: nCUBE Server Manager 1.0 nph-showlogs.pl directory traversal bug.
+ /cgibin/nph-showlogs.pl?files=../../&filter=.*&submit=Go&linecnt=500&refresh=0: nCUBE Server Manager 1.0 nph-showlogs.pl directory traversal bug.
+ /cgis/nph-showlogs.pl?files=../../&filter=.*&submit=Go&linecnt=500&refresh=0: nCUBE Server Manager 1.0 nph-showlogs.pl directory traversal bug.
+ /scripts/nph-showlogs.pl?files=../../&filter=.*&submit=Go&linecnt=500&refresh=0: nCUBE Server Manager 1.0 nph-showlogs.pl directory traversal bug.
+ /fcgi-bin/nph-showlogs.pl?files=../../&filter=.*&submit=Go&linecnt=500&refresh=0: nCUBE Server Manager 1.0 nph-showlogs.pl directory traversal bug.
+ /cgi-perl/nph-showlogs.pl?files=../../&filter=.*&submit=Go&linecnt=500&refresh=0: nCUBE Server Manager 1.0 nph-showlogs.pl directory traversal bug.
+ /cgi.cgi/view-source: This may allow remote arbitrary file retrieval.
+ /cgi/view-source: This may allow remote arbitrary file retrieval.
+ /cgibin/view-source: This may allow remote arbitrary file retrieval.
+ /scripts/view-source: This may allow remote arbitrary file retrieval.
+ /webcgi/wrap: This CGI lets users read any file with 755 perms. It should not be in the CGI directory.
+ /cgi/wrap: This CGI lets users read any file with 755 perms. It should not be in the CGI directory.
+ /cgibin/wrap: This CGI lets users read any file with 755 perms. It should not be in the CGI directory.
+ /fcgi-bin/wrap: This CGI lets users read any file with 755 perms. It should not be in the CGI directory.
+ /cgi.cgi/cgiwrap: Some versions of cgiwrap allow anyone to execute commands remotely.
+ /webcgi/cgiwrap: Some versions of cgiwrap allow anyone to execute commands remotely.
+ /cgis/cgiwrap: Some versions of cgiwrap allow anyone to execute commands remotely.
+ /cgi-perl/cgiwrap: Some versions of cgiwrap allow anyone to execute commands remotely.
+ /cgi.cgi/Count.cgi: This may allow attackers to execute arbitrary commands on the server.
+ /cgi/Count.cgi: This may allow attackers to execute arbitrary commands on the server.
+ /mpcgi/Count.cgi: This may allow attackers to execute arbitrary commands on the server.
+ /cgibin/Count.cgi: This may allow attackers to execute arbitrary commands on the server.
+ /cgis/Count.cgi: This may allow attackers to execute arbitrary commands on the server.
+ /fcgi-bin/Count.cgi: This may allow attackers to execute arbitrary commands on the server.
+ /cgi-perl/Count.cgi: This may allow attackers to execute arbitrary commands on the server.
+ /cgi.cgi/echo.bat: This CGI may allow attackers to execute remote commands.
+ /webcgi/echo.bat: This CGI may allow attackers to execute remote commands.
+ /cgis/echo.bat: This CGI may allow attackers to execute remote commands.
+ /cgi-perl/echo.bat: This CGI may allow attackers to execute remote commands.
+ /webcgi/ImageFolio/admin/admin.cgi: ImageFolio (default account Admin/ImageFolio) may allow files to be deleted via URLs like: ?cgi=remove.pl&uid=111.111.111.111&rmstep=2&category=../../../../../../../../../../../etc/. See: OSVDB-4571
+ /cgi/ImageFolio/admin/admin.cgi: ImageFolio (default account Admin/ImageFolio) may allow files to be deleted via URLs like: ?cgi=remove.pl&uid=111.111.111.111&rmstep=2&category=../../../../../../../../../../../etc/. See: OSVDB-4571
+ /mpcgi/ImageFolio/admin/admin.cgi: ImageFolio (default account Admin/ImageFolio) may allow files to be deleted via URLs like: ?cgi=remove.pl&uid=111.111.111.111&rmstep=2&category=../../../../../../../../../../../etc/. See: OSVDB-4571
+ /cgibin/ImageFolio/admin/admin.cgi: ImageFolio (default account Admin/ImageFolio) may allow files to be deleted via URLs like: ?cgi=remove.pl&uid=111.111.111.111&rmstep=2&category=../../../../../../../../../../../etc/. See: OSVDB-4571
+ /scripts/ImageFolio/admin/admin.cgi: ImageFolio (default account Admin/ImageFolio) may allow files to be deleted via URLs like: ?cgi=remove.pl&uid=111.111.111.111&rmstep=2&category=../../../../../../../../../../../etc/. See: OSVDB-4571
+ /cgi-perl/ImageFolio/admin/admin.cgi: ImageFolio (default account Admin/ImageFolio) may allow files to be deleted via URLs like: ?cgi=remove.pl&uid=111.111.111.111&rmstep=2&category=../../../../../../../../../../../etc/. See: OSVDB-4571
+ /webcgi/info2www: This CGI allows attackers to execute commands.
