CGI abuses Family for Nessus

ID	Name	Severity
12074	TalentSoft Web+ webplus.exe Path Disclosure	medium
12068	X-News Password MD5 Hash Authentication Bypass	high
12064	ShopCartCGI Multiple Script Traversal Arbitrary File Access	medium
12062	Ecommerce Corp. Online Store Kit 3.0 Multiple Vulnerabilities	high
12059	SandSurfer < 1.7.0 User Authentication Bypass	high
12043	BEA WebLogic config.xml Operator/Admin Password Disclosure	medium
12042	ReviewPost PHP Pro Multiple Script SQL Injections	high
12041	phpMyAdmin export.php what Parameter Traversal Arbitrary File Access	medium
12040	Qualiteam X-Cart Multiple Script perl_binary Parameter Arbitrary Command Execution	critical
12038	Photopost PHP Pro photo Parameter SQL Injection	high
12035	PJ CGI Neo PJreview_Neo.cgi p Parameter Traversal Arbitrary File Access	medium
12034	phpGedView Arbitrary File Access / Remote File Inclusion	high
12033	Leif Wright Web Blog blog.cgi ViewFile Request file Parameter Arbitrary Command Execution	high
12032	JBrowser _admin/ Direct Request Admin Authentication Bypass	high
12031	Aprox PHP Portal index.php Arbitrary File View	medium
12030	Gallery HTTP Global Variables File Inclusion	medium
12026	PHPix index.phtml Multiple Parameter Arbitrary Command Execution	high
12025	Mambo mod_mainmenu.php mosConfig_absolute_path Parameter Remote File Inclusion	high
12020	XTreme ASP Photo Gallery adminlogin.asp Multiple Parameter SQL Injection	high
12008	PhpDig config.php relative_script_path Parameter Remote File Inclusion	high
11981	vBulletin calendar.php eventid Parameter SQL Injection	high
11979	HotNews Multiple Script Remote File Inclusion	high
11976	EasyDynamicPages Multiple Script edp_relative_path Parameter Remote File Inclusion	high
11975	QuikStore Shopping Cart quikstore.cgi template Parameter Traversal Arbitrary File Access	medium
11973	BulletScript MailList bsml.pl Information Disclosure	medium
11969	PHPCatalog id Parameter SQL Injection	high
11966	PHP-Ping php-ping.php count Parameter Arbitrary Command Execution	high
11954	SGDynamo sgdynamo.exe HTNAME Parameter Path Disclosure	medium
11942	VP-ASP shopsearch SQL Injection	medium
11940	CuteNews Debug Info Disclosure	medium
11939	Foxweb foxweb.exe / foxweb.dll Long URL Remote Overflow	high
11938	phpBB < 2.0.7 Multiple Script SQL Injection	high
11931	My_eGallery < 3.1.1g Remote File Inclusion	high
11917	Bugzilla < 2.16.4 / 2.17.5 Multiple Vulnerabilities (SQLi, ID)	medium
11914	TheServer server.ini Direct Request Plaintext Credentials Disclosure	medium
11911	Les Visiteurs Multiple Remote File Inclusion	high
11877	myPHPcalendar Multiple Scripts cal_dir Parameter Remote File Inclusion	high
11876	Gallery index.php GALLERY_BASEDIR Parameter Remote File Inclusion	high
11872	Microsoft IIS ODBC Tool getdrvrs.exe DSN Creation	high
11866	WordPress 'blog.header.php' Multiple Parameter SQL Injection	high
11850	PHP < 4.3.3 Multiple Vulnerabilities	high
11836	myPHPNuke My_eGallery gallery/displayCategory.php basepath Parameter Remote File Inclusion	high
11833	EZsite Forum Discloses Passwords to Remote Users	medium
11824	myPHPNuke phptonuke.php filnavn Parameter Traversal Arbitrary File Access	medium
11817	Stellar Docs Malformed Query Path Disclosure	medium
11816	phpWebSite < 0.9.x Multiple Vulnerabilities	high
11807	PHP < 4.3.3 php_check_safe_mode_include_dir Function Safemode Bypass	medium
11806	paFileDB <= 3.1 Multiple Vulnerabilities (1)	high
11805	e107 db.php User Database Disclosure	medium
11799	ashNews 0.83 Multiple Vulnerabilities	high

Detections

Analytics

CGI abuses Family for Nessus

medium

high

medium

high

high

medium

high

medium

critical

high

medium

high

high

high

medium

medium

high

high

high

high

high

high

high

medium

medium

high

high

medium

medium

medium

high

high

high

medium

medium

high

high

high

high

high

high

high

medium

medium

medium

high

medium

high

medium

high