API tools faq
paste
Advertisement
nu11secur1ty

face.info

nu11secur1ty
Mar 13th, 2019
939
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
TypoScript 27.43 KB | None | 0 0
raw download clone embed print report
  1. //www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21999
  2. + /_cti_pvt/: FrontPage directory found.
  3. + /smg_Smxcfg30.exe?vcc=3560121183d3: This may be a Trend Micro Officescan 'backdoor'.
  4. + /mail.box: The mail database can be read without authentication.
  5. + OSVDB-2946: /forum_members.asp?find=%22;}alert(9823);function%20x(){v%20=%22: Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
  6. + OSVDB-113: /ncl_items.html: This may allow attackers to reconfigure your Tektronix printer.
  7. + OSVDB-551: /ncl_items.shtml?SUBJECT=1: This may allow attackers to reconfigure your Tektronix printer.
  8. + OSVDB-3092: /_vti_txt/: FrontPage directory found.
  9. + OSVDB-1210: /scripts/samples/search/qfullhit.htw: Server may be vulnerable to a Webhits.dll arbitrary file retrieval. http://www.microsoft.com/technet/security/bulletin/MS00-006.asp.
  10. + OSVDB-1210: /scripts/samples/search/qsumrhit.htw: Server may be vulnerable to a Webhits.dll arbitrary file retrieval. http://www.microsoft.com/technet/security/bulletin/MS00-006.asp.
  11. + OSVDB-1210: /sD7lw.htw: Server may be vulnerable to a Webhits.dll arbitrary file retrieval. Ensure Q252463i, Q252463a or Q251170 is installed. http://www.microsoft.com/technet/security/bulletin/MS00-006.asp.
  12. + OSVDB-13405: /WS_FTP.LOG: WS_FTP.LOG file was found. It may contain sensitive information.
  13. + OSVDB-10944: /cgi-sys/: CGI Directory found
  14. + OSVDB-10944: /htbin/: CGI Directory found
  15. + OSVDB-8193: /index.php?module=ew_filemanager&type=admin&func=manager&pathext=../../../etc: EW FileManager for PostNuke allows arbitrary file retrieval.
  16. + OSVDB-3092: /.psql_history: This might be interesting...
  17. + OSVDB-3092: /access-log: This might be interesting...
  18. + OSVDB-3092: /access.log: This might be interesting...
  19. + OSVDB-3092: /access_log: This might be interesting...
  20. + OSVDB-3092: /Admin_files/: This might be interesting...
  21. + OSVDB-3092: /ccard/: This might be interesting...
  22. + OSVDB-3092: /dan_o.dat: This might be interesting...
  23. + OSVDB-3092: /error_log: This might be interesting...
  24. + OSVDB-3092: /fpadmin/: This might be interesting...
  25. + OSVDB-3092: /hit_tracker/: This might be interesting...
  26. + OSVDB-3092: /htpasswd: This might be interesting...
  27. + OSVDB-3092: /imagenes/: This might be interesting...
  28. + OSVDB-3092: /informacion/: This might be interesting...
  29. + OSVDB-3092: /login/: This might be interesting...
  30. + OSVDB-3092: /noticias/: This might be interesting...
  31. + OSVDB-3092: /outgoing/: This might be interesting...
  32. + OSVDB-3092: /PDG_Cart/: This might be interesting...
  33. + OSVDB-3092: /php/: This might be interesting...
  34. + OSVDB-3092: /prueba/: This might be interesting...
  35. + OSVDB-3092: /retail/: This might be interesting...
  36. + OSVDB-3092: /shopper/: This might be interesting...
  37. + OSVDB-3092: /ss.cfg: This might be interesting...
  38. + OSVDB-3092: /stylesheet/: This might be interesting...
  39. + OSVDB-3092: /stylesheets/: This might be interesting...
  40. + OSVDB-3092: /system/: This might be interesting...
  41. + OSVDB-3092: /template/: This may be interesting as the directory may hold sensitive files or reveal system information.
  42. + OSVDB-3092: /testing/: This might be interesting...
  43. + OSVDB-3092: /updates/: This might be interesting...
  44. + OSVDB-3092: /webadmin/: This might be interesting...may be HostingController, www.hostingcontroller.com
  45. + OSVDB-3092: /weblogs/: This might be interesting...
  46. + OSVDB-3092: /webmaster_logs/: This might be interesting...
  47. + OSVDB-3092: /Web_store/: This might be interesting...
  48. + OSVDB-3092: /sam._: This might be interesting...