+ /cgi/info2www: This CGI allows attackers to execute commands.
+ /fcgi-bin/info2www: This CGI allows attackers to execute commands.
+ /webcgi/infosrch.cgi: This CGI allows attackers to execute commands.
+ /cgi/infosrch.cgi: This CGI allows attackers to execute commands.
+ /mpcgi/infosrch.cgi: This CGI allows attackers to execute commands.
+ /cgibin/infosrch.cgi: This CGI allows attackers to execute commands.
+ /cgis/infosrch.cgi: This CGI allows attackers to execute commands.
+ /cgi-perl/infosrch.cgi: This CGI allows attackers to execute commands.
+ /mpcgi/listrec.pl: This CGI allows attackers to execute commands on the host.
+ /cgibin/listrec.pl: This CGI allows attackers to execute commands on the host.
+ /cgis/listrec.pl: This CGI allows attackers to execute commands on the host.
+ /scripts/listrec.pl: This CGI allows attackers to execute commands on the host.
+ /fcgi-bin/listrec.pl: This CGI allows attackers to execute commands on the host.
+ /cgi.cgi/mailnews.cgi: Some versions allow attacker to execute commands as http daemon. Upgrade or remove.
+ /webcgi/mailnews.cgi: Some versions allow attacker to execute commands as http daemon. Upgrade or remove.
+ /mpcgi/mailnews.cgi: Some versions allow attacker to execute commands as http daemon. Upgrade or remove.
+ /cgibin/mailnews.cgi: Some versions allow attacker to execute commands as http daemon. Upgrade or remove.
+ /cgis/mailnews.cgi: Some versions allow attacker to execute commands as http daemon. Upgrade or remove.
+ /webcgi/mmstdod.cgi: May allow attacker to execute remote commands. Upgrade to version 3.0.26 or higher.
+ /cgibin/mmstdod.cgi: May allow attacker to execute remote commands. Upgrade to version 3.0.26 or higher.
+ /scripts/mmstdod.cgi: May allow attacker to execute remote commands. Upgrade to version 3.0.26 or higher.
+ /fcgi-bin/mmstdod.cgi: May allow attacker to execute remote commands. Upgrade to version 3.0.26 or higher.
+ /cgi-perl/mmstdod.cgi: May allow attacker to execute remote commands. Upgrade to version 3.0.26 or higher.
+ /webcgi/pagelog.cgi: Some versions of this allow you to create system files. Request 'pagelog.cgi?name=../../../../.././tmp/filename' to try.
+ /cgibin/pagelog.cgi: Some versions of this allow you to create system files. Request 'pagelog.cgi?name=../../../../.././tmp/filename' to try.
+ /cgis/pagelog.cgi: Some versions of this allow you to create system files. Request 'pagelog.cgi?name=../../../../.././tmp/filename' to try.
+ /scripts/pagelog.cgi: Some versions of this allow you to create system files. Request 'pagelog.cgi?name=../../../../.././tmp/filename' to try.
+ /cgi-perl/pagelog.cgi: Some versions of this allow you to create system files. Request 'pagelog.cgi?name=../../../../.././tmp/filename' to try.
+ /cgi.cgi/perl?-v: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir.
+ /webcgi/perl?-v: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir.
+ /mpcgi/perl?-v: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir.
+ /scripts/perl?-v: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir.
+ /fcgi-bin/perl?-v: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir.
+ /cgi-perl/perl?-v: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir.
+ /cgi.cgi/perl.exe?-v: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove perl.exe from the CGI dir.
+ /cgi/perl.exe?-v: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove perl.exe from the CGI dir.
+ /mpcgi/perl.exe?-v: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove perl.exe from the CGI dir.
