Scan report for "starkrdp.net"
Summary
Found
2288
Duration
1min 1sec
Date
2025-11-09
IP
104.26.15.71
Report
Nikto scan (max 60 sec) (nikto -host starkrdp.net -maxtime 60)
- Nikto --------------------------------------------------------------------------- + Multiple IPs found: 104.26.15.71, 172.67.71.232, 104.26.14.71, 2606:4700:20::681a:e47, 2606:4700:20::681a:f47, 2606:4700:20::ac43:47e8 + Target IP: 104.26.15.71 + Target Hostname: starkrdp.net + Target Port: 80 + Start Time: 2025-11-09 16:54:20 (GMT-8) --------------------------------------------------------------------------- + Server: cloudflare + /: Uncommon header 'proxy-status' found, with contents: Cloudflare-Proxy;error=http_request_error. + /cgi-914/cart32.exe: request cart32.exe/cart32clientlist. + /htbin/cart32.exe: request cart32.exe/cart32clientlist. + /fcgi-bin/cart32.exe: request cart32.exe/cart32clientlist. + /cgi-perl/cart32.exe: request cart32.exe/cart32clientlist. + /scgi-bin/cart32.exe: request cart32.exe/cart32clientlist. + /cgi-mod/cart32.exe: request cart32.exe/cart32clientlist. + /cgi-914/classified.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /htbin/classified.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /scripts/classified.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-exe/classified.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /scgi-bin/classified.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-local/download.cgi: Check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article + /htbin/download.cgi: Check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article + /scripts/download.cgi: Check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article + /fcgi-bin/download.cgi: Check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-exe/download.cgi: Check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-mod/download.cgi: Check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-914/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /htbin/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /scripts/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /cgi-exe/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /cgi-perl/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /scgi-bin/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /cgi-mod/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /cgi-915/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /mpcgi/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /cgi-local/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /htbin/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /cgi-exe/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /cgi-perl/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /scgi-bin/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /cgi-mod/lwgate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-914/LWGate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-local/LWGate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /scripts/LWGate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /fcgi-bin/LWGate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-914/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-local/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /scripts/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-914/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-915/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /mpcgi/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-local/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /scripts/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-perl/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-914/perlshop.cgi: v3.1 by ARPAnet.com; check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-915/perlshop.cgi: v3.1 by ARPAnet.com; check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-local/perlshop.cgi: v3.1 by ARPAnet.com; check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article + /scripts/perlshop.cgi: v3.1 by ARPAnet.com; check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article + /fcgi-bin/perlshop.cgi: v3.1 by ARPAnet.com; check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-exe/perlshop.cgi: v3.1 by ARPAnet.com; check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-mod/perlshop.cgi: v3.1 by ARPAnet.com; check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article + /kboard/: KBoard Forum 0.3.0 and prior have a security problem in forum_edit_post.php, forum_post.php and forum_reply.php. + /lists/admin/: PHPList pre 2.6.4 contains a number of vulnerabilities including remote administrative access, harvesting user info and more. Default login to admin interface is admin/phplist. + /tiki/: Tiki 1.7.2 and previous allowed restricted Wiki pages to be viewed via a 'URL trick'. Default login/pass could be admin/admin. + /cgi-914/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners. + /cgi-915/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners. + /mpcgi/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners. + /cgi-local/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners. + /htbin/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners. + /scripts/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners. + /fcgi-bin/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners. + /scgi-bin/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners. + /cgi-mod/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners. + /cgi-914/finger: finger other users, may be other commands?. + /fcgi-bin/finger: finger other users, may be other commands?. + /cgi-perl/finger: finger other users, may be other commands?. + /scgi-bin/finger: finger other users, may be other commands?. + /cgi-914/get32.exe: This can allow attackers to execute arbitrary commands remotely. + /cgi-915/get32.exe: This can allow attackers to execute arbitrary commands remotely. + /mpcgi/get32.exe: This can allow attackers to execute arbitrary commands remotely. + /cgi-local/get32.exe: This can allow attackers to execute arbitrary commands remotely. + /scripts/get32.exe: This can allow attackers to execute arbitrary commands remotely. + /fcgi-bin/get32.exe: This can allow attackers to execute arbitrary commands remotely. + /cgi-exe/get32.exe: This can allow attackers to execute arbitrary commands remotely. + /cgi-914/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /mpcgi/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi-local/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /scripts/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /fcgi-bin/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /scgi-bin/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi-914/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file. + /htbin/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file. + /scripts/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file. + /fcgi-bin/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file. + /cgi-perl/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file. + /scgi-bin/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file. + /cgi-mod/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file. + /cgi-914/photo/protected/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems. + /cgi-915/photo/protected/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems. + /mpcgi/photo/protected/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems. + /cgi-local/photo/protected/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems. + /htbin/photo/protected/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems. + /cgi-exe/photo/protected/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems. + /cgi-perl/photo/protected/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems. + /scgi-bin/photo/protected/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems. + /cgi-915/wrap.cgi: Allows viewing of directories. + /htbin/wrap.cgi: Allows viewing of directories. + /fcgi-bin/wrap.cgi: Allows viewing of directories. + /cgi-mod/wrap.cgi: Allows viewing of directories. + /~root/: Allowed to browse root's home directory. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1013 + /cgi-914/visadmin.exe: This CGI allows an attacker to crash the web server. Remove it from the CGI directory. + /cgi-local/visadmin.exe: This CGI allows an attacker to crash the web server. Remove it from the CGI directory. + /cgi-exe/visadmin.exe: This CGI allows an attacker to crash the web server. Remove it from the CGI directory. + /cgi-perl/visadmin.exe: This CGI allows an attacker to crash the web server. Remove it from the CGI directory. + /scgi-bin/visadmin.exe: This CGI allows an attacker to crash the web server. Remove it from the CGI directory. + /cgi-mod/visadmin.exe: This CGI allows an attacker to crash the web server. Remove it from the CGI directory. + /cgi-914/html2chtml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more. + /htbin/html2chtml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more. + /cgi-perl/html2chtml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more. + /scgi-bin/html2chtml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more. + /cgi-915/html2wml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more. + /scripts/html2wml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more. + /cgi-exe/html2wml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more. + /cgi-mod/html2wml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more. + /cgi-914/guestbook.cgi: May allow attackers to execute commands as the web daemon. + /cgi-local/guestbook.cgi: May allow attackers to execute commands as the web daemon. + /fcgi-bin/guestbook.cgi: May allow attackers to execute commands as the web daemon. + /cgi-exe/guestbook.cgi: May allow attackers to execute commands as the web daemon. + /cgi-perl/guestbook.cgi: May allow attackers to execute commands as the web daemon. + /cgi-914/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory. + /mpcgi/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory. + /cgi-local/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory. + /htbin/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory. + /scgi-bin/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory. + /htbin/gH.cgi: Web backdoor by gH. + /cgi-exe/gH.cgi: Web backdoor by gH. + /scgi-bin/gH.cgi: Web backdoor by gH. + /cgi-914/gm-cplog.cgi: GreyMatter log file defaults to mode 666 and contains login and passwords used to update the GM site. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi-915/gm-cplog.cgi: GreyMatter log file defaults to mode 666 and contains login and passwords used to update the GM site. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi-local/gm-cplog.cgi: GreyMatter log file defaults to mode 666 and contains login and passwords used to update the GM site. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /scripts/gm-cplog.cgi: GreyMatter log file defaults to mode 666 and contains login and passwords used to update the GM site. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /fcgi-bin/gm-cplog.cgi: GreyMatter log file defaults to mode 666 and contains login and passwords used to update the GM site. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi-perl/gm-cplog.cgi: GreyMatter log file defaults to mode 666 and contains login and passwords used to update the GM site. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi-mod/gm-cplog.cgi: GreyMatter log file defaults to mode 666 and contains login and passwords used to update the GM site. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /getaccess: This may be an indication that the server is running getAccess for SSO. + /cgi-914/gm.cgi: GreyMatter blogger may reveal user IDs/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi-915/gm.cgi: GreyMatter blogger may reveal user IDs/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /htbin/gm.cgi: GreyMatter blogger may reveal user IDs/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /scgi-bin/gm.cgi: GreyMatter blogger may reveal user IDs/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi-mod/gm.cgi: GreyMatter blogger may reveal user IDs/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi-914/AT-admin.cgi: Admin interface. + /cgi-915/AT-admin.cgi: Admin interface. + /mpcgi/AT-admin.cgi: Admin interface. + /htbin/AT-admin.cgi: Admin interface. + /scripts/AT-admin.cgi: Admin interface. + /fcgi-bin/AT-admin.cgi: Admin interface. + /cgi-perl/AT-admin.cgi: Admin interface. + /cgi-914/mt-static/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules. + /htbin/mt-static/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules. + /cgi-perl/mt-static/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules. + /scgi-bin/mt-static/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules. + /cgi-mod/mt-static/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules. + /mpcgi/mt/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules. + /htbin/mt/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules. + /scgi-bin/mt/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules. + /cgi-mod/mt/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules. + /cgi-914/banner.cgi: This CGI may allow attackers to read any file on the system. + /mpcgi/banner.cgi: This CGI may allow attackers to read any file on the system. + /cgi-local/banner.cgi: This CGI may allow attackers to read any file on the system. + /cgi-perl/banner.cgi: This CGI may allow attackers to read any file on the system. + /scgi-bin/banner.cgi: This CGI may allow attackers to read any file on the system. + /cgi-914/bannereditor.cgi: This CGI may allow attackers to read any file on the system. + /mpcgi/bannereditor.cgi: This CGI may allow attackers to read any file on the system. + /htbin/bannereditor.cgi: This CGI may allow attackers to read any file on the system. + /fcgi-bin/bannereditor.cgi: This CGI may allow attackers to read any file on the system. + /cgi-perl/bannereditor.cgi: This CGI may allow attackers to read any file on the system. + /scgi-bin/bannereditor.cgi: This CGI may allow attackers to read any file on the system. + /cgi-mod/bannereditor.cgi: This CGI may allow attackers to read any file on the system. + /cgi-915/bizdb1-search.cgi: This CGI may allow attackers to execute commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0287 + /mpcgi/bizdb1-search.cgi: This CGI may allow attackers to execute commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0287 + /htbin/bizdb1-search.cgi: This CGI may allow attackers to execute commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0287 + /fcgi-bin/bizdb1-search.cgi: This CGI may allow attackers to execute commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0287 + /cgi-exe/bizdb1-search.cgi: This CGI may allow attackers to execute commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0287 + /scgi-bin/bizdb1-search.cgi: This CGI may allow attackers to execute commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0287 + /cgi-914/blog/: A blog was found. May contain security problems in CGIs, weak passwords, and more. + /mpcgi/blog/: A blog was found. May contain security problems in CGIs, weak passwords, and more. + /scripts/blog/: A blog was found. May contain security problems in CGIs, weak passwords, and more. + /cgi-exe/blog/: A blog was found. May contain security problems in CGIs, weak passwords, and more. + /scgi-bin/blog/: A blog was found. May contain security problems in CGIs, weak passwords, and more. + /cgi-mod/blog/: A blog was found. May contain security problems in CGIs, weak passwords, and more. + /tsweb/: Microsoft TSAC found. See: https://web.archive.org/web/20040910030506/http://www.dslwebserver.com/main/fr_index.html?/main/sbs-Terminal-Services-Advanced-Client-Configuration.html + /cgi-914/blog/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload. + /cgi-915/blog/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload. + /cgi-local/blog/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload. + /htbin/blog/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload. + /fcgi-bin/blog/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload. + /scgi-bin/blog/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload. + /cgi-mod/blog/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload. + /vgn/performance/TMT: Vignette CMS admin/maintenance script available. + /vgn/performance/TMT/Report: Vignette CMS admin/maintenance script available. + /vgn/performance/TMT/Report/XML: Vignette CMS admin/maintenance script available. + /vgn/performance/TMT/reset: Vignette CMS admin/maintenance script available. + /vgn/previewer: Vignette CMS admin/maintenance script available. + /vgn/record/previewer: Vignette CMS admin/maintenance script available. + /vgn/stylepreviewer: Vignette CMS admin/maintenance script available. + /vgn/vr/Deleting: Vignette CMS admin/maintenance script available. + /scripts/tools/ctss.idc: This CGI allows remote users to view and modify SQL DB contents, server paths, docroot and more. + /vgn/style: Vignette server may reveal system information through this file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0401 + /SiteServer/Admin/commerce/foundation/driver.asp: Displays a list of installed ODBC drivers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1769 + /SiteServer/Admin/commerce/foundation/DSN.asp: Displays all DSNs configured for selected ODBC drivers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1769 + /SiteServer/admin/findvserver.asp: Gives a list of installed Site Server components. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1769 + /cgi-915/moin.cgi?test: MoinMoin 1.1 and prior contain at least two XSS vulnerabilities. Version 1.0 and prior also contains a XSLT related vulnerability. See: http://moinmo.in/MoinMoinDownload + /cgi-local/moin.cgi?test: MoinMoin 1.1 and prior contain at least two XSS vulnerabilities. Version 1.0 and prior also contains a XSLT related vulnerability. See: http://moinmo.in/MoinMoinDownload + /scripts/moin.cgi?test: MoinMoin 1.1 and prior contain at least two XSS vulnerabilities. Version 1.0 and prior also contains a XSLT related vulnerability. See: http://moinmo.in/MoinMoinDownload + /cgi-exe/moin.cgi?test: MoinMoin 1.1 and prior contain at least two XSS vulnerabilities. Version 1.0 and prior also contains a XSLT related vulnerability. See: http://moinmo.in/MoinMoinDownload + /cgi-perl/moin.cgi?test: MoinMoin 1.1 and prior contain at least two XSS vulnerabilities. Version 1.0 and prior also contains a XSLT related vulnerability. See: http://moinmo.in/MoinMoinDownload + /cartcart.cgi: If this is Dansie Shopping Cart 3.0.8 or earlier, it contains a backdoor to allow attackers to execute arbitrary commands. + /SiteServer/Admin/knowledge/dsmgr/users/UserManager.asp: Microsoft Site Server used to create, modify, and potentially delete LDAP users and groups. See: https://securitytracker.com/id/1003420 + /readme.eml: Remote server may be infected with the Nimda virus. + /siteseed/: Siteseed pre 1.4.2 have 'major' security problems. + /pccsmysqladm/incs/dbconnect.inc: This file should not be accessible, as it contains database connectivity information. Upgrade to version 1.2.5 or higher. + /w-agora/: w-agora pre 4.1.4 may allow a remote user to execute arbitrary PHP scripts via URL includes in include/*.php and user/*.php files. Default account is 'admin' but password set during install. + /officescan/cgi/cgiChkMasterPwd.exe: Trend Micro Officescan allows you to skip the login page and access some CGI programs directly. See: https://web.archive.org/web/20030607054822/http://support.microsoft.com/support/exchange/content/whitepapers/owaguide.doc + /cgi-915/astrocam.cgi: Astrocam 1.4.1 contained buffer overflow. Prior to 2.1.3 contained unspecified security bugs. See: http://www.securityfocus.com/bid/4684 + /cgi-local/astrocam.cgi: Astrocam 1.4.1 contained buffer overflow. Prior to 2.1.3 contained unspecified security bugs. See: http://www.securityfocus.com/bid/4684 + /scripts/astrocam.cgi: Astrocam 1.4.1 contained buffer overflow. Prior to 2.1.3 contained unspecified security bugs. See: http://www.securityfocus.com/bid/4684 + /fcgi-bin/astrocam.cgi: Astrocam 1.4.1 contained buffer overflow. Prior to 2.1.3 contained unspecified security bugs. See: http://www.securityfocus.com/bid/4684 + /cgi-exe/astrocam.cgi: Astrocam 1.4.1 contained buffer overflow. Prior to 2.1.3 contained unspecified security bugs. See: http://www.securityfocus.com/bid/4684 + /scgi-bin/astrocam.cgi: Astrocam 1.4.1 contained buffer overflow. Prior to 2.1.3 contained unspecified security bugs. See: http://www.securityfocus.com/bid/4684 + /cgi-914/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded. + /mpcgi/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded. + /cgi-local/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded. + /htbin/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded. + /fcgi-bin/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded. + /cgi-exe/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded. + /cgi-mod/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded. + /cgi-914/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098 + /cgi-local/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098 + /scripts/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098 + /fcgi-bin/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098 + /cgi-exe/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098 + /cgi-perl/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098 + /scgi-bin/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098 + /cgi-914/ezadmin.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgi-local/ezadmin.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /scripts/ezadmin.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /fcgi-bin/ezadmin.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgi-exe/ezadmin.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgi-perl/ezadmin.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /scgi-bin/ezadmin.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgi-915/ezboard.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgi-local/ezboard.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /scripts/ezboard.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgi-perl/ezboard.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /scgi-bin/ezboard.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgi-915/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgi-local/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /htbin/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /fcgi-bin/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgi-exe/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgi-perl/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgi-914/foxweb.exe: Foxweb 2.5 and below is vulnerable to a buffer overflow (not tested or confirmed). Verify Foxweb is the latest available version. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0762 + /cgi-915/foxweb.exe: Foxweb 2.5 and below is vulnerable to a buffer overflow (not tested or confirmed). Verify Foxweb is the latest available version. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0762 + /mpcgi/foxweb.exe: Foxweb 2.5 and below is vulnerable to a buffer overflow (not tested or confirmed). Verify Foxweb is the latest available version. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0762 + /scripts/foxweb.exe: Foxweb 2.5 and below is vulnerable to a buffer overflow (not tested or confirmed). Verify Foxweb is the latest available version. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0762 + /cgi-exe/foxweb.exe: Foxweb 2.5 and below is vulnerable to a buffer overflow (not tested or confirmed). Verify Foxweb is the latest available version. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0762 + /cgi-914/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x. + /cgi-915/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x. + /htbin/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x. + /fcgi-bin/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x. + /cgi-perl/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x. + /cgi-mod/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x. + /cgi-914/uploader.exe: This CGI allows attackers to upload files to the server and then execute them. + /mpcgi/uploader.exe: This CGI allows attackers to upload files to the server and then execute them. + /cgi-local/uploader.exe: This CGI allows attackers to upload files to the server and then execute them. + /htbin/uploader.exe: This CGI allows attackers to upload files to the server and then execute them. + /scripts/uploader.exe: This CGI allows attackers to upload files to the server and then execute them. + /fcgi-bin/uploader.exe: This CGI allows attackers to upload files to the server and then execute them. + /cgi-perl/uploader.exe: This CGI allows attackers to upload files to the server and then execute them. + /scgi-bin/uploader.exe: This CGI allows attackers to upload files to the server and then execute them. + /cgi-mod/uploader.exe: This CGI allows attackers to upload files to the server and then execute them. + /uploadn.asp: An ASP page that allows attackers to upload files to server. + /basilix/compose-attach.php3: BasiliX webmail application prior to 1.1.1 contains a non-descript security vulnerability in compose-attach.php3 related to attachment uploads. + /cgi-914/fpsrvadm.exe: Potentially vulnerable CGI program. + /cgi-915/fpsrvadm.exe: Potentially vulnerable CGI program. + /mpcgi/fpsrvadm.exe: Potentially vulnerable CGI program. + /cgi-local/fpsrvadm.exe: Potentially vulnerable CGI program. + /htbin/fpsrvadm.exe: Potentially vulnerable CGI program. + /scripts/fpsrvadm.exe: Potentially vulnerable CGI program. + /vgn/ac/delete: Vignette CMS admin/maintenance script available. + /vgn/ac/edit: Vignette CMS admin/maintenance script available. + /vgn/ac/fsave: Vignette CMS admin/maintenance script available. + /vgn/jsp/controller: Vignette CMS admin/maintenance script available. + /vgn/jsp/jspstatus: Vignette CMS admin/maintenance script available. + /vgn/jsp/jspstatus56: Vignette CMS admin/maintenance script available. + /vgn/legacy/edit: Vignette CMS admin/maintenance script available. + /cgi-914/.cobalt: May allow remote admin of CGI scripts. + /cgi-local/.cobalt: May allow remote admin of CGI scripts. + /htbin/.cobalt: May allow remote admin of CGI scripts. + /cgi-perl/.cobalt: May allow remote admin of CGI scripts. + /cgi-mod/.cobalt: May allow remote admin of CGI scripts. + /forum/admin/wwforum.mdb: Web Wiz Forums password database found. See: https://seclists.org/bugtraq/2003/Apr/238 + /fpdb/shop.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web. See: https://packetstormsecurity.com/files/32406/xmas.txt.html + /news/news.mdb: Web Wiz Site News release v3.06 admin password database is available and unencrypted. + /shopping300.mdb: VP-ASP shopping cart application allows .mdb files (which may include customer data) to be downloaded via the web. These should not be available. See: https://securitytracker.com/id/1004382 + /shopping400.mdb: VP-ASP shopping cart application allows .mdb files (which may include customer data) to be downloaded via the web. These should not be available. See: https://securitytracker.com/id/1004382 + /shoppingdirectory/midicart.mdb: MIDICART database is available for browsing. This should not be allowed via the web server. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1432 + /cgi-914/.access: Contains authorization information. + /cgi-local/.access: Contains authorization information. + /htbin/.access: Contains authorization information. + /scripts/.access: Contains authorization information. + /cgi-perl/.access: Contains authorization information. + /servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call. + /typo3conf/: This may contain sensitive TYPO3 files. + /webcart/carts/: This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web. See: https://packetstormsecurity.com/files/32406/xmas.txt.html + /webcart/config/: This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web. See: https://packetstormsecurity.com/files/32406/xmas.txt.html + /webcart/orders/: This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web. See: https://packetstormsecurity.com/files/32406/xmas.txt.html + /ws_ftp.ini: Can contain saved passwords for FTP sites. + /mpcgi/MsmMask.exe: MondoSearch 4.4 may allow source code viewing by requesting MsmMask.exe?mask=/filename.asp where 'filename.asp' is a real ASP file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1528 + /cgi-local/MsmMask.exe: MondoSearch 4.4 may allow source code viewing by requesting MsmMask.exe?mask=/filename.asp where 'filename.asp' is a real ASP file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1528 + /htbin/MsmMask.exe: MondoSearch 4.4 may allow source code viewing by requesting MsmMask.exe?mask=/filename.asp where 'filename.asp' is a real ASP file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1528 + /fcgi-bin/MsmMask.exe: MondoSearch 4.4 may allow source code viewing by requesting MsmMask.exe?mask=/filename.asp where 'filename.asp' is a real ASP file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1528 + /cgi-exe/MsmMask.exe: MondoSearch 4.4 may allow source code viewing by requesting MsmMask.exe?mask=/filename.asp where 'filename.asp' is a real ASP file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1528 + /cgi-mod/MsmMask.exe: MondoSearch 4.4 may allow source code viewing by requesting MsmMask.exe?mask=/filename.asp where 'filename.asp' is a real ASP file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1528 + /SiteServer/Admin/knowledge/persmbr/VsLsLpRd.asp: Expose various LDAP service and backend configuration parameters. See: https://vulners.com/osvdb/OSVDB:17661 + /SiteServer/Admin/knowledge/persmbr/VsTmPr.asp: Expose various LDAP service and backend configuration parameters. See: https://vulners.com/osvdb/OSVDB:17660 + /tvcs/getservers.exe?action=selects1: Following steps 2-4 of this page may reveal a zip file that contains passwords and system details. + /forum/admin/database/wwForum.mdb: Web Wiz Forums pre 7.5 is vulnerable to Cross-Site Scripting attacks. Default login/pass is Administrator/letmein. + /cgi/cgiproc?: It may be possible to crash Nortel Contivity VxWorks by requesting '/cgi/cgiproc?$' (not attempted!). Upgrade to version 2.60 or later. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0063 + /fcgi-bin/addbanner.cgi: This CGI may allow attackers to read any file on the system. + /cgi-perl/addbanner.cgi: This CGI may allow attackers to read any file on the system. + /cgi-mod/addbanner.cgi: This CGI may allow attackers to read any file on the system. + /cgi-914/aglimpse.cgi: This CGI may allow attackers to execute remote commands. + /cgi-915/aglimpse.cgi: This CGI may allow attackers to execute remote commands. + /cgi-local/aglimpse.cgi: This CGI may allow attackers to execute remote commands. + /htbin/aglimpse.cgi: This CGI may allow attackers to execute remote commands. + /scripts/aglimpse.cgi: This CGI may allow attackers to execute remote commands. + /fcgi-bin/aglimpse.cgi: This CGI may allow attackers to execute remote commands. + /scgi-bin/aglimpse.cgi: This CGI may allow attackers to execute remote commands. + /cgi-mod/aglimpse.cgi: This CGI may allow attackers to execute remote commands. + /cgi-914/aglimpse: This CGI may allow attackers to execute remote commands. + /cgi-915/aglimpse: This CGI may allow attackers to execute remote commands. + /mpcgi/aglimpse: This CGI may allow attackers to execute remote commands. + /cgi-exe/aglimpse: This CGI may allow attackers to execute remote commands. + /scgi-bin/aglimpse: This CGI may allow attackers to execute remote commands. + /cgi-915/architext_query.cgi: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands. + /mpcgi/architext_query.cgi: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands. + /cgi-local/architext_query.cgi: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands. + /htbin/architext_query.cgi: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands. + /fcgi-bin/architext_query.cgi: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands. + /servlet/SchedulerTransfer: PeopleSoft SchedulerTransfer servlet found, which may allow remote command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0104 + /servlets/SchedulerTransfer: PeopleSoft SchedulerTransfer servlet found, which may allow remote command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0104 + /cgi-914/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands. + /mpcgi/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands. + /cgi-local/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands. + /cgi-mod/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands. + /cgi-914/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands. + /mpcgi/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands. + /cgi-local/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands. + /cgi-perl/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands. + /cgi-914/post32.exe|dir%20c:\\: post32 can execute arbitrary commands. + /cgi-915/post32.exe|dir%20c:\\: post32 can execute arbitrary commands. + /cgi-local/post32.exe|dir%20c:\\: post32 can execute arbitrary commands. + /scripts/post32.exe|dir%20c:\\: post32 can execute arbitrary commands. + /fcgi-bin/post32.exe|dir%20c:\\: post32 can execute arbitrary commands. + /cgi-perl/post32.exe|dir%20c:\\: post32 can execute arbitrary commands. + /vgn/legacy/save: Vignette Legacy Tool may be unprotected. To access this resource, set a cookie called 'vgn_creds' with any value. + /quikstore.cgi: A shopping cart. + /securecontrolpanel/: Web Server Control Panel. + /webmail/: Web based mail package installed. + /_cti_pvt/: FrontPage directory found. + /smg_Smxcfg30.exe?vcc=3560121183d3: This may be a Trend Micro Officescan 'backdoor'. + /cgi-915/archie: Gateway to the unix command, may be able to submit extra commands. + /cgi-local/archie: Gateway to the unix command, may be able to submit extra commands. + /fcgi-bin/archie: Gateway to the unix command, may be able to submit extra commands. + /cgi-exe/archie: Gateway to the unix command, may be able to submit extra commands. + /cgi-mod/archie: Gateway to the unix command, may be able to submit extra commands. + /cgi-914/calendar: Gateway to the unix command, may be able to submit extra commands. + /mpcgi/calendar: Gateway to the unix command, may be able to submit extra commands. + /cgi-local/calendar: Gateway to the unix command, may be able to submit extra commands. + /htbin/date: Gateway to the unix command, may be able to submit extra commands. + /fcgi-bin/date: Gateway to the unix command, may be able to submit extra commands. + /cgi-exe/date: Gateway to the unix command, may be able to submit extra commands. + /scgi-bin/date: Gateway to the unix command, may be able to submit extra commands. + /cgi-914/fortune: Gateway to the unix command, may be able to submit extra commands. + /mpcgi/fortune: Gateway to the unix command, may be able to submit extra commands. + /cgi-local/fortune: Gateway to the unix command, may be able to submit extra commands. + /scripts/fortune: Gateway to the unix command, may be able to submit extra commands. + /fcgi-bin/fortune: Gateway to the unix command, may be able to submit extra commands. + /cgi-perl/fortune: Gateway to the unix command, may be able to submit extra commands. + /cgi-mod/fortune: Gateway to the unix command, may be able to submit extra commands. + /cgi-914/redirect: Redirects via URL from form. + /cgi-915/redirect: Redirects via URL from form. + /cgi-local/redirect: Redirects via URL from form. + /cgi-exe/redirect: Redirects via URL from form. + /cgi-perl/redirect: Redirects via URL from form. + /cgi-914/uptime: Gateway to the unix command, may be able to submit extra commands. + /htbin/uptime: Gateway to the unix command, may be able to submit extra commands. + /scripts/uptime: Gateway to the unix command, may be able to submit extra commands. + /fcgi-bin/uptime: Gateway to the unix command, may be able to submit extra commands. + /upd/: WASD Server can allow directory listings by requesting /upd/directory/. Upgrade to a later version and secure according to the documents on the WASD web site. + /cgi-915/mail: Simple Perl mailing script to send form data to a pre-configured email address. + /htbin/mail: Simple Perl mailing script to send form data to a pre-configured email address. + /scripts/mail: Simple Perl mailing script to send form data to a pre-configured email address. + /fcgi-bin/mail: Simple Perl mailing script to send form data to a pre-configured email address. + /cgi-exe/mail: Simple Perl mailing script to send form data to a pre-configured email address. + /scgi-bin/mail: Simple Perl mailing script to send form data to a pre-configured email address. + /cgi-914/query: Echoes back result of your GET. + /cgi-local/query: Echoes back result of your GET. + /htbin/query: Echoes back result of your GET. + /cgi-914/test-env: May echo environment variables or give directory listings. + /cgi-local/test-env: May echo environment variables or give directory listings. + /fcgi-bin/test-env: May echo environment variables or give directory listings. + /cgi-exe/test-env: May echo environment variables or give directory listings. + /cgi-perl/test-env: May echo environment variables or give directory listings. + /scgi-bin/test-env: May echo environment variables or give directory listings. + /cgi-bin/cgi_process: WASD reveals a lot of system information in this script. It should be removed. + /tree: WASD Server reveals the entire web root structure and files via this URL. Upgrade to a later version and secure according to the documents on the WASD web site. + /cgi-914/cgitest.exe: This CGI allows remote users to download other CGI source code. May have a buffer overflow in the User-Agent header. + /scripts/cgitest.exe: This CGI allows remote users to download other CGI source code. May have a buffer overflow in the User-Agent header. + /fcgi-bin/cgitest.exe: This CGI allows remote users to download other CGI source code. May have a buffer overflow in the User-Agent header. + /cgi-exe/cgitest.exe: This CGI allows remote users to download other CGI source code. May have a buffer overflow in the User-Agent header. + /scgi-bin/cgitest.exe: This CGI allows remote users to download other CGI source code. May have a buffer overflow in the User-Agent header. + /cgi-mod/cgitest.exe: This CGI allows remote users to download other CGI source code. May have a buffer overflow in the User-Agent header. + /cgi-local/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools may be vulnerable to a DoS by requesting hpnst.exe?c=p+i=hpnst.exe multiple times. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0169 + /htbin/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools may be vulnerable to a DoS by requesting hpnst.exe?c=p+i=hpnst.exe multiple times. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0169 + /scripts/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools may be vulnerable to a DoS by requesting hpnst.exe?c=p+i=hpnst.exe multiple times. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0169 + /fcgi-bin/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools may be vulnerable to a DoS by requesting hpnst.exe?c=p+i=hpnst.exe multiple times. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0169 + /cgi-exe/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools may be vulnerable to a DoS by requesting hpnst.exe?c=p+i=hpnst.exe multiple times. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0169 + /cgi-perl/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools may be vulnerable to a DoS by requesting hpnst.exe?c=p+i=hpnst.exe multiple times. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0169 + /cgi-mod/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools may be vulnerable to a DoS by requesting hpnst.exe?c=p+i=hpnst.exe multiple times. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0169 + /cgi-914/Pbcgi.exe?bcgiu4: Sambar may be vulnerable to a DOS when a long string is passed to Pbcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128 + /mpcgi/Pbcgi.exe?bcgiu4: Sambar may be vulnerable to a DOS when a long string is passed to Pbcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128 + /cgi-local/Pbcgi.exe?bcgiu4: Sambar may be vulnerable to a DOS when a long string is passed to Pbcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128 + /scripts/Pbcgi.exe?bcgiu4: Sambar may be vulnerable to a DOS when a long string is passed to Pbcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128 + /cgi-exe/Pbcgi.exe?bcgiu4: Sambar may be vulnerable to a DOS when a long string is passed to Pbcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128 + /scgi-bin/Pbcgi.exe?bcgiu4: Sambar may be vulnerable to a DOS when a long string is passed to Pbcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128 + /cgi-914/testcgi.exe: Sambar may be vulnerable to a DOS when a long string is passed to testcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128 + /mpcgi/testcgi.exe: Sambar may be vulnerable to a DOS when a long string is passed to testcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128 + /cgi-local/testcgi.exe: Sambar may be vulnerable to a DOS when a long string is passed to testcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128 + /scripts/testcgi.exe: Sambar may be vulnerable to a DOS when a long string is passed to testcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128 + /cgi-exe/testcgi.exe: Sambar may be vulnerable to a DOS when a long string is passed to testcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128 + /cgi-mod/testcgi.exe: Sambar may be vulnerable to a DOS when a long string is passed to testcgi.exe (not attempted). Default CGI should be removed from web servers. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0128 + /.nsf/../winnt/win.ini: This win.ini file can be downloaded. + /cgi-915/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756 + /htbin/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756 + /scripts/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756 + /fcgi-bin/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756 + /cgi-perl/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756 + /cgi-914/classifieds/index.cgi: My Classifieds pre 2.12 is vulnerable to SQL injection attacks. + /cgi-915/classifieds/index.cgi: My Classifieds pre 2.12 is vulnerable to SQL injection attacks. + /mpcgi/classifieds/index.cgi: My Classifieds pre 2.12 is vulnerable to SQL injection attacks. + /htbin/classifieds/index.cgi: My Classifieds pre 2.12 is vulnerable to SQL injection attacks. + /scripts/classifieds/index.cgi: My Classifieds pre 2.12 is vulnerable to SQL injection attacks. + /cgi-exe/classifieds/index.cgi: My Classifieds pre 2.12 is vulnerable to SQL injection attacks. + /cgi-mod/classifieds/index.cgi: My Classifieds pre 2.12 is vulnerable to SQL injection attacks. + /cgi-914/myguestbook.cgi?action=view: myGuestBook 1.0 may be vulnerable to Cross Site Scripting (XSS) in posted contents. Upgrade to the latest version. + /cgi-915/myguestbook.cgi?action=view: myGuestBook 1.0 may be vulnerable to Cross Site Scripting (XSS) in posted contents. Upgrade to the latest version. + /mpcgi/myguestbook.cgi?action=view: myGuestBook 1.0 may be vulnerable to Cross Site Scripting (XSS) in posted contents. Upgrade to the latest version. + /cgi-local/myguestbook.cgi?action=view: myGuestBook 1.0 may be vulnerable to Cross Site Scripting (XSS) in posted contents. Upgrade to the latest version. + /htbin/myguestbook.cgi?action=view: myGuestBook 1.0 may be vulnerable to Cross Site Scripting (XSS) in posted contents. Upgrade to the latest version. + /cgi-perl/myguestbook.cgi?action=view: myGuestBook 1.0 may be vulnerable to Cross Site Scripting (XSS) in posted contents. Upgrade to the latest version. + /scgi-bin/myguestbook.cgi?action=view: myGuestBook 1.0 may be vulnerable to Cross Site Scripting (XSS) in posted contents. Upgrade to the latest version. + /cgi-914/diagnose.cgi: This COWS (CGI Online Worldweb Shopping) script may give system information to attackers, and may be vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1680 + /cgi-915/diagnose.cgi: This COWS (CGI Online Worldweb Shopping) script may give system information to attackers, and may be vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1680 + /cgi-mod/diagnose.cgi: This COWS (CGI Online Worldweb Shopping) script may give system information to attackers, and may be vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1680 + /openautoclassifieds/friendmail.php?listing=<script>alert(document.domain);</script>: OpenAutoClassifieds 1.0 is vulnerable to a XSS attack. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1145 + /jigsaw/: Jigsaw server may be installed. Versions lower than 2.2.1 are vulnerable to Cross Site Scripting (XSS) in the error page. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1053 + /guestbook/?number=5&lng=%3Cscript%3Ealert(document.domain);%3C/script%3E: MPM Guestbook 1.2 and previous are vulnreable to XSS attacks. See: OSVDB-2754 + /cgi-915/title.cgi: HNS's title.cgi is vulnerable to Cross Site Scripting (XSS http://www.cert.org/advisories/CA-2000-02.html) in version 2.00 and earlier, and Lite 0.8 and earlier. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2115 + /cgi-local/title.cgi: HNS's title.cgi is vulnerable to Cross Site Scripting (XSS http://www.cert.org/advisories/CA-2000-02.html) in version 2.00 and earlier, and Lite 0.8 and earlier. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2115 + /htbin/title.cgi: HNS's title.cgi is vulnerable to Cross Site Scripting (XSS http://www.cert.org/advisories/CA-2000-02.html) in version 2.00 and earlier, and Lite 0.8 and earlier. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2115 + /scripts/title.cgi: HNS's title.cgi is vulnerable to Cross Site Scripting (XSS http://www.cert.org/advisories/CA-2000-02.html) in version 2.00 and earlier, and Lite 0.8 and earlier. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2115 + /fcgi-bin/title.cgi: HNS's title.cgi is vulnerable to Cross Site Scripting (XSS http://www.cert.org/advisories/CA-2000-02.html) in version 2.00 and earlier, and Lite 0.8 and earlier. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2115 + /scgi-bin/title.cgi: HNS's title.cgi is vulnerable to Cross Site Scripting (XSS http://www.cert.org/advisories/CA-2000-02.html) in version 2.00 and earlier, and Lite 0.8 and earlier. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2115 + /cgi-915/compatible.cgi: This COWS (CGI Online Worldweb Shopping) script may give system information to attackers, and may be vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1680 + /scripts/compatible.cgi: This COWS (CGI Online Worldweb Shopping) script may give system information to attackers, and may be vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1680 + /cgi-mod/compatible.cgi: This COWS (CGI Online Worldweb Shopping) script may give system information to attackers, and may be vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1680 + /cgi-914/probecontrol.cgi?command=enable&username=cancer&password=killer: This might be interesting: has been seen in web logs from a scanner. + /cgi-915/probecontrol.cgi?command=enable&username=cancer&password=killer: This might be interesting: has been seen in web logs from a scanner. + /mpcgi/probecontrol.cgi?command=enable&username=cancer&password=killer: This might be interesting: has been seen in web logs from a scanner. + /fcgi-bin/probecontrol.cgi?command=enable&username=cancer&password=killer: This might be interesting: has been seen in web logs from a scanner. + /cgi-exe/probecontrol.cgi?command=enable&username=cancer&password=killer: This might be interesting: has been seen in web logs from a scanner. + /cgi-perl/probecontrol.cgi?command=enable&username=cancer&password=killer: This might be interesting: has been seen in web logs from a scanner. + /scgi-bin/probecontrol.cgi?command=enable&username=cancer&password=killer: This might be interesting: has been seen in web logs from a scanner. + /cgi-mod/probecontrol.cgi?command=enable&username=cancer&password=killer: This might be interesting: has been seen in web logs from a scanner. + /cgi-915/probecontrol.cgi?command=enable&userNikto=cancer&password=killer: This might be interesting: has been seen in web logs from a scanner. + /cgi-local/probecontrol.cgi?command=enable&userNikto=cancer&password=killer: This might be interesting: has been seen in web logs from a scanner. + /scripts/probecontrol.cgi?command=enable&userNikto=cancer&password=killer: This might be interesting: has been seen in web logs from a scanner. + /scgi-bin/probecontrol.cgi?command=enable&userNikto=cancer&password=killer: This might be interesting: has been seen in web logs from a scanner. + /cgi-mod/probecontrol.cgi?command=enable&userNikto=cancer&password=killer: This might be interesting: has been seen in web logs from a scanner. + /cgi-bin/bigconf.cgi: BigIP Configuration CGI. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1550 + /cgi-914/webmap.cgi: nmap front end... could be fun. + /cgi-915/webmap.cgi: nmap front end... could be fun. + /mpcgi/webmap.cgi: nmap front end... could be fun. + /htbin/webmap.cgi: nmap front end... could be fun. + /scripts/webmap.cgi: nmap front end... could be fun. + /fcgi-bin/webmap.cgi: nmap front end... could be fun. + /cgi-perl/webmap.cgi: nmap front end... could be fun. + /cgi-mod/webmap.cgi: nmap front end... could be fun. + /cgi-914/admin/admin.cgi: May be ImageFolio Pro administration CGI. Default login is Admin/ImageFolio. + /mpcgi/admin/admin.cgi: May be ImageFolio Pro administration CGI. Default login is Admin/ImageFolio. + /scripts/admin/admin.cgi: May be ImageFolio Pro administration CGI. Default login is Admin/ImageFolio. + /fcgi-bin/admin/admin.cgi: May be ImageFolio Pro administration CGI. Default login is Admin/ImageFolio. + /cgi-exe/admin/admin.cgi: May be ImageFolio Pro administration CGI. Default login is Admin/ImageFolio. + /cgi-perl/admin/admin.cgi: May be ImageFolio Pro administration CGI. Default login is Admin/ImageFolio. + /scgi-bin/admin/admin.cgi: May be ImageFolio Pro administration CGI. Default login is Admin/ImageFolio. + /cgi-mod/admin/admin.cgi: May be ImageFolio Pro administration CGI. Default login is Admin/ImageFolio. + /mpcgi/admin/setup.cgi: May be ImageFolio Pro setup CGI. Default login is Admin/ImageFolio. + /htbin/admin/setup.cgi: May be ImageFolio Pro setup CGI. Default login is Admin/ImageFolio. + /scripts/admin/setup.cgi: May be ImageFolio Pro setup CGI. Default login is Admin/ImageFolio. + /fcgi-bin/admin/setup.cgi: May be ImageFolio Pro setup CGI. Default login is Admin/ImageFolio. + /cgi-exe/admin/setup.cgi: May be ImageFolio Pro setup CGI. Default login is Admin/ImageFolio. + /cgi-mod/admin/setup.cgi: May be ImageFolio Pro setup CGI. Default login is Admin/ImageFolio. + /cgi-915/mt-static/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload. + /mpcgi/mt-static/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload. + /scripts/mt-static/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload. + /fcgi-bin/mt-static/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload. + /cgi-exe/mt-static/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload. + /cgi-915/mt/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload. + /htbin/mt/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload. + /fcgi-bin/mt/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload. + /scgi-bin/mt/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload. + /cgi-mod/mt/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload. + /htbin/dbman/db.cgi?db=no-db: This CGI allows remote attackers to view system information. + /cgi-perl/dbman/db.cgi?db=no-db: This CGI allows remote attackers to view system information. + /scgi-bin/dbman/db.cgi?db=no-db: This CGI allows remote attackers to view system information. + /cgi-914/mkilog.exe: This CGI can give an attacker a lot of information. + /scripts/mkilog.exe: This CGI can give an attacker a lot of information. + /fcgi-bin/mkilog.exe: This CGI can give an attacker a lot of information. + /cgi-exe/mkilog.exe: This CGI can give an attacker a lot of information. + /cgi-perl/mkilog.exe: This CGI can give an attacker a lot of information. + /cgi-mod/mkilog.exe: This CGI can give an attacker a lot of information. + /cgi-915/mkplog.exe: This CGI can give an attacker a lot of information. + /mpcgi/mkplog.exe: This CGI can give an attacker a lot of information. + /cgi-local/mkplog.exe: This CGI can give an attacker a lot of information. + /htbin/mkplog.exe: This CGI can give an attacker a lot of information. + /scripts/mkplog.exe: This CGI can give an attacker a lot of information. + /fcgi-bin/mkplog.exe: This CGI can give an attacker a lot of information. + /cgi-exe/mkplog.exe: This CGI can give an attacker a lot of information. + /cgi-mod/mkplog.exe: This CGI can give an attacker a lot of information. + /cgi-914/rpm_query: This CGI allows anyone to see the installed RPMs. + /cgi-local/rpm_query: This CGI allows anyone to see the installed RPMs. + /scripts/rpm_query: This CGI allows anyone to see the installed RPMs. + /fcgi-bin/rpm_query: This CGI allows anyone to see the installed RPMs. + /cgi-exe/rpm_query: This CGI allows anyone to see the installed RPMs. + /cgi-915/ws_ftp.ini: Can contain saved passwords for ftp sites. + /mpcgi/ws_ftp.ini: Can contain saved passwords for ftp sites. + /cgi-local/ws_ftp.ini: Can contain saved passwords for ftp sites. + /htbin/ws_ftp.ini: Can contain saved passwords for ftp sites. + /scripts/ws_ftp.ini: Can contain saved passwords for ftp sites. + /fcgi-bin/ws_ftp.ini: Can contain saved passwords for ftp sites. + /cgi-914/WS_FTP.ini: Can contain saved passwords for ftp sites. + /cgi-915/WS_FTP.ini: Can contain saved passwords for ftp sites. + /mpcgi/WS_FTP.ini: Can contain saved passwords for ftp sites. + /cgi-local/WS_FTP.ini: Can contain saved passwords for ftp sites. + /scripts/WS_FTP.ini: Can contain saved passwords for ftp sites. + /fcgi-bin/WS_FTP.ini: Can contain saved passwords for ftp sites. + /cgi-exe/WS_FTP.ini: Can contain saved passwords for ftp sites. + /scgi-bin/WS_FTP.ini: Can contain saved passwords for ftp sites. + /cgi-mod/WS_FTP.ini: Can contain saved passwords for ftp sites. + /cgi-bin/MachineInfo: Gives out information on the machine. + /chat/data/usr: SimpleChat! 1.3 allows retrieval of user information. See: OSVDB-53304 + /cgi-local/view-source?view-source: This allows remote users to view source code. + /scripts/view-source?view-source: This allows remote users to view source code. + /fcgi-bin/view-source?view-source: This allows remote users to view source code. + /cgi-mod/view-source?view-source: This allows remote users to view source code. + /cgi-914/ibill.pm: iBill.pm is installed. This may allow brute forcing of passwords. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0839 + /mpcgi/ibill.pm: iBill.pm is installed. This may allow brute forcing of passwords. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0839 + /cgi-local/ibill.pm: iBill.pm is installed. This may allow brute forcing of passwords. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0839 + /scripts/ibill.pm: iBill.pm is installed. This may allow brute forcing of passwords. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0839 + /fcgi-bin/ibill.pm: iBill.pm is installed. This may allow brute forcing of passwords. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0839 + /scgi-bin/ibill.pm: iBill.pm is installed. This may allow brute forcing of passwords. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0839 + /cgi-mod/ibill.pm: iBill.pm is installed. This may allow brute forcing of passwords. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0839 + /cgi-914/scoadminreg.cgi: This script (part of UnixWare WebTop) may have a local root exploit. It is also an system admin script and should be protected via the web. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0311 + /mpcgi/scoadminreg.cgi: This script (part of UnixWare WebTop) may have a local root exploit. It is also an system admin script and should be protected via the web. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0311 + /scripts/scoadminreg.cgi: This script (part of UnixWare WebTop) may have a local root exploit. It is also an system admin script and should be protected via the web. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0311 + /cgi-mod/scoadminreg.cgi: This script (part of UnixWare WebTop) may have a local root exploit. It is also an system admin script and should be protected via the web. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0311 + /mpcgi/SGB_DIR/superguestconfig: Super GuestBook 1.0 from lasource.r2.ru stores the admin password in a plain text file. See: OSVDB-4663 + /fcgi-bin/SGB_DIR/superguestconfig: Super GuestBook 1.0 from lasource.r2.ru stores the admin password in a plain text file. See: OSVDB-4663 + /cgi-exe/SGB_DIR/superguestconfig: Super GuestBook 1.0 from lasource.r2.ru stores the admin password in a plain text file. See: OSVDB-4663 + /cgi-perl/SGB_DIR/superguestconfig: Super GuestBook 1.0 from lasource.r2.ru stores the admin password in a plain text file. See: OSVDB-4663 + /cgi-mod/SGB_DIR/superguestconfig: Super GuestBook 1.0 from lasource.r2.ru stores the admin password in a plain text file. See: OSVDB-4663 + /cgi-914/icat: Multiple versions of icat allow attackers to read arbitrary files. Make sure the latest version is running. + /mpcgi/icat: Multiple versions of icat allow attackers to read arbitrary files. Make sure the latest version is running. + /htbin/icat: Multiple versions of icat allow attackers to read arbitrary files. Make sure the latest version is running. + /scripts/icat: Multiple versions of icat allow attackers to read arbitrary files. Make sure the latest version is running. + /fcgi-bin/icat: Multiple versions of icat allow attackers to read arbitrary files. Make sure the latest version is running. + /cgi-exe/icat: Multiple versions of icat allow attackers to read arbitrary files. Make sure the latest version is running. + /cgi-perl/icat: Multiple versions of icat allow attackers to read arbitrary files. Make sure the latest version is running. + /cgi-914/nph-showlogs.pl?files=../../&filter=.*&submit=Go&linecnt=500&refresh=0: nCUBE Server Manager 1.0 nph-showlogs.pl directory traversal bug. + /mpcgi/nph-showlogs.pl?files=../../&filter=.*&submit=Go&linecnt=500&refresh=0: nCUBE Server Manager 1.0 nph-showlogs.pl directory traversal bug. + /htbin/nph-showlogs.pl?files=../../&filter=.*&submit=Go&linecnt=500&refresh=0: nCUBE Server Manager 1.0 nph-showlogs.pl directory traversal bug. + /mpcgi/update.dpgs: Duma Photo Gallery System may allow remote users to write to any file on the system. This could not be remotely tested. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1411 + /htbin/update.dpgs: Duma Photo Gallery System may allow remote users to write to any file on the system. This could not be remotely tested. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1411 + /scripts/update.dpgs: Duma Photo Gallery System may allow remote users to write to any file on the system. This could not be remotely tested. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1411 + /fcgi-bin/update.dpgs: Duma Photo Gallery System may allow remote users to write to any file on the system. This could not be remotely tested. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1411 + /cgi-exe/update.dpgs: Duma Photo Gallery System may allow remote users to write to any file on the system. This could not be remotely tested. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1411 + /scgi-bin/update.dpgs: Duma Photo Gallery System may allow remote users to write to any file on the system. This could not be remotely tested. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1411 + /cgi-915/view-source: This may allow remote arbitrary file retrieval. + /mpcgi/view-source: This may allow remote arbitrary file retrieval. + /cgi-local/view-source: This may allow remote arbitrary file retrieval. + /htbin/view-source: This may allow remote arbitrary file retrieval. + /scripts/view-source: This may allow remote arbitrary file retrieval. + /cgi-exe/view-source: This may allow remote arbitrary file retrieval. + /cgi-perl/view-source: This may allow remote arbitrary file retrieval. + /cgi-915/wrap: This CGI lets users read any file with 755 perms. It should not be in the CGI directory. + /mpcgi/wrap: This CGI lets users read any file with 755 perms. It should not be in the CGI directory. + /cgi-local/wrap: This CGI lets users read any file with 755 perms. It should not be in the CGI directory. + /fcgi-bin/wrap: This CGI lets users read any file with 755 perms. It should not be in the CGI directory. + /cgi-915/cgiwrap: Some versions of cgiwrap allow anyone to execute commands remotely. + /mpcgi/cgiwrap: Some versions of cgiwrap allow anyone to execute commands remotely. + /cgi-local/cgiwrap: Some versions of cgiwrap allow anyone to execute commands remotely. + /scripts/cgiwrap: Some versions of cgiwrap allow anyone to execute commands remotely. + /fcgi-bin/cgiwrap: Some versions of cgiwrap allow anyone to execute commands remotely. + /cgi-perl/cgiwrap: Some versions of cgiwrap allow anyone to execute commands remotely. + /cgi-914/Count.cgi: This may allow attackers to execute arbitrary commands on the server. + /cgi-local/Count.cgi: This may allow attackers to execute arbitrary commands on the server. + /htbin/Count.cgi: This may allow attackers to execute arbitrary commands on the server. + /fcgi-bin/Count.cgi: This may allow attackers to execute arbitrary commands on the server. + /cgi-exe/Count.cgi: This may allow attackers to execute arbitrary commands on the server. + /cgi-perl/Count.cgi: This may allow attackers to execute arbitrary commands on the server. + /scgi-bin/Count.cgi: This may allow attackers to execute arbitrary commands on the server. + /mpcgi/ImageFolio/admin/admin.cgi: ImageFolio (default account Admin/ImageFolio) may allow files to be deleted via URLs like: ?cgi=remove.pl&uid=111.111.111.111&rmstep=2&category=../../../../../../../../../../../etc/. See: OSVDB-4571 + /cgi-local/ImageFolio/admin/admin.cgi: ImageFolio (default account Admin/ImageFolio) may allow files to be deleted via URLs like: ?cgi=remove.pl&uid=111.111.111.111&rmstep=2&category=../../../../../../../../../../../etc/. See: OSVDB-4571 + /scripts/ImageFolio/admin/admin.cgi: ImageFolio (default account Admin/ImageFolio) may allow files to be deleted via URLs like: ?cgi=remove.pl&uid=111.111.111.111&rmstep=2&category=../../../../../../../../../../../etc/. See: OSVDB-4571 + /cgi-exe/ImageFolio/admin/admin.cgi: ImageFolio (default account Admin/ImageFolio) may allow files to be deleted via URLs like: ?cgi=remove.pl&uid=111.111.111.111&rmstep=2&category=../../../../../../../../../../../etc/. See: OSVDB-4571 + /cgi-perl/ImageFolio/admin/admin.cgi: ImageFolio (default account Admin/ImageFolio) may allow files to be deleted via URLs like: ?cgi=remove.pl&uid=111.111.111.111&rmstep=2&category=../../../../../../../../../../../etc/. See: OSVDB-4571 + /mpcgi/info2www: This CGI allows attackers to execute commands. + /scripts/info2www: This CGI allows attackers to execute commands. + /fcgi-bin/info2www: This CGI allows attackers to execute commands. + /scgi-bin/info2www: This CGI allows attackers to execute commands. + /cgi-914/infosrch.cgi: This CGI allows attackers to execute commands. + /mpcgi/infosrch.cgi: This CGI allows attackers to execute commands. + /cgi-local/infosrch.cgi: This CGI allows attackers to execute commands. + /htbin/infosrch.cgi: This CGI allows attackers to execute commands. + /scripts/infosrch.cgi: This CGI allows attackers to execute commands. + /fcgi-bin/infosrch.cgi: This CGI allows attackers to execute commands. + /scgi-bin/infosrch.cgi: This CGI allows attackers to execute commands. + /cgi-mod/infosrch.cgi: This CGI allows attackers to execute commands. + /cgi-914/mailnews.cgi: Some versions allow attacker to execute commands as http daemon. Upgrade or remove. + /mpcgi/mailnews.cgi: Some versions allow attacker to execute commands as http daemon. Upgrade or remove. + /scripts/mailnews.cgi: Some versions allow attacker to execute commands as http daemon. Upgrade or remove. + /cgi-exe/mailnews.cgi: Some versions allow attacker to execute commands as http daemon. Upgrade or remove. + /scgi-bin/mailnews.cgi: Some versions allow attacker to execute commands as http daemon. Upgrade or remove. + /cgi-mod/mailnews.cgi: Some versions allow attacker to execute commands as http daemon. Upgrade or remove. + /cgi-local/mmstdod.cgi: May allow attacker to execute remote commands. Upgrade to version 3.0.26 or higher. + /cgi-914/pagelog.cgi: Some versions of this allow you to create system files. Request 'pagelog.cgi?name=../../../../.././tmp/filename' to try. + /cgi-915/pagelog.cgi: Some versions of this allow you to create system files. Request 'pagelog.cgi?name=../../../../.././tmp/filename' to try. + /mpcgi/pagelog.cgi: Some versions of this allow you to create system files. Request 'pagelog.cgi?name=../../../../.././tmp/filename' to try. + /cgi-local/pagelog.cgi: Some versions of this allow you to create system files. Request 'pagelog.cgi?name=../../../../.././tmp/filename' to try. + /scripts/pagelog.cgi: Some versions of this allow you to create system files. Request 'pagelog.cgi?name=../../../../.././tmp/filename' to try. + /fcgi-bin/pagelog.cgi: Some versions of this allow you to create system files. Request 'pagelog.cgi?name=../../../../.././tmp/filename' to try. + /cgi-exe/pagelog.cgi: Some versions of this allow you to create system files. Request 'pagelog.cgi?name=../../../../.././tmp/filename' to try. + /cgi-915/perl?-v: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir. + /mpcgi/perl?-v: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir. + /cgi-local/perl?-v: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir. + /htbin/perl?-v: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir. + /cgi-mod/perl?-v: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir. + /cgi-914/perl.exe?-v: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove perl.exe from the CGI dir. + /scripts/perl.exe?-v: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove perl.exe from the CGI dir. + /cgi-mod/perl.exe?-v: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove perl.exe from the CGI dir. + /cgi-914/perl.exe: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir. + /cgi-915/perl.exe: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir. + /cgi-local/perl.exe: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir. + /cgi-exe/perl.exe: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir. + /cgi-perl/perl.exe: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir. + /scgi-bin/perl.exe: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir. + /mpcgi/perl: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir. + /fcgi-bin/perl: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir. + /cgi-exe/perl: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir. + /cgi-perl/perl: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir. + /scgi-bin/perl: Perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove Perl from the CGI dir. + /cgi-914/plusmail: This CGI may allow attackers to execute commands remotely. + /cgi-915/plusmail: This CGI may allow attackers to execute commands remotely. + /mpcgi/plusmail: This CGI may allow attackers to execute commands remotely. + /fcgi-bin/plusmail: This CGI may allow attackers to execute commands remotely. + /scgi-bin/plusmail: This CGI may allow attackers to execute commands remotely. + /cgi-914/scripts/slxweb.dll/getfile?type=Library&file=invalidfilename: SalesLogix WebClient may allow attackers to execute arbitrary commands on the host. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1607 http://www.securityfocus.com/archive/1/378637 + /cgi-915/scripts/slxweb.dll/getfile?type=Library&file=invalidfilename: SalesLogix WebClient may allow attackers to execute arbitrary commands on the host. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1607 http://www.securityfocus.com/archive/1/378637 + /mpcgi/scripts/slxweb.dll/getfile?type=Library&file=invalidfilename: SalesLogix WebClient may allow attackers to execute arbitrary commands on the host. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1607 http://www.securityfocus.com/archive/1/378637 + /htbin/scripts/slxweb.dll/getfile?type=Library&file=invalidfilename: SalesLogix WebClient may allow attackers to execute arbitrary commands on the host. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1607 http://www.securityfocus.com/archive/1/378637 + /scripts/scripts/slxweb.dll/getfile?type=Library&file=invalidfilename: SalesLogix WebClient may allow attackers to execute arbitrary commands on the host. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1607 http://www.securityfocus.com/archive/1/378637 + /fcgi-bin/scripts/slxweb.dll/getfile?type=Library&file=invalidfilename: SalesLogix WebClient may allow attackers to execute arbitrary commands on the host. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1607 http://www.securityfocus.com/archive/1/378637 + /cgi-exe/scripts/slxweb.dll/getfile?type=Library&file=invalidfilename: SalesLogix WebClient may allow attackers to execute arbitrary commands on the host. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1607 http://www.securityfocus.com/archive/1/378637 + /cgi-local/scripts/slxweb.dll/getfile?type=Library&file=invalidfileNikto: SalesLogix WebClient may allow attackers to execute arbitrary commands on the host. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1607 http://www.securityfocus.com/archive/1/378637 + /htbin/scripts/slxweb.dll/getfile?type=Library&file=invalidfileNikto: SalesLogix WebClient may allow attackers to execute arbitrary commands on the host. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1607 http://www.securityfocus.com/archive/1/378637 + /fcgi-bin/scripts/slxweb.dll/getfile?type=Library&file=invalidfileNikto: SalesLogix WebClient may allow attackers to execute arbitrary commands on the host. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1607 http://www.securityfocus.com/archive/1/378637 + /scgi-bin/scripts/slxweb.dll/getfile?type=Library&file=invalidfileNikto: SalesLogix WebClient may allow attackers to execute arbitrary commands on the host. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1607 http://www.securityfocus.com/archive/1/378637 + /cgi-914/smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd|: To check for remote execution vulnerability use ?keywords=|/bin/ls| or your favorite command. + /mpcgi/smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd|: To check for remote execution vulnerability use ?keywords=|/bin/ls| or your favorite command. + /cgi-local/smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd|: To check for remote execution vulnerability use ?keywords=|/bin/ls| or your favorite command. + /htbin/smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd|: To check for remote execution vulnerability use ?keywords=|/bin/ls| or your favorite command. + /fcgi-bin/smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd|: To check for remote execution vulnerability use ?keywords=|/bin/ls| or your favorite command. + /cgi-exe/smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd|: To check for remote execution vulnerability use ?keywords=|/bin/ls| or your favorite command. + /cgi-perl/smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd|: To check for remote execution vulnerability use ?keywords=|/bin/ls| or your favorite command. + /cgi-mod/smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd|: To check for remote execution vulnerability use ?keywords=|/bin/ls| or your favorite command. + /cgi-915/spin_client.cgi?aaaaaaaa: This CGI may be vulnerable to remote execution by sending 8000 x 'a' characters (check to see if you get a 500 error message). See: https://www.tenable.com/plugins/nessus/10393 + /htbin/spin_client.cgi?aaaaaaaa: This CGI may be vulnerable to remote execution by sending 8000 x 'a' characters (check to see if you get a 500 error message). See: https://www.tenable.com/plugins/nessus/10393 + /scgi-bin/spin_client.cgi?aaaaaaaa: This CGI may be vulnerable to remote execution by sending 8000 x 'a' characters (check to see if you get a 500 error message). See: https://www.tenable.com/plugins/nessus/10393 + /cgi-914/viralator.cgi: May be vulnerable to command injection, upgrade to 0.9pre2 or newer. This flaw could not be confirmed. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0849 + /cgi-915/viralator.cgi: May be vulnerable to command injection, upgrade to 0.9pre2 or newer. This flaw could not be confirmed. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0849 + /mpcgi/viralator.cgi: May be vulnerable to command injection, upgrade to 0.9pre2 or newer. This flaw could not be confirmed. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0849 + /cgi-local/viralator.cgi: May be vulnerable to command injection, upgrade to 0.9pre2 or newer. This flaw could not be confirmed. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0849 + /scripts/viralator.cgi: May be vulnerable to command injection, upgrade to 0.9pre2 or newer. This flaw could not be confirmed. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0849 + /fcgi-bin/viralator.cgi: May be vulnerable to command injection, upgrade to 0.9pre2 or newer. This flaw could not be confirmed. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0849 + /cgi-exe/viralator.cgi: May be vulnerable to command injection, upgrade to 0.9pre2 or newer. This flaw could not be confirmed. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0849 + /cgi-mod/viralator.cgi: May be vulnerable to command injection, upgrade to 0.9pre2 or newer. This flaw could not be confirmed. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0849 + /cgi-915/virgil.cgi: The Virgil CGI Scanner 0.9 allows remote users to gain a system shell. This could not be confirmed (try syntax such as virgil.cgi?tar=-lp&zielport=31337 to open a connection on port 31337. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1938 + /mpcgi/virgil.cgi: The Virgil CGI Scanner 0.9 allows remote users to gain a system shell. This could not be confirmed (try syntax such as virgil.cgi?tar=-lp&zielport=31337 to open a connection on port 31337. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1938 + /htbin/virgil.cgi: The Virgil CGI Scanner 0.9 allows remote users to gain a system shell. This could not be confirmed (try syntax such as virgil.cgi?tar=-lp&zielport=31337 to open a connection on port 31337. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1938 + /scgi-bin/virgil.cgi: The Virgil CGI Scanner 0.9 allows remote users to gain a system shell. This could not be confirmed (try syntax such as virgil.cgi?tar=-lp&zielport=31337 to open a connection on port 31337. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1938 + /cgi-mod/virgil.cgi: The Virgil CGI Scanner 0.9 allows remote users to gain a system shell. This could not be confirmed (try syntax such as virgil.cgi?tar=-lp&zielport=31337 to open a connection on port 31337. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1938 + /cgi-915/vpasswd.cgi: Some versions of this CGI allow attackers to execute system commands. See: https://seclists.org/bugtraq/2002/Oct/362 + /mpcgi/vpasswd.cgi: Some versions of this CGI allow attackers to execute system commands. See: https://seclists.org/bugtraq/2002/Oct/362 + /cgi-local/vpasswd.cgi: Some versions of this CGI allow attackers to execute system commands. See: https://seclists.org/bugtraq/2002/Oct/362 + /fcgi-bin/vpasswd.cgi: Some versions of this CGI allow attackers to execute system commands. See: https://seclists.org/bugtraq/2002/Oct/362 + /scgi-bin/vpasswd.cgi: Some versions of this CGI allow attackers to execute system commands. See: https://seclists.org/bugtraq/2002/Oct/362 + /mpcgi/webgais: The webgais allows attackers to execute commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0176 + /htbin/webgais: The webgais allows attackers to execute commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0176 + /scripts/webgais: The webgais allows attackers to execute commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0176 + /fcgi-bin/webgais: The webgais allows attackers to execute commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0176 + /scgi-bin/webgais: The webgais allows attackers to execute commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0176 + /cgi-mod/webgais: The webgais allows attackers to execute commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0176 + /mpcgi/websendmail: This CGI may allow attackers to execute arbitrary commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0196 + /htbin/websendmail: This CGI may allow attackers to execute arbitrary commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0196 + /cgi-exe/websendmail: This CGI may allow attackers to execute arbitrary commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0196 + /cgi-perl/websendmail: This CGI may allow attackers to execute arbitrary commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0196 + /scgi-bin/websendmail: This CGI may allow attackers to execute arbitrary commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0196 + /mpcgi/wwwwais: wwwais has a vulnerability that lets attackers run commands as http daemon owner. Request 'CGIDIR/wwwais?version=version=123&' and 4096 bytes of garbage. + /htbin/wwwwais: wwwais has a vulnerability that lets attackers run commands as http daemon owner. Request 'CGIDIR/wwwais?version=version=123&' and 4096 bytes of garbage. + /cgi-mod/wwwwais: wwwais has a vulnerability that lets attackers run commands as http daemon owner. Request 'CGIDIR/wwwais?version=version=123&' and 4096 bytes of garbage. + /mpcgi/cachemgr.cgi: Manager for squid proxy; problem with RedHat 6 making it public, can allow attacker to perform port scans. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0710 + /fcgi-bin/cachemgr.cgi: Manager for squid proxy; problem with RedHat 6 making it public, can allow attacker to perform port scans. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0710 + /cgi-exe/cachemgr.cgi: Manager for squid proxy; problem with RedHat 6 making it public, can allow attacker to perform port scans. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0710 + /cgi-perl/cachemgr.cgi: Manager for squid proxy; problem with RedHat 6 making it public, can allow attacker to perform port scans. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0710 + /cgi-mod/cachemgr.cgi: Manager for squid proxy; problem with RedHat 6 making it public, can allow attacker to perform port scans. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0710 + /cgi-914/ppdscgi.exe: PowerPlay Web Edition may allow unauthenticated users to view pages. See: BID-491 + /cgi-915/ppdscgi.exe: PowerPlay Web Edition may allow unauthenticated users to view pages. See: BID-491 + /cgi-local/ppdscgi.exe: PowerPlay Web Edition may allow unauthenticated users to view pages. See: BID-491 + /htbin/ppdscgi.exe: PowerPlay Web Edition may allow unauthenticated users to view pages. See: BID-491 + /scripts/ppdscgi.exe: PowerPlay Web Edition may allow unauthenticated users to view pages. See: BID-491 + /cgi-exe/ppdscgi.exe: PowerPlay Web Edition may allow unauthenticated users to view pages. See: BID-491 + /scgi-bin/ppdscgi.exe: PowerPlay Web Edition may allow unauthenticated users to view pages. See: BID-491 + /cgi-mod/ppdscgi.exe: PowerPlay Web Edition may allow unauthenticated users to view pages. See: BID-491 + /cgi-914/webif.cgi: HNS's webif.cgi is vulnerable to allow remote users to rewrite diary entries if 'direct mode' is enabled in version 2.00 and earlier, and Lite 0.8 and earlier. + /mpcgi/webif.cgi: HNS's webif.cgi is vulnerable to allow remote users to rewrite diary entries if 'direct mode' is enabled in version 2.00 and earlier, and Lite 0.8 and earlier. + /htbin/webif.cgi: HNS's webif.cgi is vulnerable to allow remote users to rewrite diary entries if 'direct mode' is enabled in version 2.00 and earlier, and Lite 0.8 and earlier. + /scripts/webif.cgi: HNS's webif.cgi is vulnerable to allow remote users to rewrite diary entries if 'direct mode' is enabled in version 2.00 and earlier, and Lite 0.8 and earlier. + /scgi-bin/webif.cgi: HNS's webif.cgi is vulnerable to allow remote users to rewrite diary entries if 'direct mode' is enabled in version 2.00 and earlier, and Lite 0.8 and earlier. + /cgi-mod/webif.cgi: HNS's webif.cgi is vulnerable to allow remote users to rewrite diary entries if 'direct mode' is enabled in version 2.00 and earlier, and Lite 0.8 and earlier. + /cgi-local/.cobalt/siteUserMod/siteUserMod.cgi: Older versions of this CGI allow any user to change the administrator password. + /scripts/.cobalt/siteUserMod/siteUserMod.cgi: Older versions of this CGI allow any user to change the administrator password. + /fcgi-bin/.cobalt/siteUserMod/siteUserMod.cgi: Older versions of this CGI allow any user to change the administrator password. + /cgi-perl/.cobalt/siteUserMod/siteUserMod.cgi: Older versions of this CGI allow any user to change the administrator password. + /cgi-914/webdriver: This CGI often allows anyone to access the Informix DB on the host. + /cgi-local/webdriver: This CGI often allows anyone to access the Informix DB on the host. + /htbin/webdriver: This CGI often allows anyone to access the Informix DB on the host. + /fcgi-bin/webdriver: This CGI often allows anyone to access the Informix DB on the host. + /cgi-exe/webdriver: This CGI often allows anyone to access the Informix DB on the host. + /cgi-mod/webdriver: This CGI often allows anyone to access the Informix DB on the host. + /cgi-915/c32web.exe/ChangeAdminPassword: This CGI may contain a backdoor and may allow attackers to change the Cart32 admin password. + /mpcgi/c32web.exe/ChangeAdminPassword: This CGI may contain a backdoor and may allow attackers to change the Cart32 admin password. + /fcgi-bin/c32web.exe/ChangeAdminPassword: This CGI may contain a backdoor and may allow attackers to change the Cart32 admin password. + /cgi-mod/c32web.exe/ChangeAdminPassword: This CGI may contain a backdoor and may allow attackers to change the Cart32 admin password. + /cgi-local/mini_logger.cgi: Default password: guest. + /fcgi-bin/mini_logger.cgi: Default password: guest. + /cgi-exe/mini_logger.cgi: Default password: guest. + /cgi-mod/mini_logger.cgi: Default password: guest. + /cgi-914/mt-static/: Movable Type weblog found. May contain security problems in CGIs, weak passwords, and more. Default login 'Melody' with password 'Nelson'. + /cgi-915/mt-static/: Movable Type weblog found. May contain security problems in CGIs, weak passwords, and more. Default login 'Melody' with password 'Nelson'. + /mpcgi/mt-static/: Movable Type weblog found. May contain security problems in CGIs, weak passwords, and more. Default login 'Melody' with password 'Nelson'. + /scripts/mt-static/: Movable Type weblog found. May contain security problems in CGIs, weak passwords, and more. Default login 'Melody' with password 'Nelson'. + /fcgi-bin/mt-static/: Movable Type weblog found. May contain security problems in CGIs, weak passwords, and more. Default login 'Melody' with password 'Nelson'. + /cgi-perl/mt-static/: Movable Type weblog found. May contain security problems in CGIs, weak passwords, and more. Default login 'Melody' with password 'Nelson'. + /cgi-914/mt/: Movable Type weblog found. May contain security problems in CGIs, weak passwords, and more. Default login 'Melody' with password 'Nelson'. + /fcgi-bin/mt/: Movable Type weblog found. May contain security problems in CGIs, weak passwords, and more. Default login 'Melody' with password 'Nelson'. + /cgi-exe/mt/: Movable Type weblog found. May contain security problems in CGIs, weak passwords, and more. Default login 'Melody' with password 'Nelson'. + /cgi-perl/mt/: Movable Type weblog found. May contain security problems in CGIs, weak passwords, and more. Default login 'Melody' with password 'Nelson'. + /scgi-bin/mt/: Movable Type weblog found. May contain security problems in CGIs, weak passwords, and more. Default login 'Melody' with password 'Nelson'. + /cgi-mod/mt/: Movable Type weblog found. May contain security problems in CGIs, weak passwords, and more. Default login 'Melody' with password 'Nelson'. + /cgi-914/robadmin.cgi: Default password: roblog. + /mpcgi/robadmin.cgi: Default password: roblog. + /cgi-local/robadmin.cgi: Default password: roblog. + /scripts/robadmin.cgi: Default password: roblog. + /fcgi-bin/robadmin.cgi: Default password: roblog. + /cgi-perl/robadmin.cgi: Default password: roblog. + /cgi-914/netpad.cgi: netpad.cgi may be an indication of a malicious user on the system, as it allows web access to the file system. It may also have remote vulnerabilities itself. This should be removed or protected. + /cgi-local/netpad.cgi: netpad.cgi may be an indication of a malicious user on the system, as it allows web access to the file system. It may also have remote vulnerabilities itself. This should be removed or protected. + /scripts/netpad.cgi: netpad.cgi may be an indication of a malicious user on the system, as it allows web access to the file system. It may also have remote vulnerabilities itself. This should be removed or protected. + /fcgi-bin/netpad.cgi: netpad.cgi may be an indication of a malicious user on the system, as it allows web access to the file system. It may also have remote vulnerabilities itself. This should be removed or protected. + /cgi-mod/netpad.cgi: netpad.cgi may be an indication of a malicious user on the system, as it allows web access to the file system. It may also have remote vulnerabilities itself. This should be removed or protected. + /cgi-914/troops.cgi: This CGI may be a leftover from a hacked site; may be used to attempt to hack other sites. It should be investigated further. + /cgi-915/troops.cgi: This CGI may be a leftover from a hacked site; may be used to attempt to hack other sites. It should be investigated further. + /htbin/troops.cgi: This CGI may be a leftover from a hacked site; may be used to attempt to hack other sites. It should be investigated further. + /cgi-exe/troops.cgi: This CGI may be a leftover from a hacked site; may be used to attempt to hack other sites. It should be investigated further. + /cgi-perl/troops.cgi: This CGI may be a leftover from a hacked site; may be used to attempt to hack other sites. It should be investigated further. + /cgi-mod/troops.cgi: This CGI may be a leftover from a hacked site; may be used to attempt to hack other sites. It should be investigated further. + /htbin/photo/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. + /scripts/photo/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. + /fcgi-bin/photo/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. + /cgi-perl/photo/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. + /servlet/SessionManager: IBM WebSphere reconfigure servlet (user=servlet, password=manager). All default code should be removed from servers. + /livehelp/: LiveHelp may reveal system information. + /LiveHelp/: LiveHelp may reveal system information. + /logicworks.ini: web-erp 0.1.4 and earlier allow .ini files to be read remotely. See: OSVDB-59536 + /megabook/files/20/setup.db: Megabook guestbook configuration available remotely. See: OSVDB-3204 + /order/order_log.dat: Web shopping system exposes order information. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0606 + /orders/order_log_v12.dat: Web shopping system exposes order information. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0606 + /session/admnlogin: SessionServlet Output, has session cookie info. + /servlet/allaire.jrun.ssi.SSIFilter: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0926 + /krysalis/: Krysalis pre 1.0.3 may allow remote users to read arbitrary files outside docroot. + /ncl_items.shtml?SUBJECT=1: This may allow attackers to reconfigure your Tektronix printer. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0484 + /photodata/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. + /pub/english.cgi?op=rmail: BSCW self-registration may be enabled. This could allow untrusted users semi-trusted access to the software. 3.x version (and probably some 4.x) allow arbitrary commands to be executed remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0095 + /scripts/wsisa.dll/WService=anything?WSMadmin: Allows Webspeed to be remotely administered. Edit unbroker.properties and set AllowMsngrCmds to 0. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0127 + /submit?setoption=q&option=allowed_ips&value=255.255.255.255: MLdonkey 2.x allows administrative interface access to be access from any IP. This is typically only found on port 4080. See: OSVDB-3126 + /_vti_txt/_vti_cnf/: FrontPage directory found. + /_vti_pvt/doctodep.btr: FrontPage file found. This may contain useful information. + /_vti_pvt/services.org: FrontPage file found. This may contain useful information. + /_vti_bin/shtml.dll/_vti_rpc?method=server+version%3a4%2e0%2e2%2e2611: Gives info about server settings. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0413,http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0709,http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0710 + /_vti_bin/shtml.exe/_vti_rpc?method=server+version%3a4%2e0%2e2%2e2611: Gives info about server settings. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0413,http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0709,http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0710 + /_vti_bin/_vti_aut/author.exe?method=list+documents%3a3%2e0%2e2%2e1706&service%5fname=&listHiddenDocs=true&listExplorerDocs=true&listRecurse=false&listFiles=true&listFolders=true&listLinkInfo=true&listIncludeParent=true&listDerivedT=false&listBorders=false: We seem to have authoring access to the FrontPage web. + /level/16/exec/-///pwd: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/16/exec/-///show/configuration: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/16: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/16/level/16/exec//show/configuration: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/16/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/17/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/19/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/22/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/24/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/27/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/28/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/29/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/31/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/32/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/34/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/35/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/38/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/39/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/40/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/42/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/43/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/44/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/45/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/46/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/48/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/49/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/51/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/52/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/53/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/54/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/55/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/57/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/58/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/59/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/61/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/62/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/63/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/64/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/68/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/69/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/70/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/71/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/72/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/73/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/75/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/76/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/77/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/78/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/79/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/81/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/83/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/84/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/88/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/89/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/90/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/91/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/93/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/94/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /level/96/exec//show: CISCO HTTP service allows remote execution of commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0537 + /WS_FTP.LOG: WS_FTP.LOG file was found. It may contain sensitive information. See: OSVDB-13405 + /lcgi/lcgitest.nlm: Novell web server shows the server environment. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2104 + /com/: Novell web server allows directory listing. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2106 + /com/novell/: Novell web server allows directory listing. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2106 + /com/novell/webaccess: Novell web server allows directory listing. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2106 + /cgi-914/ccbill-local.cgi?cmd=MENU: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/ccbill-local.cgi?cmd=MENU: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/ccbill-local.cgi?cmd=MENU: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/mastergate/search.cgi?search=0&search_on=all: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/mastergate/search.cgi?search=0&search_on=all: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/mastergate/search.cgi?search=0&search_on=all: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/mastergate/search.cgi?search=0&search_on=all: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/mastergate/search.cgi?search=0&search_on=all: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/mastergate/search.cgi?search=0&search_on=all: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/Backup/add-passwd.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/Backup/add-passwd.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/Backup/add-passwd.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/Backup/add-passwd.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/Backup/add-passwd.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/Backup/add-passwd.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/Backup/add-passwd.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/gbook/gbook.cgi?_MAILTO=xx;ls: gbook.cgi allows command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1131 + /mpcgi/gbook/gbook.cgi?_MAILTO=xx;ls: gbook.cgi allows command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1131 + /cgi-local/gbook/gbook.cgi?_MAILTO=xx;ls: gbook.cgi allows command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1131 + /cgi-exe/gbook/gbook.cgi?_MAILTO=xx;ls: gbook.cgi allows command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1131 + /scgi-bin/gbook/gbook.cgi?_MAILTO=xx;ls: gbook.cgi allows command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1131 + /cgi-mod/gbook/gbook.cgi?_MAILTO=xx;ls: gbook.cgi allows command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1131 + /cgi-915/bslist.cgi?email=x;ls: BSList allows command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0100 + /cgi-local/bslist.cgi?email=x;ls: BSList allows command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0100 + /fcgi-bin/bslist.cgi?email=x;ls: BSList allows command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0100 + /cgi-exe/bslist.cgi?email=x;ls: BSList allows command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0100 + /cgi-perl/bslist.cgi?email=x;ls: BSList allows command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0100 + /cgi-mod/bslist.cgi?email=x;ls: BSList allows command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0100 + /cgi-914/bsguest.cgi?email=x;ls: BSGuest allows command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0099 + /mpcgi/bsguest.cgi?email=x;ls: BSGuest allows command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0099 + /fcgi-bin/bsguest.cgi?email=x;ls: BSGuest allows command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0099 + /cgi-perl/bsguest.cgi?email=x;ls: BSGuest allows command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0099 + /scgi-bin/bsguest.cgi?email=x;ls: BSGuest allows command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0099 + /cgi-mod/bsguest.cgi?email=x;ls: BSGuest allows command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0099 + /axis-cgi/buffer/command.cgi: Axis WebCam 2400 may allow overwriting or creating files on the system. See: https://www.securityfocus.com/archive/1/313485 + /support/messages: Axis WebCam allows retrieval of messages file (/var/log/messages). See: https://www.securityfocus.com/archive/1/313485 + /cgi-914/phf: This allows attackers to read arbitrary files on the system and perhaps execute commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0067 + /scgi-bin/phf: This allows attackers to read arbitrary files on the system and perhaps execute commands. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0067 + /cgi-914/upload.cgi: The upload.cgi allows attackers to upload arbitrary files to the server. See: OSVDB-228 + /mpcgi/upload.cgi: The upload.cgi allows attackers to upload arbitrary files to the server. See: OSVDB-228 + /cgi-local/upload.cgi: The upload.cgi allows attackers to upload arbitrary files to the server. See: OSVDB-228 + /htbin/upload.cgi: The upload.cgi allows attackers to upload arbitrary files to the server. See: OSVDB-228 + /cgi-perl/upload.cgi: The upload.cgi allows attackers to upload arbitrary files to the server. See: OSVDB-228 + /scgi-bin/upload.cgi: The upload.cgi allows attackers to upload arbitrary files to the server. See: OSVDB-228 + /cgi-mod/upload.cgi: The upload.cgi allows attackers to upload arbitrary files to the server. See: OSVDB-228 + /upload.cgi+: The upload.cgi allows attackers to upload arbitrary files to the server. See: OSVDB-228 + /server-status: This reveals Apache information. Comment out appropriate line in the Apache conf file or restrict access to allowed sources. See: OSVDB-561 + /cgi-914/nph-publish.cgi: This CGI may allow attackers to execute arbitrary commands on the server. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1177 + /cgi-915/nph-publish.cgi: This CGI may allow attackers to execute arbitrary commands on the server. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1177 + /mpcgi/nph-publish.cgi: This CGI may allow attackers to execute arbitrary commands on the server. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1177 + /cgi-local/nph-publish.cgi: This CGI may allow attackers to execute arbitrary commands on the server. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1177 + /fcgi-bin/nph-publish.cgi: This CGI may allow attackers to execute arbitrary commands on the server. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1177 + /cgi-perl/nph-publish.cgi: This CGI may allow attackers to execute arbitrary commands on the server. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1177 + /cgi-914/nph-test-cgi: This CGI lets attackers get a directory listing of the CGI directory. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0045 + /cgi-915/nph-test-cgi: This CGI lets attackers get a directory listing of the CGI directory. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0045 + /htbin/nph-test-cgi: This CGI lets attackers get a directory listing of the CGI directory. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0045 + /scripts/nph-test-cgi: This CGI lets attackers get a directory listing of the CGI directory. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0045 + /fcgi-bin/nph-test-cgi: This CGI lets attackers get a directory listing of the CGI directory. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0045 + /cgi-perl/nph-test-cgi: This CGI lets attackers get a directory listing of the CGI directory. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0045 + /scgi-bin/nph-test-cgi: This CGI lets attackers get a directory listing of the CGI directory. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0045 + /iissamples/exair/search/search.asp: Scripts within the Exair package on IIS 4 can be used for a DoS against the server. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0449 + /cpanel/: Web-based control panel. See: OSVDB-2117 + /photodata/: My Photo Gallery pre 3.6 contains multiple vulnerabilities including directory traversal, unspecified vulnerabilities and remote management interface access. See: OSVDB-2695 + /mpcgi/photo/: My Photo Gallery pre 3.6 contains multiple vulnerabilities including directory traversal, unspecified vulnerabilities and remote management interface access. See: OSVDB-2695 + /fcgi-bin/photo/: My Photo Gallery pre 3.6 contains multiple vulnerabilities including directory traversal, unspecified vulnerabilities and remote management interface access. See: OSVDB-2695 + /cgi-exe/photo/: My Photo Gallery pre 3.6 contains multiple vulnerabilities including directory traversal, unspecified vulnerabilities and remote management interface access. See: OSVDB-2695 + /cgi-perl/photo/: My Photo Gallery pre 3.6 contains multiple vulnerabilities including directory traversal, unspecified vulnerabilities and remote management interface access. See: OSVDB-2695 + /scgi-bin/photo/: My Photo Gallery pre 3.6 contains multiple vulnerabilities including directory traversal, unspecified vulnerabilities and remote management interface access. See: OSVDB-2695 + /musicqueue.cgi: Musicqueue 1.20 is vulnerable to a buffer overflow. Ensure the latest version is installed (exploit not attempted). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1140,http://musicqueue.sourceforge.net/ + /cgi-914/musicqueue.cgi: Musicqueue 1.20 is vulnerable to a buffer overflow. Ensure the latest version is installed (exploit not attempted). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1140,http://musicqueue.sourceforge.net/ + /mpcgi/musicqueue.cgi: Musicqueue 1.20 is vulnerable to a buffer overflow. Ensure the latest version is installed (exploit not attempted). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1140,http://musicqueue.sourceforge.net/ + /cgi-exe/musicqueue.cgi: Musicqueue 1.20 is vulnerable to a buffer overflow. Ensure the latest version is installed (exploit not attempted). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1140,http://musicqueue.sourceforge.net/ + /cgi-perl/musicqueue.cgi: Musicqueue 1.20 is vulnerable to a buffer overflow. Ensure the latest version is installed (exploit not attempted). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1140,http://musicqueue.sourceforge.net/ + /scgi-bin/musicqueue.cgi: Musicqueue 1.20 is vulnerable to a buffer overflow. Ensure the latest version is installed (exploit not attempted). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1140,http://musicqueue.sourceforge.net/ + /cgi-915/windmail: Some versions are vulnerable. Request 'windmail?-n%20c:\boot.ini%20you@youraddress.com' (replace your address) and see if you get the boot.ini file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0242 + /cgi-local/windmail: Some versions are vulnerable. Request 'windmail?-n%20c:\boot.ini%20you@youraddress.com' (replace your address) and see if you get the boot.ini file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0242 + /scripts/windmail: Some versions are vulnerable. Request 'windmail?-n%20c:\boot.ini%20you@youraddress.com' (replace your address) and see if you get the boot.ini file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0242 + /fcgi-bin/windmail: Some versions are vulnerable. Request 'windmail?-n%20c:\boot.ini%20you@youraddress.com' (replace your address) and see if you get the boot.ini file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0242 + /cgi-perl/windmail: Some versions are vulnerable. Request 'windmail?-n%20c:\boot.ini%20you@youraddress.com' (replace your address) and see if you get the boot.ini file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0242 + /cgi-914/windmail.exe: Some versions are vulnerable. Request 'windmail.exe?-n%20c:\boot.ini%20you@youraddress.com' (replace your address) and see if you get the boot.ini file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0242 + /cgi-915/windmail.exe: Some versions are vulnerable. Request 'windmail.exe?-n%20c:\boot.ini%20you@youraddress.com' (replace your address) and see if you get the boot.ini file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0242 + /htbin/windmail.exe: Some versions are vulnerable. Request 'windmail.exe?-n%20c:\boot.ini%20you@youraddress.com' (replace your address) and see if you get the boot.ini file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0242 + /scripts/windmail.exe: Some versions are vulnerable. Request 'windmail.exe?-n%20c:\boot.ini%20you@youraddress.com' (replace your address) and see if you get the boot.ini file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0242 + /fcgi-bin/windmail.exe: Some versions are vulnerable. Request 'windmail.exe?-n%20c:\boot.ini%20you@youraddress.com' (replace your address) and see if you get the boot.ini file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0242 + /cgi-exe/windmail.exe: Some versions are vulnerable. Request 'windmail.exe?-n%20c:\boot.ini%20you@youraddress.com' (replace your address) and see if you get the boot.ini file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0242 + /scgi-bin/windmail.exe: Some versions are vulnerable. Request 'windmail.exe?-n%20c:\boot.ini%20you@youraddress.com' (replace your address) and see if you get the boot.ini file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0242 + /cgi-mod/windmail.exe: Some versions are vulnerable. Request 'windmail.exe?-n%20c:\boot.ini%20you@youraddress.com' (replace your address) and see if you get the boot.ini file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0242 + /iisadmpwd/aexp2b.htr: Gives domain and system name, may allow an attacker to brute force for access. Also will allow an NT4 user to change his password regardless of the 'user cannot change password' security policy. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0407. http://www.securityfocus.com/bid/4236. http://www.securityfocus.com/bid/2110. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0407 + /iisadmpwd/aexp3.htr: Gives domain and system name, may allow an attacker to brute force for access. Also will allow an NT4 user to change his password regardless of the 'user cannot change password' security policy. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0407. http://www.securityfocus.com/bid/4236. http://www.securityfocus.com/bid/2110. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0407 + /iisadmpwd/aexp4b.htr: Gives domain and system name, may allow an attacker to brute force for access. Also will allow an NT4 user to change his password regardless of the 'user cannot change password' security policy. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0407. http://www.securityfocus.com/bid/4236. http://www.securityfocus.com/bid/2110. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0407 + /cgi-914/gbadmin.cgi?action=change_adminpass: RNN Guestbook 1.2 contains multiple vulnerabilities including remotely changing administrative password, deleting posts, changing the setup, remotely executing commands, and more. By default, the admin password is either 'admin' or 'demo'. See Nov 26, 200. See: OSVDB-2873 + /fcgi-bin/gbadmin.cgi?action=change_adminpass: RNN Guestbook 1.2 contains multiple vulnerabilities including remotely changing administrative password, deleting posts, changing the setup, remotely executing commands, and more. By default, the admin password is either 'admin' or 'demo'. See Nov 26, 200. See: OSVDB-2873 + /scgi-bin/gbadmin.cgi?action=change_adminpass: RNN Guestbook 1.2 contains multiple vulnerabilities including remotely changing administrative password, deleting posts, changing the setup, remotely executing commands, and more. By default, the admin password is either 'admin' or 'demo'. See Nov 26, 200. See: OSVDB-2873 + /cgi-914/gbadmin.cgi?action=change_automail: RNN Guestbook 1.2 contains multiple vulnerabilities including remotely changing administrative password, deleting posts, changing the setup, remotely executing commands, and more. By default, the admin password is either 'admin' or 'demo'. See Nov 26, 200. See: OSVDB-2873 + /cgi-915/gbadmin.cgi?action=change_automail: RNN Guestbook 1.2 contains multiple vulnerabilities including remotely changing administrative password, deleting posts, changing the setup, remotely executing commands, and more. By default, the admin password is either 'admin' or 'demo'. See Nov 26, 200. See: OSVDB-2873 + /mpcgi/gbadmin.cgi?action=change_automail: RNN Guestbook 1.2 contains multiple vulnerabilities including remotely changing administrative password, deleting posts, changing the setup, remotely executing commands, and more. By default, the admin password is either 'admin' or 'demo'. See Nov 26, 200. See: OSVDB-2873 + /scripts/gbadmin.cgi?action=change_automail: RNN Guestbook 1.2 contains multiple vulnerabilities including remotely changing administrative password, deleting posts, changing the setup, remotely executing commands, and more. By default, the admin password is either 'admin' or 'demo'. See Nov 26, 200. See: OSVDB-2873 + /cgi-perl/gbadmin.cgi?action=change_automail: RNN Guestbook 1.2 contains multiple vulnerabilities including remotely changing administrative password, deleting posts, changing the setup, remotely executing commands, and more. By default, the admin password is either 'admin' or 'demo'. See Nov 26, 200. See: OSVDB-2873 + /scgi-bin/gbadmin.cgi?action=change_automail: RNN Guestbook 1.2 contains multiple vulnerabilities including remotely changing administrative password, deleting posts, changing the setup, remotely executing commands, and more. By default, the admin password is either 'admin' or 'demo'. See Nov 26, 200. See: OSVDB-2873 + /cgi-mod/gbadmin.cgi?action=change_automail: RNN Guestbook 1.2 contains multiple vulnerabilities including remotely changing administrative password, deleting posts, changing the setup, remotely executing commands, and more. By default, the admin password is either 'admin' or 'demo'. See Nov 26, 200. See: OSVDB-2873 + /cgi-local/gbadmin.cgi?action=colors: RNN Guestbook 1.2 contains multiple vulnerabilities including remotely changing administrative password, deleting posts, changing the setup, remotely executing commands, and more. By default, the admin password is either 'admin' or 'demo'. See Nov 26, 200. See: OSVDB-2873 + /htbin/gbadmin.cgi?action=colors: RNN Guestbook 1.2 contains multiple vulnerabilities including remotely changing administrative password, deleting posts, changing the setup, remotely executing commands, and more. By default, the admin password is either 'admin' or 'demo'. See Nov 26, 200. See: OSVDB-2873 + /scripts/gbadmin.cgi?action=colors: RNN Guestbook 1.2 contains multiple vulnerabilities including remotely changing administrative password, deleting posts, changing the setup, remotely executing commands, and more. By default, the admin password is either 'admin' or 'demo'. See Nov 26, 200. See: OSVDB-2873 + /cgi-perl/gbadmin.cgi?action=colors: RNN Guestbook 1.2 contains multiple vulnerabilities including remotely changing administrative password, deleting posts, changing the setup, remotely executing commands, and more. By default, the admin password is either 'admin' or 'demo'. See Nov 26, 200. See: OSVDB-2873 + /scgi-bin/gbadmin.cgi?action=colors: RNN Guestbook 1.2 contains multiple vulnerabilities including remotely changing administrative password, deleting posts, changing the setup, remotely executing commands, and more. By default, the admin password is either 'admin' or 'demo'. See Nov 26, 200. See: OSVDB-2873 + /mpcgi/gbadmin.cgi?action=setup: RNN Guestbook 1.2 contains multiple vulnerabilities including remotely changing administrative password, deleting posts, changing the setup, remotely executing commands, and more. By default, the admin password is either 'admin' or 'demo'. See Nov 26, 200. See: OSVDB-2873 + /scripts/gbadmin.cgi?action=setup: RNN Guestbook 1.2 contains multiple vulnerabilities including remotely changing administrative password, deleting posts, changing the setup, remotely executing commands, and more. By default, the admin password is either 'admin' or 'demo'. See Nov 26, 200. See: OSVDB-2873 + /fcgi-bin/gbadmin.cgi?action=setup: RNN Guestbook 1.2 contains multiple vulnerabilities including remotely changing administrative password, deleting posts, changing the setup, remotely executing commands, and more. By default, the admin password is either 'admin' or 'demo'. See Nov 26, 200. See: OSVDB-2873 + /cgi-exe/gbadmin.cgi?action=setup: RNN Guestbook 1.2 contains multiple vulnerabilities including remotely changing administrative password, deleting posts, changing the setup, remotely executing commands, and more. By default, the admin password is either 'admin' or 'demo'. See Nov 26, 200. See: OSVDB-2873 + /cgi-perl/gbadmin.cgi?action=setup: RNN Guestbook 1.2 contains multiple vulnerabilities including remotely changing administrative password, deleting posts, changing the setup, remotely executing commands, and more. By default, the admin password is either 'admin' or 'demo'. See Nov 26, 200. See: OSVDB-2873 + /scgi-bin/gbadmin.cgi?action=setup: RNN Guestbook 1.2 contains multiple vulnerabilities including remotely changing administrative password, deleting posts, changing the setup, remotely executing commands, and more. By default, the admin password is either 'admin' or 'demo'. See Nov 26, 200. See: OSVDB-2873 + /admin/wg_user-info.ml: WebGate Web Eye exposes user names and passwords. See: OSVDB-2922 + /cgi-914/addalink.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-915/addalink.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-local/addalink.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /fcgi-bin/addalink.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-exe/addalink.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /scgi-bin/addalink.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-mod/addalink.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /htbin/cgiecho: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /scripts/cgiecho: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /fcgi-bin/cgiecho: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-exe/cgiecho: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-perl/cgiecho: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /scgi-bin/cgiecho: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-mod/cgiecho: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-local/cgiemail: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /fcgi-bin/cgiemail: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-perl/cgiemail: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-mod/cgiemail: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-914/countedit: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-915/countedit: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /mpcgi/countedit: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-local/countedit: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /htbin/countedit: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /scripts/countedit: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-perl/countedit: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-914/domainredirect.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /htbin/domainredirect.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /fcgi-bin/domainredirect.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-exe/domainredirect.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-perl/domainredirect.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /scgi-bin/domainredirect.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-mod/domainredirect.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-914/entropybanner.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /mpcgi/entropybanner.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /scripts/entropybanner.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /fcgi-bin/entropybanner.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-exe/entropybanner.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-perl/entropybanner.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-mod/entropybanner.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-914/helpdesk.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /fcgi-bin/helpdesk.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-perl/helpdesk.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /scgi-bin/helpdesk.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-mod/helpdesk.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /mpcgi/mchat.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-local/mchat.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /scripts/mchat.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /fcgi-bin/mchat.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-exe/mchat.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-914/randhtml.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-local/randhtml.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /scripts/randhtml.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /scgi-bin/randhtml.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-914/realhelpdesk.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-915/realhelpdesk.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /mpcgi/realhelpdesk.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /scripts/realhelpdesk.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-exe/realhelpdesk.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /scgi-bin/realhelpdesk.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-915/realsignup.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-local/realsignup.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /htbin/realsignup.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /fcgi-bin/realsignup.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-exe/realsignup.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /scgi-bin/realsignup.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-914/scgiwrap: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /mpcgi/scgiwrap: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-local/scgiwrap: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /scripts/scgiwrap: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /fcgi-bin/scgiwrap: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-exe/scgiwrap: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-perl/scgiwrap: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /scgi-bin/scgiwrap: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-local/signup.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /htbin/signup.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /fcgi-bin/signup.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-perl/signup.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /scgi-bin/signup.cgi: Default CGI, often with a hosting manager. No known problems, but host managers allow sys admin via web. + /cgi-local/GW5/GWWEB.EXE: Groupwise web interface. + /fcgi-bin/GW5/GWWEB.EXE: Groupwise web interface. + /cgi-exe/GW5/GWWEB.EXE: Groupwise web interface. + /cgi-perl/GW5/GWWEB.EXE: Groupwise web interface. + /cgi-mod/GW5/GWWEB.EXE: Groupwise web interface. + /acceso/: This might be interesting. + /access_log: This might be interesting. + /account/: This might be interesting. + /administration/: This might be interesting. + /advwebadmin/: This might be interesting: probably HostingController, www.hostingcontroller.com. + /Agents/: This might be interesting. + /archivar/: This might be interesting. + /archives/: This might be interesting. + /asp/: This might be interesting. + /atc/: This might be interesting. + /auth/: This might be interesting. + /backup/: This might be interesting. + /bak/: This might be interesting. + /banco/: This might be interesting. + /bdata/: This might be interesting. + /beta/: This might be interesting. + /bin/: This might be interesting. + /buy/: This might be interesting. + /c/: This might be interesting. + /cache-stats/: This might be interesting. + /ccard/: This might be interesting. + /cert/: This might be interesting. + /certificado/: This might be interesting. + /certificate: This might be interesting. + /cgi-914/dbmlparser.exe: This might be interesting. + /mpcgi/dbmlparser.exe: This might be interesting. + /cgi-local/dbmlparser.exe: This might be interesting. + /cgi-mod/dbmlparser.exe: This might be interesting. + /clientes/: This might be interesting. + /clients/: This might be interesting. + /compra/: This might be interesting. + /compras/: This might be interesting. + /connect/: This might be interesting. + /console: This might be interesting. + /css/: This might be interesting. + /dan_o.dat: This might be interesting. + /dat/: This might be interesting. + /datos/: This might be interesting. + /demo/: This might be interesting. + /demos/: This might be interesting. + /development/: This might be interesting. + /dir/: This might be interesting. + /directory/: This might be interesting. + /DMR/: This might be interesting. + /doc-html/: This might be interesting. + /download/: This might be interesting. + /downloads/: This might be interesting. + /ejemplo/: This might be interesting. + /ejemplos/: This might be interesting. + /employees/: This might be interesting. + /envia/: This might be interesting. + /Excel/: This might be interesting. + /EXE/: This might be interesting. + /exe/: This might be interesting. + /fbsd/: This might be interesting. + /file/: This might be interesting. + /files/: This might be interesting. + /forums/: This might be interesting. + /gfx/: This might be interesting. + /graphics/: This might be interesting. + /guests/: This might be interesting. + /hidden/: This might be interesting. + /hitmatic/analyse.cgi: This might be interesting. + /home/: This might be interesting. + /homepage/: This might be interesting. + /htpasswd: This might be interesting. + /idea/: This might be interesting. + /ideas/: This might be interesting. + /impreso/: This might be interesting. + /information/: This might be interesting. + /install/: This might be interesting. + /internal/: This might be interesting. + /invitado/: This might be interesting. + /java/: This might be interesting. + /jdbc/: This might be interesting. + /jrun/: This might be interesting. + /js: This might be interesting. + /library/: This might be interesting. + /linux/: This might be interesting. + /logfile/: This might be interesting. + /logfiles/: This might be interesting. + /logging/: This might be interesting. + /login/: This might be interesting. + /logs/: This might be interesting. + /lost+found/: This might be interesting. + /mail/: This might be interesting. + /manage/cgi/cgiproc: This might be interesting. + /master.password: This might be interesting. + /mbox: This might be interesting. + /members/: This might be interesting. + /mkstats/: This might be interesting. + /movimientos/: This might be interesting. + /msql/: This might be interesting. + /Msword/: This might be interesting. + /MSword/: This might be interesting. + /NetDynamic/: This might be interesting. + /NetDynamics/: This might be interesting. + /new/: This might be interesting. + /news: This might be interesting. + /noticias/: This might be interesting. + /officescan/cgi/jdkRqNotify.exe: This might be interesting. + /old/: This might be interesting. + /oracle: This might be interesting. + /order/: This might be interesting. + /orders/: This might be interesting. + /outgoing/: This might be interesting. + /pages/: This might be interesting. + /Pages/: This might be interesting. + /passwd.adjunct: This might be interesting. + /passwdfile: This might be interesting. + /PDG_Cart/: This might be interesting. + /perl5/: This might be interesting. + /php/: This might be interesting. + /pics/: This might be interesting. + /piranha/secure/passwd.php3: This might be interesting. + /pix/: This might be interesting. + /privado/: This might be interesting. + /private/: This might be interesting. + /prod/: This might be interesting. + /pruebas/: This might be interesting. + /pub/: This might be interesting. + /publica/: This might be interesting. + /publicar/: This might be interesting. + /publico/: This might be interesting. + /purchase/: This might be interesting. + /purchases/: This might be interesting. + /pwd.db: This might be interesting. + /python/: This might be interesting. + /readme: This might be interesting. + /registered/: This might be interesting. + /reseller/: This might be interesting. + /restricted/: This might be interesting. + /retail/: This might be interesting. + /samples/: This might be interesting. + /save/: This might be interesting. + /scratch: This might be interesting. + /secret/: This might be interesting. + /sell/: This might be interesting. + /servicios/: This might be interesting. + /shopper/: This might be interesting. + /srchadm: This might be interesting. + /staff/: This might be interesting. + /stat/: This might be interesting. + /statistic/: This might be interesting. + /statistics/: This might be interesting. + /store/: This might be interesting. + /stylesheets/: This might be interesting. + /sun/: This might be interesting. + /super_stats/error_logs: Web logs are exposed. + /swf: This might be interesting: Flash files?. + /system/: This might be interesting. + /tar/: This might be interesting. + /template/: This might be interesting: could have sensitive files or system information. + /temporal/: This might be interesting. + /test/: This might be interesting. + /testing/: This might be interesting. + /tests/: This might be interesting. + /tools/: This might be interesting. + /tpv/: This might be interesting. + /transito/: This might be interesting. + /tree/: This might be interesting. + /trees/: This might be interesting. + /user/: This might be interesting. + /users/: This might be interesting. + /vfs/: This might be interesting. + /w3perl/admin: This might be interesting. + /warez/: This might be interesting. + /web/: This might be interesting. + /webadmin/: This might be interesting: probably HostingController, www.hostingcontroller.com. + /webboard/: This might be interesting. + /weblogs/: This might be interesting. + /website/: This might be interesting. + /webstats/: This might be interesting. + /Web_store/: This might be interesting. + /word/: This might be interesting. + /www/: This might be interesting. + /wwwboard/wwwboard.cgi: This might be interesting. + /wwwstats/: This might be interesting. + /wwwthreads/w3tvars.pm: This might be interesting. + /zipfiles/: This might be interesting. + /cgi-914/.fhp: This might be interesting. + /cgi-local/.fhp: This might be interesting. + /fcgi-bin/.fhp: This might be interesting. + /cgi-exe/.fhp: This might be interesting. + /cgi-perl/.fhp: This might be interesting. + /cgi-915/add_ftp.cgi: This might be interesting. + /mpcgi/add_ftp.cgi: This might be interesting. + /cgi-exe/add_ftp.cgi: This might be interesting. + /cgi-mod/add_ftp.cgi: This might be interesting. + /cgi-local/admin.cgi: This might be interesting. + /fcgi-bin/admin.cgi: This might be interesting. + /cgi-perl/admin.cgi: This might be interesting. + /cgi-914/admin.php3: This might be interesting. + /cgi-915/admin.php3: This might be interesting. + /mpcgi/admin.php3: This might be interesting. + /htbin/admin.php3: This might be interesting. + /fcgi-bin/admin.php3: This might be interesting. + /cgi-exe/admin.php3: This might be interesting. + /cgi-914/adminhot.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/adminhot.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/adminhot.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-perl/adminhot.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/adminwww.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/adminwww.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/adminwww.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/adminwww.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/adminwww.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-perl/adminwww.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/adminwww.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/AnyBoard.cgi: This might be interesting. + /cgi-local/AnyBoard.cgi: This might be interesting. + /htbin/AnyBoard.cgi: This might be interesting. + /fcgi-bin/AnyBoard.cgi: This might be interesting. + /cgi-perl/AnyBoard.cgi: This might be interesting. + /cgi-915/AnyForm: This might be interesting. + /htbin/AnyForm: This might be interesting. + /cgi-perl/AnyForm: This might be interesting. + /cgi-914/AnyForm2: This might be interesting. + /cgi-915/AnyForm2: This might be interesting. + /cgi-exe/AnyForm2: This might be interesting. + /cgi-perl/AnyForm2: This might be interesting. + /cgi-mod/AnyForm2: This might be interesting. + /cgi-914/ash: This might be interesting: possibly a system shell found. + /mpcgi/ash: This might be interesting: possibly a system shell found. + /htbin/ash: This might be interesting: possibly a system shell found. + /scripts/ash: This might be interesting: possibly a system shell found. + /fcgi-bin/ash: This might be interesting: possibly a system shell found. + /cgi-perl/ash: This might be interesting: possibly a system shell found. + /cgi-mod/ash: This might be interesting: possibly a system shell found. + /cgi-914/ax-admin.cgi: This might be interesting. + /cgi-915/ax-admin.cgi: This might be interesting. + /cgi-local/ax-admin.cgi: This might be interesting. + /scripts/ax-admin.cgi: This might be interesting. + /scgi-bin/ax-admin.cgi: This might be interesting. + /cgi-mod/ax-admin.cgi: This might be interesting. + /cgi-914/ax.cgi: This might be interesting. + /cgi-915/ax.cgi: This might be interesting. + /cgi-local/ax.cgi: This might be interesting. + /cgi-perl/ax.cgi: This might be interesting. + /scgi-bin/ax.cgi: This might be interesting. + /cgi-mod/ax.cgi: This might be interesting. + /mpcgi/axs.cgi: This might be interesting. + /cgi-local/axs.cgi: This might be interesting. + /htbin/axs.cgi: This might be interesting. + /fcgi-bin/axs.cgi: This might be interesting. + /cgi-exe/axs.cgi: This might be interesting. + /cgi-perl/axs.cgi: This might be interesting. + /cgi-mod/axs.cgi: This might be interesting. + /cgi-914/bash: This might be interesting: possibly a system shell found. + /mpcgi/bash: This might be interesting: possibly a system shell found. + /fcgi-bin/bash: This might be interesting: possibly a system shell found. + /cgi-914/bnbform: This might be interesting. + /htbin/bnbform: This might be interesting. + /scripts/bnbform: This might be interesting. + /cgi-exe/bnbform: This might be interesting. + /cgi-perl/bnbform: This might be interesting. + /cgi-914/bnbform.cgi: This might be interesting. + /cgi-915/bnbform.cgi: This might be interesting. + /htbin/bnbform.cgi: This might be interesting. + /scripts/bnbform.cgi: This might be interesting. + /fcgi-bin/bnbform.cgi: This might be interesting. + /cgi-exe/bnbform.cgi: This might be interesting. + /cgi-perl/bnbform.cgi: This might be interesting. + /scgi-bin/bnbform.cgi: This might be interesting. + /cgi-mod/bnbform.cgi: This might be interesting. + /cgi-914/cgimail.exe: This might be interesting. + /cgi-local/cgimail.exe: This might be interesting. + /scripts/cgimail.exe: This might be interesting. + /fcgi-bin/cgimail.exe: This might be interesting. + /scgi-bin/cgimail.exe: This might be interesting. + /cgi-915/classifieds: This might be interesting. + /cgi-local/classifieds: This might be interesting. + /htbin/classifieds: This might be interesting. + /scgi-bin/classifieds: This might be interesting. + /cgi-915/classifieds.cgi: This might be interesting. + /mpcgi/classifieds.cgi: This might be interesting. + /htbin/classifieds.cgi: This might be interesting. + /scripts/classifieds.cgi: This might be interesting. + /fcgi-bin/classifieds.cgi: This might be interesting. + /cgi-perl/classifieds.cgi: This might be interesting. + /scripts/code.php3: This might be interesting. + /cgi-exe/code.php3: This might be interesting. + /cgi-perl/code.php3: This might be interesting. + /scgi-bin/code.php3: This might be interesting. + /cgi-mod/code.php3: This might be interesting. + /cgi-914/count.cgi: This might be interesting. + /mpcgi/count.cgi: This might be interesting. + /htbin/count.cgi: This might be interesting. + /cgi-exe/count.cgi: This might be interesting. + /scgi-bin/count.cgi: This might be interesting. + /cgi-mod/count.cgi: This might be interesting. + /cgi-915/csh: This might be interesting: possibly a system shell found. + /htbin/csh: This might be interesting: possibly a system shell found. + /scripts/csh: This might be interesting: possibly a system shell found. + /fcgi-bin/csh: This might be interesting: possibly a system shell found. + /cgi-exe/csh: This might be interesting: possibly a system shell found. + /scgi-bin/csh: This might be interesting: possibly a system shell found. + /cgi-915/c_download.cgi: This might be interesting. + /scripts/c_download.cgi: This might be interesting. + /fcgi-bin/c_download.cgi: This might be interesting. + /cgi-mod/c_download.cgi: This might be interesting. + /cgi-local/dasp/fm_shell.asp: This might be interesting. + /htbin/dasp/fm_shell.asp: This might be interesting. + /cgi-perl/dasp/fm_shell.asp: This might be interesting. + /cgi-915/day5datacopier.cgi: This might be interesting. + /mpcgi/day5datacopier.cgi: This might be interesting. + /cgi-local/day5datacopier.cgi: This might be interesting. + /cgi-perl/day5datacopier.cgi: This might be interesting. + /scgi-bin/day5datacopier.cgi: This might be interesting. + /cgi-mod/day5datacopier.cgi: This might be interesting. + /mpcgi/dfire.cgi: This might be interesting. + /htbin/dfire.cgi: This might be interesting. + /cgi-exe/dfire.cgi: This might be interesting. + /cgi-915/dig.cgi: This might be interesting. + /cgi-exe/dig.cgi: This might be interesting. + /cgi-perl/dig.cgi: This might be interesting. + /cgi-915/enter.cgi: This might be interesting. + /mpcgi/enter.cgi: This might be interesting. + /cgi-local/enter.cgi: This might be interesting. + /cgi-exe/enter.cgi: This might be interesting. + /scgi-bin/enter.cgi: This might be interesting. + /cgi-914/environ.cgi: This might be interesting. + /cgi-915/environ.cgi: This might be interesting. + /cgi-perl/environ.cgi: This might be interesting. + /cgi-mod/environ.cgi: This might be interesting. + /cgi-local/excite: This might be interesting. + /cgi-exe/excite: This might be interesting. + /cgi-perl/excite: This might be interesting. + /scgi-bin/excite: This might be interesting. + /cgi-915/filemail: This might be interesting. + /mpcgi/filemail: This might be interesting. + /cgi-local/filemail: This might be interesting. + /cgi-perl/filemail: This might be interesting. + /scgi-bin/filemail: This might be interesting. + /cgi-mod/filemail: This might be interesting. + /cgi-914/ftpsh: This might be interesting: possibly a system shell found. + /cgi-local/ftpsh: This might be interesting: possibly a system shell found. + /htbin/ftpsh: This might be interesting: possibly a system shell found. + /fcgi-bin/ftpsh: This might be interesting: possibly a system shell found. + /cgi-perl/ftpsh: This might be interesting: possibly a system shell found. + /cgi-914/getdoc.cgi: This might be interesting. + /mpcgi/getdoc.cgi: This might be interesting. + /scripts/getdoc.cgi: This might be interesting. + /cgi-perl/getdoc.cgi: This might be interesting. + /cgi-914/glimpse: This might be interesting. + /cgi-915/glimpse: This might be interesting. + /mpcgi/glimpse: This might be interesting. + /htbin/glimpse: This might be interesting. + /cgi-exe/glimpse: This might be interesting. + /cgi-perl/glimpse: This might be interesting. + /scgi-bin/glimpse: This might be interesting. + /mpcgi/hitview.cgi: This might be interesting. + /cgi-exe/hitview.cgi: This might be interesting. + /cgi-perl/hitview.cgi: This might be interesting. + /scgi-bin/hitview.cgi: This might be interesting. + /cgi-914/jailshell: This might be interesting: possibly a system shell found. + /cgi-915/jailshell: This might be interesting: possibly a system shell found. + /mpcgi/jailshell: This might be interesting: possibly a system shell found. + /cgi-local/jailshell: This might be interesting: possibly a system shell found. + /scripts/jailshell: This might be interesting: possibly a system shell found. + /fcgi-bin/jailshell: This might be interesting: possibly a system shell found. + /scripts/jj: Allows attackers to execute commands as http daemon. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0260 + /cgi-perl/jj: Allows attackers to execute commands as http daemon. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0260 + /scgi-bin/jj: Allows attackers to execute commands as http daemon. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0260 + /cgi-914/ksh: This might be interesting: possibly a system shell found. + /mpcgi/ksh: This might be interesting: possibly a system shell found. + /cgi-local/ksh: This might be interesting: possibly a system shell found. + /htbin/ksh: This might be interesting: possibly a system shell found. + /scripts/ksh: This might be interesting: possibly a system shell found. + /scgi-bin/ksh: This might be interesting: possibly a system shell found. + /cgi-914/log-reader.cgi: This might be interesting. + /mpcgi/log-reader.cgi: This might be interesting. + /htbin/log-reader.cgi: This might be interesting. + /scripts/log-reader.cgi: This might be interesting. + /fcgi-bin/log-reader.cgi: This might be interesting. + /scgi-bin/log-reader.cgi: This might be interesting. + /cgi-914/log/: This might be interesting. + /mpcgi/log/: This might be interesting. + /scripts/log/: This might be interesting. + /fcgi-bin/log/: This might be interesting. + /scgi-bin/log/: This might be interesting. + /cgi-mod/log/: This might be interesting. + /cgi-914/login.cgi: This might be interesting. + /mpcgi/login.cgi: This might be interesting. + /htbin/login.cgi: This might be interesting. + /scripts/login.cgi: This might be interesting. + /fcgi-bin/login.cgi: This might be interesting. + /cgi-exe/login.cgi: This might be interesting. + /scgi-bin/login.cgi: This might be interesting. + /cgi-mod/login.cgi: This might be interesting. + /cgi-914/logit.cgi: This might be interesting. + /cgi-915/logit.cgi: This might be interesting. + /scripts/logit.cgi: This might be interesting. + /fcgi-bin/logit.cgi: This might be interesting. + /cgi-exe/logit.cgi: This might be interesting. + /cgi-perl/logit.cgi: This might be interesting. + /cgi-914/logs/: This might be interesting. + /cgi-915/logs/: This might be interesting. + /htbin/logs/: This might be interesting. + /fcgi-bin/logs/: This might be interesting. + /scgi-bin/logs/: This might be interesting. + /cgi-mod/logs/: This might be interesting. + /cgi-914/logs/access_log: This might be interesting. + /mpcgi/logs/access_log: This might be interesting. + /cgi-exe/logs/access_log: This might be interesting. + /cgi-914/logs/error_log: This might be interesting. + /cgi-915/logs/error_log: This might be interesting. + /mpcgi/logs/error_log: This might be interesting. + /cgi-local/logs/error_log: This might be interesting. + /scripts/logs/error_log: This might be interesting. + /cgi-perl/logs/error_log: This might be interesting. + /scgi-bin/logs/error_log: This might be interesting. + /cgi-mod/logs/error_log: This might be interesting. + /cgi-914/lookwho.cgi: This might be interesting. + /cgi-915/lookwho.cgi: This might be interesting. + /cgi-local/lookwho.cgi: This might be interesting. + /htbin/lookwho.cgi: This might be interesting. + /scripts/lookwho.cgi: This might be interesting. + /fcgi-bin/lookwho.cgi: This might be interesting. + /scgi-bin/lookwho.cgi: This might be interesting. + /cgi-mod/lookwho.cgi: This might be interesting. + /cgi-915/maillist.cgi: This might be interesting. + /mpcgi/maillist.cgi: This might be interesting. + /fcgi-bin/maillist.cgi: This might be interesting. + /cgi-exe/maillist.cgi: This might be interesting. + /scgi-bin/maillist.cgi: This might be interesting. + /cgi-915/man.sh: This might be interesting. + /mpcgi/man.sh: This might be interesting. + /cgi-local/man.sh: This might be interesting. + /htbin/man.sh: This might be interesting. + /scripts/man.sh: This might be interesting. + /fcgi-bin/man.sh: This might be interesting. + /cgi-perl/man.sh: This might be interesting. + /cgi-915/minimal.exe: This might be interesting. + /cgi-local/minimal.exe: This might be interesting. + /htbin/minimal.exe: This might be interesting. + /scripts/minimal.exe: This might be interesting. + /fcgi-bin/minimal.exe: This might be interesting. + /cgi-exe/minimal.exe: This might be interesting. + /cgi-perl/minimal.exe: This might be interesting. + /cgi-mod/minimal.exe: This might be interesting. + /mpcgi/nlog-smb.cgi: This might be interesting. + /htbin/nlog-smb.cgi: This might be interesting. + /scripts/nlog-smb.cgi: This might be interesting. + /fcgi-bin/nlog-smb.cgi: This might be interesting. + /scgi-bin/nlog-smb.cgi: This might be interesting. + /cgi-914/noshell: This might be interesting: possibly a system shell found. + /mpcgi/noshell: This might be interesting: possibly a system shell found. + /cgi-local/noshell: This might be interesting: possibly a system shell found. + /htbin/noshell: This might be interesting: possibly a system shell found. + /scripts/noshell: This might be interesting: possibly a system shell found. + /cgi-perl/noshell: This might be interesting: possibly a system shell found. + /cgi-mod/noshell: This might be interesting: possibly a system shell found. + /mpcgi/nph-publish: This might be interesting. + /cgi-local/nph-publish: This might be interesting. + /cgi-perl/nph-publish: This might be interesting. + /scgi-bin/nph-publish: This might be interesting. + /cgi-mod/nph-publish: This might be interesting. + /cgi-915/pass: This might be interesting. + /mpcgi/pass: This might be interesting. + /scripts/pass: This might be interesting. + /cgi-exe/pass: This might be interesting. + /cgi-perl/pass: This might be interesting. + /cgi-mod/pass: This might be interesting. + /cgi-915/passwd: This might be interesting. + /mpcgi/passwd: This might be interesting. + /cgi-local/passwd: This might be interesting. + /scripts/passwd: This might be interesting. + /fcgi-bin/passwd: This might be interesting. + /cgi-exe/passwd: This might be interesting. + /cgi-914/password: This might be interesting. + /cgi-915/password: This might be interesting. + /mpcgi/password: This might be interesting. + /scripts/password: This might be interesting. + /fcgi-bin/password: This might be interesting. + /cgi-exe/password: This might be interesting. + /mpcgi/post_query: This might be interesting. + /htbin/post_query: This might be interesting. + /scripts/post_query: This might be interesting. + /fcgi-bin/post_query: This might be interesting. + /scgi-bin/post_query: This might be interesting. + /mpcgi/ratlog.cgi: This might be interesting. + /scripts/ratlog.cgi: This might be interesting. + /fcgi-bin/ratlog.cgi: This might be interesting. + /cgi-exe/ratlog.cgi: This might be interesting. + /cgi-mod/ratlog.cgi: This might be interesting. + /cgi-914/responder.cgi: This might be interesting. + /cgi-915/responder.cgi: This might be interesting. + /cgi-local/responder.cgi: This might be interesting. + /htbin/responder.cgi: This might be interesting. + /fcgi-bin/responder.cgi: This might be interesting. + /cgi-exe/responder.cgi: This might be interesting. + /cgi-mod/responder.cgi: This might be interesting. + /scripts/rguest.exe: This might be interesting. + /cgi-exe/rguest.exe: This might be interesting. + /cgi-mod/rguest.exe: This might be interesting. + /mpcgi/rksh: This might be interesting: possibly a system shell found. + /cgi-local/rksh: This might be interesting: possibly a system shell found. + /cgi-perl/rksh: This might be interesting: possibly a system shell found. + /cgi-mod/rksh: This might be interesting: possibly a system shell found. + /cgi-914/rsh: This might be interesting: possibly a system shell found. + /cgi-915/rsh: This might be interesting: possibly a system shell found. + /mpcgi/rsh: This might be interesting: possibly a system shell found. + /cgi-local/rsh: This might be interesting: possibly a system shell found. + /fcgi-bin/rsh: This might be interesting: possibly a system shell found. + /scgi-bin/rsh: This might be interesting: possibly a system shell found. + /cgi-mod/rsh: This might be interesting: possibly a system shell found. + /htbin/search.cgi: This might be interesting. + /fcgi-bin/search.cgi: This might be interesting. + /cgi-exe/search.cgi: This might be interesting. + /scgi-bin/search.cgi: This might be interesting. + /cgi-mod/search.cgi: This might be interesting. + /mpcgi/session/adminlogin: This might be interesting. + /cgi-local/session/adminlogin: This might be interesting. + /htbin/session/adminlogin: This might be interesting. + /fcgi-bin/session/adminlogin: This might be interesting. + /cgi-exe/session/adminlogin: This might be interesting. + /cgi-perl/session/adminlogin: This might be interesting. + /scgi-bin/session/adminlogin: This might be interesting. + /cgi-mod/session/adminlogin: This might be interesting. + /mpcgi/sh: This might be interesting: possibly a system shell found. + /scgi-bin/sh: This might be interesting: possibly a system shell found. + /cgi-mod/sh: This might be interesting: possibly a system shell found. + /cgi-914/stat/: This might be interesting. + /mpcgi/stat/: This might be interesting. + /cgi-local/stat/: This might be interesting. + /fcgi-bin/stat/: This might be interesting. + /scgi-bin/stat/: This might be interesting. + /cgi-914/stats.prf: This might be interesting. + /htbin/stats.prf: This might be interesting. + /scgi-bin/stats.prf: This might be interesting. + /cgi-mod/stats.prf: This might be interesting. + /fcgi-bin/stats/: This might be interesting. + /cgi-exe/stats/: This might be interesting. + /cgi-perl/stats/: This might be interesting. + /cgi-mod/stats/: This might be interesting. + /cgi-914/statsconfig: This might be interesting. + /cgi-915/statsconfig: This might be interesting. + /htbin/statsconfig: This might be interesting. + /fcgi-bin/statsconfig: This might be interesting. + /scgi-bin/statsconfig: This might be interesting. + /cgi-914/stats_old/: This might be interesting. + /cgi-local/stats_old/: This might be interesting. + /htbin/stats_old/: This might be interesting. + /fcgi-bin/stats_old/: This might be interesting. + /scgi-bin/stats_old/: This might be interesting. + /cgi-915/survey: This might be interesting. + /cgi-local/survey: This might be interesting. + /htbin/survey: This might be interesting. + /scripts/survey: This might be interesting. + /fcgi-bin/survey: This might be interesting. + /cgi-perl/survey: This might be interesting. + /cgi-mod/survey: This might be interesting. + /cgi-915/survey.cgi: This might be interesting. + /mpcgi/survey.cgi: This might be interesting. + /cgi-local/survey.cgi: This might be interesting. + /htbin/survey.cgi: This might be interesting. + /fcgi-bin/survey.cgi: This might be interesting. + /cgi-exe/survey.cgi: This might be interesting. + /scgi-bin/survey.cgi: This might be interesting. + /cgi-914/tcsh: This might be interesting: possibly a system shell found. + /cgi-915/tcsh: This might be interesting: possibly a system shell found. + /htbin/tcsh: This might be interesting: possibly a system shell found. + /cgi-exe/tcsh: This might be interesting: possibly a system shell found. + /scgi-bin/tcsh: This might be interesting: possibly a system shell found. + /cgi-914/test.cgi: This might be interesting. + /cgi-local/test.cgi: This might be interesting. + /cgi-perl/test.cgi: This might be interesting. + /scgi-bin/test.cgi: This might be interesting. + /cgi-mod/test.cgi: This might be interesting. + /cgi-914/test/test.cgi: This might be interesting. + /cgi-915/test/test.cgi: This might be interesting. + /cgi-local/test/test.cgi: This might be interesting. + /htbin/test/test.cgi: This might be interesting. + /cgi-exe/test/test.cgi: This might be interesting. + /cgi-mod/test/test.cgi: This might be interesting. + /cgi-914/tidfinder.cgi: This might be interesting. + /cgi-915/tidfinder.cgi: This might be interesting. + /mpcgi/tidfinder.cgi: This might be interesting. + /htbin/tidfinder.cgi: This might be interesting. + /scripts/tidfinder.cgi: This might be interesting. + /cgi-perl/tidfinder.cgi: This might be interesting. + /scgi-bin/tidfinder.cgi: This might be interesting. + /cgi-mod/tidfinder.cgi: This might be interesting. + /cgi-915/tigvote.cgi: This might be interesting. + /mpcgi/tigvote.cgi: This might be interesting. + /cgi-local/tigvote.cgi: This might be interesting. + /htbin/tigvote.cgi: This might be interesting. + /scripts/tigvote.cgi: This might be interesting. + /scgi-bin/tigvote.cgi: This might be interesting. + /cgi-915/tpgnrock: This might be interesting. + /mpcgi/tpgnrock: This might be interesting. + /cgi-local/tpgnrock: This might be interesting. + /scripts/tpgnrock: This might be interesting. + /cgi-perl/tpgnrock: This might be interesting. + /scgi-bin/tpgnrock: This might be interesting. + /cgi-mod/tpgnrock: This might be interesting. + /cgi-local/ultraboard.cgi: This might be interesting. + /cgi-mod/ultraboard.cgi: This might be interesting. + /cgi-915/visitor.exe: This might be interesting. + /mpcgi/visitor.exe: This might be interesting. + /scripts/visitor.exe: This might be interesting. + /fcgi-bin/visitor.exe: This might be interesting. + /cgi-exe/visitor.exe: This might be interesting. + /cgi-perl/visitor.exe: This might be interesting. + /cgi-local/w3-msql: This might be interesting. + /htbin/w3-msql: This might be interesting. + /scripts/w3-msql: This might be interesting. + /scgi-bin/w3-msql: This might be interesting. + /cgi-mod/w3-msql: This might be interesting. + /cgi-local/w3-sql: This might be interesting. + /cgi-915/webais: This might be interesting. + /mpcgi/webais: This might be interesting. + /cgi-local/webais: This might be interesting. + /htbin/webais: This might be interesting. + /cgi-mod/webais: This might be interesting. + /htbin/webbbs.cgi: This might be interesting. + /scripts/webbbs.cgi: This might be interesting. + /cgi-perl/webbbs.cgi: This might be interesting. + /scgi-bin/webbbs.cgi: This might be interesting. + /cgi-mod/webbbs.cgi: This might be interesting. + /cgi-local/webbbs.exe: This might be interesting. + /scripts/webbbs.exe: This might be interesting. + /fcgi-bin/webbbs.exe: This might be interesting. + /cgi-exe/webbbs.exe: This might be interesting. + /cgi-perl/webbbs.exe: This might be interesting. + /scgi-bin/webbbs.exe: This might be interesting. + /cgi-mod/webbbs.exe: This might be interesting. + /cgi-915/wguest.exe: This might be interesting. + /mpcgi/wguest.exe: This might be interesting. + /cgi-local/wguest.exe: This might be interesting. + /htbin/wguest.exe: This might be interesting. + /scripts/wguest.exe: This might be interesting. + /cgi-exe/wguest.exe: This might be interesting. + /cgi-perl/wguest.exe: This might be interesting. + /scgi-bin/wguest.exe: This might be interesting. + /cgi-mod/wguest.exe: This might be interesting. + /cgi-914/www-sql: This might be interesting. + /cgi-915/www-sql: This might be interesting. + /mpcgi/www-sql: This might be interesting. + /cgi-exe/www-sql: This might be interesting. + /scgi-bin/www-sql: This might be interesting. + /cgi-914/wwwboard.cgi.cgi: This might be interesting. + /cgi-915/wwwboard.cgi.cgi: This might be interesting. + /mpcgi/wwwboard.cgi.cgi: This might be interesting. + /htbin/wwwboard.cgi.cgi: This might be interesting. + /scripts/wwwboard.cgi.cgi: This might be interesting. + /fcgi-bin/wwwboard.cgi.cgi: This might be interesting. + /cgi-exe/wwwboard.cgi.cgi: This might be interesting. + /cgi-perl/wwwboard.cgi.cgi: This might be interesting. + /cgi-914/wwwthreads/3tvars.pm: This might be interesting. + /mpcgi/wwwthreads/3tvars.pm: This might be interesting. + /cgi-local/wwwthreads/3tvars.pm: This might be interesting. + /cgi-exe/wwwthreads/3tvars.pm: This might be interesting. + /cgi-mod/wwwthreads/3tvars.pm: This might be interesting. + /cgi-915/wwwthreads/w3tvars.pm: This might be interesting. + /mpcgi/wwwthreads/w3tvars.pm: This might be interesting. + /cgi-local/wwwthreads/w3tvars.pm: This might be interesting. + /htbin/wwwthreads/w3tvars.pm: This might be interesting. + /scripts/wwwthreads/w3tvars.pm: This might be interesting. + /fcgi-bin/wwwthreads/w3tvars.pm: This might be interesting. + /cgi-exe/wwwthreads/w3tvars.pm: This might be interesting. + /cgi-mod/wwwthreads/w3tvars.pm: This might be interesting. + /cgi-914/zsh: This might be interesting: possibly a system shell found. + /cgi-915/zsh: This might be interesting: possibly a system shell found. + /cgi-local/zsh: This might be interesting: possibly a system shell found. + /htbin/zsh: This might be interesting: possibly a system shell found. + /scripts/zsh: This might be interesting: possibly a system shell found. + /fcgi-bin/zsh: This might be interesting: possibly a system shell found. + /cgi-exe/zsh: This might be interesting: possibly a system shell found. + /scgi-bin/zsh: This might be interesting: possibly a system shell found. + /advworks/equipment/catalog_type.asp: Seen in carding forums. See: https://packetstormsecurity.com/files/32406/xmas.txt.html + /clocktower/: Microsoft Site Server sample files may have SQL injection. See: https://github.com/sullo/advisory-archives/blob/master/RFP2201.txt + /market/: Microsoft Site Server sample files may have SQL injection. See: https://github.com/sullo/advisory-archives/blob/master/RFP2201.txt + /mspress30/: Microsoft Site Server sample files may have SQL injection. See: https://github.com/sullo/advisory-archives/blob/master/RFP2201.txt + /scripts/fpadmcgi.exe: This might be interesting. + /scripts/samples/search/webhits.exe: This might be interesting. + /vc30/: Microsoft Site Server sample files may have SQL injection. See: https://github.com/sullo/advisory-archives/blob/master/RFP2201.txt + /_mem_bin/: This might be interesting: user login. + /_mem_bin/FormsLogin.asp: This might be interesting: user login. + /custdata/: This may be COWS (CGI Online Worldweb Shopping), and may leak customer data. + /hostingcontroller/: This might be interesting: probably HostingController, www.hostingcontroller.com. + /img-sys/: Default image directory should not allow directory listing. + /java-sys/: Default Java directory should not allow directory listing. + /javadoc/: Documentation...?. + /manager/: May be a web server or site manager. + /exchange/: This might be interesting: Outlook/Exchange OWA. + /add_acl: This might be interesting: has been seen in web logs from an unknown scanner. + /admin/exec.php3: This might be interesting: has been seen in web logs from an unknown scanner. + /adv/gm001-mc/: This might be interesting: has been seen in web logs from an unknown scanner. + /archive.asp: This might be interesting: has been seen in web logs from an unknown scanner. + /archive_forum.asp: This might be interesting: has been seen in web logs from an unknown scanner. + /bandwidth/index.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /bugtest+/+: This might be interesting: has been seen in web logs from an unknown scanner. + /ccbill/whereami.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /csPassword.cgi?command=remove%20: This might be interesting: has been seen in web logs from an unknown scanner. + /dbabble: This might be interesting: has been seen in web logs from an unknown scanner. + /docs/NED: This might be interesting: has been seen in web logs from an unknown scanner. + /do_subscribe: This might be interesting: has been seen in web logs from an unknown scanner. + /emumail.cgi?type=.%00: This might be interesting: has been seen in web logs from an unknown scanner. + /etc/shadow+: This might be interesting: has been seen in web logs from an unknown scanner. + /ez2000/ezadmin.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /forum_professionnel.asp?n=100: This might be interesting: has been seen in web logs from an unknown scanner. + /Gozila.cgi: Linksys BEF Series routers are vulnerable to multiple DoS attacks in Gozila.cgi. See: https://seclists.org/fulldisclosure/2004/Jun/49 + /idealbb/error.asp?|-|0|404_Object_Not_Found: This might be interesting: has been seen in web logs from an unknown scanner. + /iisprotect/admin/SiteAdmin.ASP?|-|0|404_Object_Not_Found: This might be interesting: has been seen in web logs from an unknown scanner. + /includes/header.php3: This might be interesting: has been seen in web logs from an unknown scanner. + /infos/services/index.asp: This might be interesting: has been seen in web logs from an unknown scanner. + /jsptest.jsp+: This might be interesting: has been seen in web logs from an unknown scanner. + /ldap.search.php3?ldap_serv=nonsense%20: This might be interesting: has been seen in web logs from an unknown scanner. + /login.php3?reason=chpass2%20: This might be interesting: has been seen in web logs from an unknown scanner. + /members/ID.xbb: This might be interesting: has been seen in web logs from an unknown scanner. + /moregroupware/modules/webmail2/inc/: This might be interesting: has been seen in web logs from an unknown scanner. + /msadc/Samples/SELECTOR/showcode.asp?|-|0|404_Object_Not_Found: This might be interesting: has been seen in web logs from an unknown scanner. + /myguestBk/add1.asp?|-|0|404_Object_Not_Found: This might be interesting: has been seen in web logs from an unknown scanner. + /myguestBk/admin/delEnt.asp?id=NEWSNUMBER|-|0|404_Object_Not_Found: This might be interesting: has been seen in web logs from an unknown scanner. + /myguestBk/admin/index.asp?|-|0|404_Object_Not_Found: This might be interesting: has been seen in web logs from an unknown scanner. + /productcart/pc/Custva.asp?|-|0|404_Object_Not_Found: This might be interesting: has been seen in web logs from an unknown scanner. + /ProductCart/pc/msg.asp?|-|0|404_Object_Not_Found: This might be interesting: has been seen in web logs from an unknown scanner. + /protected/: This might be interesting: has been seen in web logs from an unknown scanner. + /pt_config.inc: This might be interesting: has been seen in web logs from an unknown scanner. + /servers/link.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /site_searcher.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /status.php3: This might be interesting: has been seen in web logs from an unknown scanner. + /texis/websearch/phine: This might be interesting: has been seen in web logs from an unknown scanner. + /utils/sprc.asp+: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/adduser.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/adduser.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/adduser.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/adduser.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/adduser.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/adduser.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/anyboard.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/anyboard.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/anyboard.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/AT-generate.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/AT-generate.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/AT-generate.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/AT-generate.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/AT-generate.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/AT-generate.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/AT-generate.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/bb-ack.sh: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/bb-ack.sh: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/bb-ack.sh: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/bb-ack.sh: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-perl/bb-ack.sh: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/bb-histlog.sh: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/bb-histlog.sh: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/bb-histlog.sh: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/bb-histlog.sh: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/bb-histlog.sh: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/bb-histlog.sh: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/bb-rep.sh: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/bb-rep.sh: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/bb-rep.sh: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-perl/bb-rep.sh: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/bb-replog.sh: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/bb-replog.sh: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/bbs_forum.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/bbs_forum.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/bbs_forum.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/build.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/build.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/build.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/build.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/build.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/build.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/build.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-perl/build.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/build.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/bulk/bulk.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/bulk/bulk.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/bulk/bulk.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-perl/bulk/bulk.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/bulk/bulk.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/bulk/bulk.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/cached_feed.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/cached_feed.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/cached_feed.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/cached_feed.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/cached_feed.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/cartmanager.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/cartmanager.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/cartmanager.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/cartmanager.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/cartmanager.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-perl/cartmanager.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/cartmanager.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/cbmc/forums.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/cbmc/forums.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/cbmc/forums.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/cgforum.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/cgforum.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/cgforum.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/cgforum.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/cgforum.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/cgforum.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/cgforum.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/commandit.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/commandit.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/commandit.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/commandit.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/commandit.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/commandit.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/commandit.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/counter-ord: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/counter-ord: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/counter-ord: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/counter-ord: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/counter-ord: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/counterbanner: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/counterbanner: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/counterbanner: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/counterbanner: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/counterbanner: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/counterbanner: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/counterbanner: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/counterbanner: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/counterbanner-ord: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/counterbanner-ord: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/counterbanner-ord: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/counterbanner-ord: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/counterbanner-ord: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/counterbanner-ord: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/counterfiglet-ord: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/counterfiglet-ord: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/counterfiglet-ord: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/counterfiglet-ord: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/counterfiglet-ord: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/counterfiglet-ord: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/counterfiglet/nc/: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/counterfiglet/nc/: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/counterfiglet/nc/: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/counterfiglet/nc/: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/counterfiglet/nc/: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/counterfiglet/nc/: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/counterfiglet/nc/: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/CSMailto.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/CSMailto.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/CSMailto.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/CSMailto.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/CSMailto.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/CSMailto.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-perl/CSMailto.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/CSMailto/CSMailto.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-perl/CSMailto/CSMailto.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/CSMailto/CSMailto.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/csNews.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/csNews.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/csNews.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/csNews.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/csPassword.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/csPassword.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/csPassword.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/csPassword.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/csPassword.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/csPassword.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/csPassword.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/csPassword/csPassword.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/csPassword/csPassword.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/csPassword/csPassword.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/csPassword/csPassword.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/csPassword/csPassword.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/csPassword/csPassword.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/csPassword/csPassword.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/cutecast/members/: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/cutecast/members/: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/cutecast/members/: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/cutecast/members/: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/day5datanotifier.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/day5datanotifier.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/day5datanotifier.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/day5datanotifier.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/day5datanotifier.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/day5datanotifier.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/day5datanotifier.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/db2www/library/document.d2w/show: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/db2www/library/document.d2w/show: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/db2www/library/document.d2w/show: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/db2www/library/document.d2w/show: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/db_manager.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/db_manager.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/db_manager.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/DCFORMS98.CGI: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/DCFORMS98.CGI: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/DCFORMS98.CGI: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/dnewsweb: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/dnewsweb: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/dnewsweb: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/dnewsweb: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/dnewsweb: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/dnewsweb: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/dnewsweb: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/donothing: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/donothing: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/donothing: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/donothing: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/donothing: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/donothing: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/donothing: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/donothing: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/donothing: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/ezshopper2/loadpage.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/ezshopper2/loadpage.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/ezshopper2/loadpage.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/ezshopper2/loadpage.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/ezshopper2/loadpage.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/ezshopper3/loadpage.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/ezshopper3/loadpage.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/ezshopper3/loadpage.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/ezshopper3/loadpage.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/ezshopper3/loadpage.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/ezshopper3/loadpage.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/ezshopper3/loadpage.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/ezshopper3/loadpage.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/if/admin/nph-build.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-perl/if/admin/nph-build.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/if/admin/nph-build.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/if/admin/nph-build.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/ikonboard/help.cgi?: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/ikonboard/help.cgi?: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/ikonboard/help.cgi?: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/ikonboard/help.cgi?: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/ikonboard/help.cgi?: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/ikonboard/help.cgi?: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/imageFolio.