Found
Duration
Date
IP
- Nikto --------------------------------------------------------------------------- + Multiple IPs found: 104.26.9.71, 104.26.8.71, 172.67.74.198, 2606:4700:20::681a:847, 2606:4700:20::681a:947, 2606:4700:20::ac43:4ac6 + Target IP: 104.26.9.71 + Target Hostname: cartechnology.co.uk + Target Port: 80 + Start Time: 2025-01-06 12:31:29 (GMT-5) --------------------------------------------------------------------------- + Server: cloudflare + /: Uncommon header 'server-timing' found, with contents: cfL4;desc="?proto=TCP&rtt=2007&min_rtt=1892&rtt_var=762&sent=3&recv=6&lost=0&retrans=0&sent_bytes=2060&recv_bytes=594&delivery_rate=758909&cwnd=237&unsent_bytes=0&cid=0000000000000000&ts=0&x=0". + /: An alt-svc header was found which is advertising HTTP/3. The endpoint is: ':443'. Nikto cannot test HTTP/3 over QUIC. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/alt-svc + /webcgi/classified.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-915/classified.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-bin/classified.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgibin/classified.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /scripts/classified.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /scgi-bin/classified.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-bin-sdb/classified.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi/download.cgi: Check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article + /cgibin/download.cgi: Check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article + /fcgi-bin/download.cgi: Check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-exe/download.cgi: Check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-mod/download.cgi: Check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article + /webcgi/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /cgi-915/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /cgi/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /cgi-win/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /cgi-exe/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /scgi-bin/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /cgi-bin-sdb/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /cgi-mod/flexform.cgi: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /cgi-915/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /cgi-bin/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /cgibin/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /cgis/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /scripts/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /cgi-win/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /cgi-bin-sdb/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /cgi-mod/flexform: Check Phrack 55 for info by RFP; allows to append info to writable files. See: http://phrack.org/issues/55/7.html#article + /webcgi/lwgate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-915/lwgate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgis/lwgate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /scripts/lwgate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /fcgi-bin/lwgate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-mod/lwgate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /webcgi/LWGate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi/LWGate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgibin/LWGate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgis/LWGate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-win/LWGate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-perl/LWGate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /scgi-bin/LWGate.cgi: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /webcgi/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-915/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgibin/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /scripts/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-win/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-exe/lwgate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-915/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-bin/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgibin/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /fcgi-bin/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-exe/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-perl/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /scgi-bin/LWGate: Check Phrack 55 for info by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-915/perlshop.cgi: v3.1 by ARPAnet.com; check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi/perlshop.cgi: v3.1 by ARPAnet.com; check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article + /cgis/perlshop.cgi: v3.1 by ARPAnet.com; check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article + /cgi-exe/perlshop.cgi: v3.1 by ARPAnet.com; check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article + /scgi-bin/perlshop.cgi: v3.1 by ARPAnet.com; check info in Phrack 55 by RFP. See: http://phrack.org/issues/55/7.html#article + /lists/admin/: PHPList pre 2.6.4 contains a number of vulnerabilities including remote administrative access, harvesting user info and more. Default login to admin interface is admin/phplist. + /tiki/: Tiki 1.7.2 and previous allowed restricted Wiki pages to be viewed via a 'URL trick'. Default login/pass could be admin/admin. + /tiki/tiki-install.php: Tiki 1.7.2 and previous allowed restricted Wiki pages to be viewed via a 'URL trick'. Default login/pass could be admin/admin. + /webcgi/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners. + /cgi-915/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners. + /cgi/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners. + /cgi-bin/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners. + /cgis/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners. + /scripts/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners. + /cgi-win/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners. + /cgi-perl/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners. + /scgi-bin/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners. + /cgi-bin-sdb/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners. + /cgi/finger: finger other users, may be other commands?. + /cgis/finger: finger other users, may be other commands?. + /cgi-win/finger: finger other users, may be other commands?. + /cgi-perl/finger: finger other users, may be other commands?. + /cgi-915/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi-bin/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgibin/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgis/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi-exe/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi-perl/gm-authors.cgi: GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi-915/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file. + /cgi-bin/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file. + /cgibin/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file. + /fcgi-bin/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file. + /cgi-exe/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file. + /scgi-bin/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file. + /cgi-bin-sdb/guestbook/passwd: GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file. + /webcgi/photo/protected/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems. + /cgi-915/photo/protected/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems. + /cgi-exe/photo/protected/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems. + /cgi-bin/wrap.cgi: Allows viewing of directories. + /cgibin/wrap.cgi: Allows viewing of directories. + /cgis/wrap.cgi: Allows viewing of directories. + /scripts/wrap.cgi: Allows viewing of directories. + /cgi-exe/wrap.cgi: Allows viewing of directories. + /cgi-mod/wrap.cgi: Allows viewing of directories. + /forums//administrator/config.php: PHP Config file may contain database IDs and passwords. + /help/: Help directory should not be accessible. + /hola/admin/cms/htmltags.php?datei=./sec/data.php: hola-cms-1.2.9-10 may reveal the administrator ID and password. See: https://vulners.com/exploitdb/EDB-ID:23027 + /inc/common.load.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1253 + /cgi/html2chtml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more. + /cgi-bin/html2chtml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more. + /cgibin/html2chtml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more. + /scripts/html2chtml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more. + /cgi-win/html2chtml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more. + /cgi-exe/html2chtml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more. + /scgi-bin/html2chtml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more. + /cgi-mod/html2chtml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more. + /cgi-bin/html2wml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more. + /cgi-win/html2wml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more. + /cgi-exe/html2wml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more. + /cgi-perl/html2wml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more. + /cgi-bin-sdb/html2wml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more. + /cgi-mod/html2wml.cgi: Html2Wml < 0.4.8 access local files via CGI, and more. + /cgi-915/echo.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands. + /cgi/echo.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands. + /cgi-bin/echo.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands. + /cgibin/echo.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands. + /fcgi-bin/echo.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands. + /scgi-bin/echo.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands. + /cgi-mod/echo.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands. + /webcgi/guestbook.cgi: May allow attackers to execute commands as the web daemon. + /cgi/guestbook.cgi: May allow attackers to execute commands as the web daemon. + /cgi-bin/guestbook.cgi: May allow attackers to execute commands as the web daemon. + /cgibin/guestbook.cgi: May allow attackers to execute commands as the web daemon. + /cgis/guestbook.cgi: May allow attackers to execute commands as the web daemon. + /scripts/guestbook.cgi: May allow attackers to execute commands as the web daemon. + /cgi-win/guestbook.cgi: May allow attackers to execute commands as the web daemon. + /fcgi-bin/guestbook.cgi: May allow attackers to execute commands as the web daemon. + /cgi-915/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory. + /cgi/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory. + /cgis/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory. + /scripts/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory. + /cgi-win/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory. + /fcgi-bin/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory. + /cgi-perl/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory. + /scgi-bin/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory. + /cgi-mod/ss: Mediahouse Statistics Server may allow attackers to execute remote commands. Upgrade to the latest version or remove from the CGI directory. + /geeklog/users.php: Geeklog prior to 1.3.8-1sr2 contains a SQL injection vulnerability that lets a remote attacker reset admin password. See: https://vulners.com/osvdb/OSVDB:2703 + /gb/index.php?login=true: gBook may allow admin login by setting the value 'login' equal to 'true'. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1560 + /webcgi/gH.cgi: Web backdoor by gH. + /cgi-915/gH.cgi: Web backdoor by gH. + /cgi/gH.cgi: Web backdoor by gH. + /cgibin/gH.cgi: Web backdoor by gH. + /scripts/gH.cgi: Web backdoor by gH. + /cgi-exe/gH.cgi: Web backdoor by gH. + /cgi-perl/gH.cgi: Web backdoor by gH. + /scgi-bin/gH.cgi: Web backdoor by gH. + /cgi-bin-sdb/gH.cgi: Web backdoor by gH. + /webcgi/gm-cplog.cgi: GreyMatter log file defaults to mode 666 and contains login and passwords used to update the GM site. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi-915/gm-cplog.cgi: GreyMatter log file defaults to mode 666 and contains login and passwords used to update the GM site. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi-bin/gm-cplog.cgi: GreyMatter log file defaults to mode 666 and contains login and passwords used to update the GM site. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi-exe/gm-cplog.cgi: GreyMatter log file defaults to mode 666 and contains login and passwords used to update the GM site. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi-bin-sdb/gm-cplog.cgi: GreyMatter log file defaults to mode 666 and contains login and passwords used to update the GM site. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /getaccess: This may be an indication that the server is running getAccess for SSO. + /webcgi/gm.cgi: GreyMatter blogger may reveal user IDs/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi-915/gm.cgi: GreyMatter blogger may reveal user IDs/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi/gm.cgi: GreyMatter blogger may reveal user IDs/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi-bin/gm.cgi: GreyMatter blogger may reveal user IDs/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgis/gm.cgi: GreyMatter blogger may reveal user IDs/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /fcgi-bin/gm.cgi: GreyMatter blogger may reveal user IDs/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi-exe/gm.cgi: GreyMatter blogger may reveal user IDs/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi-perl/gm.cgi: GreyMatter blogger may reveal user IDs/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi-mod/gm.cgi: GreyMatter blogger may reveal user IDs/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0324 http://www.attrition.org/~jericho/works/security/greymatter.html + /cgi-915/AT-admin.cgi: Admin interface. + /cgi/AT-admin.cgi: Admin interface. + /cgibin/AT-admin.cgi: Admin interface. + /cgis/AT-admin.cgi: Admin interface. + /scripts/AT-admin.cgi: Admin interface. + /cgi-win/AT-admin.cgi: Admin interface. + /fcgi-bin/AT-admin.cgi: Admin interface. + /cgi-bin-sdb/AT-admin.cgi: Admin interface. + /cgi-mod/AT-admin.cgi: Admin interface. + /webcgi/mt-static/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules. + /cgis/mt-static/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules. + /cgi-win/mt-static/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules. + /fcgi-bin/mt-static/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules. + /cgi-perl/mt-static/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules. + /scgi-bin/mt-static/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules. + /cgis/mt/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules. + /cgi-win/mt/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules. + /fcgi-bin/mt/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules. + /cgi-exe/mt/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules. + /scgi-bin/mt/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules. + /cgi-bin-sdb/mt/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules. + /cgi-mod/mt/mt-check.cgi: Movable Type weblog diagnostic script found. Reveals docroot path, operating system, Perl version, and modules. + /cgi-915/banner.cgi: This CGI may allow attackers to read any file on the system. + /cgi/banner.cgi: This CGI may allow attackers to read any file on the system. + /cgi-bin/banner.cgi: This CGI may allow attackers to read any file on the system. + /cgis/banner.cgi: This CGI may allow attackers to read any file on the system. + /fcgi-bin/banner.cgi: This CGI may allow attackers to read any file on the system. + /cgi-perl/banner.cgi: This CGI may allow attackers to read any file on the system. + /cgi-bin-sdb/banner.cgi: This CGI may allow attackers to read any file on the system. + /cgi-mod/banner.cgi: This CGI may allow attackers to read any file on the system. + /cgi-bin/bannereditor.cgi: This CGI may allow attackers to read any file on the system. + /cgibin/bannereditor.cgi: This CGI may allow attackers to read any file on the system. + /cgis/bannereditor.cgi: This CGI may allow attackers to read any file on the system. + /scgi-bin/bannereditor.cgi: This CGI may allow attackers to read any file on the system. + /cgi-mod/bannereditor.cgi: This CGI may allow attackers to read any file on the system. + /cgi-915/bizdb1-search.cgi: This CGI may allow attackers to execute commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0287 + /cgibin/bizdb1-search.cgi: This CGI may allow attackers to execute commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0287 + /scripts/bizdb1-search.cgi: This CGI may allow attackers to execute commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0287 + /fcgi-bin/bizdb1-search.cgi: This CGI may allow attackers to execute commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0287 + /cgi-exe/bizdb1-search.cgi: This CGI may allow attackers to execute commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0287 + /cgi-perl/bizdb1-search.cgi: This CGI may allow attackers to execute commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0287 + /cgi-bin-sdb/bizdb1-search.cgi: This CGI may allow attackers to execute commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0287 + /cgi-mod/bizdb1-search.cgi: This CGI may allow attackers to execute commands remotely. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0287 + /webcgi/blog/: A blog was found. May contain security problems in CGIs, weak passwords, and more. + /cgi-915/blog/: A blog was found. May contain security problems in CGIs, weak passwords, and more. + /cgi/blog/: A blog was found. May contain security problems in CGIs, weak passwords, and more. + /cgi-bin/blog/: A blog was found. May contain security problems in CGIs, weak passwords, and more. + /cgibin/blog/: A blog was found. May contain security problems in CGIs, weak passwords, and more. + /cgi-bin-sdb/blog/: A blog was found. May contain security problems in CGIs, weak passwords, and more. + /cgi-mod/blog/: A blog was found. May contain security problems in CGIs, weak passwords, and more. + /tsweb/: Microsoft TSAC found. See: https://web.archive.org/web/20040910030506/http://www.dslwebserver.com/main/fr_index.html?/main/sbs-Terminal-Services-Advanced-Client-Configuration.html + /cgi-915/blog/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload. + /scripts/blog/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload. + /cgi-win/blog/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload. + /fcgi-bin/blog/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload. + /cgi-mod/blog/mt-load.cgi: Movable Type weblog installation CGI found. May be able to reconfigure or reload. + /vgn/performance/TMT: Vignette CMS admin/maintenance script available. + /vgn/ppstats: Vignette CMS admin/maintenance script available. + /scripts/iisadmin/ism.dll: Allows you to mount a brute force attack on passwords. + /bigconf.cgi: BigIP Configuration CGI. + /vgn/style: Vignette server may reveal system information through this file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0401 + /webcgi/moin.cgi?test: MoinMoin 1.1 and prior contain at least two XSS vulnerabilities. Version 1.0 and prior also contains a XSLT related vulnerability. See: http://moinmo.in/MoinMoinDownload + /cgi-915/moin.cgi?test: MoinMoin 1.1 and prior contain at least two XSS vulnerabilities. Version 1.0 and prior also contains a XSLT related vulnerability. See: http://moinmo.in/MoinMoinDownload + /cgibin/moin.cgi?test: MoinMoin 1.1 and prior contain at least two XSS vulnerabilities. Version 1.0 and prior also contains a XSLT related vulnerability. See: http://moinmo.in/MoinMoinDownload + /cgis/moin.cgi?test: MoinMoin 1.1 and prior contain at least two XSS vulnerabilities. Version 1.0 and prior also contains a XSLT related vulnerability. See: http://moinmo.in/MoinMoinDownload + /scripts/moin.cgi?test: MoinMoin 1.1 and prior contain at least two XSS vulnerabilities. Version 1.0 and prior also contains a XSLT related vulnerability. See: http://moinmo.in/MoinMoinDownload + /cgi-win/moin.cgi?test: MoinMoin 1.1 and prior contain at least two XSS vulnerabilities. Version 1.0 and prior also contains a XSLT related vulnerability. See: http://moinmo.in/MoinMoinDownload + /fcgi-bin/moin.cgi?test: MoinMoin 1.1 and prior contain at least two XSS vulnerabilities. Version 1.0 and prior also contains a XSLT related vulnerability. See: http://moinmo.in/MoinMoinDownload + /cgi-exe/moin.cgi?test: MoinMoin 1.1 and prior contain at least two XSS vulnerabilities. Version 1.0 and prior also contains a XSLT related vulnerability. See: http://moinmo.in/MoinMoinDownload + /cgi-bin-sdb/moin.cgi?test: MoinMoin 1.1 and prior contain at least two XSS vulnerabilities. Version 1.0 and prior also contains a XSLT related vulnerability. See: http://moinmo.in/MoinMoinDownload + /cgi-mod/moin.cgi?test: MoinMoin 1.1 and prior contain at least two XSS vulnerabilities. Version 1.0 and prior also contains a XSLT related vulnerability. See: http://moinmo.in/MoinMoinDownload + /bb-dnbd/faxsurvey: This may allow arbitrary command execution. + /scripts/tools/dsnform: Allows creation of ODBC Data Source. + /prd.i/pgen/: Has MS Merchant Server 1.0. + /readme.eml: Remote server may be infected with the Nimda virus. + /scripts/proxy/w3proxy.dll: MSProxy v1.0 installed. + /siteseed/: Siteseed pre 1.4.2 have 'major' security problems. + /webcgi/astrocam.cgi: Astrocam 1.4.1 contained buffer overflow. Prior to 2.1.3 contained unspecified security bugs. See: http://www.securityfocus.com/bid/4684 + /cgi-bin/astrocam.cgi: Astrocam 1.4.1 contained buffer overflow. Prior to 2.1.3 contained unspecified security bugs. See: http://www.securityfocus.com/bid/4684 + /cgibin/astrocam.cgi: Astrocam 1.4.1 contained buffer overflow. Prior to 2.1.3 contained unspecified security bugs. See: http://www.securityfocus.com/bid/4684 + /scripts/astrocam.cgi: Astrocam 1.4.1 contained buffer overflow. Prior to 2.1.3 contained unspecified security bugs. See: http://www.securityfocus.com/bid/4684 + /cgi-win/astrocam.cgi: Astrocam 1.4.1 contained buffer overflow. Prior to 2.1.3 contained unspecified security bugs. See: http://www.securityfocus.com/bid/4684 + /fcgi-bin/astrocam.cgi: Astrocam 1.4.1 contained buffer overflow. Prior to 2.1.3 contained unspecified security bugs. See: http://www.securityfocus.com/bid/4684 + /cgi-exe/astrocam.cgi: Astrocam 1.4.1 contained buffer overflow. Prior to 2.1.3 contained unspecified security bugs. See: http://www.securityfocus.com/bid/4684 + /cgi-bin-sdb/astrocam.cgi: Astrocam 1.4.1 contained buffer overflow. Prior to 2.1.3 contained unspecified security bugs. See: http://www.securityfocus.com/bid/4684 + /cgi-mod/astrocam.cgi: Astrocam 