+ /cgibin/perl.exe?-v: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove perl.exe from the CGI dir.
+ /cgis/perl.exe?-v: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove perl.exe from the CGI dir.
+ /scripts/perl.exe?-v: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove perl.exe from the CGI dir.
+ /fcgi-bin/perl.exe?-v: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove perl.exe from the CGI dir.
+ /cgi-perl/perl.exe?-v: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove perl.exe from the CGI dir.
+ /cgi.cgi/perl.exe: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir.
+ /webcgi/perl.exe: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir.
+ /cgi/perl.exe: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir.
+ /mpcgi/perl.exe: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir.
+ /cgibin/perl.exe: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir.
+ /cgis/perl.exe: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir.
+ /cgi.cgi/perl: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir.
+ /webcgi/perl: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir.
+ /mpcgi/perl: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir.
+ /scripts/perl: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir.
+ /cgis/plusmail: This CGI may allow attackers to execute commands remotely.
+ /scripts/plusmail: This CGI may allow attackers to execute commands remotely.
+ /cgi.cgi/scripts/slxweb.dll/getfile?type=Library&file=invalidfilename: SalesLogix WebClient may allow attackers to execute arbitrary commands on the host. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1607 http://www.securityfocus.com/archive/1/378637
+ /webcgi/scripts/slxweb.dll/getfile?type=Library&file=invalidfilename: SalesLogix WebClient may allow attackers to execute arbitrary commands on the host. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1607 http://www.securityfocus.com/archive/1/378637
+ /mpcgi/scripts/slxweb.dll/getfile?type=Library&file=invalidfilename: SalesLogix WebClient may allow attackers to execute arbitrary commands on the host. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1607 http://www.securityfocus.com/archive/1/378637
+ /cgibin/scripts/slxweb.dll/getfile?type=Library&file=invalidfilename: SalesLogix WebClient may allow attackers to execute arbitrary commands on the host. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1607 http://www.securityfocus.com/archive/1/378637
+ /scripts/scripts/slxweb.dll/getfile?type=Library&file=invalidfilename: SalesLogix WebClient may allow attackers to execute arbitrary commands on the host. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1607 http://www.securityfocus.com/archive/1/378637
+ /cgi-perl/scripts/slxweb.dll/getfile?type=Library&file=invalidfilename: SalesLogix WebClient may allow attackers to execute arbitrary commands on the host. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1607 http://www.securityfocus.com/archive/1/378637
+ /cgi/scripts/slxweb.dll/getfile?type=Library&file=invalidfileNikto: SalesLogix WebClient may allow attackers to execute arbitrary commands on the host. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1607 http://www.securityfocus.com/archive/1/378637
+ /cgibin/scripts/slxweb.dll/getfile?type=Library&file=invalidfileNikto: SalesLogix WebClient may allow attackers to execute arbitrary commands on the host. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1607 http://www.securityfocus.com/archive/1/378637
+ /cgis/scripts/slxweb.dll/getfile?type=Library&file=invalidfileNikto: SalesLogix WebClient may allow attackers to execute arbitrary commands on the host. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1607 http://www.securityfocus.com/archive/1/378637
+ /scripts/scripts/slxweb.dll/getfile?type=Library&file=invalidfileNikto: SalesLogix WebClient may allow attackers to execute arbitrary commands on the host. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1607 http://www.securityfocus.com/archive/1/378637
+ /webcgi/smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd|: To check for remote execution vulnerability use ?keywords=|/bin/ls| or your favorite command.
+ /mpcgi/smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd|: To check for remote execution vulnerability use ?keywords=|/bin/ls| or your favorite command.
+ /scripts/smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd|: To check for remote execution vulnerability use ?keywords=|/bin/ls| or your favorite command.