  49. + OSVDB-3092: /_mem_bin/: This might be interesting - User Login
  50. + OSVDB-3092: /owa_util%2esignature: Unknown, may be interesting
  51. + OSVDB-3092: /a_domlog.nsf: This database can be read without authentication, which may reveal sensitive information.
  52. + OSVDB-3092: /dols_help.nsf: This database can be read without authentication, which may reveal sensitive information.
  53. + OSVDB-3092: /help5_admin.nsf: This database can be read without authentication, which may reveal sensitive information.
  54. + OSVDB-3092: /help5_client.nsf: This database can be read without authentication, which may reveal sensitive information.
  55. + OSVDB-3092: /help5_designer.nsf: This database can be read without authentication, which may reveal sensitive information.
  56. + OSVDB-3092: /l_domlog.nsf: This database can be read without authentication, which may reveal sensitive information.
  57. + OSVDB-3093: /add_acl: This might be interesting... has been seen in web logs from an unknown scanner.
  58. + OSVDB-3093: /aff_news.php: This might be interesting... has been seen in web logs from an unknown scanner.
  59. + OSVDB-3093: /archive_forum.asp: This might be interesting... has been seen in web logs from an unknown scanner.
  60. + OSVDB-3093: /bigsam_guestbook.php?displayBegin=9999...9999: This might be interesting... has been seen in web logs from an unknown scanner.
  61. + OSVDB-3093: /checkout_payment.php: This might be interesting... has been seen in web logs from an unknown scanner.
  62. + OSVDB-3093: /docs/NED: This might be interesting... has been seen in web logs from an unknown scanner.
  63. + OSVDB-3093: /do_map: This might be interesting... has been seen in web logs from an unknown scanner.
  64. + OSVDB-3093: /do_subscribe: This might be interesting... has been seen in web logs from an unknown scanner.
  65. + OSVDB-3093: /emml_email_func.php: This might be interesting... has been seen in web logs from an unknown scanner.
  66. + OSVDB-3093: /forum_arc.asp?n=268: This might be interesting... has been seen in web logs from an unknown scanner.
  67. + OSVDB-3093: /forum_professionnel.asp?n=100: This might be interesting... has been seen in web logs from an unknown scanner.
  68. + OSVDB-10447: /get_od_toc.pl?Profile=: WebTrends get_od_toc.pl may be vulnerable to a path disclosure error if this file is reloaded multiple times.
  69. + OSVDB-3093: /ixmail_netattach.php: This might be interesting... has been seen in web logs from an unknown scanner.
  70. + OSVDB-3093: /netget?sid=Safety&msg=2002&file=Safety: This might be interesting... has been seen in web logs from an unknown scanner.
  71. + OSVDB-3093: /parse_xml.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
  72. + OSVDB-3093: /product_info.php: This might be interesting... has been seen in web logs from an unknown scanner.
  73. + OSVDB-3093: /protected/: This might be interesting... has been seen in web logs from an unknown scanner.
  74. + OSVDB-3093: /pt_config.inc: This might be interesting... has been seen in web logs from an unknown scanner.
  75. + OSVDB-3093: /site_searcher.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
  76. + OSVDB-3093: /x_stat_admin.php: This might be interesting... has been seen in web logs from an unknown scanner.
  77. + OSVDB-3093: /_head.php: This might be interesting... has been seen in web logs from an unknown scanner.
  78. + OSVDB-3093: /.www_acl: Contains authorization information
  79. + OSVDB-3093: /.addressbook: PINE addressbook, may store sensitive e-mail address contact information and notes
  80. + OSVDB-3093: /.bash_history: A user's home directory may be set to the web root, the shell history was retrieved. This should not be accessible via the web.
  81. + OSVDB-3093: /.lynx_cookies: User home dir found with LYNX cookie file. May reveal cookies received from arbitrary web sites.
  82. + OSVDB-3093: /.mysql_history: Database SQL?
  83. + OSVDB-3093: /.sh_history: A user's home directory may be set to the web root, the shell history was retrieved. This should not be accessible via the web.
  84. + OSVDB-3233: /_private/: FrontPage directory found.
  85. + OSVDB-3233: /_vti_bin/: FrontPage directory found.
  86. + OSVDB-3233: /npn_admn.nsf: This documentation database can be read without authentication. All default files should be removed.
  87. + OSVDB-3233: /npn_rn.nsf: This documentation database can be read without authentication. All default files should be removed.