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/imageFolio.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/imageFolio.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/imageFolio.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-perl/imageFolio.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/imageFolio.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/imagefolio/admin/admin.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/imagefolio/admin/admin.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/imagefolio/admin/admin.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/imagefolio/admin/admin.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/imagefolio/admin/admin.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/imagefolio/admin/admin.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-perl/imagefolio/admin/admin.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/imagefolio/admin/admin.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/journal.cgi?folder=journal.cgi%00: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/journal.cgi?folder=journal.cgi%00: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/journal.cgi?folder=journal.cgi%00: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/journal.cgi?folder=journal.cgi%00: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/journal.cgi?folder=journal.cgi%00: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/journal.cgi?folder=journal.cgi%00: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/mojo/mojo.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/mojo/mojo.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/mojo/mojo.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/mojo/mojo.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/mojo/mojo.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/mojo/mojo.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/mojo/mojo.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-perl/mojo/mojo.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/ncommerce3/ExecMacro/macro.d2w/%0a%0a: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/ncommerce3/ExecMacro/macro.d2w/%0a%0a: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/ncommerce3/ExecMacro/macro.d2w/%0a%0a: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/ncommerce3/ExecMacro/macro.d2w/%0a%0a: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/ncommerce3/ExecMacro/macro.d2w/%0a%0a: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/ncommerce3/ExecMacro/macro.d2w/NOEXISTINGHTMLBLOCK: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/ncommerce3/ExecMacro/macro.d2w/NOEXISTINGHTMLBLOCK: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/ncommerce3/ExecMacro/macro.d2w/NOEXISTINGHTMLBLOCK: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/ncommerce3/ExecMacro/macro.d2w/NOEXISTINGHTMLBLOCK: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/ncommerce3/ExecMacro/macro.d2w/NOEXISTINGHTMLBLOCK: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-perl/ncommerce3/ExecMacro/macro.d2w/NOEXISTINGHTMLBLOCK: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/ncommerce3/ExecMacro/macro.d2w/NOEXISTINGHTMLBLOCK: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/nph-exploitscanget.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/nph-exploitscanget.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/nph-exploitscanget.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/nph-exploitscanget.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-perl/nph-exploitscanget.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/nph-exploitscanget.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/parse-file: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/parse-file: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/parse-file: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/parse-file: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/parse-file: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/parse-file: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/php-cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/php-cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-perl/php-cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/php-cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/pollssi.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/pollssi.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/pollssi.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/pollssi.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/pollssi.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-perl/pollssi.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/postcards.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/postcards.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/postcards.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/postcards.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/postcards.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/postcards.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/postcards.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/postcards.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/profile.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/profile.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/profile.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/profile.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/profile.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/profile.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/register.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/register.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/register.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/register.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/replicator/webpage.cgi/: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/replicator/webpage.cgi/: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/replicator/webpage.cgi/: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/replicator/webpage.cgi/: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/replicator/webpage.cgi/: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/rightfax/fuwww.dll/?: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/rightfax/fuwww.dll/?: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/rightfax/fuwww.dll/?: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/rightfax/fuwww.dll/?: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/rightfax/fuwww.dll/?: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/rightfax/fuwww.dll/?: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/rightfax/fuwww.dll/?: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/rightfax/fuwww.dll/?: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/rmp_query: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/rmp_query: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/rmp_query: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/rmp_query: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/rmp_query: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/robpoll.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/robpoll.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/robpoll.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/robpoll.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-perl/robpoll.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/robpoll.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/scripts/*%0a.pl: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/scripts/*%0a.pl: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/scripts/*%0a.pl: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/scripts/*%0a.pl: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/scripts/*%0a.pl: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/scripts/*%0a.pl: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/scripts/*%0a.pl: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/scripts/*%0a.pl: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/simplestguest.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/simplestguest.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-perl/simplestguest.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/simplestguest.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/simplestmail.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/simplestmail.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/simplestmail.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/simplestmail.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/simplestmail.cgi: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/texis/phine: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/texis/phine: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/texis/phine: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/texis/phine: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/texis/phine: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/utm/admin: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/utm/admin: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/utm/admin: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/utm/admin: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-perl/utm/admin: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/utm/admin: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/utm/admin: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/utm/utm_stat: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/utm/utm_stat: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/utm/utm_stat: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/utm/utm_stat: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-perl/utm/utm_stat: This might be interesting: has been seen in web logs from an unknown scanner. + /ows-bin/oasnetconf.exe?-l%20-s%20BlahBlah: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/_vti_bin/fpcount.exe?Page=default.htm|Image=3|Digits=15: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/_vti_bin/fpcount.exe?Page=default.htm|Image=3|Digits=15: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-perl/_vti_bin/fpcount.exe?Page=default.htm|Image=3|Digits=15: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/_vti_pvt/doctodep.btr: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/_vti_pvt/doctodep.btr: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/_vti_pvt/doctodep.btr: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/_vti_pvt/doctodep.btr: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-perl/_vti_pvt/doctodep.btr: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/cfgwiz.exe: cfgwiz.exe is a Norton Anti-Virus file and should not be available via the web site. + /cgi-exe/cfgwiz.exe: cfgwiz.exe is a Norton Anti-Virus file and should not be available via the web site. + /cgi-914/Cgitest.exe: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/Cgitest.exe: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/Cgitest.exe: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-local/Cgitest.exe: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/Cgitest.exe: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/Cgitest.exe: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/Cgitest.exe: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-915/mailform.exe: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/mailform.exe: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/mailform.exe: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/mailform.exe: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/mailform.exe: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/mailform.exe: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-mod/mailform.exe: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/ms_proxy_auth_query/: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/ms_proxy_auth_query/: This might be interesting: has been seen in web logs from an unknown scanner. + /htbin/ms_proxy_auth_query/: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/ms_proxy_auth_query/: This might be interesting: has been seen in web logs from an unknown scanner. + /scgi-bin/ms_proxy_auth_query/: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-914/post16.exe: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/post16.exe: This might be interesting: has been seen in web logs from an unknown scanner. + /scripts/post16.exe: This might be interesting: has been seen in web logs from an unknown scanner. + /fcgi-bin/post16.exe: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-exe/post16.exe: This might be interesting: has been seen in web logs from an unknown scanner. + /cgi-perl/post16.exe: This might be interesting: has been seen in web logs from an unknown scanner. + /mpcgi/.htaccess: Contains authorization information. + /htbin/.htaccess: Contains authorization information. + /scripts/.htaccess: Contains authorization information. + /fcgi-bin/.htaccess: Contains authorization information. + /cgi-mod/.htaccess: Contains authorization information. + /cgi-914/.htaccess.old: Backup/Old copy of .htaccess - Contains authorization information. + /cgi-915/.htaccess.old: Backup/Old copy of .htaccess - Contains authorization information. + /mpcgi/.htaccess.old: Backup/Old copy of .htaccess - Contains authorization information. + /cgi-local/.htaccess.old: Backup/Old copy of .htaccess - Contains authorization information. + /htbin/.htaccess.old: Backup/Old copy of .htaccess - Contains authorization information. + /cgi-exe/.htaccess.old: Backup/Old copy of .htaccess - Contains authorization information. + /cgi-perl/.htaccess.old: Backup/Old copy of .htaccess - Contains authorization information. + /cgi-915/.htaccess.save: Backup/Old copy of .htaccess - Contains authorization information. + /cgi-local/.htaccess.save: Backup/Old copy of .htaccess - Contains authorization information. + /fcgi-bin/.htaccess.save: Backup/Old copy of .htaccess - Contains authorization information. + /cgi-perl/.htaccess.save: Backup/Old copy of .htaccess - Contains authorization information. + /scgi-bin/.htaccess.save: Backup/Old copy of .htaccess - Contains authorization information. + /cgi-mod/.htaccess.save: Backup/Old copy of .htaccess - Contains authorization information. + /cgi-915/.htaccess~: Backup/Old copy of .htaccess - Contains authorization information. + /mpcgi/.htaccess~: Backup/Old copy of .htaccess - Contains authorization information. + /cgi-local/.htaccess~: Backup/Old copy of .htaccess - Contains authorization information. + /cgi-perl/.htaccess~: Backup/Old copy of .htaccess - Contains authorization information. + /scgi-bin/.htaccess~: Backup/Old copy of .htaccess - Contains authorization information. + /cgi-mod/.htaccess~: Backup/Old copy of .htaccess - Contains authorization information. + /cgi-914/.htpasswd: Contains authorization information. + /cgi-915/.htpasswd: Contains authorization information. + /cgi-local/.htpasswd: Contains authorization information. + /htbin/.htpasswd: Contains authorization information. + /fcgi-bin/.htpasswd: Contains authorization information. + /cgi-exe/.htpasswd: Contains authorization information. + /cgi-914/.passwd: Contains authorization information. + /cgi-915/.passwd: Contains authorization information. + /scripts/.passwd: Contains authorization information. + /cgi-mod/.passwd: Contains authorization information. + /cgi-915/.wwwacl: Contains authorization information. + /mpcgi/.wwwacl: Contains authorization information. + /htbin/.wwwacl: Contains authorization information. + /scripts/.wwwacl: Contains authorization information. + /scgi-bin/.wwwacl: Contains authorization information. + /cgi-914/.www_acl: Contains authorization information. + /scripts/.www_acl: Contains authorization information. + /fcgi-bin/.www_acl: Contains authorization information. + /cgi-perl/.www_acl: Contains authorization information. + /scgi-bin/.www_acl: Contains authorization information. + /cgi-mod/.www_acl: Contains authorization information. + /.access: Contains authorization information. + /.addressbook: PINE addressbook, may store sensitive e-mail address contact information and notes. + /.bashrc: User home dir was found with a shell rc file. This may reveal file and path information. + /.forward: User home dir was found with a mail forward file. May reveal where the user's mail is being forwarded to. + /.history: A user's home directory may be set to the web root, the shell history was retrieved. This should not be accessible via the web. + /.htaccess: Contains configuration and/or authorization information. + /.lynx_cookies: User home dir found with LYNX cookie file. May reveal cookies received from arbitrary web sites. + /.passwd: Contains authorization information. + /.pinerc: User home dir found with a PINE rc file. May reveal system information, directories and more. + /.plan: User home dir with a .plan, a now mostly outdated file for delivering information via the finger protocol. + /.proclog: User home dir with a Procmail log file. May reveal user mail traffic, directories and more. + /.profile: User home dir with a shell profile was found. May reveal directory information and system configuration. + /.rhosts: A user's home directory may be set to the web root, a .rhosts file was retrieved. This should not be accessible via the web. + /.ssh/known_hosts: A user's home directory may be set to the web root, an ssh file was retrieved. This should not be accessible via the web. + /servlet/Counter: JRun default servlet found. All default code should be removed from servers. See: CWE-552 + /servlet/HelloWorldServlet: JRun default servlet found. All default code should be removed from servers. See: CWE-552 + /servlet/SessionServlet: JRun or Netware WebSphere default servlet found. All default code should be removed from servers. See: CWE-552 + /cgi-bin/CGImail.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /cgi-bin/fpsrvadm.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /scripts/cfgwiz.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /scripts/CGImail.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /scripts/fpsrvadm.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /_private/: FrontPage directory found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /_vti_bin/: FrontPage directory found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /_vti_bin/CGImail.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /_vti_bin/_vti_cnf/: FrontPage directory found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /_vti_cnf/_vti_cnf/: FrontPage directory found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /_vti_log/_vti_cnf/: FrontPage directory found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage + /nethome/: Netscape Enterprise Server default doc/manual directory. Reveals server path at bottom of page. See: CWE-552 + /servlet/AdminServlet: Netware Web Search Server (adminservlet) found. All default code should be removed from web servers. See: CWE-552 + /servlet/gwmonitor: Netware Gateway monitor found. All default code should be removed from web servers. See: CWE-552 + /servlet/PrintServlet: Novell Netware default servlet found. All default code should be removed from the system. See: CWE-552 + /servlet/SearchServlet: Novell Netware default servlet found. All default code should be removed from the system. See: CWE-552 + /servlet/sq1cdsn: Novell Netware default servlet found. All default code should be removed from the system. See: CWE-552 + /servlet/webacc: Netware Enterprise and/or GroupWise web access found. All default code should be removed from Internet servers. See: CWE-552 + /cgi-915/cgi-test.exe: Default CGI found. See: CWE-552 + /mpcgi/cgi-test.exe: Default CGI found. See: CWE-552 + /fcgi-bin/cgi-test.exe: Default CGI found. See: CWE-552 + /cgi-exe/cgi-test.exe: Default CGI found. See: CWE-552 + /scgi-bin/cgi-test.exe: Default CGI found. See: CWE-552 + /cgi-mod/cgi-test.exe: Default CGI found. See: CWE-552 + /index.html.en: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.es: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.hr.iso8859-2: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.ja.iso2022-jp: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.ltz.utf8: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.lu.utf8: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.nn: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.pt: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.pt-br: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.ru.utf8: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /index.html.tw: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552 + /iissamples/sdk/asp/docs/codebrws.asp: This is a default IIS script/file that should be removed. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0739,https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013 + /iissamples/sdk/asp/docs/Winmsdp.exe: This is a default IIS script/file that should be removed. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0738. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1451,https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013 + /srvstatus.chl+: Abyss allows hidden/protected files to be served if a + is added to the request. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1081 + /cgi-915/imagemap: imagemap.exe was found. Many versions from different vendors contain flaws. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0951 + /cgi-local/imagemap: imagemap.exe was found. Many versions from different vendors contain flaws. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0951 + /fcgi-bin/imagemap: imagemap.exe was found. Many versions from different vendors contain flaws. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0951 + /cgi-exe/imagemap: imagemap.exe was found. Many versions from different vendors contain flaws. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0951 + /scgi-bin/imagemap: imagemap.exe was found. Many versions from different vendors contain flaws. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0951 + /mpcgi/imagemap.exe: imagemap.exe was found. Many versions from different vendors contain flaws. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0951 + /scripts/imagemap.exe: imagemap.exe was found. Many versions from different vendors contain flaws. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0951 + /fcgi-bin/imagemap.exe: imagemap.exe was found. Many versions from different vendors contain flaws. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0951 + /cgi-915/htimage.exe: htimage.exe may be vulnerable to a buffer overflow in the mapname portion. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/MS00-028. http://www.securityfocus.com/bid/1117. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0256 + /mpcgi/htimage.exe: htimage.exe may be vulnerable to a buffer overflow in the mapname portion. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/MS00-028. http://www.securityfocus.com/bid/1117. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0256 + /htbin/htimage.exe: htimage.exe may be vulnerable to a buffer overflow in the mapname portion. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/MS00-028. http://www.securityfocus.com/bid/1117. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0256 + /scripts/htimage.exe: htimage.exe may be vulnerable to a buffer overflow in the mapname portion. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/MS00-028. http://www.securityfocus.com/bid/1117. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0256 + /fcgi-bin/htimage.exe: htimage.exe may be vulnerable to a buffer overflow in the mapname portion. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/MS00-028. http://www.securityfocus.com/bid/1117. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0256 + /cgi-exe/htimage.exe: htimage.exe may be vulnerable to a buffer overflow in the mapname portion. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/MS00-028. http://www.securityfocus.com/bid/1117. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0256 + Scan terminated: 0 error(s) and 2288 item(s) reported on remote host + End Time: 2025-11-09 16:55:21 (GMT-8) (61 seconds) --------------------------------------------------------------------------- + 1 host(s) tested
Detailed report
-
Target
starkrdp.net
-
Target IP
104.26.15.71
-
Scan method
Nikto scan (max 60 sec)
-
Run command
nikto -host starkrdp.net -maxtime 60
- Duration
- Quick report
-
Scan date
09 Nov 2025 19:55
-
Copy scan report
- Download report
- Remove scan result
- Check ports
- API - Scan ID