+ /cgis/spin_client.cgi?aaaaaaaa: This CGI may be vulnerable to remote execution by sending 8000 x 'a' characters (check to see if you get a 500 error message). See: https://www.tenable.com/plugins/nessus/10393
+ /scripts/spin_client.cgi?aaaaaaaa: This CGI may be vulnerable to remote execution by sending 8000 x 'a' characters (check to see if you get a 500 error message). See: https://www.tenable.com/plugins/nessus/10393
+ /cgi.cgi/sscd_suncourier.pl: Sunsolve CD script may allow users to execute arbitrary commands. The script was confirmed to exist, but the test was not done. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0436
+ /cgibin/sscd_suncourier.pl: Sunsolve CD script may allow users to execute arbitrary commands. The script was confirmed to exist, but the test was not done. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0436
+ /scripts/sscd_suncourier.pl: Sunsolve CD script may allow users to execute arbitrary commands. The script was confirmed to exist, but the test was not done. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0436
+ /fcgi-bin/sscd_suncourier.pl: Sunsolve CD script may allow users to execute arbitrary commands. The script was confirmed to exist, but the test was not done. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0436
+ /fcgi-bin/viralator.cgi: May be vulnerable to command injection, upgrade to 0.9pre2 or newer. This flaw could not be confirmed. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0849
+ /cgi-perl/viralator.cgi: May be vulnerable to command injection, upgrade to 0.9pre2 or newer. This flaw could not be confirmed. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0849
+ /mpcgi/virgil.cgi: The Virgil CGI Scanner 0.9 allows remote users to gain a system shell. This could not be confirmed (try syntax such as virgil.cgi?tar=-lp&zielport=31337 to open a connection on port 31337. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1938
+ /cgibin/virgil.cgi: The Virgil CGI Scanner 0.9 allows remote users to gain a system shell. This could not be confirmed (try syntax such as virgil.cgi?tar=-lp&zielport=31337 to open a connection on port 31337. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1938
+ /cgis/virgil.cgi: The Virgil CGI Scanner 0.9 allows remote users to gain a system shell. This could not be confirmed (try syntax such as virgil.cgi?tar=-lp&zielport=31337 to open a connection on port 31337. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1938
+ /scripts/virgil.cgi: The Virgil CGI Scanner 0.9 allows remote users to gain a system shell. This could not be confirmed (try syntax such as virgil.cgi?tar=-lp&zielport=31337 to open a connection on port 31337. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1938
+ /cgi-perl/virgil.cgi: The Virgil CGI Scanner 0.9 allows remote users to gain a system shell. This could not be confirmed (try syntax such as virgil.cgi?tar=-lp&zielport=31337 to open a connection on port 31337. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1938
+ /webcgi/vpasswd.cgi: Some versions of this CGI allow attackers to execute system commands. See: https://seclists.org/bugtraq/2002/Oct/362
+ /cgi/vpasswd.cgi: Some versions of this CGI allow attackers to execute system commands. See: https://seclists.org/bugtraq/2002/Oct/362
+ /scripts/vpasswd.cgi: Some versions of this CGI allow attackers to execute system commands. See: https://seclists.org/bugtraq/2002/Oct/362
+ /cgi.cgi/webgais: The webgais allows attackers to execute commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0176
+ /webcgi/webgais: The webgais allows attackers to execute commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0176
+ /mpcgi/webgais: The webgais allows attackers to execute commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0176
+ /cgibin/webgais: The webgais allows attackers to execute commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0176
+ /scripts/webgais: The webgais allows attackers to execute commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0176
+ /fcgi-bin/webgais: The webgais allows attackers to execute commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0176
+ /cgi-perl/webgais: The webgais allows attackers to execute commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0176
+ /cgi.cgi/websendmail: This CGI may allow attackers to execute arbitrary commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0196
+ /mpcgi/websendmail: This CGI may allow attackers to execute arbitrary commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0196
+ /cgibin/websendmail: This CGI may allow attackers to execute arbitrary commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0196
+ /scripts/websendmail: This CGI may allow attackers to execute arbitrary commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0196
+ /fcgi-bin/websendmail: This CGI may allow attackers to execute arbitrary commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0196
+ /cgi-perl/websendmail: This CGI may allow attackers to execute arbitrary commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0196
+ /webcgi/wwwwais: wwwais has a vulnerability that lets attackers run commands as http daemon owner. Request 'CGIDIR/wwwais?version=version=123&' and 4096 bytes of garbage.
+ /cgi/wwwwais: wwwais has a vulnerability that lets attackers run commands as http daemon owner. Request 'CGIDIR/wwwais?version=version=123&' and 4096 bytes of garbage.
+ /mpcgi/wwwwais: wwwais has a vulnerability that lets attackers run commands as http daemon owner. Request 'CGIDIR/wwwais?version=version=123&' and 4096 bytes of garbage.
+ /cgi-perl/wwwwais: wwwais has a vulnerability that lets attackers run commands as http daemon owner. Request 'CGIDIR/wwwais?version=version=123&' and 4096 bytes of garbage.
+ /cgi.cgi/common/listrec.pl: This CGI allows attackers to execute commands on the host.
