| Test ID |
Test Title |
Security Risk |
| 10776 |
Power Up Information Disclosure |
High |
| 10775 |
E-Shopping Cart Arbitrary Command Execution (WebDiscount) |
High |
| 10777 |
Zope ZClass permission mapping bug |
High |
| 10386 |
No 404 check |
Other |
| 10773 |
MacOS X Finder reveals contents of Apache Web files |
Medium |
| 10774 |
ShopPlus Arbitrary Command Execution |
High |
| 10772 |
PHP-Nuke copying files security vulnerability (admin.php) |
High |
| 10770 |
sglMerchant Information Disclosure Vulnerability |
High |
| 10769 |
Checks for listrec.pl |
High |
| 10765 |
SQLQHit Directory Stracture Disclosure |
Medium |
| 10756 |
MacOS X Finder reveals contents of Apache Web directories |
Medium |
| 10750 |
phpMyExplorer dir traversal |
High |
| 10739 |
Novell Web Server NDS Tree Browsing |
High |
| 10725 |
SIX Webboard's generate.cgi |
High |
| 10733 |
InterScan VirusWall Remote Configuration Vulnerability |
High |
| 10721 |
ncbook/book.cgi |
High |
| 10716 |
OmniPro httpd 2.08 scripts source full disclosure |
Medium |
| 10715 |
BEA WebLogic Scripts Server scripts Source Disclosure |
Medium |
| 10720 |
sdbsearch.cgi |
High |
| 10569 |
Zope Image updating Method |
High |
| 10447 |
Zope DocumentTemplate package problem |
High |
| 10327 |
Zeus shows the content of the cgi scripts |
High |
| 10512 |
YaBB |
High |
| 10321 |
wwwboard passwd.txt |
High |
| 10317 |
wrap |
Low |
| 10365 |
Windmail.exe allows any user to execute arbirary comands |
High |
| 10306 |
whois_raw |
Medium |
| 10616 |
webspirs.cgi |
High |
| 10304 |
WebSpeed remote configuration |
High |
| 10476 |
WebsitePro buffer overflow |
High |
| 10303 |
WebSite pro reveals the physical file path of web directories |
Low |
| 10301 |
websendmail |
High |
| 10373 |
TalentSoft Web+ version detection |
Low |
| 10367 |
TalentSoft Web+ Input Validation Bug Vulnerability |
Medium |
| 10300 |
webgais |
High |
| 10592 |
webdriver |
High |
| 10526 |
IIS : Directory listing through WebDAV |
Low |
| 10505 |
Directory listing through WebDAV |
Low |
| 10298 |
Webcart misconfiguration |
High |
| 10470 |
WebActive world readable log file |
Low |
| 10610 |
way-board |
High |
| 10295 |
OmniHTTPd visadmin exploit |
Medium |
| 10294 |
view_source |
High |
| 10645 |
ustorekeeper |
High |
| 10291 |
uploader.exe |
High |
| 10290 |
Upload cgi |
High |
| 10696 |
ttawebtop |
High |
| 10491 |
ASP/ASA source using Microsoft Translate f: bug |
High |
| 10282 |
test-cgi |
High |
| 10584 |
technote's main.cgi |
High |
| 10493 |
SWC Overflow |
High |
| 10503 |
Reading CGI script sources using /cgi-bin-sdb |
High |
| 10639 |
store.cgi |
High |
| 10349 |
sojourn.cgi |
High |
| 10253 |
Cobalt siteUserMod cgi |
High |
| 10252 |
Shells in /cgi-bin |
High |
| 10614 |
sendtemp.pl |
High |
| 10623 |
Savant original form CGI access |
High |
| 10514 |
Directory listing through Sambar's search.dll |
Low |
| 10711 |
Sambar webserver pagecount hole |
High |
| 10246 |
Sambar Web Server CGI scripts |
High |
| 10479 |
Roxen Server /%00/ bug |
High |
| 10478 |
Tomcat's snoop servlet gives too much information |
Low |
| 10207 |
Roxen counter module |
High |
| 10627 |
ROADS' search.pl |
High |
| 10649 |
processit |
Medium |
| 10188 |
printenv |
Medium |
| 10187 |
Cognos Powerplay WE Vulnerability |
Medium |
| 10459 |
Poll It v2.0 cgi |
High |
| 10181 |
PlusMail vulnerability |
High |
| 10574 |
PHPix directory traversal vulnerability |