  88. + OSVDB-3233: /netbasic/websinfo.bas: Novell Netware 5.1 contains Novonyx default files which reveal system information. All default files should be removed.
  89. + OSVDB-5092: /config.inc: DotBr 0.1 configuration file includes usernames and passwords.
  90. + OSVDB-9624: /pass_done.php: PY-Membres 4.2 may allow users to execute a query which generates a list of usernames and passwords.
  91. + OSVDB-3233: /ptg_upgrade_pkg.log: Oracle log files.
  92. + OSVDB-3233: /OA_JAVA/: Oracle Applications Portal Page
  93. + OSVDB-3233: /OA_HTML/: Oracle Applications Portal Page
  94. + OSVDB-3093: /OA_MEDIA/: Oracle Applications portal pages found.
  95. + OSVDB-3092: /_archive/: Archive found.
  96. + OSVDB-3092: /aw/: This might be interesting... potential country code (Aruba)
  97. + OSVDB-3092: /dj/: This might be interesting... potential country code (Djibouti)
  98. + OSVDB-3092: /jo/: This might be interesting... potential country code (Jordan)
  99. + OSVDB-3092: /mr/: This might be interesting... potential country code (Mauritania)
  100. + OSVDB-3092: /pr/: This might be interesting... potential country code (Puerto Rico)
  101. + OSVDB-3092: /tr/: This might be interesting... potential country code (Turkey)
  102. + Uncommon header 'x-fb-content-md5' found, with contents: 54f712f0e6a28e86b7331132add99723
  103. + /wp-app.log: Wordpress' wp-app.log may leak application/system details.
  104. + /admin4_account/: Admin login page/section found.
  105. + /admin4_colon/: Admin login page/section found.
  106. + /adminpro/: Admin login page/section found.
  107. + /AdminTools/: Admin login page/section found.
  108. + /cp.asp: Admin login page/section found.
  109. + /cpanel_file/: Admin login page/section found.
  110. + /customer_login/: Admin login page/section found.
  111. + /database_administration/: Admin login page/section found.
  112. + /Database_Administration/: Admin login page/section found.
  113. + /globes_admin/: Admin login page/section found.
  114. + /Indy_admin/: Admin login page/section found.
  115. + /LiveUser_Admin/: Admin login page/section found.
  116. + /login_db/: Admin login page/section found.
  117. + /login.php: Admin login page/section found.
  118. + /logo_sysadmin/: Admin login page/section found.
  119. + /Lotus_Domino_Admin/: Admin login page/section found.
  120. + /macadmin/: Admin login page/section found.
  121. + /meta_login/: Admin login page/section found.
  122. + /platz_login/: Admin login page/section found.
  123. + /power_user/: Admin login page/section found.
  124. + /server_admin_small/: Admin login page/section found.
  125. + /ss_vms_admin_sm/: Admin login page/section found.
  126. + /support_login/: Admin login page/section found.
  127. + /system_administration/: Admin login page/section found.
  128. + /utility_login/: Admin login page/section found.
  129. + OSVDB-3092: /test.jsp: This might be interesting...
  130. + OSVDB-3092: /docnpn_admn.nsf: This database can be read without authentication, which may reveal sensitive information.
  131. + OSVDB-3092: /docnpn_rn.nsf: This database can be read without authentication, which may reveal sensitive information.
  132. + OSVDB-3092: /helpnpn_admn.nsf: This database can be read without authentication, which may reveal sensitive information.
  133. + OSVDB-3092: /helpnpn_rn.nsf: This database can be read without authentication, which may reveal sensitive information.
  134. + /wp-content/plugins/portable-phpmyadmin/wp-pma-mod/db_sql.php: phpMyAdmin (portable) found which may allow DB access.
  135. + /fantastico_fileslist.txt: fantastico_fileslist.txt file found. This file contains a list of all the files from the current directory.
  136. + /system/console: OSGi Apache Felix console
  137. + Uncommon header 'x-fb-serverinfo' found, with contents: 6176,0,C3,100,10000
  138. + Uncommon header 'x-fb-svn-revision' found, with contents: 4844449
  139. + /id_rsa: Encryption key exposed
  140. + /id_rsa.old: Encryption key exposed
  141. + /id_dsa: Encryption key exposed
  142. + /id_dsa.old: Encryption key exposed
  143. + /encrypt: This might be interesting...
  144. + /server-manager/: Mitel Audio and Web Conferencing server manager identified.
  145. + 15058 requests: 0 error(s) and 313 item(s) reported on remote host
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!