+ /webcgi/common/listrec.pl: This CGI allows attackers to execute commands on the host.
+ /cgis/common/listrec.pl: This CGI allows attackers to execute commands on the host.
+ /fcgi-bin/common/listrec.pl: This CGI allows attackers to execute commands on the host.
+ /cgi-perl/common/listrec.pl: This CGI allows attackers to execute commands on the host.
+ /ews/ews/architext_query.pl: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands. http://www.securityfocus.com/bid/2665. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0279
+ /webcgi/stat.pl: Uninets StatsPlus 1.25 may be vulnerable to command/script injection by manipulating HTTP_USER_AGENT or HTTP_REFERER. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2330,http://www.uninetsolutions.com/stats.html
+ /cgibin/stat.pl: Uninets StatsPlus 1.25 may be vulnerable to command/script injection by manipulating HTTP_USER_AGENT or HTTP_REFERER. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2330,http://www.uninetsolutions.com/stats.html
+ /cgis/stat.pl: Uninets StatsPlus 1.25 may be vulnerable to command/script injection by manipulating HTTP_USER_AGENT or HTTP_REFERER. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2330,http://www.uninetsolutions.com/stats.html
+ /scripts/stat.pl: Uninets StatsPlus 1.25 may be vulnerable to command/script injection by manipulating HTTP_USER_AGENT or HTTP_REFERER. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2330,http://www.uninetsolutions.com/stats.html
+ /fcgi-bin/stat.pl: Uninets StatsPlus 1.25 may be vulnerable to command/script injection by manipulating HTTP_USER_AGENT or HTTP_REFERER. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2330,http://www.uninetsolutions.com/stats.html
+ /webcgi/cachemgr.cgi: Manager for squid proxy; problem with RedHat 6 making it public, can allow attacker to perform port scans. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0710
+ /mpcgi/cachemgr.cgi: Manager for squid proxy; problem with RedHat 6 making it public, can allow attacker to perform port scans. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0710
+ /scripts/cachemgr.cgi: Manager for squid proxy; problem with RedHat 6 making it public, can allow attacker to perform port scans. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0710
+ /cgi-perl/cachemgr.cgi: Manager for squid proxy; problem with RedHat 6 making it public, can allow attacker to perform port scans. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0710
+ /cgi.cgi/ppdscgi.exe: PowerPlay Web Edition may allow unauthenticated users to view pages. See: BID-491
+ /webcgi/ppdscgi.exe: PowerPlay Web Edition may allow unauthenticated users to view pages. See: BID-491
+ /cgibin/ppdscgi.exe: PowerPlay Web Edition may allow unauthenticated users to view pages. See: BID-491
+ /cgis/ppdscgi.exe: PowerPlay Web Edition may allow unauthenticated users to view pages. See: BID-491
+ /scripts/ppdscgi.exe: PowerPlay Web Edition may allow unauthenticated users to view pages. See: BID-491
+ /fcgi-bin/ppdscgi.exe: PowerPlay Web Edition may allow unauthenticated users to view pages. See: BID-491
+ /cgi-perl/ppdscgi.exe: PowerPlay Web Edition may allow unauthenticated users to view pages. See: BID-491
+ /cgi.cgi/webif.cgi: HNS's webif.cgi is vulnerable to allow remote users to rewrite diary entries if 'direct mode' is enabled in version 2.00 and earlier, and Lite 0.8 and earlier.
+ /webcgi/webif.cgi: HNS's webif.cgi is vulnerable to allow remote users to rewrite diary entries if 'direct mode' is enabled in version 2.00 and earlier, and Lite 0.8 and earlier.
+ /cgi/webif.cgi: HNS's webif.cgi is vulnerable to allow remote users to rewrite diary entries if 'direct mode' is enabled in version 2.00 and earlier, and Lite 0.8 and earlier.
+ /mpcgi/webif.cgi: HNS's webif.cgi is vulnerable to allow remote users to rewrite diary entries if 'direct mode' is enabled in version 2.00 and earlier, and Lite 0.8 and earlier.
+ /cgibin/webif.cgi: HNS's webif.cgi is vulnerable to allow remote users to rewrite diary entries if 'direct mode' is enabled in version 2.00 and earlier, and Lite 0.8 and earlier.
+ /cgis/webif.cgi: HNS's webif.cgi is vulnerable to allow remote users to rewrite diary entries if 'direct mode' is enabled in version 2.00 and earlier, and Lite 0.8 and earlier.
