Pass MailMarshal Spam Quarantine Interface Arbitrary Account Password Retrieval CVE-2007-3796 18 Jul 2007 7.6 (v2) High Pass Expose for Joomla! File Upload RCE CVE-2007-3932 19 Jul 2007 9.8 (v3) Critical Pass LinPHA include/img_view.class.php order parameter SQL Injection CVE-2007-4053 30 Jul 2007 7.5 (v2) High Pass UltraVNC w/ DSM Plugin Detection (2) 31 Jul 2007 None Pass Ipswitch IMail Server < 2006.21 Multiple Vulnerabilities CVE-2007-2795 CVE-2007-3925 CVE-2007-3926 CVE-2007-3927 19 Jul 2007 10 (v2) Critical Pass CVS (Web-Based) Directory Spider 24 Jul 2007 5 (v2) Medium Pass Ipswitch Instant Messaging Client Detection 25 Jul 2007 None Pass Ipswitch Instant Messaging Server Detection 25 Jul 2007 None Pass PHP-Blogger pref.db Database Information Disclosure CVE-2007-4157 31 Jul 2007 5 (v2) Medium Pass Joomla! com_content Component 'order' Parameter XSS CVE-2007-4189 01 Aug 2007 4.7 (v3) Medium Pass GMaps Component for Joomla! 'mapId' Parameter SQLi CVE-2007-4128 01 Aug 2007 7.3 (v3) High Pass Altiris Deployment Server Detection 15 Aug 2007 None Pass Help Center Live class/auth.php check_logout Function Admin Authentication Bypass CVE-2007-4240 16 Aug 2007 7.5 (v2) High Pass EZPhotoSales Multiple Configuration Files Remote Information Disclosure CVE-2007-4261 16 Aug 2007 7.5 (v2) High Pass IBM DB2 < 9 Fix Pack 3 / 8 Fix Pack 15 Multiple Vulnerabilities CVE-2007-2582 CVE-2007-4270 CVE-2007-4271 CVE-2007-4272 CVE-2007-4273 CVE-2007-4275 CVE-2007-4276 CVE-2007-4417 CVE-2007-4418 CVE-2007-442320 Aug 2007 9.8 (v3) Critical Pass Microsoft OMI Service Detection 20 Sep 2021 None Pass SimpleFAQ Component for Joomla! 'aid' Parameter SQLi CVE-2007-4456 24 Aug 2007 7.3 (v3) High Pass Cache' SuperServer Detection 27 Aug 2007 None Pass PHP < 5.2.4 Multiple Vulnerabilities CVE-2007-1413 CVE-2007-2872 CVE-2007-3294 CVE-2007-3378 CVE-2007-3790 CVE-2007-3799 CVE-2007-3806 CVE-2007-4010 CVE-2007-4033 CVE-2007-4255 CVE-2007-4507 CVE-2007-4652 CVE-2007-4658 CVE-2007-4659 CVE-2007-4660 CVE-2007-4661 CVE-2007-4662 CVE-2007-466303 Sep 2007 6.8 (v2) Medium Pass VHCS PHPSESSID Cookie Session Fixation CVE-2007-3988 05 Sep 2007 6.8 (v2) Medium Pass Joomla! CMS com_search Component 'searchword' Parameter RCE CVE-2007-4187 05 Sep 2007 9.8 (v3) Critical Pass MDPro index.php topicid Parameter SQL Injection CVE-2007-3938 05 Sep 2007 7.5 (v2) High Pass Apache Tomcat SendMailServlet sendmail.jsp 'mailfrom' Parameter XSS CVE-2007-3383 06 Sep 2007 5.3 (v3) Medium Pass QuickEStore insertorder.cfm CFTOKEN Parameter SQL Injection CVE-2007-3933 07 Sep 2007 7.5 (v2) High Pass Claroline inc/lib/language.lib.php language Parameter Traversal Local File Inclusion CVE-2007-4718 10 Sep 2007 5.1 (v2) Medium Pass AWStats is Openly Accessible 14 Sep 2007 None Pass lighttpd Status Module Remote Information Disclosure 17 Sep 2007 5.3 (v3) Medium Pass Mambo / Joomla! Multiple Components 'mosConfig_live_site' Parameter Remote File Include CVE-2007-4923 CVE-2007-5309 CVE-2007-5363 CVE-2007-5410 CVE-2007-5451 17 Sep 