1.4.1 contained buffer overflow. Prior to 2.1.3 contained unspecified security bugs. See: http://www.securityfocus.com/bid/4684 + /webcgi/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded. + /cgi-915/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded. + /cgi/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded. + /cgi-bin/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded. + /cgibin/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded. + /scripts/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded. + /cgi-win/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded. + /fcgi-bin/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded. + /cgi-exe/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded. + /cgi-perl/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded. + /scgi-bin/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded. + /cgi-bin-sdb/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded. + /cgi-mod/badmin.cgi: BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgraded. + /webcgi/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098 + /cgi/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098 + /cgibin/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098 + /scripts/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098 + /cgi-win/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098 + /cgi-exe/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098 + /scgi-bin/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098 + /cgi-bin-sdb/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098 + /cgi-mod/boozt/admin/index.cgi?section=5&input=1: Boozt CGI may have a buffer overflow. Upgrade to a version newer than 0.9.8alpha. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0098 + /webcgi/ezadmin.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgi/ezadmin.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgi-bin/ezadmin.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgibin/ezadmin.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgis/ezadmin.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgi-win/ezadmin.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgi-bin-sdb/ezadmin.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgi-mod/ezadmin.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgi-bin/ezboard.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgi-exe/ezboard.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgi-perl/ezboard.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /scgi-bin/ezboard.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgi-bin-sdb/ezboard.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgi/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /scripts/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgi-win/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /fcgi-bin/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgi-exe/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /cgi-bin-sdb/ezman.cgi: Some versions of this CGI are vulnerable to a buffer overflow. + /webcgi/foxweb.dll: Foxweb 2.5 and below is vulnerable to a buffer overflow (not tested or confirmed). Verify Foxweb is the latest available version. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0762 + /cgi-915/foxweb.dll: Foxweb 2.5 and below is vulnerable to a buffer overflow (not tested or confirmed). Verify Foxweb is the latest available version. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0762 + /cgi/foxweb.dll: Foxweb 2.5 and below is vulnerable to a buffer overflow (not tested or confirmed). Verify Foxweb is the latest available version. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0762 + /cgi-exe/foxweb.dll: Foxweb 2.5 and below is vulnerable to a buffer overflow (not tested or confirmed). Verify Foxweb is the latest available version. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0762 + /webcgi/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x. + /cgi-bin/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x. + /cgibin/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x. + /cgi-exe/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x. + /cgi-perl/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x. + /scgi-bin/mgrqcgi: This CGI from Magic Enterprise 8.30-5 and earlier is vulnerable to multiple buffer overflows. Upgrade to 9.x. + /cgi-bin/wconsole.dll: It may be possible to overflow this dll with 1024 bytes of data. + /cgis/wconsole.dll: It may be possible to overflow this dll with 1024 bytes of data. + /scripts/wconsole.dll: It may be possible to overflow this dll with 1024 bytes of data. + /cgi-win/wconsole.dll: It may be possible to overflow this dll with 1024 bytes of data. + /fcgi-bin/wconsole.dll: It may be possible to overflow this dll with 1024 bytes of data. + /cgi-exe/wconsole.dll: It may be possible to overflow this dll with 1024 bytes of data. + /pafiledb/includes/team/file.php: paFileDB 3.1 and below may allow file upload without authentication. + /phpEventCalendar/file_upload.php: phpEventCalendar 1.1 and prior are vulnerable to file upload bug. + /servlet/com.unify.servletexec.UploadServlet: This servlet allows attackers to upload files to the server. + /scripts/cpshost.dll: Posting acceptor possibly allows you to upload files. + /basilix/compose-attach.php3: BasiliX webmail application prior to 1.1.1 contains a non-descript security vulnerability in compose-attach.php3 related to attachment uploads. + /server/: Possibly Macromedia JRun or CRX WebDAV upload. + /vgn/ac/data: Vignette CMS admin/maintenance script available. + /vgn/ac/delete: Vignette CMS admin/maintenance script available. + /vgn/ac/edit: Vignette CMS admin/maintenance script available. + /vgn/ac/esave: Vignette CMS admin/maintenance