Advertisement
Guest User

Untitled

a guest
May 13th, 2010
6,385
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 80.16 KB | None | 0 0
  1. + OSVDB-3092: /default.nsf: This database can be read without authentication, which may reveal sensitive information.
  2. + OSVDB-3092: /dirassist.nsf: This database can be read without authentication, which may reveal sensitive information.
  3. + OSVDB-3092: /doladmin.nsf: This database can be read without authentication, which may reveal sensitive information.
  4. + OSVDB-3092: /dols_help.nsf: This database can be read without authentication, which may reveal sensitive information.
  5. + OSVDB-3092: /domadmin.nsf: This database can be read without authentication, which may reveal sensitive information.
  6. + OSVDB-3092: /domcfg.nsf: This database can be read without authentication, which may reveal sensitive information.
  7. + OSVDB-3092: /event.nsf: This database can be read without authentication, which may reveal sensitive information.
  8. + OSVDB-3092: /events.nsf: This database can be read without authentication, which may reveal sensitive information.
  9. + OSVDB-3092: /events5.nsf: This database can be read without authentication, which may reveal sensitive information.
  10. + OSVDB-3092: /group.nsf: This database can be read without authentication, which may reveal sensitive information.
  11. + OSVDB-3092: /groups.nsf: This database can be read without authentication, which may reveal sensitive information.
  12. + OSVDB-3092: /help5_admin.nsf: This database can be read without authentication, which may reveal sensitive information.
  13. + OSVDB-3092: /help5_client.nsf: This database can be read without authentication, which may reveal sensitive information.
  14. + OSVDB-3092: /help5_designer.nsf: This database can be read without authentication, which may reveal sensitive information.
  15. + OSVDB-3092: /homepage.nsf: This database can be read without authentication, which may reveal sensitive information.
  16. + OSVDB-3092: /iNotes/Forms5.nsf: This database can be read without authentication, which may reveal sensitive information.
  17. + OSVDB-3092: /iNotes/Forms5.nsf/$DefaultNav: This database can be read without authentication, which may reveal sensitive information.
  18. + OSVDB-3092: /jotter.nsf: This database can be read without authentication, which may reveal sensitive information.
  19. + OSVDB-3092: /kbccv11.nsf: This database can be read without authentication, which may reveal sensitive information.
  20. + OSVDB-3092: /kbnv11.nsf: This database can be read without authentication, which may reveal sensitive information.
  21. + OSVDB-3092: /kbssvv11.nsf: This database can be read without authentication, which may reveal sensitive information.
  22. + OSVDB-3092: /lcon.nsf: This database can be read without authentication, which may reveal sensitive information.
  23. + OSVDB-3092: /ldap.nsf: This database can be read without authentication, which may reveal sensitive information.
  24. + OSVDB-3092: /leiadm.nsf: This database can be read without authentication, which may reveal sensitive information.
  25. + OSVDB-3092: /leilog.nsf: This database can be read without authentication, which may reveal sensitive information.
  26. + OSVDB-3092: /leivlt.nsf: This database can be read without authentication, which may reveal sensitive information.
  27. + OSVDB-3092: /log4a.nsf: This database can be read without authentication, which may reveal sensitive information.
  28. + OSVDB-3092: /lsxlc.nsf: This database can be read without authentication, which may reveal sensitive information.
  29. + OSVDB-3092: /l_domlog.nsf: This database can be read without authentication, which may reveal sensitive information.
  30. + OSVDB-3092: /mab.nsf: This database can be read without authentication, which may reveal sensitive information.
  31. + OSVDB-3092: /mail/adminisist.nsf: This database can be read without authentication, which may reveal sensitive information.
  32. + OSVDB-3092: /mail1.box: This database can be read without authentication, which may reveal sensitive information.
  33. + OSVDB-3092: /mail10.box: This database can be read without authentication, which may reveal sensitive information.
  34. + OSVDB-3092: /mail2.box: This database can be read without authentication, which may reveal sensitive information.
  35. + OSVDB-3092: /mail3.box: This database can be read without authentication, which may reveal sensitive information.
  36. + OSVDB-3092: /mail4.box: This database can be read without authentication, which may reveal sensitive information.
  37. + OSVDB-3092: /mail5.box: This database can be read without authentication, which may reveal sensitive information.
  38. + OSVDB-3092: /mail6.box: This database can be read without authentication, which may reveal sensitive information.
  39. + OSVDB-3092: /mail7.box: This database can be read without authentication, which may reveal sensitive information.
  40. + OSVDB-3092: /mail8.box: This database can be read without authentication, which may reveal sensitive information.
  41. + OSVDB-3092: /mail9.box: This database can be read without authentication, which may reveal sensitive information.
  42. + OSVDB-3092: /mailw46.nsf: This database can be read without authentication, which may reveal sensitive information.
  43. + OSVDB-3092: /msdwda.nsf: This database can be read without authentication, which may reveal sensitive information.
  44. + OSVDB-3092: /mtatbls.nsf: This database can be read without authentication, which may reveal sensitive information.
  45. + OSVDB-3092: /mtdata/mtstore.nsf: This database can be read without authentication, which may reveal sensitive information.
  46. + OSVDB-3092: /mtstore.nsf: This database can be read without authentication, which may reveal sensitive information.
  47. + OSVDB-3092: /nntp/nd000000.nsf: This database can be read without authentication, which may reveal sensitive information.
  48. + OSVDB-3092: /nntp/nd000001.nsf: This database can be read without authentication, which may reveal sensitive information.
  49. + OSVDB-3092: /nntp/nd000002.nsf: This database can be read without authentication, which may reveal sensitive information.
  50. + OSVDB-3092: /nntp/nd000003.nsf: This database can be read without authentication, which may reveal sensitive information.
  51. + OSVDB-3092: /nntp/nd000004.nsf: This database can be read without authentication, which may reveal sensitive information.
  52. + OSVDB-3092: /nntppost.nsf: This database can be read without authentication, which may reveal sensitive information.
  53. + OSVDB-3092: /notes.nsf: This database can be read without authentication, which may reveal sensitive information.
  54. + OSVDB-3092: /ntsync4.nsf: This database can be read without authentication, which may reveal sensitive information.
  55. + OSVDB-3092: /ntsync45.nsf: This database can be read without authentication, which may reveal sensitive information.
  56. + OSVDB-3092: /perweb.nsf: This database can be read without authentication, which may reveal sensitive information.
  57. + OSVDB-3092: /private.nsf: This database can be read without authentication, which may reveal sensitive information.
  58. + OSVDB-3092: /public.nsf: This database can be read without authentication, which may reveal sensitive information.
  59. + OSVDB-3092: /qpadmin.nsf: This database can be read without authentication, which may reveal sensitive information.
  60. + OSVDB-3092: /quickplace/quickplace/main.nsf: This database can be read without authentication, which may reveal sensitive information.
  61. + OSVDB-3092: /quickstart/qstart50.nsf: This database can be read without authentication, which may reveal sensitive information.
  62. + OSVDB-3092: /quickstart/wwsample.nsf: This database can be read without authentication, which may reveal sensitive information.
  63. + OSVDB-3092: /readme.nsf: This database can be read without authentication, which may reveal sensitive information.
  64. + OSVDB-3092: /reports.nsf: This database can be read without authentication, which may reveal sensitive information.
  65. + OSVDB-3092: /sample/faqw46: This database can be read without authentication, which may reveal sensitive information.
  66. + OSVDB-3092: /sample/framew46: This database can be read without authentication, which may reveal sensitive information.
  67. + OSVDB-3092: /sample/pagesw46: This database can be read without authentication, which may reveal sensitive information.
  68. + OSVDB-3092: /sample/siregw46: This database can be read without authentication, which may reveal sensitive information.
  69. + OSVDB-3092: /sample/site1w4646: This database can be read without authentication, which may reveal sensitive information.
  70. + OSVDB-3092: /sample/site2w4646: This database can be read without authentication, which may reveal sensitive information.
  71. + OSVDB-3092: /sample/site3w4646: This database can be read without authentication, which may reveal sensitive information.
  72. + OSVDB-3092: /schema50.nsf: This database can be read without authentication, which may reveal sensitive information.
  73. + OSVDB-3092: /secret.nsf: This database can be read without authentication, which may reveal sensitive information.
  74. + OSVDB-3092: /setupweb.nsf: This database can be read without authentication, which may reveal sensitive information.
  75. + OSVDB-3092: /smbcfg.nsf: This database can be read without authentication, which may reveal sensitive information.
  76. + OSVDB-3092: /smconf.nsf: This database can be read without authentication, which may reveal sensitive information.
  77. + OSVDB-3092: /smency.nsf: This database can be read without authentication, which may reveal sensitive information.
  78. + OSVDB-3092: /smmsg.nsf: This database can be read without authentication, which may reveal sensitive information.
  79. + OSVDB-3092: /smquar.nsf: This database can be read without authentication, which may reveal sensitive information.
  80. + OSVDB-3092: /smsolar.nsf: This database can be read without authentication, which may reveal sensitive information.
  81. + OSVDB-3092: /smtime.nsf: This database can be read without authentication, which may reveal sensitive information.
  82. + OSVDB-3092: /smtp.box: This database can be read without authentication, which may reveal sensitive information.