High |
| 10701 |
php safemode |
High |
| 10655 |
PHP-Nuke' opendir |
High |
| 10630 |
PHP-Nuke security vulnerability (bb_smilies.php) |
Medium |
| 10535 |
php log |
High |
| 10628 |
php IMAP overflow |
High |
| 10513 |
php file upload |
High |
| 10670 |
PHP3 Physical Path Disclosure Vulnerability |
Low |
| 10177 |
php.cgi |
High |
| 10593 |
phorum's common.cgi |
High |
| 10176 |
phf |
High |
| 10174 |
pfdispaly |
High |
| 10173 |
perl interpreter can be launched as a CGI |
High |
| 10664 |
perlcal |
High |
| 10511 |
/perl directory browsable ? |
Low |
| 10611 |
pals-cgi |
High |
| 10477 |
Tomcat's /admin is world readable |
High |
| 10591 |
pagelog.cgi |
High |
| 10348 |
ows-bin |
High |
| 10613 |
Oracle XSQL Sample Application Vulnerability |
Low |
| 10165 |
nph-test-cgi |
High |
| 10164 |
nph-publish.cgi |
High |
| 10587 |
Check for dangerous Novell webserver default files |
High |
| 10586 |
news desk |
High |
| 10360 |
newdsn.exe check |
High |
| 10352 |
Netscape Server ?wp bug |
Medium |
| 10364 |
netscape publishingXpert 2 PSUser problem |
Medium |
| 10156 |
Netscape FastTrack 'get' |
Medium |
| 10468 |
Netscape Administration Server admin password |
Medium |
| 10153 |
Netscape Server ?PageServices bug |
Medium |
| 10494 |
Netauth |
High |
| 10665 |
tektronix's _ncl_items.shtml |
Low |
| 10516 |
multihtml cgi |
High |
| 10142 |
MS Personal WebServer ... |
High |
| 10357 |
RDS / MDAC Vulnerability (msadcs.dll) located |
High |
| 10356 |
Microsoft's Index server reveals ASP source code |
High |
| 10359 |
mkilog.exe check |
High |
| 10473 |
MiniVend Piped command |
High |
| 10641 |
mailnews.cgi |
High |
| 10566 |
mmstdod.cgi |
High |
| 10541 |
KW whois |
High |
| 10604 |
Allaire JRun Directory Listing |
Low |
| 10131 |
jj cgi |
High |
| 10128 |
infosrch.cgi |
High |
| 10127 |
info2www |
High |
| 10358 |
/iisadmin is world readable |
High |
| 10576 |
Check for dangerous IIS default files |
High |
| 10121 |
/scripts directory browsable |
Medium |
| 10370 |
IIS dangerous sample files |
High |
| 10372 |
/scripts/repost.asp |
High |
| 10120 |
IIS perl.exe problem |
Low |
| 10695 |
IIS .IDA ISAPI filter applied |
Medium |
| 10575 |
Check for IIS .cnf file leakage |
Other |
| 10537 |
IIS directory traversal |
High |
| 10671 |
IIS Remote Command Execution |
High |
| 10577 |
Check for bdir.htr files |
Other |
| 10371 |
/iisadmpwd/aexp2.htr |
High |
| 10492 |
IIS IDA/IDQ Path Disclosure |
Low |
| 10661 |
IIS 5 .printer ISAPI filter applied |
Low |
| 10115 |
idq.dll directory traversal |
High |
| 10112 |
icat |
Medium |
| 10484 |
Read any file thanks to ~nobody/ |
High |
| 10385 |
ht://Dig's htsearch reveals web server path |
Low |
| 10106 |
Htmlscript |
High |
| 10495 |
htgrep |
High |
| 10105 |
htdig |
Medium |
| 10602 |
hsx directory traversal |
High |
| 10606 |
HSWeb document path |
Low |
| 10101 |
Home Free search.cgi directory traversal |
High |
| 10100 |
Handler |
High |
| 10099 |
guestbook.pl |
High |
| 10098 |
guestbook.cgi |
High |
| 10095 |
glimpse |
High |
| 10405 |
shtml.exe reveals full path |
Low |
| 10467 |
ftp.pl shows the listing of any dir |
Medium |
| 10369 |
Microsoft Frontpage dvwssr.dll backdoor |
High |
| 10078 |
Microsoft Frontpage 'authors' exploits |
Medium |
| 10077 |
Microsoft Frontpage exploits |
High |
| 10076 |
formmail.pl |
High |
| 10071 |
Finger cgi |
High |
| 10067 |
Faxsurvey |
Medium |
| 10065 |
EZShopper 3.0 |
High |
| 10064 |
Excite for WebServers |
High |
| 10570 |
Unify eWave ServletExec 3.0C file upload |
High |
| 10609 |
empower cgi path |
Low |
| 10060 |
Dumpenv |
Low |
| 10058 |
Domino HTTP server exposes the set up of the filesystem |
Low |
| 10629 |
Lotus Domino administration databases |
Medium |
| 10056 |
/doc directory browsable ? |
High |
| 10518 |
/doc/packages directory browsable ? |
High |
| 10679 |
directory pro web traversal |
High |
| 10583 |
dcforum |
High |
| 10403 |
DBMan CGI server information leakage |
Medium |
| 10402 |
CVSWeb detection |
Low |
| 10465 |
CVSWeb 1.80 gives a shell to cvs commiters |
Medium |
| 10049 |
Count.cgi |
High |
| 10612 |
commerce.cgi |
High |
| 10444 |
JRun's viewsource.jsp |
High |
| 10041 |
Cobalt RaQ2 cgiwrap |
High |
| 10552 |
cgiforum |
High |
| 10039 |
/cgi-bin directory browsable ? |
Medium |
| 10037 |
CERN httpd problem |
Low |
| 10035 |
Campas |
High |
| 10506 |
calendar_admin.pl |
High |
| 10034 |
RedHat 6.0 cachemgr.cgi |
High |
| 10686 |
BroadVision Physical Path Disclosure Vulnerability |
Low |
| 10383 |
bizdb1-search.cgi located |
High |
| 10027 |
bigconf |
High |
| 10507 |
Sun's Java Web Server remote command execution |
High |
| 10460 |
bb-hostsvc.sh |
High |
| 10025 |
bb-hist.sh |
High |
| 10601 |
Basilix includes download |
Medium |
| 10023 |
bypass Axis Storpoint CD authentification |
High |
| 10638 |
auktion.cgi |
High |
| 10363 |
ASP source using %2e trick |
High |
| 10362 |
ASP source using ::$DATA trick |
High |
| 10480 |
Apache::ASP source.asp |
High |
| 10704 |
Apache Directory Listing |
Low |
| 10644 |
anacondaclip |
High |
| 10016 |
AN-HTTPd tests CGIs |
High |
| 10015 |
AltaVista Intranet Search |
High |
| 10014 |
tst.bat |
High |
| 10013 |
alibaba.pl |
High |
| 10011 |
get32.exe |
High |
| 10669 |
A1Stats |
Medium |
| 10007 |
ShowCode possible |
High |
| 10004 |
IIS possible DoS using ExAir's search |
Medium |
| 10003 |
IIS possible DoS using ExAir's query |
Medium |
| 10002 |
IIS possible DoS using ExAir's advsearch |
Medium |
| 10001 |
ColdFusion Vulnerability |
High |
| 10521 |
Extent RBS ISP |
High |
| 10778 |
Unprotected SiteScope Service |
Other |
| 10475 |
Buffer overflow in WebSitePro webfind.exe |
High |
| 10297 |
Web server traversal |
High |
| 10416 |
Sambar /sysadmin directory 2 |
High |
| 10415 |
Sambar sendmail /session/sendmail |
High |
| 10417 |
Sambar /cgi-bin/mailit.pl installed ? |
High |
| 10340 |
rpm_query CGI |
Low |
| 10618 |
Pi3Web tstisap.dll overflow |
High |
| 10594 |
Oracle XSQL Stylesheet Vulnerability |
High |
| 10656 |
Resin traversal |
High |
| 10562 |
Master Index directory traversal vulnerability |
High |
| 10589 |
iPlanet Directory Server traversal |
High |
| 10075 |
FormHandler.cgi |
High |
| 10581 |
Cold Fusion Administration Page Overflow |
High |
| 10489 |
Analogx Web server traversal |
High |
| 10597 |
wwwwais |
High |
| 10299 |
webdist.cgi |
High |
| 10296 |
w3-msql overflow |
High |
| 10393 |
spin_client.cgi buffer overrun |
High |
| 10178 |
php.cgi buffer overrun |
High |
| 10564 |
IIS phonebook |
High |
| 10143 |
MSQL CGI overflow |
High |
| 10140 |
MediaHouse Statistic Server |
High |
| 10122 |
imagemap.exe |
High |
| 10376 |
htimage.exe overflow |
High |
| 10040 |
cgitest.exe buffer overrun |
High |
| 10650 |
VirusWall's catinfo overflow |
High |
| 10542 |
UltraSeek 3.1.x Remote DoS |
High |