script available. + /vgn/ac/fsave: Vignette CMS admin/maintenance script available. + /vgn/ac/index: Vignette CMS admin/maintenance script available. + /vgn/asp/previewer: Vignette CMS admin/maintenance script available. + /vgn/asp/style: Vignette CMS admin/maintenance script available. + /vgn/errors: Vignette CMS admin/maintenance script available. + /vgn/jsp/errorpage: Vignette CMS admin/maintenance script available. + /vgn/jsp/jspstatus: Vignette CMS admin/maintenance script available. + /vgn/jsp/jspstatus56: Vignette CMS admin/maintenance script available. + /vgn/jsp/metadataupdate: Vignette CMS admin/maintenance script available. + /vgn/legacy/edit: Vignette CMS admin/maintenance script available. + /webcgi/.cobalt: May allow remote admin of CGI scripts. + /cgi/.cobalt: May allow remote admin of CGI scripts. + /cgibin/.cobalt: May allow remote admin of CGI scripts. + /cgis/.cobalt: May allow remote admin of CGI scripts. + /fcgi-bin/.cobalt: May allow remote admin of CGI scripts. + /cgi-bin-sdb/.cobalt: May allow remote admin of CGI scripts. + /cgi-mod/.cobalt: May allow remote admin of CGI scripts. + /adm/config.php: PHP Config file may contain database IDs and passwords. + /webcgi/.access: Contains authorization information. + /cgi-915/.access: Contains authorization information. + /scripts/.access: Contains authorization information. + /fcgi-bin/.access: Contains authorization information. + /cgi-bin-sdb/.access: Contains authorization information. + /cgi-mod/.access: Contains authorization information. + /simplebbs/users/users.php: Simple BBS 1.0.6 allows user information and passwords to be viewed remotely. See: https://www.webhostingtalk.nl/bugtraq-mailing-lijst/23898-simplebbs-1-0-6-default-permissions-vuln.html + /typo3conf/: This may contain sensitive TYPO3 files. + /typo/typo3conf/: This may contain sensitive TYPO3 files. + /cms/typo3conf/localconf.php: TYPO3 config file found. + /jamdb/: JamDB pre 0.9.2 mp3.php and image.php can allow user to read arbitrary file out of docroot. + /cgi/cgiproc?: It may be possible to crash Nortel Contivity VxWorks by requesting '/cgi/cgiproc?$' (not attempted!). Upgrade to version 2.60 or later. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0063 + /webcgi/addbanner.cgi: This CGI may allow attackers to read any file on the system. + /cgi/addbanner.cgi: This CGI may allow attackers to read any file on the system. + /cgibin/addbanner.cgi: This CGI may allow attackers to read any file on the system. + /cgi-win/addbanner.cgi: This CGI may allow attackers to read any file on the system. + /cgi-exe/addbanner.cgi: This CGI may allow attackers to read any file on the system. + /cgi-perl/addbanner.cgi: This CGI may allow attackers to read any file on the system. + /scgi-bin/addbanner.cgi: This CGI may allow attackers to read any file on the system. + /webcgi/shtml.dll: This may allow attackers to retrieve document source. + /cgi-915/shtml.dll: This may allow attackers to retrieve document source. + /cgi-win/shtml.dll: This may allow attackers to retrieve document source. + /scgi-bin/shtml.dll: This may allow attackers to retrieve document source. + /cgi-mod/shtml.dll: This may allow attackers to retrieve document source. + /cgibin/aglimpse.cgi: This CGI may allow attackers to execute remote commands. + /cgi-win/aglimpse.cgi: This CGI may allow attackers to execute remote commands. + /cgi-exe/aglimpse.cgi: This CGI may allow attackers to execute remote commands. + /cgi-perl/aglimpse.cgi: This CGI may allow attackers to execute remote commands. + /scgi-bin/aglimpse.cgi: This CGI may allow attackers to execute remote commands. + /cgi-bin-sdb/aglimpse.cgi: This CGI may allow attackers to execute remote commands. + /cgi-mod/aglimpse.cgi: This CGI may allow attackers to execute remote commands. + /cgi-bin/aglimpse: This CGI may allow attackers to execute remote commands. + /cgibin/aglimpse: This CGI may allow attackers to execute remote commands. + /cgis/aglimpse: This CGI may allow attackers to execute remote commands. + /scripts/aglimpse: This CGI may allow attackers to execute remote commands. + /cgi-exe/aglimpse: This CGI may allow attackers to execute remote commands. + /cgi-bin-sdb/aglimpse: This CGI may allow attackers to execute remote commands. + /cgi-bin/architext_query.cgi: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands. + /scripts/architext_query.cgi: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands. + /cgi-win/architext_query.cgi: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands. + /cgi-exe/architext_query.cgi: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands. + /scgi-bin/architext_query.cgi: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands. + /cgi-mod/architext_query.cgi: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands. + /servlets/SchedulerTransfer: PeopleSoft SchedulerTransfer servlet found, which may allow remote command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0104 + /webcgi/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands. + /cgi/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands. + /cgibin/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands. + /cgis/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands. + /fcgi-bin/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands. + /cgi-exe/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands. + /cgi-perl/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands. + /scgi-bin/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands. + /cgi-bin-sdb/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands. + /cgi-mod/cmd.exe?/c+dir: cmd.exe can execute arbitrary commands. + /cgi-915/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands. + /cgi/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands. + /cgi-bin/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands. + /cgis/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands. + /scgi-bin/cmd1.exe?/c+dir: cmd1.exe can execute arbitrary commands. + /webcgi/hello.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands. + /cgi-915/hello.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands. + /cgi/hello.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands. + /cgi-bin/hello.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands. + /cgibin/hello.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands. + /scripts/hello.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands. + /fcgi-bin/hello.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands. + /cgi-exe/hello.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands. + /scgi-bin/hello.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands. + /cgi-bin-sdb/hello.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands. + /cgi-mod/hello.bat?&dir+c:\\: This batch file may allow attackers to execute remote commands. + /webcgi/post32.exe|dir%20c:\\: post32 can execute arbitrary commands. + /cgi-915/post32.exe|dir%20c:\\: post32 can execute arbitrary commands. + /cgi-bin/post32.exe|dir%20c:\\: post32 can execute arbitrary commands. + /cgis/post32.exe|dir%20c:\\: post32 can execute arbitrary commands. + /cgi-win/post32.exe|dir%20c:\\: post32 can execute arbitrary commands. + /fcgi-bin/post32.exe|dir%20c:\\: post32 can execute arbitrary commands. + /cgi-exe/post32.exe|dir%20c:\\: post32 can execute arbitrary commands. + /cgi-perl/post32.exe|dir%20c:\\: post32 can execute arbitrary commands. + /scgi-bin/post32.exe|dir%20c:\\: post32 can execute arbitrary commands. + /cgi-mod/post32.exe|dir%20c:\\: post32 can execute arbitrary commands. + /quikstore.cgi: A shopping cart. + /securecontrolpanel/: Web Server Control Panel. + /siteminder: This may be an indication that the server is running Siteminder for SSO. + /webmail/: Web based mail package installed. + /nsn/..%5Cutil/attrib.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server. + /nsn/..%5Cutil/copy.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server. + /nsn/..%5Cutil/glist.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server. + /nsn/..%5Cutil/lancard.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server. + /nsn/..%5Cutil/ren.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server. + /nsn/..%5Cutil/set.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server. + /nsn/..%5Cutil/slist.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server. + /nsn/..%5Cutil/type.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server. + /nsn/..%5Cwebdemo/fdir.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server. + /webcgi/archie: Gateway to the unix command, may be able to submit extra commands. + /cgi/archie: Gateway to the unix command, may be able to submit extra commands. + /cgi-bin/archie: Gateway to the unix command, may be able to submit extra commands. + /cgibin/archie: Gateway to the unix command, may be able to submit extra commands. + /cgis/archie: Gateway to the unix command, may be able to submit extra commands. + /scripts/archie: Gateway to the unix command, may be able to submit extra commands. + /fcgi-bin/archie: Gateway to the unix command, may be able to submit extra commands. + /cgi-mod/archie: Gateway to the unix command, may be able to submit extra commands. + /cgi/calendar: Gateway to the unix command, may be able to submit extra commands. + /cgi-bin/calendar: Gateway to the unix command, may be able to submit extra commands. + /cgibin/calendar: Gateway to the unix command, may be able to submit extra commands. + /cgis/calendar: Gateway to the unix command, may be able to submit extra commands. + /cgi-win/calendar: Gateway to the unix command, may be able to submit extra commands. + /fcgi-bin/calendar: Gateway to the unix command, may be able to submit extra commands. + /cgi-perl/calendar: Gateway to the unix command, may be able to submit extra commands. + /scgi-bin/calendar: Gateway to the unix command, may be able to submit extra commands. + /cgi-bin-sdb/calendar: Gateway to the unix command, may be able to submit extra commands. + /cgibin/date: Gateway to the unix command, may be able to submit extra commands. + /scgi-bin/date: Gateway to the unix command, may be able to submit extra commands. + /cgi-mod/date: Gateway to the unix command, may be able to submit extra commands. + /webcgi/fortune: Gateway to the unix command, may be able to submit extra commands. + /cgi-915/fortune: Gateway to the unix command, may be able to submit extra commands. + /cgi/fortune: Gateway to the unix command, may be able to submit extra commands. + /cgi-bin/fortune: Gateway to the unix command, may be able to submit extra commands. + /cgis/fortune: Gateway to the unix command, may be able to submit extra commands. + /scripts/fortune: Gateway to the unix command, may be able to submit extra commands. + /cgi-win/fortune: Gateway to the unix command, may be able to submit extra commands. + /scgi-bin/fortune: Gateway to the unix command, may be able to submit extra commands. + /cgi-mod/fortune: Gateway to the unix command, may be able to submit extra commands. + /cgi-915/redirect: Redirects via URL from form. + /scripts/redirect: Redirects via URL from form. + /fcgi-bin/redirect: Redirects via URL from form. + /cgi-perl/redirect: Redirects via URL from form. + /cgi-mod/redirect: Redirects via URL from form. + /webcgi/uptime: Gateway to the unix command, may be able to submit extra commands. + /cgi-915/uptime: Gateway to the unix command, may be able to submit extra commands. + /cgi/uptime: Gateway to the unix