  83. + OSVDB-3092: /smtp.nsf: This database can be read without authentication, which may reveal sensitive information.
  84. + OSVDB-3092: /smtpibwq.nsf: This database can be read without authentication, which may reveal sensitive information.
  85. + OSVDB-3092: /smtpobwq.nsf: This database can be read without authentication, which may reveal sensitive information.
  86. + OSVDB-3092: /smtptbls.nsf: This database can be read without authentication, which may reveal sensitive information.
  87. + OSVDB-3092: /smvlog.nsf: This database can be read without authentication, which may reveal sensitive information.
  88. + OSVDB-3092: /software.nsf: This database can be read without authentication, which may reveal sensitive information.
  89. + OSVDB-3092: /srvnam.htm: This database can be read without authentication, which may reveal sensitive information.
  90. + OSVDB-3092: /statmail.nsf: This database can be read without authentication, which may reveal sensitive information.
  91. + OSVDB-3092: /stauths.nsf: This database can be read without authentication, which may reveal sensitive information.
  92. + OSVDB-3092: /stautht.nsf: This database can be read without authentication, which may reveal sensitive information.
  93. + OSVDB-3092: /stconf.nsf: This database can be read without authentication, which may reveal sensitive information.
  94. + OSVDB-3092: /stconfig.nsf: This database can be read without authentication, which may reveal sensitive information.
  95. + OSVDB-3092: /stdnaset.nsf: This database can be read without authentication, which may reveal sensitive information.
  96. + OSVDB-3092: /stdomino.nsf: This database can be read without authentication, which may reveal sensitive information.
  97. + OSVDB-3092: /stlog.nsf: This database can be read without authentication, which may reveal sensitive information.
  98. + OSVDB-3092: /streg.nsf: This database can be read without authentication, which may reveal sensitive information.
  99. + OSVDB-3092: /stsrc.nsf: This database can be read without authentication, which may reveal sensitive information.
  100. + OSVDB-3092: /test.nsf: This database can be read without authentication, which may reveal sensitive information.
  101. + OSVDB-3092: /today.nsf: This database can be read without authentication, which may reveal sensitive information.
  102. + OSVDB-3092: /userreg.nsf: This database can be read without authentication, which may reveal sensitive information.
  103. + OSVDB-3092: /users.nsf: This database can be read without authentication, which may reveal sensitive information.
  104. + OSVDB-3092: /vpuserinfo.nsf: This database can be read without authentication, which may reveal sensitive information.
  105. + OSVDB-3092: /web.nsf: This database can be read without authentication, which may reveal sensitive information.
  106. + OSVDB-3092: /webuser.nsf: This database can be read without authentication, which may reveal sensitive information.
  107. + OSVDB-3092: /welcome.nsf: This database can be read without authentication, which may reveal sensitive information.
  108. + OSVDB-3092: /wksinst.nsf: This database can be read without authentication, which may reveal sensitive information.
  109. + OSVDB-3093: /finance.xls: Finance spreadsheet?
  110. + OSVDB-3093: /finances.xls: Finance spreadsheet?
  111. + OSVDB-3093: /abonnement.asp: This might be interesting... has been seen in web logs from an unknown scanner.
  112. + OSVDB-3093: /acartpath/signin.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  113. + OSVDB-3093: /add_acl: This might be interesting... has been seen in web logs from an unknown scanner.
  114. + OSVDB-3093: /admbrowse.php?down=1&cur=%2Fetc%2F&dest=passwd&rid=1&S=[someid]: This might be interesting... has been seen in web logs from an unknown scanner.
  115. + OSVDB-3093: /admin/auth.php: This might be interesting... has been seen in web logs from an unknown scanner.
  116. + OSVDB-3093: /admin/cfg/configscreen.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  117. + OSVDB-3093: /admin/cfg/configsite.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  118. + OSVDB-3093: /admin/cfg/configsql.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  119. + OSVDB-3093: /admin/cfg/configtache.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  120. + OSVDB-3093: /admin/cms/htmltags.php: This might be interesting... has been seen in web logs from an unknown scanner.
  121. + OSVDB-3093: /admin/credit_card_info.php: This might be interesting... has been seen in web logs from an unknown scanner.
  122. + OSVDB-3093: /admin/exec.php3: This might be interesting... has been seen in web logs from an unknown scanner.
  123. + OSVDB-3093: /admin/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
  124. + OSVDB-3093: /admin/modules/cache.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  125. + OSVDB-3093: /admin/objects.inc.php4: This might be interesting... has been seen in web logs from an unknown scanner.
  126. + OSVDB-3093: /admin/script.php: This might be interesting... has been seen in web logs from an unknown scanner.
  127. + OSVDB-3093: /admin/settings.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  128. + OSVDB-3093: /admin/templates/header.php: This might be interesting... has been seen in web logs from an unknown scanner.
  129. + OSVDB-3093: /admin/upload.php: This might be interesting... has been seen in web logs from an unknown scanner.
  130. + OSVDB-3093: /admin_t/include/aff_liste_langue.php: This might be interesting... has been seen in web logs from an unknown scanner.
  131. + OSVDB-3093: /adv/gm001-mc/: This might be interesting... has been seen in web logs from an unknown scanner.
  132. + OSVDB-3093: /aff_news.php: This might be interesting... has been seen in web logs from an unknown scanner.
  133. + OSVDB-3093: /approval/ts_app.htm: This might be interesting... has been seen in web logs from an unknown scanner.
  134. + OSVDB-3093: /archive.asp: This might be interesting... has been seen in web logs from an unknown scanner.
  135. + OSVDB-3093: /archive_forum.asp: This might be interesting... has been seen in web logs from an unknown scanner.
  136. + OSVDB-3093: /ashnews.php: This might be interesting... has been seen in web logs from an unknown scanner.
  137. + OSVDB-3093: /auth.inc.php: This might be interesting... has been seen in web logs from an unknown scanner.
  138. + OSVDB-3093: /b2-tools/gm-2-b2.php: This might be interesting... has been seen in web logs from an unknown scanner.
  139. + OSVDB-3093: /bandwidth/index.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
  140. + OSVDB-3093: /basilix.php3: This might be interesting... has been seen in web logs from an unknown scanner.
  141. + OSVDB-3093: /bigsam_guestbook.php?displayBegin=9999...9999: This might be interesting... has been seen in web logs from an unknown scanner.
  142. + OSVDB-3093: /bin/common/user_update_passwd.pl: This might be interesting... has been seen in web logs from an unknown scanner.
  143. + OSVDB-3093: /biztalktracking/RawCustomSearchField.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  144. + OSVDB-3093: /biztalktracking/rawdocdata.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  145. + OSVDB-3093: /board/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
  146. + OSVDB-3093: /board/philboard_admin.asp+: This might be interesting... has been seen in web logs from an unknown scanner.
  147. + OSVDB-3093: /bugtest+/+: This might be interesting... has been seen in web logs from an unknown scanner.
  148. + OSVDB-3093: /caupo/admin/admin_workspace.php: This might be interesting... has been seen in web logs from an unknown scanner.
  149. + OSVDB-3093: /ccbill/whereami.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
  150. + OSVDB-3093: /chat_dir/register.php: This might be interesting... has been seen in web logs from an unknown scanner.
  151. + OSVDB-3093: /checkout_payment.php: This might be interesting... has been seen in web logs from an unknown scanner.
  152. + OSVDB-3093: /communique.asp: This might be interesting... has been seen in web logs from an unknown scanner.
  153. + OSVDB-3093: /community/forumdisplay.php: This might be interesting... has been seen in web logs from an unknown scanner.
  154. + OSVDB-3093: /community/index.php?analized=anything: This might be interesting... has been seen in web logs from an unknown scanner.
  155. + OSVDB-3093: /community/member.php: This might be interesting... has been seen in web logs from an unknown scanner.
  156. + OSVDB-3093: /compte.php: This might be interesting... has been seen in web logs from an unknown scanner.
  157. + OSVDB-3093: /config/html/cnf_gi.htm: This might be interesting... has been seen in web logs from an unknown scanner.
  158. + OSVDB-3093: /convert-date.php: This might be interesting... has been seen in web logs from an unknown scanner.
  159. + OSVDB-3093: /cp/rac/nsManager.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
  160. + OSVDB-3093: /csPassword.cgi?command=remove%20: This might be interesting... has been seen in web logs from an unknown scanner.
  161. + OSVDB-3093: /cutenews/comments.php: This might be interesting... has been seen in web logs from an unknown scanner.
  162. + OSVDB-3093: /cutenews/search.php: This might be interesting... has been seen in web logs from an unknown scanner.
  163. + OSVDB-3093: /cutenews/shownews.php: This might be interesting... has been seen in web logs from an unknown scanner.
  164. + OSVDB-3093: /Data/settings.xml+: This might be interesting... has been seen in web logs from an unknown scanner.
  165. + OSVDB-3093: /database/metacart.mdb+: This might be interesting... has been seen in web logs from an unknown scanner.
  166. + OSVDB-3093: /db.php: This might be interesting... has been seen in web logs from an unknown scanner.
  167. + OSVDB-3093: /dbabble: This might be interesting... has been seen in web logs from an unknown scanner.
