CGI abuses Family for Nessus

ID	Name	Severity
35363	Oracle Secure Backup Administration Server login.php Arbitrary Command Injection	critical
35326	XOOPS Multiple Scripts mydirname Parameter Arbitrary Command Injection	high
35321	XStandard Lite Plugin for Joomla! X_CMS_LIBRARY_PATH Header Directory Traversal	medium
35278	XOOPS xoopsConfig[language] Parameter Local File Inclusion (DSECRG-08-040)	medium
35273	RoundCube Webmail bin/html2text.php Post Request Remote PHP Code Execution	high
35262	Pligg evb/check_url.php url Parameter SQL Injection	medium
35261	OneOrZero Helpdesk tinfo.php Arbitrary File Upload	high
35259	phpList cline Parameter Array Remote File Inclusion	high
35224	Barracuda Spam Firewall < 3.5.12.007 Multiple Vulnerabilities	medium
35109	Live Chat Component for Joomla! 'last' Parameter Multiple SQLi	high
35105	Sun Java System Identity Manager Default Credentials	high
35104	Sun Java System Identity Manager Detection	info
35090	Moodle 'filter/tex/texed.php' 'pathname' Parameter Remote Command Execution	medium
35067	PHP < 5.2.8 Multiple Vulnerabilities	high
35060	phpPgAdmin index.php _language Parameter Local File Inclusion	medium
35043	PHP 5 < 5.2.7 Multiple Vulnerabilities	high
35041	Oempro index.php FormValue_Email Parameter SQL Injection Authentication Bypass	high
35029	Dell Remote Access Controller Default Password (calvin) for 'root' Account	critical
35008	OraMon config/oramon.ini Information Disclosure	medium
34992	CMS Made Simple admin/login.php cms_language Cookie Local File Inclusion	medium
34947	Apache Struts 2 devMode Information Disclosure	medium
34946	Apache Struts 2 < 2.0.12 / 2.1.3 Dispatcher Directory Traversal	high
34726	PHPWebAdmin for hMailServer Multiple File Inclusions	medium
34725	Openfire AuthCheck Authentication Bypass	high
34507	Eaton Network Shutdown Module < 3.20 Authentication Bypass / Command Execution	critical
34448	yappa-ng index.php album Parameter Local File Inclusion	medium
34443	Security Center < 3.4.2.1 Directory Traversal Arbitrary File Access	medium
34420	Ignite Gallery Component for Joomla! 'gallery' Parameter SQLi	high
34419	PhpWebGallery comments.php sort_by Parameter SQL Injection	high
34399	GForge top/topusers.php offset Parameter SQL Injection	high
34397	ASG-Sentry File Check Utility /snmx-cgi/fcheck.exe Arbitrary File Overwrite	high
34395	ASG-Sentry CGI Default Credentials	high
34394	ASG-Sentry CGI Detection	info
34373	OpenX ac.php bannerid Parameter SQL Injection	high
34372	Openads Delivery Engine OA_Delivery_Cache_store() Function name Argument Arbitrary PHP Code Execution	high
34351	OpenNMS Web Console Default Credentials	high
34350	OpenNMS Web Console Detection	info
34338	phpScheduleIt reserve.php start_date Parameter Arbitrary Command Injection	high
34337	phpScheduleIt Detection	info
34304	Pluck update.php Remote Privilege Escalation	medium
34293	MailWatch for MailScanner mailscanner/docs.php doc Parameter Traversal Local File Inclusion	medium
34292	Observer <= 0.3.2.1 Multiple Remote Command Execution Vulnerabilities	high
34209	Simple Machines Forum Validation Code Prediction Arbitrary Password Reset	high
34202	Calendarix Basic cal_cat.php catview Parameter SQL Injection	high
34169	pluck < 4.5.3 Multiple Local File Include Vulnerabilities	medium
34110	Simple PHP Blog config/users.php Arbitrary User Password Hash Disclosure	medium
34109	Simple PHP Blog Detection	info
34108	Zen Cart products_id[] Array SQL Injection	medium
34095	Moodle 'lib/kses.php' 'kses_bad_protocol_once' Function Arbitrary PHP Code Execution	high
34055	AWStats Totals awstatstotals.php multisort() Function sort Parameter Arbitrary PHP Code Execution	high

Detections

Analytics

CGI abuses Family for Nessus

critical

high

medium

medium

high

medium

high

high

medium

high

high

info

medium

high

medium

high

high

critical

medium

medium

medium

high

medium

high

critical

medium

medium

high

high

high

high

high

info

high

high

high

info

high

info

medium

medium

high

high

high

medium

medium

info

medium

high

high