CGI abuses Family for Nessus

ID	Name	Severity
25199	Thyme event_view.php eid Parameter SQL Injection	high
25170	Advanced Guestbook index.php lang Cookie Parameter Path Disclosure	medium
25169	RunCMS < 1.5.3 debug_show.php Multiple Vulnerabilities	high
25159	PHP < 4.4.7 / 5.2.2 Multiple Vulnerabilities	high
25117	XAMPP ADOdb mssql_connect Remote Buffer Overflow	high
25116	myGallery mygallerybrowser.php 'myPath' Parameter Remote File Inclusion	high
25090	Plesk Multiple Script locale_id Parameter Traversal Arbitrary File Access	medium
25088	WebSpeed Workshop Arbitrary Command Execution	high
25087	WebSpeed Development Mode Check	high
24999	XOOPS Jobs Module index.php cid Parameter SQL Injection	high
24910	TestDirector (TD) for Mercury Quality Center SPIDERLib.Loader ActiveX Control (Spider90.ocx) ProgColor Property Overflow (2)	high
24908	XOOPS WF-Section Module print.php articleid Parameter SQL Injection	high
24907	PHP < 5.2.1 Multiple Vulnerabilities	high
24906	PHP < 4.4.5 Multiple Vulnerabilities	high
24902	XOOPS Articles Module print.php id Parameter SQL Injection	high
24900	TYPOlight < 2.2.5 Unspecified Vulnerability	high
24899	RWCards Component for Joomla! 'category_id' Parameter SQLi	medium
24874	Moodle 'moodledata/sessions' Session Files Remote Information Disclosure	medium
24864	Webapp.org WebAPP < 0.9.9.6 Multiple Vulnerabilities	high
24813	Apache mod_jk Long URL Worker Map Stack Remote Overflow	high
24784	LedgerSMB / SQL-Ledger admin.pl Admin Authentication Bypass	high
24783	LedgerSMB / SQL-Ledger file Parameter Multiple Vulnerabilities	high
24780	WebCalendar includes/functions.php noSet Variable Overwrite	high
24756	Symantec Mail Security for SMTP Admin Center Default Credentials	high
24759	WordPress < 2.1.1 Multiple Script Backdoors	high
24746	getID3 < 1.7.8-b1 Multiple Remote Vulnerabilities	high
24743	OrangeHRM login.php txtUserName Parameter SQL Injection	high
24726	SQLiteManager SQLiteManager_currentTheme Cookie Traversal Local File Inclusion	medium
24713	Pagesetter for PostNuke index.php id Parameter Traversal Arbitrary File Access	medium
24711	DokuWiki Detection	info
24698	ZPanel 2.0 Multiple Script Remote File Inclusion	high
24690	Trend Micro ServerProtect for Linux splx_2376_info Cookie Authentication Bypass	high
24672	phpMyFAQ < 1.6.10 Multiple Script Arbitrary File Upload	medium
24669	Plain Old Webserver URI Traversal Arbitrary File Access	medium
24356	LifeType rss.php profile Parameter Traversal Arbitrary File Access	medium
24345	MailEnable Web Mail Client Multiple Vulnerabilities (XSS, CSRF)	medium
24322	DevTrack Web Service UserName Field SQL Injection	high
24284	Advanced Poll admin/index.php Session Identifier Replay Authentication Bypass	high
24283	ColdFusion / JRun on IIS Double Encoded NULL Byte Request File Content Disclosure	medium
24267	ExoPHPDesk faq.php id Parameter SQL Injection	medium
24266	Drupal Comment Module comment_form_add_preview() Function Arbitrary Code Execution	medium
24265	Drupal Comment Function Arbitrary Code Execution	medium
24264	Drupal Multiple Module $_SESSION Manipulation CAPTCHA Bypass	medium
24263	CVSTrac Text Output Formatter SQL Injection DoS	medium
24262	LedgerSMB / SQL-Ledger login.pl script Parameter Arbitrary Perl Code Execution	high
24261	PHProxy Detection	info
24237	WordPress Pingback File Information Disclosure	medium
24235	Website Baker REMEMBER_KEY Cookie SQL Injection	medium
24228	Oreon lang/index.php file Parameter Remote File Inclusion	high
24223	WoltLab Burning Board search.php Multiple Parameter SQL Injection	high

Detections

Analytics

CGI abuses Family for Nessus

high

medium

high

high

high

high

medium

high

high

high

high

high

high

high

high

high

medium

medium

high

high

high

high

high

high

high

high

high

medium

medium

info

high

high

medium

medium

medium

medium

high

high

medium

medium

medium

medium

medium

medium

high

info

medium

medium

high

high