  168. + OSVDB-3093: /dcp/advertiser.php: This might be interesting... has been seen in web logs from an unknown scanner.
  169. + OSVDB-3093: /defines.php: This might be interesting... has been seen in web logs from an unknown scanner.
  170. + OSVDB-3093: /dltclnt.php: This might be interesting... has been seen in web logs from an unknown scanner.
  171. + OSVDB-3093: /doc/admin/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
  172. + OSVDB-3093: /docs/NED: This might be interesting... has been seen in web logs from an unknown scanner.
  173. + OSVDB-3093: /dotproject/modules/files/index_table.php: This might be interesting... has been seen in web logs from an unknown scanner.
  174. + OSVDB-3093: /dotproject/modules/projects/addedit.php: This might be interesting... has been seen in web logs from an unknown scanner.
  175. + OSVDB-3093: /dotproject/modules/projects/view.php: This might be interesting... has been seen in web logs from an unknown scanner.
  176. + OSVDB-3093: /dotproject/modules/projects/vw_files.php: This might be interesting... has been seen in web logs from an unknown scanner.
  177. + OSVDB-3093: /dotproject/modules/tasks/addedit.php: This might be interesting... has been seen in web logs from an unknown scanner.
  178. + OSVDB-3093: /dotproject/modules/tasks/viewgantt.php: This might be interesting... has been seen in web logs from an unknown scanner.
  179. + OSVDB-3093: /do_map: This might be interesting... has been seen in web logs from an unknown scanner.
  180. + OSVDB-3093: /do_subscribe: This might be interesting... has been seen in web logs from an unknown scanner.
  181. + OSVDB-3093: /email.php: This might be interesting... has been seen in web logs from an unknown scanner.
  182. + OSVDB-3093: /emml_email_func.php: This might be interesting... has been seen in web logs from an unknown scanner.
  183. + OSVDB-3093: /emumail.cgi?type=.%00: This might be interesting... has been seen in web logs from an unknown scanner.
  184. + OSVDB-3093: /entete.php: This might be interesting... has been seen in web logs from an unknown scanner.
  185. + OSVDB-3093: /enteteacceuil.php: This might be interesting... has been seen in web logs from an unknown scanner.
  186. + OSVDB-3093: /etc/shadow+: This might be interesting... has been seen in web logs from an unknown scanner.
  187. + OSVDB-3093: /eventcal2.php.php: This might be interesting... has been seen in web logs from an unknown scanner.
  188. + OSVDB-3093: /ez2000/ezadmin.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
  189. + OSVDB-3093: /ez2000/ezboard.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
  190. + OSVDB-3093: /ez2000/ezman.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
  191. + OSVDB-3093: /faqman/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
  192. + OSVDB-3093: /filemanager/index.php3: This might be interesting... has been seen in web logs from an unknown scanner.
  193. + OSVDB-3093: /filemgmt/brokenfile.php: This might be interesting... has been seen in web logs from an unknown scanner.
  194. + OSVDB-3093: /filemgmt/singlefile.php: This might be interesting... has been seen in web logs from an unknown scanner.
  195. + OSVDB-3093: /filemgmt/viewcat.php: This might be interesting... has been seen in web logs from an unknown scanner.
  196. + OSVDB-3093: /filemgmt/visit.php: This might be interesting... has been seen in web logs from an unknown scanner.
  197. + OSVDB-3093: /foro/YaBB.pl: This might be interesting... has been seen in web logs from an unknown scanner.
  198. + OSVDB-3093: /forum/mainfile.php: This might be interesting... has been seen in web logs from an unknown scanner.
  199. + OSVDB-3093: /forum/member.php: This might be interesting... has been seen in web logs from an unknown scanner.
  200. + OSVDB-3093: /forum/newreply.php: This might be interesting... has been seen in web logs from an unknown scanner.
  201. + OSVDB-3093: /forum/newthread.php: This might be interesting... has been seen in web logs from an unknown scanner.
  202. + OSVDB-3093: /forum/viewtopic.php: phpBB found.
  203. + OSVDB-3093: /forum_arc.asp?n=268: This might be interesting... has been seen in web logs from an unknown scanner.
  204. + OSVDB-3093: /forum_professionnel.asp?n=100: This might be interesting... has been seen in web logs from an unknown scanner.
  205. + OSVDB-3093: /functions.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  206. + OSVDB-10447: /get_od_toc.pl?Profile=: WebTrends get_od_toc.pl may be vulnerable to a path disclosure error if this file is reloaded multiple times.
  207. + OSVDB-3093: /globals.php3: This might be interesting... has been seen in web logs from an unknown scanner.
  208. + OSVDB-3093: /globals.pl: This might be interesting... has been seen in web logs from an unknown scanner.
  209. + OSVDB-6656: /Gozila.cgi: Linksys BEF Series routers are vulnerable to multiple DoS attacks in Gozila.cgi.
  210. + OSVDB-3093: /homebet/homebet.dll?form=menu&option=menu-signin: This might be interesting... has been seen in web logs from an unknown scanner.
  211. + OSVDB-3093: /idealbb/error.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  212. + OSVDB-3093: /iisprotect/admin/SiteAdmin.ASP?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  213. + OSVDB-3093: /include/customize.php: This might be interesting... has been seen in web logs from an unknown scanner.
  214. + OSVDB-3093: /include/help.php: This might be interesting... has been seen in web logs from an unknown scanner.
  215. + OSVDB-3093: /includes/footer.php3: This might be interesting... has been seen in web logs from an unknown scanner.
  216. + OSVDB-3093: /includes/header.php3: This might be interesting... has been seen in web logs from an unknown scanner.
  217. + OSVDB-3093: /index.php?base=test%20: This might be interesting... has been seen in web logs from an unknown scanner.
  218. + OSVDB-3093: /index.php?IDAdmin=test: This might be interesting... has been seen in web logs from an unknown scanner.
  219. + OSVDB-3093: /index.php?pymembs=admin: This might be interesting... has been seen in web logs from an unknown scanner.
  220. + OSVDB-3093: /index.php?SqlQuery=test%20: This might be interesting... has been seen in web logs from an unknown scanner.
  221. + OSVDB-3093: /index.php?tampon=test%20: This might be interesting... has been seen in web logs from an unknown scanner.
  222. + OSVDB-3093: /index.php?topic=<script>alert(document.cookie)</script>%20: This might be interesting... has been seen in web logs from an unknown scanner.
  223. + OSVDB-3093: /infos/contact/index.asp: This might be interesting... has been seen in web logs from an unknown scanner.
  224. + OSVDB-3093: /infos/faq/index.asp: This might be interesting... has been seen in web logs from an unknown scanner.
  225. + OSVDB-3093: /infos/gen/index.asp: This might be interesting... has been seen in web logs from an unknown scanner.
  226. + OSVDB-3093: /infos/services/index.asp: This might be interesting... has been seen in web logs from an unknown scanner.
  227. + OSVDB-3093: /instaboard/index.cfm: This might be interesting... has been seen in web logs from an unknown scanner.
  228. + OSVDB-3093: /intranet/browse.php: This might be interesting... has been seen in web logs from an unknown scanner.
  229. + OSVDB-3093: /invitefriends.php3: This might be interesting... has been seen in web logs from an unknown scanner.
  230. + OSVDB-3093: /ipchat.php: This might be interesting... has been seen in web logs from an unknown scanner.
  231. + OSVDB-3093: /ixmail_netattach.php: This might be interesting... has been seen in web logs from an unknown scanner.
  232. + OSVDB-3093: /jsptest.jsp+: This might be interesting... has been seen in web logs from an unknown scanner.
  233. + OSVDB-3093: /kernel/class/delete.php: This might be interesting... has been seen in web logs from an unknown scanner.
  234. + OSVDB-3093: /kernel/classes/ezrole.php: This might be interesting... has been seen in web logs from an unknown scanner.
  235. + OSVDB-3093: /ldap.search.php3?ldap_serv=nonsense%20: This might be interesting... has been seen in web logs from an unknown scanner.
  236. + OSVDB-3093: /livredor/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
  237. + OSVDB-3093: /login.php3?reason=chpass2%20: This might be interesting... has been seen in web logs from an unknown scanner.
  238. + OSVDB-3093: /mail/include.html: This might be interesting... has been seen in web logs from an unknown scanner.
  239. + OSVDB-3093: /mail/settings.html: This might be interesting... has been seen in web logs from an unknown scanner.
  240. + OSVDB-3093: /mail/src/read_body.php: This might be interesting... has been seen in web logs from an unknown scanner.
  241. + OSVDB-3093: /mambo/banners.php: This might be interesting... has been seen in web logs from an unknown scanner.
  242. + OSVDB-3093: /manage/login.asp+: This might be interesting... has been seen in web logs from an unknown scanner.
  243. + OSVDB-3093: /mantis/summary_graph_functions.php?g_jpgraph_path=http%3A%2F%2Fattackershost%2Flistings.txt%3F: This might be interesting... has been seen in web logs from an unknown scanner.
  244. + OSVDB-3093: /members/ID.pm: This might be interesting... has been seen in web logs from an unknown scanner.
  245. + OSVDB-3093: /members/ID.xbb: This might be interesting... has been seen in web logs from an unknown scanner.