+ /fcgi-bin/webif.cgi: HNS's webif.cgi is vulnerable to allow remote users to rewrite diary entries if 'direct mode' is enabled in version 2.00 and earlier, and Lite 0.8 and earlier.
+ /cgi-perl/webif.cgi: HNS's webif.cgi is vulnerable to allow remote users to rewrite diary entries if 'direct mode' is enabled in version 2.00 and earlier, and Lite 0.8 and earlier.
+ /admin/login.php?action=insert&username=test&password=test: phpAuction may allow user admin accounts to be inserted without proper authentication. Attempt to log in with user 'test' password 'test' to verify. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0995
+ /cgi.cgi/.cobalt/siteUserMod/siteUserMod.cgi: Older versions of this CGI allow any user to change the administrator password.
+ /webcgi/.cobalt/siteUserMod/siteUserMod.cgi: Older versions of this CGI allow any user to change the administrator password.
+ /cgi/.cobalt/siteUserMod/siteUserMod.cgi: Older versions of this CGI allow any user to change the administrator password.
+ /scripts/.cobalt/siteUserMod/siteUserMod.cgi: Older versions of this CGI allow any user to change the administrator password.
+ /fcgi-bin/.cobalt/siteUserMod/siteUserMod.cgi: Older versions of this CGI allow any user to change the administrator password.
+ /cgi-perl/.cobalt/siteUserMod/siteUserMod.cgi: Older versions of this CGI allow any user to change the administrator password.
+ /webcgi/webdriver: This CGI often allows anyone to access the Informix DB on the host.
+ /cgibin/webdriver: This CGI often allows anyone to access the Informix DB on the host.
+ /scripts/webdriver: This CGI often allows anyone to access the Informix DB on the host.
+ /fcgi-bin/webdriver: This CGI often allows anyone to access the Informix DB on the host.
+ /cgi.cgi/c32web.exe/ChangeAdminPassword: This CGI may contain a backdoor and may allow attackers to change the Cart32 admin password.
+ /webcgi/c32web.exe/ChangeAdminPassword: This CGI may contain a backdoor and may allow attackers to change the Cart32 admin password.
+ /cgis/c32web.exe/ChangeAdminPassword: This CGI may contain a backdoor and may allow attackers to change the Cart32 admin password.
+ /scripts/c32web.exe/ChangeAdminPassword: This CGI may contain a backdoor and may allow attackers to change the Cart32 admin password.
+ /fcgi-bin/c32web.exe/ChangeAdminPassword: This CGI may contain a backdoor and may allow attackers to change the Cart32 admin password.
+ /cgi.cgi/cgi-lib.pl: CGI Library. If retrieved check to see if it is outdated, it may have vulns.
+ /mpcgi/cgi-lib.pl: CGI Library. If retrieved check to see if it is outdated, it may have vulns.
+ /cgis/cgi-lib.pl: CGI Library. If retrieved check to see if it is outdated, it may have vulns.
+ /cgi-perl/cgi-lib.pl: CGI Library. If retrieved check to see if it is outdated, it may have vulns.
+ /cgi.cgi/log/nether-log.pl?checkit: Default Pass: nethernet-rules.
+ /mpcgi/log/nether-log.pl?checkit: Default Pass: nethernet-rules.
+ /cgis/log/nether-log.pl?checkit: Default Pass: nethernet-rules.
+ /cgi-perl/log/nether-log.pl?checkit: Default Pass: nethernet-rules.
+ /cgi.cgi/mini_logger.cgi: Default password: guest.
+ /mpcgi/mini_logger.cgi: Default password: guest.
+ /cgibin/mini_logger.cgi: Default password: guest.
+ /scripts/mini_logger.cgi: Default password: guest.
+ /fcgi-bin/mini_logger.cgi: Default password: guest.
+ Scan terminated: 0 error(s) and 759 item(s) reported on remote host
+ End Time:           2024-04-20 15:25:26 (GMT-4) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
Color Scheme
Target
opensea.io
Scan method
Nikto scan (max 60 sec)
Run command
nikto -host opensea.io -maxtime 60
Scan time
61s
Scan date
20 Apr 2024 15:25
Copy scan report
Download report
Remove scan result
$
Some firewalls blocks Nikto. For get true positive results add nikto.online IP addresses (172.96.166.66-172.96.166.70 or CIDR 172.96.166.64/29) to the whitelist
[scan_method]
Visibility:
Scan method: