Scan report for "www.swhosting.com"

  1. Nikto Online
  2. Scan report for "www.swhosting.com"
Membership level: Free member
Summary

Found

387

Duration

1min 1sec

Date

2025-02-25

IP

104.26.3.182

Report
Nikto scan (max 60 sec) (nikto -host www.swhosting.com -maxtime 60)
- Nikto 
---------------------------------------------------------------------------
+ Multiple IPs found: 104.26.3.182, 172.67.74.174, 104.26.2.182, 2606:4700:20::ac43:4aae, 2606:4700:20::681a:2b6, 2606:4700:20::681a:3b6
+ Target IP:          104.26.3.182
+ Target Hostname:    www.swhosting.com
+ Target Port:        80
+ Start Time:         2025-02-25 11:14:15 (GMT-8)
---------------------------------------------------------------------------
+ Server: cloudflare
+ /: Uncommon header 'server-timing' found, with contents: cfL4;desc="?proto=TCP&rtt=1230&min_rtt=1007&rtt_var=646&sent=8&recv=7&lost=0&retrans=0&sent_bytes=7399&recv_bytes=588&delivery_rate=6435555&cwnd=187&unsent_bytes=0&cid=0000000000000000&ts=0&x=0".
+ /: An alt-svc header was found which is advertising HTTP/3. The endpoint is: ':443'. Nikto cannot test HTTP/3 over QUIC. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/alt-svc
+ /cgi-915/classified.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-local/classified.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /fcgi-bin/classified.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-exe/classified.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-mod/classified.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-915/download.cgi: Check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article
+ /bin/download.cgi: Check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-local/download.cgi: Check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-win/download.cgi: Check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article
+ /fcgi-bin/download.cgi: Check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-perl/download.cgi: Check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-mod/download.cgi: Check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi.cgi/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /bin/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /ows-bin/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /cgi-win/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /fcgi-bin/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /cgi-exe/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /cgi-perl/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /cgi-mod/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /cgi-915/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /ows-bin/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /cgi-win/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /cgi-mod/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article
+ /cgi.cgi/lwgate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /bin/lwgate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-local/lwgate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-win/lwgate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-perl/lwgate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-mod/lwgate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi.cgi/LWGate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-915/LWGate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /bin/LWGate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-local/LWGate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-win/LWGate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-perl/LWGate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-mod/LWGate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-914/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-915/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /ows-bin/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-mod/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-914/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-915/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-local/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-mod/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi.cgi/perlshop.cgi: v3.1 by ARPAnet.com; check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article
+ /ows-bin/perlshop.cgi: v3.1 by ARPAnet.com; check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-win/perlshop.cgi: v3.1 by ARPAnet.com; check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article
+ /fcgi-bin/perlshop.cgi: v3.1 by ARPAnet.com; check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-exe/perlshop.cgi: v3.1 by ARPAnet.com; check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-perl/perlshop.cgi: v3.1 by ARPAnet.com; check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article
+ /cgi-mod/perlshop.cgi: v3.1 by ARPAnet.com; check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article
+ /splashAdmin.php: Cobalt Qube 3 admin is running. This may have multiple security problems which could not be tested remotely. See: https://seclists.org/bugtraq/2002/Jul/262
+ /ows-bin/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners.
+ /cgi-win/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners.
+ /cgi-perl/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners.
+ /ows-bin/finger: finger other users, may be other commands?.
+ /cgi-local/finger: finger other users, may be other commands?.
+ /cgi-win/finger: finger other users, may be other commands?.
+ /fcgi-bin/finger: finger other users, may be other commands?.
+ /cgi-perl/finger: finger other users, may be other commands?.
+ /cgi.cgi/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /cgi-915/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /cgi-local/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /cgi-win/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /fcgi-bin/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /cgi-exe/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /cgi-perl/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /cgi-mod/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /cgi.cgi/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /cgi-914/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /cgi-915/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /cgi-win/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /cgi-mod/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.
+ /cgi.cgi/photo/protected/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems.
+ /cgi-914/photo/protected/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems.
+ /cgi-915/photo/protected/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems.
+ /ows-bin/photo/protected/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems.
+ /cgi-perl/photo/protected/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems.
+ /cgi.cgi/wrap.cgi: Allows viewing of directories.
+ /ows-bin/wrap.cgi: Allows viewing of directories.
