CGI abuses Family for Nessus

ID	Name	Severity
12038	Photopost PHP Pro photo Parameter SQL Injection	high
12035	PJ CGI Neo PJreview_Neo.cgi p Parameter Traversal Arbitrary File Access	medium
12034	phpGedView Arbitrary File Access / Remote File Inclusion	high
12033	Leif Wright Web Blog blog.cgi ViewFile Request file Parameter Arbitrary Command Execution	high
12032	JBrowser _admin/ Direct Request Admin Authentication Bypass	high
12031	Aprox PHP Portal index.php Arbitrary File View	medium
12030	Gallery HTTP Global Variables File Inclusion	medium
12026	PHPix index.phtml Multiple Parameter Arbitrary Command Execution	high
12025	Mambo mod_mainmenu.php mosConfig_absolute_path Parameter Remote File Inclusion	high
12020	XTreme ASP Photo Gallery adminlogin.asp Multiple Parameter SQL Injection	high
12008	PhpDig config.php relative_script_path Parameter Remote File Inclusion	high
11981	vBulletin calendar.php eventid Parameter SQL Injection	high
11979	HotNews Multiple Script Remote File Inclusion	high
11976	EasyDynamicPages Multiple Script edp_relative_path Parameter Remote File Inclusion	high
11975	QuikStore Shopping Cart quikstore.cgi template Parameter Traversal Arbitrary File Access	medium
11973	BulletScript MailList bsml.pl Information Disclosure	medium
11969	PHPCatalog id Parameter SQL Injection	high
11966	PHP-Ping php-ping.php count Parameter Arbitrary Command Execution	high
11954	SGDynamo sgdynamo.exe HTNAME Parameter Path Disclosure	medium
11942	VP-ASP shopsearch SQL Injection	medium
11940	CuteNews Debug Info Disclosure	medium
11939	Foxweb foxweb.exe / foxweb.dll Long URL Remote Overflow	high
11938	phpBB < 2.0.7 Multiple Script SQL Injection	high
11931	My_eGallery < 3.1.1g Remote File Inclusion	high
11917	Bugzilla < 2.16.4 / 2.17.5 Multiple Vulnerabilities (SQLi, ID)	medium
11914	TheServer server.ini Direct Request Plaintext Credentials Disclosure	medium
11911	Les Visiteurs Multiple Remote File Inclusion	high
11877	myPHPcalendar Multiple Scripts cal_dir Parameter Remote File Inclusion	high
11876	Gallery index.php GALLERY_BASEDIR Parameter Remote File Inclusion	high
11872	Microsoft IIS ODBC Tool getdrvrs.exe DSN Creation	high
11866	WordPress 'blog.header.php' Multiple Parameter SQL Injection	high
11850	PHP < 4.3.3 Multiple Vulnerabilities	high
11836	myPHPNuke My_eGallery gallery/displayCategory.php basepath Parameter Remote File Inclusion	high
11833	EZsite Forum Discloses Passwords to Remote Users	medium
11824	myPHPNuke phptonuke.php filnavn Parameter Traversal Arbitrary File Access	medium
11817	Stellar Docs Malformed Query Path Disclosure	medium
11816	phpWebSite < 0.9.x Multiple Vulnerabilities	high
11807	PHP < 4.3.3 php_check_safe_mode_include_dir Function Safemode Bypass	medium
11806	paFileDB <= 3.1 Multiple Vulnerabilities (1)	high
11805	e107 db.php User Database Disclosure	medium
11799	ashNews 0.83 Multiple Vulnerabilities	high
11796	Forum51/Board51/News51 Users Disclosure	medium
11795	AtomicBoard Multiple Remote Vulnerabilities (Traversal, Path Disc)	medium
11794	WebCalendar long.php user_inc Parameter Traversal Arbitrary File Access	medium
11786	VP-ASP shopexd.asp catalogid Parameter SQL Injection	high
11785	ProductCart Multiple Vulnerabilities	medium
11782	iXmail index.php password Parameter SQL Injection	high
11781	iXmail Multiple Script Arbitrary File Manipulation	medium
11780	Mailreader 2.3.30 - 2.3.31 Multiple Vulnerabilities	medium
11776	Carello E-Commerce Carello.dll Command Execution	high

Detections

Analytics

CGI abuses Family for Nessus

high

medium

high

high

high

medium

medium

high

high

high

high

high

high

high

medium

medium

high

high

medium

medium

medium

high

high

high

medium

medium

high

high

high

high

high

high

high

medium

medium

medium

high

medium

high

medium

high

medium

medium

medium

high

medium

high

medium

medium

high