  246. + OSVDB-3093: /mod.php: This might be interesting... has been seen in web logs from an unknown scanner.
  247. + OSVDB-3093: /modif/delete.php: This might be interesting... has been seen in web logs from an unknown scanner.
  248. + OSVDB-3093: /modif/ident.php: This might be interesting... has been seen in web logs from an unknown scanner.
  249. + OSVDB-3093: /modules/Downloads/voteinclude.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  250. + OSVDB-3093: /modules/Forums/attachment.php: This might be interesting... has been seen in web logs from an unknown scanner.
  251. + OSVDB-3093: /modules/Search/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
  252. + OSVDB-3093: /modules/WebChat/in.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  253. + OSVDB-3093: /modules/WebChat/out.php: This might be interesting... has been seen in web logs from an unknown scanner.
  254. + OSVDB-3093: /modules/WebChat/quit.php: This might be interesting... has been seen in web logs from an unknown scanner.
  255. + OSVDB-3093: /modules/WebChat/users.php: This might be interesting... has been seen in web logs from an unknown scanner.
  256. + OSVDB-3093: /modules/Your_Account/navbar.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  257. + OSVDB-3093: /moregroupware/modules/webmail2/inc/: This might be interesting... has been seen in web logs from an unknown scanner.
  258. + OSVDB-3093: /msadc/Samples/SELECTOR/showcode.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  259. + OSVDB-3093: /myguestBk/add1.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  260. + OSVDB-3093: /myguestBk/admin/delEnt.asp?id=NEWSNUMBER|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  261. + OSVDB-3093: /myguestBk/admin/index.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  262. + OSVDB-3093: /netget?sid=Safety&msg=2002&file=Safety: This might be interesting... has been seen in web logs from an unknown scanner.
  263. + OSVDB-3093: /newtopic.php: This might be interesting... has been seen in web logs from an unknown scanner.
  264. + OSVDB-3093: /nphp/nphpd.php: This might be interesting... has been seen in web logs from an unknown scanner.
  265. + OSVDB-3093: /OpenTopic: This might be interesting... has been seen in web logs from an unknown scanner.
  266. + OSVDB-3093: /options.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  267. + OSVDB-3093: /oscommerce/default.php: This might be interesting... has been seen in web logs from an unknown scanner.
  268. + OSVDB-3093: /parse_xml.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
  269. + OSVDB-3093: /php/gaestebuch/admin/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
  270. + OSVDB-3093: /php/php4ts.dll: This might be interesting... has been seen in web logs from an unknown scanner.
  271. + OSVDB-3093: /pks/lookup: This might be interesting... has been seen in web logs from an unknown scanner.
  272. + OSVDB-3093: /pm/lib.inc.php: This might be interesting... has been seen in web logs from an unknown scanner.
  273. + OSVDB-3093: /poppassd.php3+: This might be interesting... has been seen in web logs from an unknown scanner.
  274. + OSVDB-3093: /produccart/pdacmin/login.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  275. + OSVDB-3093: /productcart/database/EIPC.mdb: This might be interesting... has been seen in web logs from an unknown scanner.
  276. + OSVDB-3093: /productcart/pc/Custva.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  277. + OSVDB-3093: /ProductCart/pc/msg.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  278. + OSVDB-3093: /product_info.php: This might be interesting... has been seen in web logs from an unknown scanner.
  279. + OSVDB-3093: /prometheus-all/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
  280. + OSVDB-3093: /proplus/admin/login.php+-d+\"action=insert\"+-d+\"username=test\"+-d+\"password=test\": This might be interesting... has been seen in web logs from an unknown scanner.
  281. + OSVDB-3093: /protected/: This might be interesting... has been seen in web logs from an unknown scanner.
  282. + OSVDB-3093: /protected/secret.html+: This might be interesting... has been seen in web logs from an unknown scanner.
  283. + OSVDB-3093: /protectedpage.php?uid='%20OR%20''='&pwd='%20OR%20''=': This might be interesting... has been seen in web logs from an unknown scanner.
  284. + OSVDB-3093: /protection.php: This might be interesting... has been seen in web logs from an unknown scanner.
  285. + OSVDB-3093: /pt_config.inc: This might be interesting... has been seen in web logs from an unknown scanner.
  286. + OSVDB-3093: /pvote/add.php?question=AmIgAy&o1=yes&o2=yeah&o3=well..yeah&o4=bad%20: This might be interesting... has been seen in web logs from an unknown scanner.
  287. + OSVDB-3093: /pvote/del.php?pollorder=1%20: This might be interesting... has been seen in web logs from an unknown scanner.
  288. + OSVDB-3093: /quikmail/nph-emumail.cgi?type=../%00: This might be interesting... has been seen in web logs from an unknown scanner.
  289. + OSVDB-3093: /room/save_item.php: This might be interesting... has been seen in web logs from an unknown scanner.
  290. + OSVDB-3093: /screen.php: This might be interesting... has been seen in web logs from an unknown scanner.
  291. + OSVDB-3093: /scripts/tradecli.dll: This might be interesting... has been seen in web logs from an unknown scanner.
  292. + OSVDB-3093: /scripts/tradecli.dll?template=nonexistfile?template=..\..\..\..\..\winnt\system32\cmd.exe?/c+dir: This might be interesting... has been seen in web logs from an unknown scanner.
  293. + OSVDB-3093: /security/web_access.html: This might be interesting... has been seen in web logs from an unknown scanner.
  294. + OSVDB-3093: /sendphoto.php: This might be interesting... has been seen in web logs from an unknown scanner.
  295. + OSVDB-3093: /servers/link.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
  296. + OSVDB-3093: /shop/php_files/site.config.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  297. + OSVDB-3093: /shop/search.php: This might be interesting... has been seen in web logs from an unknown scanner.
  298. + OSVDB-3093: /shop/show.php: This might be interesting... has been seen in web logs from an unknown scanner.
  299. + OSVDB-3093: /Site/biztalkhttpreceive.dll: This might be interesting... has been seen in web logs from an unknown scanner.
  300. + OSVDB-3093: /site_searcher.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
  301. + OSVDB-3093: /spelling.php3+: This might be interesting... has been seen in web logs from an unknown scanner.
  302. + OSVDB-3093: /squirrelmail/src/read_body.php: This might be interesting... has been seen in web logs from an unknown scanner.
  303. + OSVDB-3093: /staticpages/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
  304. + OSVDB-3093: /status.php3: This might be interesting... has been seen in web logs from an unknown scanner.
  305. + OSVDB-3093: /supporter/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
  306. + OSVDB-3093: /supporter/tupdate.php: This might be interesting... has been seen in web logs from an unknown scanner.
  307. + OSVDB-3093: /sw000.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
  308. + OSVDB-3093: /syslog.htm?%20: This might be interesting... has been seen in web logs from an unknown scanner.
  309. + OSVDB-3093: /technote/print.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
  310. + OSVDB-3093: /texis/websearch/phine: This might be interesting... has been seen in web logs from an unknown scanner.
  311. + OSVDB-3093: /tinymsg.php: This might be interesting... has been seen in web logs from an unknown scanner.
  312. + OSVDB-3093: /topic/entete.php: This might be interesting... has been seen in web logs from an unknown scanner.
  313. + OSVDB-3093: /topsitesdir/edit.php: This might be interesting... has been seen in web logs from an unknown scanner.
  314. + OSVDB-3093: /ttforum/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
  315. + OSVDB-3093: /tutos/file/file_new.php: This might be interesting... has been seen in web logs from an unknown scanner.
  316. + OSVDB-3093: /tutos/file/file_select.php: This might be interesting... has been seen in web logs from an unknown scanner.
  317. + OSVDB-3093: /typo3/typo3/dev/translations.php: This might be interesting... has been seen in web logs from an unknown scanner.
  318. + OSVDB-3093: /uifc/MultFileUploadHandler.php+: This might be interesting... has been seen in web logs from an unknown scanner.
  319. + OSVDB-3093: /url.jsp: This might be interesting... has been seen in web logs from an unknown scanner.
  320. + OSVDB-3093: /useraction.php3: This might be interesting... has been seen in web logs from an unknown scanner.
  321. + OSVDB-3093: /utils/sprc.asp+: This might be interesting... has been seen in web logs from an unknown scanner.
  322. + OSVDB-3093: /vars.inc+: This might be interesting... has been seen in web logs from an unknown scanner.
  323. + OSVDB-3093: /VBZooM/add-subject.php: This might be interesting... has been seen in web logs from an unknown scanner.
  324. + OSVDB-3093: /wbboard/profile.php: This might be interesting... has been seen in web logs from an unknown scanner.
  325. + OSVDB-3093: /wbboard/reply.php: This might be interesting... has been seen in web logs from an unknown scanner.
  326. + OSVDB-3093: /webcalendar/login.php: This might be interesting... has been seen in web logs from an unknown scanner.
  327. + OSVDB-3093: /webcalendar/view_m.php: This might be interesting... has been seen in web logs from an unknown scanner.
  328. + OSVDB-3093: /webmail/lib/emailreader_execute_on_each_page.inc.php: This might be interesting... has been seen in web logs from an unknown scanner.
