CGI abuses Family for Nessus

ID	Name	Severity
34443	Security Center < 3.4.2.1 Directory Traversal Arbitrary File Access	medium
34420	Ignite Gallery Component for Joomla! 'gallery' Parameter SQLi	high
34419	PhpWebGallery comments.php sort_by Parameter SQL Injection	high
34399	GForge top/topusers.php offset Parameter SQL Injection	high
34397	ASG-Sentry File Check Utility /snmx-cgi/fcheck.exe Arbitrary File Overwrite	high
34395	ASG-Sentry CGI Default Credentials	high
34394	ASG-Sentry CGI Detection	info
34373	OpenX ac.php bannerid Parameter SQL Injection	high
34372	Openads Delivery Engine OA_Delivery_Cache_store() Function name Argument Arbitrary PHP Code Execution	high
34351	OpenNMS Web Console Default Credentials	high
34350	OpenNMS Web Console Detection	info
34338	phpScheduleIt reserve.php start_date Parameter Arbitrary Command Injection	high
34337	phpScheduleIt Detection	info
34304	Pluck update.php Remote Privilege Escalation	medium
34293	MailWatch for MailScanner mailscanner/docs.php doc Parameter Traversal Local File Inclusion	medium
34292	Observer <= 0.3.2.1 Multiple Remote Command Execution Vulnerabilities	high
34209	Simple Machines Forum Validation Code Prediction Arbitrary Password Reset	high
34202	Calendarix Basic cal_cat.php catview Parameter SQL Injection	high
34169	pluck < 4.5.3 Multiple Local File Include Vulnerabilities	medium
34110	Simple PHP Blog config/users.php Arbitrary User Password Hash Disclosure	medium
34109	Simple PHP Blog Detection	info
34108	Zen Cart products_id[] Array SQL Injection	medium
34095	Moodle 'lib/kses.php' 'kses_bad_protocol_once' Function Arbitrary PHP Code Execution	high
34055	AWStats Totals awstatstotals.php multisort() Function sort Parameter Arbitrary PHP Code Execution	high
34031	TWiki bin/configure 'image' Parameter Traversal Arbitrary File Access/Execution	high
34029	Kayako SupportSuite < 3.30.01 Multiple Vulnerabilities	medium
33927	Web Server Generic 3xx Redirect	medium
33926	Adobe Dreamweaver dwsync.xml Remote Information Disclosure	medium
33925	dotCMS Multiple Script id Parameter Traversal Local File Inclusion	medium
33903	MailScan WebAdministrator Cookie Authentication Bypass	high
33882	Joomla! reset.php Reset Token Validation Forgery	critical
33869	JBoss Enterprise Application Platform (EAP) Status Servlet Request Remote Information Disclosure	medium
33867	Novell iManager < 2.7 SP1 Property Book Pages Arbitrary Plug-in Studio Deletion	medium
33866	Apache Tomcat allowLinking UTF-8 Traversal Arbitrary File Access	medium
33860	RTH login.php uname Parameter SQL Injection	medium
33856	e107 download.php extract() Function Variable Overwrite	high
33849	PHP < 4.4.9 Multiple Vulnerabilities	high
33848	Pligg settemplate.php template Parameter Local File Inclusion	medium
33823	Plogger plog-download.php checked[] Parameter SQL Injection	medium
33822	XAMPP Example Pages Detection	high
33821	.svn/entries Disclosed via Web Server	medium
33811	Symphony sym_auth Cookie SQL Injection	high
33789	Coppermine Photo Gallery include/functions.inc.php _data Cookie lang Parameter Traversal Local File Inclusion	medium
33761	Gregarius ajax.php rsargs[] Parameter Array SQL Injection	high
33546	fuzzylime (cms) comssrss.php files[] Parameter Traversal Local File Inclusion	high
33532	CGI::Session File Driver CGISESSID Cookie Traversal Authentication Bypass	medium
33483	Maian Scripts Cookie Manipulation Authentication Bypass	high
33479	Mambo < 4.6.5 mos_user_template Local File Inclusion	medium
33478	Xerox CentreWare Web < 4.6.46 Multiple Vulnerabilities (XRX08-008)	medium
33446	Dolphin Multiple Scripts Remote File Inclusion	medium

Detections

Analytics

CGI abuses Family for Nessus

medium

high

high

high

high

high

info

high

high

high

info

high

info

medium

medium

high

high

high

medium

medium

info

medium

high

high

high

medium

medium

medium

medium

high

critical

medium

medium

medium

medium

high

high

medium

medium

high

medium

high

medium

high

high

medium

high

medium

medium

medium