command, may be able to submit extra commands. + /cgi-bin/uptime: Gateway to the unix command, may be able to submit extra commands. + /cgibin/uptime: Gateway to the unix command, may be able to submit extra commands. + /cgis/uptime: Gateway to the unix command, may be able to submit extra commands. + /cgi-perl/uptime: Gateway to the unix command, may be able to submit extra commands. + /cgi-bin-sdb/uptime: Gateway to the unix command, may be able to submit extra commands. + /cgi-mod/uptime: Gateway to the unix command, may be able to submit extra commands. + /LOGIN.PWD: MIPCD password file with unencrypted passwords. MIPDCD should not have the web interface enabled. + /USER/CONFIG.AP: MIPCD configuration information. MIPCD should not have the web interface enabled. + /cgi-915/mail: Simple Perl mailing script to send form data to a pre-configured email address. + /cgi/mail: Simple Perl mailing script to send form data to a pre-configured email address. + /cgibin/mail: Simple Perl mailing script to send form data to a pre-configured email address. + /cgi-exe/mail: Simple Perl mailing script to send form data to a pre-configured email address. + /cgi-bin-sdb/mail: Simple Perl mailing script to send form data to a pre-configured email address. + /cgi-915/query: Echoes back result of your GET. + /cgi/query: Echoes back result of your GET. + /cgis/query: Echoes back result of your GET. + /scripts/query: Echoes back result of your GET. + /fcgi-bin/query: Echoes back result of your GET. + /cgi-exe/query: Echoes back result of your GET. + /cgi-perl/query: Echoes back result of your GET. + /scgi-bin/query: Echoes back result of your GET. + /webcgi/test-env: May echo environment variables or give directory listings. + /cgi-915/test-env: May echo environment variables or give directory listings. + /cgi/test-env: May echo environment variables or give directory listings. + /cgis/test-env: May echo environment variables or give directory listings. + /fcgi-bin/test-env: May echo environment variables or give directory listings. + /cgi-perl/test-env: May echo environment variables or give directory listings. + /cgi-mod/test-env: May echo environment variables or give directory listings. + /admin-serv/config/admpw: This file contains the encrypted Netscape admin password. It should not be accessible via the web. + /tree: WASD Server reveals the entire web root structure and files via this URL. Upgrade to a later version and secure according to the documents on the WASD web site. + /contents/extensions/asp/1: The IIS system may be vulnerable to a DOS. See: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/MS02-018 + /WebAdmin.dll?View=Logon: Some versions of WebAdmin are vulnerable to a remote DoS (not tested). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1247 + /webcgi/snorkerz.bat: Arguments passed to DOS CGI without checking. + /cgi/snorkerz.bat: Arguments passed to DOS CGI without checking. + /cgi-bin/snorkerz.bat: Arguments passed to DOS CGI without checking. + /scripts/snorkerz.bat: Arguments passed to DOS CGI without checking. + /cgi-exe/snorkerz.bat: Arguments passed to DOS CGI without checking. + /cgi-perl/snorkerz.bat: Arguments passed to DOS CGI without checking. + /scgi-bin/snorkerz.bat: Arguments passed to DOS CGI without checking. + /cgi-bin-sdb/snorkerz.bat: Arguments passed to DOS CGI without checking. + /webcgi/snorkerz.cmd: Arguments passed to DOS CGI without checking. + /cgi/snorkerz.cmd: Arguments passed to DOS CGI without checking. + /cgi-bin/snorkerz.cmd: Arguments passed to DOS CGI without checking. + /cgibin/snorkerz.cmd: Arguments passed to DOS CGI without checking. + /cgi-bin-sdb/snorkerz.cmd: Arguments passed to DOS CGI without checking. + /cgi/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756 + /cgi-bin/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756 + /cgibin/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756 + /cgis/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756 + /scripts/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756 + /cgi-win/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756 + /fcgi-bin/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756 + /cgi-exe/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756 + /scgi-bin/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756 + /cgi-bin-sdb/sbcgi/sitebuilder.cgi: SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0756 + /postnuke/My_eGallery/public/displayCategory.php: My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6795 + /postnuke/html/My_eGallery/public/displayCategory.php: My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6795 + /modules/My_eGallery/public/displayCategory.php: My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6795 + /webcgi/classifieds/index.cgi: My Classifieds pre 2.12 is vulnerable to SQL injection attacks. + /cgibin/classifieds/index.cgi: My Classifieds pre 2.12 is vulnerable to SQL injection attacks. + /cgis/classifieds/index.cgi: My Classifieds pre 2.12 is vulnerable to SQL injection attacks. + /scripts/classifieds/index.cgi: My Classifieds pre 2.12 is vulnerable to SQL injection attacks. + /cgi-win/classifieds/index.cgi: My Classifieds pre 2.12 is vulnerable to SQL injection attacks. + /fcgi-bin/classifieds/index.cgi: My Classifieds pre 2.12 is vulnerable to SQL injection attacks. + /cgi-perl/classifieds/index.cgi: My Classifieds pre 2.12 is vulnerable to SQL injection attacks. + /cgi-mod/classifieds/index.cgi: My Classifieds pre 2.12 is vulnerable to SQL injection attacks. + Scan terminated: 0 error(s) and 537 item(s) reported on remote host + End Time: 2025-01-06 12:32:30 (GMT-5) (61 seconds) --------------------------------------------------------------------------- + 1 host(s) tested