  329. + OSVDB-3093: /webmail/src/read_body.php: This might be interesting... has been seen in web logs from an unknown scanner.
  330. + OSVDB-3093: /web_app/WEB-INF/webapp.properties: This might be interesting... has been seen in web logs from an unknown scanner.
  331. + OSVDB-3093: /XMBforum/buddy.php: This might be interesting... has been seen in web logs from an unknown scanner.
  332. + OSVDB-3093: /XMBforum/member.php: This might be interesting... has been seen in web logs from an unknown scanner.
  333. + OSVDB-3093: /x_stat_admin.php: This might be interesting... has been seen in web logs from an unknown scanner.
  334. + OSVDB-3093: /yabbse/Reminder.php: This might be interesting... has been seen in web logs from an unknown scanner.
  335. + OSVDB-3093: /yabbse/Sources/Packages.php: This might be interesting... has been seen in web logs from an unknown scanner.
  336. + OSVDB-3093: /zentrack/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
  337. + OSVDB-3093: /_head.php: This might be interesting... has been seen in web logs from an unknown scanner.
  338. + OSVDB-3093: /ows-bin/oaskill.exe?abcde.exe: This might be interesting... has been seen in web logs from an unknown scanner.
  339. + OSVDB-3093: /ows-bin/oasnetconf.exe?-l%20-s%20BlahBlah: This might be interesting... has been seen in web logs from an unknown scanner.
  340. + OSVDB-3093: /database/: Databases? Really??
  341. + OSVDB-3093: /.wwwacl: Contains authorization information
  342. + OSVDB-3093: /.www_acl: Contains authorization information
  343. + OSVDB-3093: /.htpasswd: Contains authorization information
  344. + OSVDB-3093: /.access: Contains authorization information
  345. + OSVDB-3093: /.addressbook: PINE addressbook, may store sensitive e-mail address contact information and notes
  346. + OSVDB-3093: /.bashrc: User home dir was found with a shell rc file. This may reveal file and path information.
  347. + OSVDB-3093: /.bash_history: A user's home directory may be set to the web root, the shell history was retrieved. This should not be accessible via the web.
  348. + OSVDB-3093: /.forward: User home dir was found with a mail forward file. May reveal where the user's mail is being forwarded to.
  349. + OSVDB-3093: /.history: A user's home directory may be set to the web root, the shell history was retrieved. This should not be accessible via the web.
  350. + OSVDB-3093: /.htaccess: Contains authorization information
  351. + OSVDB-3093: /.lynx_cookies: User home dir found with LYNX cookie file. May reveal cookies received from arbitrary web sites.
  352. + OSVDB-3093: /.mysql_history: Database SQL?
  353. + OSVDB-3093: /.passwd: Contains authorization information
  354. + OSVDB-3093: /.pinerc: User home dir found with a PINE rc file. May reveal system information, directories and more.
  355. + OSVDB-3093: /.plan: User home dir with a .plan, a now mostly outdated file for delivering information via the finger protocol
  356. + OSVDB-3093: /.proclog: User home dir with a Procmail log file. May reveal user mail traffic, directories and more.
  357. + OSVDB-3093: /.procmailrc: User home dir with a Procmail rc file. May reveal sub directories, mail contacts and more.
  358. + OSVDB-3093: /.profile: User home dir with a shell profile was found. May reveal directory information and system configuration.
  359. + OSVDB-3093: /.rhosts: A user's home directory may be set to the web root, a .rhosts file was retrieved. This should not be accessible via the web.
  360. + OSVDB-3093: /.sh_history: A user's home directory may be set to the web root, the shell history was retrieved. This should not be accessible via the web.
  361. + OSVDB-3093: /.ssh: A user's home directory may be set to the web root, an ssh file was retrieved. This should not be accessible via the web.
  362. + OSVDB-3093: /.ssh/authorized_keys: A user's home directory may be set to the web root, an ssh file was retrieved. This should not be accessible via the web.
  363. + OSVDB-3093: /.ssh/known_hosts: A user's home directory may be set to the web root, an ssh file was retrieved. This should not be accessible via the web.
  364. + OSVDB-3233: /_vti_bin/shtml.exe/_vti_rpc: FrontPage may be installed.
  365. + OSVDB-3233: /jservdocs/: Default Apache JServ docs should be removed.
  366. + OSVDB-3233: /tomcat-docs/index.html: Default Apache Tomcat documentation found.
  367. + OSVDB-3233: /akopia/: Akopia is installed.
  368. + OSVDB-3233: /ojspdemos/basic/hellouser/hellouser.jsp: Oracle 9i default jsp page found, may be vulnerable to XSS in any field.
  369. + OSVDB-3233: /ojspdemos/basic/simple/usebean.jsp: Oracle 9i default jsp page found, may be vulnerable to XSS in any field.
  370. + OSVDB-3233: /ojspdemos/basic/simple/welcomeuser.jsp: Oracle 9i default jsp page found, may be vulnerable to XSS in any field.
  371. + OSVDB-3233: /php/index.php: Monkey Http Daemon default php file found.
  372. + OSVDB-3233: /servlet/Counter: JRun default servlet found. All default code should be removed from servers.
  373. + OSVDB-3233: /servlet/DateServlet: JRun default servlet found. All default code should be removed from servers.
  374. + OSVDB-3233: /servlet/FingerServlet: JRun default servlet found. All default code should be removed from servers.
  375. + OSVDB-3233: /servlet/HelloWorldServlet: JRun default servlet found. All default code should be removed from servers.
  376. + OSVDB-3233: /servlet/SessionServlet: JRun or Netware WebSphere default servlet found. All default code should be removed from servers.
  377. + OSVDB-3233: /servlet/SimpleServlet: JRun default servlet found (possibly Websphere). All default code should be removed from servers.
  378. + OSVDB-3233: /servlet/SnoopServlet: JRun, Netware Java Servlet Gateway, or WebSphere default servlet found. All default code should be removed from servers.
  379. + OSVDB-3233: /admcgi/contents.htm: Default FrontPage CGI found.
  380. + OSVDB-3233: /admcgi/scripts/Fpadmcgi.exe: Default FrontPage CGI found.
  381. + OSVDB-3233: /admisapi/fpadmin.htm: Default FrontPage file found.
  382. + OSVDB-3233: /bin/admin.pl: Default FrontPage CGI found.
  383. + OSVDB-3233: /bin/cfgwiz.exe: Default FrontPage CGI found.
  384. + OSVDB-3233: /bin/CGImail.exe: Default FrontPage CGI found.
  385. + OSVDB-3233: /bin/contents.htm: Default FrontPage CGI found.
  386. + OSVDB-3233: /bin/fpadmin.htm: Default FrontPage CGI found.
  387. + OSVDB-3233: /bin/fpremadm.exe: Default FrontPage CGI found.
  388. + OSVDB-3233: /bin/fpsrvadm.exe: Default FrontPage CGI found.
  389. + OSVDB-3233: /cgi-bin/admin.pl: Default FrontPage CGI found.
  390. + OSVDB-3233: /cgi-bin/cfgwiz.exe: Default FrontPage CGI found.
  391. + OSVDB-3233: /cgi-bin/CGImail.exe: Default FrontPage CGI found.
  392. + OSVDB-3233: /cgi-bin/contents.htm: Default FrontPage CGI found.
  393. + OSVDB-3233: /cgi-bin/fpadmin.htm: Default FrontPage CGI found.
  394. + OSVDB-3233: /cgi-bin/fpremadm.exe: Default FrontPage CGI found.
  395. + OSVDB-3233: /cgi-bin/fpsrvadm.exe: Default FrontPage CGI found.
  396. + OSVDB-3233: /scripts/admin.pl: Default FrontPage CGI found.
  397. + OSVDB-3233: /scripts/cfgwiz.exe: Default FrontPage CGI found.
  398. + OSVDB-3233: /scripts/CGImail.exe: Default FrontPage CGI found.
  399. + OSVDB-3233: /scripts/contents.htm: Default FrontPage CGI found.
  400. + OSVDB-3233: /scripts/fpadmin.htm: Default FrontPage CGI found.
  401. + OSVDB-3233: /scripts/fpcount.exe: Default FrontPage CGI found.
  402. + OSVDB-3233: /scripts/fpremadm.exe: Default FrontPage CGI found.
  403. + OSVDB-3233: /scripts/fpsrvadm.exe: Default FrontPage CGI found.
  404. + OSVDB-3233: /_private/: FrontPage directory found.
  405. + OSVDB-3233: /_private/orders.htm: Default FrontPage file found.
  406. + OSVDB-3233: /_private/orders.txt: Default FrontPage file found.
  407. + OSVDB-3233: /_private/register.htm: Default FrontPage file found.
  408. + OSVDB-3233: /_private/register.txt: Default FrontPage file found.
  409. + OSVDB-3233: /_private/registrations.txt: Default FrontPage file found.
  410. + OSVDB-3233: /_private/_vti_cnf/: FrontPage directory found.
  411. + OSVDB-3233: /_vti_bin/: FrontPage directory found.
  412. + OSVDB-3233: /_vti_bin/admin.pl: Default FrontPage CGI found.
  413. + OSVDB-3233: /_vti_bin/cfgwiz.exe: Default FrontPage CGI found.