+ /cgi-mod/wrap.cgi: Allows viewing of directories.
+ /cgi-bin/wrap: Allows viewing of directories.
+ /forums/config.php: PHP Config file may contain database IDs and passwords.
+ /guestbook/guestbookdat: PHP-Gastebuch 1.60 Beta reveals sensitive information about its configuration.
+ /hola/admin/cms/htmltags.php?datei=./sec/data.php: hola-cms-1.2.9-10 may reveal the administrator ID and password. See: https://vulners.com/exploitdb/EDB-ID:23027
+ /inc/config.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1253
+ /inc/dbase.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1253
+ /cgi.cgi/html2chtml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more.
+ /cgi-915/html2chtml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more.
+ /cgi-local/html2chtml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more.
+ /cgi-win/html2chtml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more.
+ /fcgi-bin/html2chtml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more.
+ /cgi-perl/html2chtml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more.
+ /cgi-mod/html2chtml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more.
+ /cgi.cgi/html2wml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more.
+ /cgi-local/html2wml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more.
+ /fcgi-bin/html2wml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more.
+ /cgi-perl/html2wml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more.
+ /cgi-mod/html2wml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more.
+ /cgi.cgi/guestbook.cgi: May allow attackers to execute commands as the web daemon.
+ /cgi-win/guestbook.cgi: May allow attackers to execute commands as the web daemon.
+ /fcgi-bin/guestbook.cgi: May allow attackers to execute commands as the web daemon.
+ /ows-bin/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.
+ /cgi-local/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.
+ /fcgi-bin/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.
+ /cgi-exe/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.
+ /cgi-perl/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.
+ /cgi-mod/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory.
+ /bin/gH.cgi: Web backdoor by gH.
+ /ows-bin/gH.cgi: Web backdoor by gH.
+ /cgi-exe/gH.cgi: Web backdoor by gH.
+ /cgi-perl/gH.cgi: Web backdoor by gH.
+ /cgi-914/gm-cplog.cgi: GreyMatter log file defaults to mode 666 and contains login and passwords used to update the GM site. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /getaccess: This may be an indication that the server is running getAccess for SSO.
+ /cgi.cgi/gm.cgi: GreyMatter blogger may reveal user IDs/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /bin/gm.cgi: GreyMatter blogger may reveal user IDs/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /cgi-local/gm.cgi: GreyMatter blogger may reveal user IDs/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /cgi-win/gm.cgi: GreyMatter blogger may reveal user IDs/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /fcgi-bin/gm.cgi: GreyMatter blogger may reveal user IDs/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /cgi-exe/gm.cgi: GreyMatter blogger may reveal user IDs/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html
+ /cgi.cgi/AT-admin.cgi: Admin interface.
+ /cgi-914/AT-admin.cgi: Admin interface.
+ /cgi-win/AT-admin.cgi: Admin interface.
+ /fcgi-bin/AT-admin.cgi: Admin interface.
+ /cgi-exe/AT-admin.cgi: Admin interface.
+ /cgi-perl/AT-admin.cgi: Admin interface.
+ /cgi-mod/AT-admin.cgi: Admin interface.
+ /cgi-914/mt-static/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.
+ /cgi-915/mt-static/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.
+ /bin/mt-static/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.
+ /ows-bin/mt-static/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.
+ /cgi-local/mt-static/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.
+ /cgi-win/mt-static/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.
+ /fcgi-bin/mt-static/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.
+ /cgi-exe/mt-static/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.
+ /cgi-914/mt/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.
+ /fcgi-bin/mt/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.
+ /cgi-exe/mt/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.
+ /cgi-perl/mt/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.
+ /cgi-mod/mt/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules.
+ /cfdocs/expeval/openfile.cfm: Can use to expose the system/server path.
+ /cgi-914/banner.cgi: This CGI may allow attackers to read any file on the system.
+ /bin/banner.cgi: This CGI may allow attackers to read any file on the system.
+ /cgi-local/banner.cgi: This CGI may allow attackers to read any file on the system.
+ /fcgi-bin/banner.cgi: This CGI may allow attackers to read any file on the system.
+ /cgi-mod/banner.cgi: This CGI may allow attackers to read any file on the system.
+ /cgi-915/bannereditor.cgi: This CGI may allow attackers to read any file on the system.
+ /ows-bin/bannereditor.cgi: This CGI may allow attackers to read any file on the system.
+ /fcgi-bin/bannereditor.cgi: This CGI may allow attackers to read any file on the system.
+ /cgi-exe/bannereditor.cgi: This CGI may allow attackers to read any file on the system.
+ /cgi-perl/bannereditor.cgi: This CGI may allow attackers to read any file on the system.
+ /cgi-mod/bannereditor.cgi: This CGI may allow attackers to read any file on the system.
+ /cgi.cgi/bizdb1-search.cgi: This CGI may allow attackers to execute commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0287
+ /cgi-915/bizdb1-search.cgi: This CGI may allow attackers to execute commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0287
+ /cgi-win/bizdb1-search.cgi: This CGI may allow attackers to execute commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0287
+ /fcgi-bin/bizdb1-search.cgi: This CGI may allow attackers to execute commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0287
+ /cgi-exe/bizdb1-search.cgi: This CGI may allow attackers to execute commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0287
+ /cgi-mod/bizdb1-search.cgi: This CGI may allow attackers to execute commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0287
+ /cgi.cgi/blog/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload.
+ /cgi-915/blog/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload.
+ /bin/blog/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload.
+ /ows-bin/blog/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload.
+ /cgi-exe/blog/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload.
+ /cgi-perl/blog/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload.
+ /cgi-mod/blog/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload.
+ /vgn/performance/TMT: Vignette CMS admin/maintenance script available.
+ /vgn/record/previewer: Vignette CMS admin/maintenance script available.
+ /vgn/stylepreviewer: Vignette CMS admin/maintenance script available.
+ /vgn/vr/Deleting: Vignette CMS admin/maintenance script available.
+ /vgn/vr/Editing: Vignette CMS admin/maintenance script available.
+ /vgn/vr/Saving: Vignette CMS admin/maintenance script available.
+ /vgn/vr/Select: Vignette CMS admin/maintenance script available.
+ /bigconf.cgi: BigIP Configuration CGI.
+ /blah_badfile.shtml: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call.
+ /cgi.cgi/moin.cgi?test: MoinMoin 1.1 and prior contain at least two XSS vulnerabilities. Version 1.0 and prior also contains a XSLT related vulnerability. See: http://moinmo.in/MoinMoinDownload
+ /ows-bin/moin.cgi?test: MoinMoin 1.1 and prior contain at least two XSS vulnerabilities. Version 1.0 and prior also contains a XSLT related vulnerability. See: http://moinmo.in/MoinMoinDownload
+ /cgi-win/moin.cgi?test: MoinMoin 1.1 and prior contain at least two XSS vulnerabilities. Version 1.0 and prior also contains a XSLT related vulnerability. See: http://moinmo.in/MoinMoinDownload
+ /cgi-exe/moin.cgi?test: MoinMoin 1.1 and prior contain at least two XSS vulnerabilities. Version 1.0 and prior also contains a XSLT related vulnerability. See: http://moinmo.in/MoinMoinDownload
+ /cgi-perl/moin.cgi?test: MoinMoin 1.1 and prior contain at least two XSS vulnerabilities. Version 1.0 and prior also contains a XSLT related vulnerability. See: http://moinmo.in/MoinMoinDownload
+ /bb-dnbd/faxsurvey: This may allow arbitrary command execution.
+ /scripts/tools/dsnform: Allows creation of ODBC Data Source.
+ /ows/restricted%2eshow: OWS may allow restricted files to be viewed by replacing a character with its encoded equivalent.
+ /cgi.cgi/astrocam.cgi: Astrocam 1.4.1 contained buffer overflow. Prior to 2.1.3 contained unspecified security bugs. See: http://www.securityfocus.com/bid/4684
+ /cgi-914/astrocam.cgi: Astrocam 1.4.1 contained buffer overflow. Prior to 2.1.3 contained unspecified security bugs. See: http://www.securityfocus.com/bid/4684
+ /ows-bin/astrocam.cgi: Astrocam 1.4.1 contained buffer overflow. Prior to 2.1.3 contained unspecified security bugs. See: http://www.securityfocus.com/bid/4684
+ /fcgi-bin/astrocam.cgi: Astrocam 1.4.1 contained buffer overflow. Prior to 2.1.3 contained unspecified security bugs. See: http://www.securityfocus.com/bid/4684
+ /cgi-perl/astrocam.cgi: Astrocam 1.4.1 contained buffer overflow. Prior to 2.1.3 contained unspecified security bugs. See: http://www.securityfocus.com/bid/4684
+ /cgi-mod/astrocam.cgi: Astrocam 1.4.1 contained buffer overflow. Prior to 2.1.3 contained unspecified security bugs. See: http://www.securityfocus.com/bid/4684
+ /cgi.cgi/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded.
+ /cgi-914/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded.
+ /bin/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded.
+ /cgi-local/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded.
+ /cgi-win/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded.
+ /cgi-mod/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded.
+ /cgi.cgi/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098
+ /cgi-914/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098
+ /cgi-915/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098
+ /bin/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098
+ /cgi-local/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098
+ /fcgi-bin/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098
+ /cgi-perl/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098
+ /cgi.cgi/ezadmin.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /cgi-914/ezadmin.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /cgi-915/ezadmin.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /bin/ezadmin.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /cgi-exe/ezadmin.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /cgi-915/ezboard.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /cgi-local/ezboard.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /cgi-win/ezboard.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /fcgi-bin/ezboard.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /cgi-perl/ezboard.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /cgi-914/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /cgi-915/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /ows-bin/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /cgi-local/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /fcgi-bin/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /cgi-exe/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /cgi-perl/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /cgi-mod/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow.
+ /cgi.cgi/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x.
+ /cgi-915/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x.
+ /bin/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x.
+ /cgi-local/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x.
+ /cgi-win/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x.
+ /fcgi-bin/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x.
+ /cgi-mod/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x.
+ /administrator/gallery/uploadimage.php: Mambo PHP Portal/Server 4.0.12 BETA and below may allow upload of any file type simply putting '.jpg' before the real file extension.
+ /phpEventCalendar/file_upload.php: phpEventCalendar 1.1 and prior are vulnerable to file upload bug.
+ /vgn/ac/data: Vignette CMS admin/maintenance script available.
+ /vgn/ac/delete: Vignette CMS admin/maintenance script available.
+ /vgn/ac/esave: Vignette CMS admin/maintenance script available.
+ /vgn/ac/fsave: Vignette CMS admin/maintenance script available.
+ /vgn/ac/index: Vignette CMS admin/maintenance script available.
+ /vgn/asp/MetaDataUpdate: Vignette CMS admin/maintenance script available.
+ /vgn/asp/previewer: Vignette CMS admin/maintenance script available.
+ /vgn/asp/style: Vignette CMS admin/maintenance script available.
+ /vgn/errors: Vignette CMS admin/maintenance script available.
+ /vgn/jsp/controller: Vignette CMS admin/maintenance script available.
+ /vgn/jsp/errorpage: Vignette CMS admin/maintenance script available.
+ /vgn/jsp/initialize: Vignette CMS admin/maintenance script available.
+ /vgn/jsp/jspstatus: Vignette CMS admin/maintenance script available.
+ /vgn/jsp/jspstatus56: Vignette CMS admin/maintenance script available.
+ /vgn/jsp/metadataupdate: Vignette CMS admin/maintenance script available.
+ /vgn/jsp/previewer: Vignette CMS admin/maintenance script available.
+ /vgn/login: Vignette server may allow user enumeration based on the login attempts to this file.
+ /cgi-915/%2e%2e/abyss.conf: The Abyss configuration file was successfully retrieved. Upgrade with the latest version/patches for 1.0. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0544
+ /cgi-local/%2e%2e/abyss.conf: The Abyss configuration file was successfully retrieved. Upgrade with the latest version/patches for 1.0. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0544
+ /cgi-win/%2e%2e/abyss.conf: The Abyss configuration file was successfully retrieved. Upgrade with the latest version/patches for 1.0. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0544
+ /cgi-perl/%2e%2e/abyss.conf: The Abyss configuration file was successfully retrieved. Upgrade with the latest version/patches for 1.0. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0544
+ /simplebbs/users/users.php: Simple BBS 1.0.6 allows user information and passwords to be viewed remotely. See: https://www.webhostingtalk.nl/bugtraq-mailing-lijst/23898-simplebbs-1-0-6-default-permissions-vuln.html
+ /cms/typo3conf/database.sql: TYPO3 SQL file found.
+ /cms/typo3conf/localconf.php: TYPO3 config file found.
+ /typo/typo3conf/localconf.php: TYPO3 config file found.
+ /vgn/license: Vignette server license file found. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0403
+ /ws_ftp.ini: Can contain saved passwords for FTP sites.
+ /WS_FTP.ini: Can contain saved passwords for FTP sites.
+ /cgi/cgiproc?: It may be possible to crash Nortel Contivity VxWorks by requesting '/cgi/cgiproc?$' (not attempted!). Upgrade to version 2.60 or later. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0063
+ /cgi.cgi/addbanner.cgi: This CGI may allow attackers to read any file on the system.
+ /bin/addbanner.cgi: This CGI may allow attackers to read any file on the system.
+ /ows-bin/addbanner.cgi: This CGI may allow attackers to read any file on the system.
+ /cgi-win/addbanner.cgi: This CGI may allow attackers to read any file on the system.
+ /fcgi-bin/addbanner.cgi: This CGI may allow attackers to read any file on the system.
+ /cgi-exe/addbanner.cgi: This CGI may allow attackers to read any file on the system.
+ /cgi-perl/addbanner.cgi: This CGI may allow attackers to read any file on the system.
+ /cgi-914/aglimpse.cgi: This CGI may allow attackers to execute remote commands.
+ /cgi-915/aglimpse.cgi: This CGI may allow attackers to execute remote commands.
+ /cgi-local/aglimpse.cgi: This CGI may allow attackers to execute remote commands.
+ /cgi-win/aglimpse.cgi: This CGI may allow attackers to execute remote commands.
+ /fcgi-bin/aglimpse.cgi: This CGI may allow attackers to execute remote commands.
+ /cgi-mod/aglimpse.cgi: This CGI may allow attackers to execute remote commands.
+ /cgi.cgi/aglimpse: This CGI may allow attackers to execute remote commands.
+ /cgi-914/aglimpse: This CGI may allow attackers to execute remote commands.
+ /cgi-915/aglimpse: This CGI may allow attackers to execute remote commands.
+ /ows-bin/aglimpse: This CGI may allow attackers to execute remote commands.
+ /cgi-local/aglimpse: This CGI may allow attackers to execute remote commands.
+ /fcgi-bin/aglimpse: This CGI may allow attackers to execute remote commands.
+ /cgi-exe/aglimpse: This CGI may allow attackers to execute remote commands.
+ /cgi-perl/aglimpse: This CGI may allow attackers to execute remote commands.
+ /cgi.cgi/architext_query.cgi: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.
+ /cgi-915/architext_query.cgi: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.
+ /cgi-local/architext_query.cgi: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.
+ /cgi-win/architext_query.cgi: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.
+ /cgi-perl/architext_query.cgi: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.
+ /servlet/SchedulerTransfer: PeopleSoft SchedulerTransfer servlet found, which may allow remote command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0104
+ /cgi-914/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands.
+ /bin/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands.
+ /cgi-win/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands.
+ /fcgi-bin/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands.
+ /cgi-mod/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands.
+ /cgi-914/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands.
+ /bin/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands.
+ /ows-bin/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands.
+ /cgi-local/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands.
+ /cgi-win/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands.
+ /cgi-mod/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands.
+ /perl/-e%20print%20Hello: The Perl interpreter on the Novell system may allow any command to be executed. See: http://www.securityfocus.com/bid/5520
+ /vgn/legacy/save: Vignette Legacy Tool may be unprotected. To access this resource, set a cookie called 'vgn_creds' with any value.
+ /quikstore.cfg: Shopping cart config file, http://www.quikstore.com/, http://www.mindsec.com/advisories/post2.txt. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0607
+ /quikstore.cgi: A shopping cart.
+ /nsn/..%5Cutil/attrib.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/chkvol.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/del.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/glist.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/ren.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/send.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/set.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/slist.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/type.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cutil/userlist.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /nsn/..%5Cweb/env.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server.
+ /cgi-914/archie: Gateway to the unix command, may be able to submit extra commands.
+ /ows-bin/archie: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-local/archie: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-exe/archie: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-perl/archie: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-mod/archie: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-local/calendar: Gateway to the unix command, may be able to submit extra commands.
+ /fcgi-bin/calendar: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-exe/calendar: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-perl/calendar: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-914/date: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-915/date: Gateway to the unix command, may be able to submit extra commands.
+ /bin/date: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-local/date: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-win/date: Gateway to the unix command, may be able to submit extra commands.
+ /fcgi-bin/date: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-mod/date: Gateway to the unix command, may be able to submit extra commands.
+ /cgi.cgi/fortune: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-915/fortune: Gateway to the unix command, may be able to submit extra commands.
+ /ows-bin/fortune: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-win/fortune: Gateway to the unix command, may be able to submit extra commands.
+ /fcgi-bin/fortune: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-perl/fortune: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-mod/fortune: Gateway to the unix command, may be able to submit extra commands.
+ /cgi.cgi/redirect: Redirects via URL from form.
+ /cgi-914/redirect: Redirects via URL from form.
+ /cgi-local/redirect: Redirects via URL from form.
+ /cgi-win/redirect: Redirects via URL from form.
+ /fcgi-bin/redirect: Redirects via URL from form.
+ /cgi-exe/redirect: Redirects via URL from form.
+ /cgi-mod/redirect: Redirects via URL from form.
+ /cgi.cgi/uptime: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-914/uptime: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-915/uptime: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-win/uptime: Gateway to the unix command, may be able to submit extra commands.
+ /cgi-exe/uptime: Gateway to the unix command, may be able to submit extra commands.
+ /cgi.cgi/mail: Simple Perl mailing script to send form data to a pre-configured email address.
+ /cgi-914/mail: Simple Perl mailing script to send form data to a pre-configured email address.
+ /bin/mail: Simple Perl mailing script to send form data to a pre-configured email address.
+ /cgi-perl/mail: Simple Perl mailing script to send form data to a pre-configured email address.
+ /cgi-mod/mail: Simple Perl mailing script to send form data to a pre-configured email address.
+ /bin/query: Echoes back result of your GET.
+ /ows-bin/query: Echoes back result of your GET.
+ /cgi-local/query: Echoes back result of your GET.
+ /cgi-win/query: Echoes back result of your GET.
+ /cgi-exe/query: Echoes back result of your GET.
+ /cgi-mod/query: Echoes back result of your GET.
+ /cgi-914/test-cgi.tcl: May echo environment variables or give directory listings.
+ /bin/test-cgi.tcl: May echo environment variables or give directory listings.
+ /ows-bin/test-cgi.tcl: May echo environment variables or give directory listings.
+ /cgi-win/test-cgi.tcl: May echo environment variables or give directory listings.
+ /cgi-mod/test-cgi.tcl: May echo environment variables or give directory listings.
+ /cgi.cgi/test-env: May echo environment variables or give directory listings.
+ /cgi-915/test-env: May echo environment variables or give directory listings.
+ /bin/test-env: May echo environment variables or give directory listings.
+ /cgi-exe/test-env: May echo environment variables or give directory listings.
+ /cgi-mod/test-env: May echo environment variables or give directory listings.
+ /admin-serv/config/admpw: This file contains the encrypted Netscape admin password. It should not be accessible via the web.
+ /cgi-bin/cgi_process: WASD reveals a lot of system information in this script. It should be removed.
+ /tree: WASD Server reveals the entire web root structure and files via this URL. Upgrade to a later version and secure according to the documents on the WASD web site.
+ /cgi-915/snorkerz.cmd: Arguments passed to DOS CGI without checking.
+ /bin/snorkerz.cmd: Arguments passed to DOS CGI without checking.
+ /cgi-local/snorkerz.cmd: Arguments passed to DOS CGI without checking.
+ /cgi-exe/snorkerz.cmd: Arguments passed to DOS CGI without checking.
+ /cgi-mod/snorkerz.cmd: Arguments passed to DOS CGI without checking.
+ /.nsf/../winnt/win.ini: This win.ini file can be downloaded.
+ /................../config.sys: PWS allows files to be read by prepending multiple '.' characters. At worst, IIS, not PWS, should be used.
+ /cgi.cgi/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756
+ /cgi-914/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756
+ /bin/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756
+ /ows-bin/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756
+ /fcgi-bin/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756
+ /cgi-exe/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756
+ /cgi-mod/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756
+ Scan terminated: 0 error(s) and 387 item(s) reported on remote host
+ End Time:           2025-02-25 11:15:16 (GMT-8) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
Trustpilot
Online Nikto scanner - Online Nikto web server scanner | Product Hunt
Detailed report
Target
www.swhosting.com
Target IP
104.26.3.182
Scan method
Nikto scan (max 60 sec)
Run command
nikto -host www.swhosting.com -maxtime 60
Duration
Quick report
Scan date
25 Feb 2025 14:15
Copy scan report
Download report
Remove scan result
$
Total scans
Check ports
API - Scan ID