2007 8.1 (v3) High Pass Shop-Script admin.php Admin Panel Security Bypass CVE-2007-4932 19 Sep 2007 7.5 (v2) High Pass IceWarp Merak Mail Server < 9.0.0 BODY Element XSS CVE-2007-5046 24 Sep 2007 4.3 (v2) Medium Pass ADOdb Lite adodb-perf-module.inc.php last_module Parameter Arbitrary Code Execution CVE-2007-5056 24 Sep 2007 6.8 (v2) Medium Pass Oracle Listener Program Logging Privilege Escalation (1361722) CVE-2000-0818 27 Sep 2007 7.5 (v2) High Pass Original inc/exif.inc.php exif_prog Parameter Arbitrary Command Execution CVE-2007-5224 03 Oct 2007 6.8 (v2) Medium Pass Cart32 c32web.exe ImageName Traversal Arbitrary File Access CVE-2007-5253 05 Oct 2007 5 (v2) Medium Pass GForge account/verify.php confirm_hash Parameter XSS CVE-2007-3918 CVE-2009-4069 08 Oct 2007 4.3 (v2) Medium Pass TikiWiki tiki-graph_formula.php f Parameter Arbitrary Command Execution CVE-2007-5423 11 Oct 2007 8.8 (v3) High Pass Simple Machines Forum Search.php SQL Injection CVE-2007-5646 28 Oct 2007 6.8 (v2) Medium Pass Module Builder DownloadModule Traversal Arbitrary File Disclosure CVE-2007-5812 31 Oct 2007 5 (v2) Medium Pass GuppY inc/includes.inc selskin Parameter Traversal Local File Inclusion CVE-2007-5844 05 Nov 2007 7.5 (v2) High Pass IBM WebSphere Application Server navigateTree.do Multiple Vulnerabilities CVE-2007-5798 CVE-2007-5799 07 Nov 2007 4.3 (v2) Medium Pass PHP < 5.2.5 Multiple Vulnerabilities CVE-2007-3996 CVE-2007-4782 CVE-2007-4783 CVE-2007-4784 CVE-2007-4825 CVE-2007-4840 CVE-2007-4887 CVE-2007-4889 CVE-2007-5447 CVE-2007-5653 CVE-2007-5898 CVE-2007-5899 CVE-2007-5900 CVE-2008-2107 CVE-2008-2108 CVE-2008-410712 Nov 2007 4.4 (v2) Medium Pass Juniper Junos OS Vulnerability (JSA11149) CVE-2021-0258 15 Apr 2021 5.9 (v3) Medium Pass Microsoft Windows SMB LsaQueryInformationPolicy Function SID Enumeration Without Credentials CVE-2000-1200 15 Sep 2011 5 (v2) Medium Pass Juniper Junos OS Vulnerability (JSA11159) CVE-2021-0268 15 Apr 2021 9.3 (v3) Critical Pass IBM WebSphere Application Server 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.19 / 9.0.0.0 <= 9.0.5.7 XXE (CVE-2021-20453)CVE-2021-20453 20 Apr 2021 8.2 (v3) High Pass Cisco IOS, IOS XE, and NX-OS Software Security Group Tag Exchange Protocol Denial of Service Vulnerability (cisco-sa-sxp-68TEVzR)CVE-2020-3228 19 Jun 2020 8.6 (v3) High Pass Cisco IOS XE Software Cluster Management Protocol DoS Vulnerability (cisco-sa-20180926-cmp) CVE-2018-0475 05 Oct 2018 7.4 (v3) High Pass Directory Traversal 09 Jan 2019 9.1 (v3) Critical Pass Cisco Smart Install Detection 12 Dec 2017 None Pass GoAhead Server CGI Remote Code Execution CVE-2017-17562 20 Dec 2017 8.1 (v3) High Pass MS08-039: Outlook Web Access for Exchange Server Privilege Escalation (Uncredentialed) CVE-2008-2247 CVE-2008-2248 03 Apr 2018 4.7 (v3) Medium Pass Microsoft Exchange Server Detection (Uncredentialed) 03 Apr 2018 None Pass Alt-N MDaemon Remote Administration Detection 02 Jun 2017 None Pass Redis Server Detection 06 Jun 2017 None Pass Siemens SCALANCE X-200 Web Session Hijacking CVE-2013-5709 21 Oct 2013 8.3 (v2) High Pass IBM DB2 < 9 Fix Pack 4 Multiple Vulnerabilities CVE-2007-3676 CVE-2007-5652 CVE-2007-5757 CVE-2007-6045 CVE-2007-6046 CVE-2007-6047 CVE-2007-6048 CVE-2007-6049 CVE-2007-6050 CVE-2007-6051 CVE-2007-6052 CVE-2007-6053 CVE-2008-069816 Nov 2007 9.8 (v3) Critical Pass Ability Mail Server < 2.61 Multiple Remote DoS CVE-2007-6101 21 Nov 2007 4 (v2) Medium Pass GWExtranet gwextranet/scp.dll Multiple Parameter Traversal Local File Inclusion 26 Nov 2007 5 (v2) Medium Pass Ruby on Rails Multiple Method Session Fixation CVE-2007-5380 CVE-2007-6077 28 Nov 2007 6.8 (v2) Medium Pass ht://dig htsearch sort Parameter XSS CVE-2007-6110 28 Nov 2007 4.3 (v2) Medium Pass Plumtree Portal User Object User Enumeration CVE-2007-6198 04 Dec 2007 5 (v2) Medium Pass Mort Bay Jetty Dump Servlet (webapps/test/jsp/dump.jsp) XSS CVE-2007-5613 05 Dec 2007 4.3 (v2) Medium Pass NetScaler Web Management Interface Cookie Credentials Encryption Weakness CVE-2007-6192 06 Dec 2007 4.3 (v2) Medium Pass NetScaler Web Management Interface IP Address Cookie Information Disclosure CVE-2007-6193 06 Dec 2007 5 (v2) Medium Pass Anon Proxy Server Software Detection 17 Dec 2007 None Pass Centreon 'fileOreonConf' Parameter File Include Vulnerabilities CVE-2007-6485 17 Dec 2007 7.5 (v2) High Pass Perforce Server Detection 23 Dec 2007 None Pass Tikiwiki tiki-listmovies.php movie Parameter Traversal Arbitrary File Access CVE-2007-6528 26 Dec 2007 5 (v2) Medium Pass ShareFile < 5.11.20 RCE (CVE-2021-22941) CVE-2021-22941 11 Jan 2022 9.8 (v3) Critical Pass Apple iTunes < 11.1 Multiple Vulnerabilities (uncredentialed check) CVE-2013-1035 20 Sep 2013 9.3 (v2) High Pass Vanilla Forum p Parameter Local File Inclusion 23 May 2011 6.8 (v2) Medium Pass PMOS Help Desk form.php Arbitrary Code Execution CVE-2007-6550 26 Dec 2007 8.8 (v3) High Pass Zenphoto rss.php albumnr Parameter SQL Injection CVE-2007-6666 03 Jan 2008 7.5 (v2) High Pass PHP < 4.4.8 Multiple Vulnerabilities CVE-2007-3378 CVE-2007-3799 CVE-2007-3997 CVE-2007-4657 CVE-2007-4658 CVE-2008-0145 CVE-2008-2108 03 Jan 2008 7.5 (v2) High Pass Atlassian JIRA 500page.jsp XSS CVE-2007-6617 CVE-2007-6618 CVE-2007-6619 03 Jan 2008 4.3 (v2) Medium Pass Bitweaver wiki/edit.php suck_url Parameter Traversal Source Code Disclosure CVE-2007-6651 07 Jan 2008 5 (v2) Medium Pass Newbb_plus Module for RunCMS Client-Ip Header SQL Injection CVE-2008-0224 07 Jan 2008 6.8 (v2) Medium Pass Loudblog loudblog/inc/parse_old.php template Parameter Arbitrary Remote Code Execution CVE-2008-0139 07 Jan 2008 6.8 (v2) Medium Pass XoopsGallery init_basic.php GALLERY_BASEDIR Parameter Remote File Inclusion CVE-2008-0138 08 Jan 2008 7.5 (v2) High Pass IceWarp Mail Server admin/index.html message Parameter XSS CVE-2008-0218 09 Jan 2008 4.3 (v2) Medium Pass PineApp Mail-SeCure Detection 01 Aug 2013 None Pass PortalApp forums.asp sortby Parameter SQL Injection CVE-2008-4613 09 Jan 2008 7.5 (v2) High Pass HTTP Host Information via NTLM SSP over HTTP(S) 04 Oct 2019 None Pass SAP DB / MaxDB Cons Program Arbitrary Command Execution CVE-2008-0244 11 Jan 2008 8.8 (v3) High Pass IBM Lotus Domino < 7.0.2 FP3 Unspecified DoS CVE-2008-0243 11 Jan 2008 7.8 (v2) High Pass Apache APISIX Dashboard Detection 28 Apr 2022 None Pass Apache APISIX Dashboard < 2.10.1 Authentication Bypass (Direct Check) CVE-2021-45232 28 Apr 2022 9.8 (v3) Critical Pass Sun Java System Identity Manager Multiple XSS CVE-2008-0239 CVE-2008-0240 CVE-2008-0241 11 Jan 2008 4.3 (v2) Medium Pass Huawei Versatile Security / Storage Platform Version Detection 02 Dec 2014 None Pass Cisco Unified Communications Manager (CUCM) Detection 29 Dec 2014 None Pass Cisco Unified Communications Products XSRF (cisco-sa-ucm-csrf-jrKP4eNT) CVE-2022-20787 28 Apr 2022 6.8 (v3) Medium Pass eggBlog index.php eggblogpassword Parameter Cookie SQL Injection CVE-2008-0159 12 Jan 2008 6.8 (v2) Medium Pass netOctopus Agent Detection (TCP) 14 Jan 2008 None Pass X7 Chat index.php day Parameter SQL Injection CVE-2008-0278 15 Jan 2008 7.5 (v2) High Pass Pixelpost index.php parent_id Parameter SQL Injection CVE-2008-0358 17 Jan 2008 6.8 (v2) Medium Pass MyBB forumdisplay.php 'sortby' Parameter Arbitrary PHP Code Execution CVE-2008-0382 17 Jan 2008 7.5 (v2) High Pass PHP 7.3.x < 7.3.3 Multiple vulnerabilities. CVE-2019-9637 CVE-2019-9638 CVE-2019-9639 CVE-2019-9640 CVE-2019-9641 08 Apr 2019 9.8 (v3) Critical Pass PHP 7.2.x < 7.2.16 Multiple vulnerabilities. CVE-2019-9637 CVE-2019-9638 CVE-2019-9639 CVE-2019-9640 CVE-2019-9641 08 Apr 2019 9.8 (v3) Critical Pass PHP 7.1.x < 7.1.27 Multiple vulnerabilities. CVE-2019-9637 CVE-2019-9638 CVE-2019-9639 CVE-2019-9640 CVE-2019-9641 08 Apr 2019 9.8 (v3) Critical Pass MikroTik RouterOS Unauthenticated Intermediary CVE-2019-3924 08 Apr 2019 7.5 (v3) High Pass Apache Tomcat 7.0.0 < 7.0.94 Remote Code Execution Vulnerability (Windows) CVE-2019-0221 CVE-2019-0232 16 Apr 2019 8.1 (v3) High Pass Apache Tomcat 9.0.0.M1 < 9.0.19 Remote Code Execution Vulnerability (Windows) CVE-2019-0221 CVE-2019-0232 15 Apr 2019 8.1 (v3) High Pass Apache 2.4.x < 2.4.46 Multiple Vulnerabilities CVE-2020-9490 CVE-2020-11984 CVE-2020-11993 13 Aug 2020 9.8 (v3) Critical Pass Jenkins < 2.235.4 LTS / 2.252 Multiple Cross-Site Scripting (XSS) Vulnerabilities CVE-2020-2229 CVE-2020-2230 CVE-2020-2231 20 Aug 2020 5.4 (v3) Medium Pass CodeMeter Runtime Detection 06 May 2021 None Pass SSH Password Authentication Accepted 07 May 2021 None Pass Juniper Junos OS Vulnerability (JSA11163) CVE-2021-0272 15 Apr 2021 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11153) CVE-2021-0262 15 Apr 2021 6.5 (v3) Medium Pass Juniper Junos OS Vulnerability (JSA11154) CVE-2021-0263 15 Apr 2021 5.9 (v3) Medium Pass Atlassian Jira 7.6.x < 8.5.4, 8.6.x < 8.7.1 Stored XSS (JRASERVER-70814) CVE-2020-14173 25 Aug 2020 5.4 (v3) Medium Pass McAfee Email Gateway Detection 11 Jul 2016 None Pass OrientDB Detection 08 Oct 2015 None 90
RELAYTO Penetration Test Results Page 89 Page 91