  414. + OSVDB-3233: /_vti_bin/CGImail.exe: Default FrontPage CGI found.
  415. + OSVDB-3233: /_vti_bin/contents.htm: Default FrontPage CGI found.
  416. + OSVDB-3233: /_vti_bin/fpadmin.htm: Default FrontPage CGI found.
  417. + OSVDB-3233: /_vti_bin/fpremadm.exe: Default FrontPage CGI found.
  418. + OSVDB-3233: /_vti_bin/fpsrvadm.exe: Default FrontPage CGI found.
  419. + OSVDB-3233: /_vti_bin/_vti_cnf/: FrontPage directory found.
  420. + OSVDB-3233: /_vti_cnf/_vti_cnf/: FrontPage directory found.
  421. + OSVDB-3233: /_vti_log/_vti_cnf/: FrontPage directory found.
  422. + OSVDB-3233: /_vti_pvt/administrators.pwd: Default FrontPage file found, may be a password file.
  423. + OSVDB-3233: /_vti_pvt/authors.pwd: Default FrontPage file found, may be a password file.
  424. + OSVDB-3233: /_vti_pvt/service.pwd: Default FrontPage file found, may be a password file.
  425. + OSVDB-3233: /_vti_pvt/users.pwd: Default FrontPage file found, may be a password file.
  426. + OSVDB-3233: /help/contents.htm: Default Netscape manual found. All default pages should be removed.
  427. + OSVDB-3233: /help/home.html: Default Netscape manual found. All default pages should be removed.
  428. + OSVDB-3233: /manual/ag/esperfrm.htm: Default Netscape manual found. All default pages should be removed.
  429. + OSVDB-3233: /nethome/: Netscape Enterprise Server default doc/manual directory. Reveals server path at bottom of page.
  430. + OSVDB-3233: /com/novell/gwmonitor/help/en/default.htm: Netware gateway monitor access documentation found. All default documentation should be removed from web servers.
  431. + OSVDB-3233: /com/novell/webaccess/help/en/default.htm: Netware web access documentation found. All default documentation should be removed from web servers.
  432. + OSVDB-3233: /com/novell/webpublisher/help/en/default.htm: Netware web publisher documentation found. All default documentation should be removed from web servers.
  433. + OSVDB-3233: /servlet/AdminServlet: Netware Web Search Server (adminservlet) found. All default code should be removed from web servers.
  434. + OSVDB-3233: /servlet/gwmonitor: Netware Gateway monitor found. All default code should be removed from web servers.
  435. + OSVDB-3233: /servlet/PrintServlet: Novell Netware default servlet found. All default code should be removed from the system.
  436. + OSVDB-3233: /servlet/SearchServlet: Novell Netware default servlet found. All default code should be removed from the system.
  437. + OSVDB-3233: /servlet/ServletManager: Netware Java Servlet Gateway found. Default user id is servlet, default password is manager. All default code should be removed from Internet servers.
  438. + OSVDB-3233: /servlet/sq1cdsn: Novell Netware default servlet found. All default code should be removed from the system.
  439. + OSVDB-3233: /servlet/sqlcdsn: Netware SQL connector found. All default code should be removed from web servers.
  440. + OSVDB-3233: /servlet/webacc: Netware Enterprise and/or GroupWise web access found. All default code should be removed from Internet servers.
  441. + OSVDB-3233: /servlet/webpub: Netware Web Publisher found. All default code should be removed from web servers.
  442. + OSVDB-3233: /WebSphereSamples: Netware Webshere sample applications found. All default code should be removed from web servers.
  443. + OSVDB-3233: /cgi-bin/cgi-test.exe: Default CGI found
  444. + OSVDB-3233: /doc/domguide.nsf: This documentation database can be read without authentication. All default files should be removed.
  445. + OSVDB-3233: /doc/dspug.nsf: This documentation database can be read without authentication. All default files should be removed.
  446. + OSVDB-3233: /doc/help4.nsf: This documentation database can be read without authentication. All default files should be removed.
  447. + OSVDB-3233: /doc/helpadmin.nsf: This documentation database can be read without authentication. All default files should be removed.
  448. + OSVDB-3233: /doc/helplt4.nsf: This documentation database can be read without authentication. All default files should be removed.
  449. + OSVDB-3233: /doc/internet.nsf: This documentation database can be read without authentication. All default files should be removed.
  450. + OSVDB-3233: /doc/javapg.nsf: This documentation database can be read without authentication. All default files should be removed.
  451. + OSVDB-3233: /doc/lccon.nsf: This documentation database can be read without authentication. All default files should be removed.
  452. + OSVDB-3233: /doc/migrate.nsf: This documentation database can be read without authentication. All default files should be removed.
  453. + OSVDB-3233: /doc/npn_admn.nsf: This documentation database can be read without authentication. All default files should be removed.
  454. + OSVDB-3233: /doc/npn_rn.nsf: This documentation database can be read without authentication. All default files should be removed.
  455. + OSVDB-3233: /doc/readmec.nsf: This documentation database can be read without authentication. All default files should be removed.
  456. + OSVDB-3233: /doc/readmes.nsf: This documentation database can be read without authentication. All default files should be removed.
  457. + OSVDB-3233: /doc/smhelp.nsf: This documentation database can be read without authentication. All default files should be removed.
  458. + OSVDB-3233: /doc/srvinst.nsf: This documentation database can be read without authentication. All default files should be removed.
  459. + OSVDB-3233: /domguide.nsf: This documentation database can be read without authentication. All default files should be removed.
  460. + OSVDB-3233: /dspug.nsf: This documentation database can be read without authentication. All default files should be removed.
  461. + OSVDB-3233: /help/domguide.nsf: This documentation database can be read without authentication. All default files should be removed.
  462. + OSVDB-3233: /help/dspug.nsf: This documentation database can be read without authentication. All default files should be removed.
  463. + OSVDB-3233: /help/help4.nsf: This documentation database can be read without authentication. All default files should be removed.
  464. + OSVDB-3233: /help/helpadmin.nsf: This documentation database can be read without authentication. All default files should be removed.
  465. + OSVDB-3233: /help/helplt4.nsf: This documentation database can be read without authentication. All default files should be removed.
  466. + OSVDB-3233: /help/internet.nsf: This documentation database can be read without authentication. All default files should be removed.
  467. + OSVDB-3233: /help/javapg.nsf: This documentation database can be read without authentication. All default files should be removed.
  468. + OSVDB-3233: /help/lccon.nsf: This documentation database can be read without authentication. All default files should be removed.
  469. + OSVDB-3233: /help/migrate.nsf: This documentation database can be read without authentication. All default files should be removed.
  470. + OSVDB-3233: /help/npn_admn.nsf: This documentation database can be read without authentication. All default files should be removed.
  471. + OSVDB-3233: /help/npn_rn.nsf: This documentation database can be read without authentication. All default files should be removed.
  472. + OSVDB-3233: /help/readmec.nsf: This documentation database can be read without authentication. All default files should be removed.
  473. + OSVDB-3233: /help/readmes.nsf: This documentation database can be read without authentication. All default files should be removed.
  474. + OSVDB-3233: /help/smhelp.nsf: This documentation database can be read without authentication. All default files should be removed.
  475. + OSVDB-3233: /help/srvinst.nsf: This documentation database can be read without authentication. All default files should be removed.
  476. + OSVDB-3233: /help4.nsf: This documentation database can be read without authentication. All default files should be removed.
  477. + OSVDB-3233: /helpadmin.nsf: This documentation database can be read without authentication. All default files should be removed.
  478. + OSVDB-3233: /helplt4.nsf: This documentation database can be read without authentication. All default files should be removed.
  479. + OSVDB-3233: /internet.nsf: This documentation database can be read without authentication. All default files should be removed.
  480. + OSVDB-3233: /javapg.nsf: This documentation database can be read without authentication. All default files should be removed.
  481. + OSVDB-3233: /lccon.nsf: This documentation database can be read without authentication. All default files should be removed.
  482. + OSVDB-3233: /migrate.nsf: This documentation database can be read without authentication. All default files should be removed.
  483. + OSVDB-3233: /npn_admn.nsf: This documentation database can be read without authentication. All default files should be removed.
  484. + OSVDB-3233: /npn_rn.nsf: This documentation database can be read without authentication. All default files should be removed.
  485. + OSVDB-3233: /readmec.nsf: This documentation database can be read without authentication. All default files should be removed.
  486. + OSVDB-3233: /readmes.nsf: This documentation database can be read without authentication. All default files should be removed.
  487. + OSVDB-3233: /smhelp.nsf: This documentation database can be read without authentication. All default files should be removed.
  488. + OSVDB-3233: /srvinst.nsf: This documentation database can be read without authentication. All default files should be removed.
