CGI abuses Family for Nessus

ID	Name	Severity
38688	Openfire < 3.6.4 jabber:iq:auth Crafted password_change Request Password Manipulation	medium
38665	OpenCart route Parameter Local File Inclusion	medium
38653	Symantec Reporting Server Improper URL Handling Exposure	medium
38648	Atmail Webmail / AtmailOpen Webmail Detection	info
38198	Sun Java System Identity Manager Account Disclosure	medium
38183	ClearSpace Detection	info
38156	FogBugz Interface Detection	info
38155	Fortify 360 Web Interface Detection	info
38152	Linksys WVC54GCA Wireless-G '/img/main.cgi' Information Disclosure	medium
36205	Novell Teaming Login User Account Enumeration Weakness	medium
36171	phpMyAdmin Setup Script Configuration Parameters Arbitrary PHP Code Injection (PMASA-2009-4)	high
36170	phpMyAdmin setup.php save Action Arbitrary PHP Code Injection (PMASA-2009-3)	high
36144	Geeklog SEC_authenticate Function SQL Injection	high
36143	Geeklog Detection	info
36129	HP LaserJet Web Server Unspecified Admin Component Traversal Arbitrary File Access	high
36102	Jinzora name Parameter Local File Inclusion	medium
36083	phpMyAdmin file_path Parameter Vulnerabilities (PMASA-2009-1)	medium
36074	MapServer < 5.2.2 / 4.10.4 Multiple Flaws	high
36050	Moodle LaTeX Information Disclosure	medium
36019	Tenable Security Center Default Credentials	high
36018	Sitecore CMS < 5.3.2 rev. 090212 Web Service Security Database Information Disclosure	medium
36017	NextApp Echo XML Parsing Information Disclosure Vulnerability	high
35975	AWStats 'awstats.pl' Path Disclosure	medium
35974	AWStats Detection	info
35805	OneOrZero Helpdesk default_language Local File Inclusion	medium
35803	zFeeder admin.php Direct Request Admin Authentication Bypass	high
35787	Zabbix Web Interface extlang[] Parameter Remote Code Execution	high
35786	Zabbix Web Interface Detection	info
35765	Coppermine Photo Gallery keysToSkip Parameter Overwrite	medium
35751	Drupal Theme System Template Local File Inclusion	high
35750	PHP < 5.2.9 Multiple Vulnerabilities	medium
35749	Moodle Forum 'post.php' Unauthorized Post Deletion CSRF	medium
35661	SquirrelMail HTTPS Session Cookie Secure Flag Weakness	medium
35657	HP OpenView Network Node Manager webappmon.exe Command Injection (c01661610)	high
35656	HP OpenView Network Node Manager ovlaunch.exe Information Disclosure (c01661610)	medium
35655	TYPO3 'jumpUrl' Mechanism Information Disclosure	medium
35649	Trend Micro InterScan Web Security Suite Default Credentials	high
35628	Openfire < 3.6.3 Multiple Vulnerabilities	medium
35618	Sun OpenSSO / Java System Access Manager Login Module User Account Enumeration Weakness	medium
35610	Jaws language Parameter Multiple Local File Includes	high
35609	SocialEngine Blog Plugin category_id Parameter SQL Injection	high
35600	Meeting Room Booking System (MRBS) month.php area Parameter SQL Injection	high
35587	phpSlash fields Parameter PHP Code Injection	high
35580	Profense Web Application Firewall Default Credentials	high
35557	OpenX fc.php MAX_type Parameter Traversal Local File Inclusion	high
35554	Horde Horde_Image::factory driver Argument Local File Inclusion	high
35474	gigCalendar Component for Joomla! 'gigcal_gigs_id' Parameter SQLi	medium
35435	Eventing Component for Joomla! 'catid' Parameter SQLi	high
35402	phpList <= 2.10.8 Variable Overwriting	high
35370	WP-Forum Plugin for WordPress 'forum_feed.php' 'thread' Parameter SQL Injection	high

Detections

Analytics

CGI abuses Family for Nessus

medium

medium

medium

info

medium

info

info

info

medium

medium

high

high

high

info

high

medium

medium

high

medium

high

medium

high

medium

info

medium

high

high

info

medium

high

medium

medium

medium

high

medium

medium

high

medium

medium

high

high

high

high

high

high

high

medium

high

high

high