  489. + OSVDB-3233: /index.html.ca: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  490. + OSVDB-3233: /index.html.cz.iso8859-2: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  491. + OSVDB-3233: /index.html.de: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  492. + OSVDB-3233: /index.html.dk: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  493. + OSVDB-3233: /index.html.ee: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  494. + OSVDB-3233: /index.html.el: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  495. + OSVDB-3233: /index.html.en: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  496. + OSVDB-3233: /index.html.es: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  497. + OSVDB-3233: /index.html.et: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  498. + OSVDB-3233: /index.html.fr: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  499. + OSVDB-3233: /index.html.he.iso8859-8: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  500. + OSVDB-3233: /index.html.hr.iso8859-2: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  501. + OSVDB-3233: /index.html.it: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  502. + OSVDB-3233: /index.html.ja.iso2022-jp: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  503. + OSVDB-3233: /index.html.kr.iso2022-kr: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  504. + OSVDB-3233: /index.html.ltz.utf8: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  505. + OSVDB-3233: /index.html.lu.utf8: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  506. + OSVDB-3233: /index.html.nl: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  507. + OSVDB-3233: /index.html.nn: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  508. + OSVDB-3233: /index.html.no: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  509. + OSVDB-3233: /index.html.po.iso8859-2: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  510. + OSVDB-3233: /index.html.pt: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  511. + OSVDB-3233: /index.html.pt-br: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  512. + OSVDB-3233: /index.html.ru.cp-1251: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  513. + OSVDB-3233: /index.html.ru.cp866: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  514. + OSVDB-3233: /index.html.ru.iso-ru: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  515. + OSVDB-3233: /index.html.ru.koi8-r: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  516. + OSVDB-3233: /index.html.ru.utf8: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  517. + OSVDB-3233: /index.html.se: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  518. + OSVDB-3233: /index.html.tw: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  519. + OSVDB-3233: /index.html.tw.Big5: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  520. + OSVDB-3233: /index.html.var: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
  521. + OSVDB-3233: /iissamples/sdk/asp/docs/codebrw2.asp: This is a default IIS script/file which should be removed. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0739. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
  522. + OSVDB-3233: /iissamples/sdk/asp/docs/codebrws.asp: This is a default IIS script/file which should be removed. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0739. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
  523. + OSVDB-3233: /iissamples/sdk/asp/docs/Winmsdp.exe: This is a default IIS script/file which should be removed. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0738. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
  524. + OSVDB-3233: /a/: May be Kebi Web Mail administration menu.
  525. + OSVDB-3233: /basilix/: BasiliX webmail application. Default mysql database name is 'BASILIX' with password 'bsxpass'
  526. + OSVDB-3233: /interchange/: Interchange chat is installed. Look for a high-numbered port like 20xx to find it running.
  527. + OSVDB-3268: /icons/: Directory indexing is enabled: /icons
  528. + OSVDB-3268: /manual/images/: Directory indexing is enabled: /manual/images
  529. + OSVDB-3268: /docs/: Directory indexing is enabled: /docs
  530. + OSVDB-3282: /uploader.php: This script may allow arbitrary files to be uploaded to the remote server.
  531. + OSVDB-3284: /iissamples/sdk/asp/docs/Winmsdp.exe?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp: IIS may be vulnerable to source code viewing via the example Winmsdp.exe file. Remove all default files from the web root. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0738. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
  532. + OSVDB-3286: /conspass.chl+: Abyss allows hidden/protected files to be served if a + is added to the request. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1081
  533. + OSVDB-3286: /consport.chl+: Abyss allows hidden/protected files to be served if a + is added to the request. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1081
  534. + OSVDB-3286: /general.chl+: Abyss allows hidden/protected files to be served if a + is added to the request. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1081
  535. + OSVDB-3286: /srvstatus.chl+: Abyss allows hidden/protected files to be served if a + is added to the request. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1081
  536. + OSVDB-3396: /mlog.html: Remote file read vulnerability 1999-0068
  537. + OSVDB-3396: /mlog.phtml: Remote file read vulnerability 1999-0068
  538. + OSVDB-3396: /php/mlog.html: Remote file read vulnerability 1999-0346
  539. + OSVDB-3396: /php/mlog.phtml: Remote file read vulnerability 1999-0346
  540. + OSVDB-3411: /soapConfig.xml: Oracle 9iAS configuration file found - see bugrtraq #4290.
  541. + OSVDB-3423: /XSQLConfig.xml: Oracle 9iAS configuration file found - see bugrtraq #4290.
  542. + OSVDB-3489: /surf/scwebusers: SurfControl SuperScout Web Reports Server user and password file is available. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0705.
  543. + OSVDB-3501: /_private/form_results.htm: This file may contain information submitted by other web users via forms. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1052.
  544. + OSVDB-3501: /_private/form_results.html: This file may contain information submitted by other web users via forms. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1052.
  545. + OSVDB-3501: /_private/form_results.txt: This file may contain information submitted by other web users via forms. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1052.
  546. + OSVDB-3512: /scripts/tools/getdrvrs.exe: MS Jet database engine can be used to make DSNs, useful with an ODBC exploit and the RDS exploit (with msadcs.dll) which mail allow command execution. RFP9901 (http://www.wiretrip.net/rfp/p/doc.asp/i2/d3.htm).
  547. + OSVDB-3591: /project/index.php?m=projects&user_cookie=1: dotProject 0.2.1.5 may allow admin login bypass by adding the user_cookie=1 to the URL.
  548. + OSVDB-379: /site/eg/source.asp: This asp (installed with Apache::ASP) allows attackers to upload files to the server. Upgrade to 1.95 or higher. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0628.
  549. + OSVDB-4: /iissamples/exair/search/advsearch.asp: Scripts within the Exair package on IIS 4 can be used for a DoS against the server. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0449. BID-193.
  550. + OSVDB-4013: /isqlplus: Oracle iSQL*Plus is installed. This may be vulnerable to a buffer overflow in the user id field. http://www.ngssoftware.com/advisories/ora-isqlplus.txt
  551. + OSVDB-4161: /data/member_log.txt: Teekai's forum full 1.2 member's log can be retrieved remotely.
  552. + OSVDB-4161: /data/userlog/log.txt: Teekai's Tracking Online 1.0 log can be retrieved remotely.
  553. + OSVDB-4161: /userlog.php: Teekai's Tracking Online 1.0 log can be retrieved remotely.
  554. + OSVDB-4171: /ASP/cart/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
  555. + OSVDB-4171: /database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
  556. + OSVDB-4171: /mcartfree/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
  557. + OSVDB-4171: /metacart/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
  558. + OSVDB-4171: /shop/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
  559. + OSVDB-4171: /shoponline/fpdb/shop.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
  560. + OSVDB-4171: /shopping/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
  561. + OSVDB-4237: /ban.bak: Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected.
  562. + OSVDB-4237: /ban.dat: Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected.
  563. + OSVDB-4237: /ban.log: Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected.
  564. + OSVDB-4237: /banmat.pwd: Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected.
  565. + OSVDB-4238: /admin/adminproc.asp: Xpede administration page may be available. The /admin directory should be protected.
  566. + OSVDB-4239: /admin/datasource.asp: Xpede page reveals SQL account name. The /admin directory should be protected.
  567. + OSVDB-4240: /utils/sprc.asp: Xpede page may allow SQL injection.
  568. + OSVDB-4314: /texis.exe/?-dump: Texis installation may reveal sensitive information.
  569. + OSVDB-4314: /texis.exe/?-version: Texis installation may reveal sensitive information.
  570. + OSVDB-4360: /acart2_0/acart2_0.mdb: Alan Ward A-Cart 2.0 allows remote user to read customer database file which may contain usernames, passwords, credit cards and more.
  571. + OSVDB-4361: /acart2_0/admin/category.asp: Alan Ward A-Cart 2.0 is vulnerable to an XSS attack which may cause the administrator to delete database information.
  572. + OSVDB-474: /Sites/Knowledge/Membership/Inspired/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
  573. + OSVDB-474: /Sites/Knowledge/Membership/Inspiredtutorial/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
  574. + OSVDB-474: /Sites/Samples/Knowledge/Membership/Inspired/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
  575. + OSVDB-474: /Sites/Samples/Knowledge/Membership/Inspiredtutorial/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
  576. + OSVDB-474: /Sites/Samples/Knowledge/Push/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
  577. + OSVDB-474: /Sites/Samples/Knowledge/Search/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
  578. + OSVDB-474: /SiteServer/Publishing/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
  579. + OSVDB-17671: /siteserver/publishing/viewcode.asp?source=/default.asp: May be able to view source code using Site Server vulnerability.
  580. + OSVDB-4908: /securelogin/1,2345,A,00.html: Vignette Story Server v4.1, 6, may disclose sensitive information via a buffer overflow.
  581. + OSVDB-5092: /config.inc: DotBr 0.1 configuration file includes usernames and passwords.
  582. + OSVDB-5095: /sysuser/docmgr/ieedit.stm?url=../: Sambar default file may allow directory listings.
  583. + OSVDB-5096: /sysuser/docmgr/iecreate.stm?template=../: Sambar default file may allow directory listings.
  584. + OSVDB-539: /catinfo: May be vulnerable to a buffer overflow. Request '/catinfo?' and add on 2048 of garbage to test.
  585. + OSVDB-5407: /soap/servlet/soaprouter: Oracle 9iAS SOAP components allow anonymous users to deploy applications by default.
  586. + OSVDB-6659: /rk4MzSSRx5l0mN6ccf5NszHRH8cgzT3AMVGnaeEJJaut32JaKrG82VC2orodLsEKcUdamJbaZhSxgdxkF6ff4kVT3EVsRwLQ3FjmNpEsNZDneD7iYlIHXTg4ecKJrUCAt4srhIfOFsXd6xH1KUyLm6YzPfKkMdtcs9LVU59pDIU3hxzKK1wBRZmaJiH5f6ij7OVzuacI3ivF4pdryqSpc1PU0Cu6mcy<font%20size=50>DEFACED<!--//--: MyWebServer 1.0.2 is vulnerable to HTML injection. Upgrade to a later version.
  587. + OSVDB-5523: /MWS/HandleSearch.html?searchTarget=test&B1=Submit: MyWebServer 1.0.2 may be vulnerable to a buffer overflow (untested). Upgrade to a later version if 990b of searched data crashes the server.
  588. + OSVDB-562: /server-info: This gives a lot of Apache information. Comment out appropriate line in httpd.conf or restrict access to allowed hosts.
  589. + OSVDB-5709: /.nsconfig: Contains authorization information
  590. + OSVDB-583: /cgi-bin/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%57%69%6E%64%6F%77%73%2Fping.exe%20127.0.0.1: Specially formatted strings allow command execution. Upgrade to version 1.15 or higher. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0011.
  591. + OSVDB-596: /dc/auth_data/auth_user_file.txt: The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information.
  592. + OSVDB-596: /dc/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information.
  593. + OSVDB-596: /dcshop/auth_data/auth_user_file.txt: The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information.
  594. + OSVDB-596: /dcshop/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information.
  595. + OSVDB-6666: /cgi-bin/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools GoAhead WebServer hpnst.exe may be vulnerable to a DoS.
  596. + OSVDB-6670: /applist.asp: Citrix server may allow remote users to view applications installed without authenticating.
  597. + OSVDB-6671: /launch.asp?NFuse_Application=LookOut&NFuse_MIMEExtension=.ica: Citrix server may reveal sensitive information by accessing the 'advanced' tab on hte login screen.
  598. + OSVDB-6672: /_layouts/alllibs.htm: Microsoft SharePoint Portal and Team Serices vulnerable to NT or NTLM authentication bypass on Win2000 SP4 using IE 6.x. Bugtraq 03-11-19 post by arkanian@hacker.am
  599. + OSVDB-6672: /_layouts/settings.htm: Microsoft SharePoint Portal and Team Serices vulnerable to NT or NTLM authentication bypass on Win2000 SP4 using IE 6.x. Bugtraq 03-11-19 post by arkanian@hacker.am
  600. + OSVDB-6672: /_layouts/userinfo.htm: Microsoft SharePoint Portal and Team Serices vulnerable to NT or NTLM authentication bypass on Win2000 SP4 using IE 6.x. Bugtraq 03-11-19 post by arkanian@hacker.am
  601. + OSVDB-670: /stronghold-info: Redhat Stronghold from versions 2.3 up to 3.0 disclose sensitive information. This gives information on configuration. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0868.
  602. + OSVDB-670: /stronghold-status: Redhat Stronghold from versions 2.3 up to 3.0 disclose sensitive information. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0868.
  603. + OSVDB-7: /iissamples/exair/howitworks/Code.asp: Scripts within the Exair package on IIS 4 can be used for a DoS against the server. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0449. BID-193.
  604. + OSVDB-7: /iissamples/exair/howitworks/Codebrw1.asp: This is a default IIS script/file which should be removed, it may allow a DoS against the server. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0738. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0449. BID-193.
  605. + OSVDB-707: /globals.jsa: Oracle globals.jsa file
  606. + OSVDB-721: /..%252f..%252f..%252f..%252f..%252f../windows/repair/sam: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
  607. + OSVDB-721: /..%252f..%252f..%252f..%252f..%252f../winnt/repair/sam: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
  608. + OSVDB-721: /..%252f..%252f..%252f..%252f..%252f../winnt/repair/sam._: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
  609. + OSVDB-721: /..%255c..%255c..%255c..%255c..%255c../windows/repair/sam: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
  610. + OSVDB-721: /..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
  611. + OSVDB-721: /..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam._: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
  612. + OSVDB-721: /..%2F..%2F..%2F..%2F..%2F../windows/repair/sam: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
  613. + OSVDB-721: /..%2F..%2F..%2F..%2F..%2F../winnt/repair/sam: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
  614. + OSVDB-721: /..%2F..%2F..%2F..%2F..%2F../winnt/repair/sam._: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
  615. + OSVDB-789: /iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp: IIS may be vulnerable to source code viewing via the example CodeBrws.asp file. Remove all default files from the web root. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0739. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
  616. + OSVDB-9624: /pass_done.php: PY-Membres 4.2 may allow users to execute a query which generates a list of usernames and passwords.
  617. + OSVDB-9624: /admin/admin.php?adminpy=1: PY-Membres 4.2 may allow administrator access.
  618. + OSVDB-3092: /README: README file found.
  619. + OSVDB-3233: /j2ee/: j2ee directory found--possibly an Oracle app server directory.
  620. + OSVDB-3233: /WebCacheDemo.html: Oracle WebCache Demo
  621. + OSVDB-32333: /webcache/: Oracle WebCache Demo
  622. + OSVDB-3233: /webcache/webcache.xml: Oracle WebCache Demo
  623. + OSVDB-3233: /bmp/: SQLJ Demo Application
  624. + OSVDB-3233: /bmp/global-web-application.xml: SQLJ Demo Application
  625. + OSVDB-3233: /bmp/JSPClient.java: SQLJ Demo Application
  626. + OSVDB-3233: /bmp/mime.types: SQLJ Demo Application
  627. + OSVDB-3233: /bmp/README.txt: SQLJ Demo Application
  628. + OSVDB-3233: /bmp/sqljdemo.jsp: SQLJ Demo Application
  629. + OSVDB-3233: /bmp/setconn.jsp: SQLJ Demo Application
  630. + OSVDB-3233: /ptg_upgrade_pkg.log: Oracle log file
  631. + OSVDB-3233: /OA_HTML/oam/weboam.log: Oracle log files.
  632. + OSVDB-3233: /webapp/admin/_pages/_bc4jadmin/: Oracle JSP files
  633. + OSVDB-3233: /_pages/_webapp/_admin/_showpooldetails.java: Oracle JSP files
  634. + OSVDB-3233: /_pages/_webapp/_admin/_showjavartdetails.java: Oracle JSP file
  635. + OSVDB-3233: /_pages/_demo/: Oracle JSP file
  636. + OSVDB-3233: /_pages/_webapp/_jsp/: Oracle JSP file.
  637. + OSVDB-3233: /_pages/_demo/_sql/: Oracle JSP file.
  638. + OSVDB-3233: //OA_HTML/_pages/: Oracle JSP file.
  639. + OSVDB-3233: /OA_HTML/webtools/doc/index.html: Cabo DHTML Components Help Page
  640. + OSVDB-18114: /reports/rwservlet?server=repserv+report=/tmp/hacker.rdf+destype=cache+desformat=PDF: Oracle Reports rwservlet report Variable Arbitrary Report Executable Execution
  641. + OSVDB-3233: /apex/: Oracle Application Express login screen.
  642. + OSVDB-3233: /OA_JAVA/: Oracle Applications Portal Page
  643. + OSVDB-3233: /OA_HTML/: Oracle Applications Portal Page
  644. + OSVDB-3233: /aplogon.html: Oracle Applications Portal Page
  645. + OSVDB-3233: /appdet.html: Oracle Applications Portal Pages
  646. + OSVDB-3233: /servlets/weboam/oam/oamLogin: Oracle Application Manager
  647. + OSVDB-3233: /OA_HTML/PTB/mwa_readme.htm: Oracle Mobile Applications Industrial Server administration and configuration inerface
  648. + OSVDB-3233: /reports/rwservlet: Oracle Reports
  649. + OSVDB-3233: /reports/rwservlet/showenv: Oracle Reports
  650. + OSVDB-3233: /reports/rwservlet/showmap: Oracle Reports
  651. + OSVDB-3233: /reports/rwservlet/showjobs: Oracle Reports
  652. + OSVDB-3233: /reports/rwservlet/getjobid7?server=myrep: Oracle Reports
  653. + OSVDB-3233: /reports/rwservlet/getjobid4?server=myrep: Oracle Reports
  654. + OSVDB-3233: /reports/rwservlet/showmap?server=myserver: Oracle Reports
  655. + OSVDB-3093: /pls/portal/owa_util.cellsprint?p_theQuery=select: Direct access to Oracle packages could have an unkown impact.
  656. + OSVDB-3093: /pls/portal/owa_util.listprint?p_theQuery=select: Access to Oracle pages cold have an unknown impact.
  657. + OSVDB-3093: /pls/portal/owa_util.show_query_columns?ctable=sys.dba_users: Access to Oracle pages cold have an unknown impact.
  658. + OSVDB-3093: /pls/portal/owa_util.showsource?cname=owa_util: Access to Oracle pages cold have an unknown impact.
  659. Nested quantifiers in regex; marked by <-- HERE in m/^//pls/portal/owa_util.cellsprint?p_theQuery=select+* <-- HERE +from+sys.dba_users\??/ at /var/lib/nikto/plugins/nikto_core.plugin line 332, <IN> line 451.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement