Pass ionCube loader-wizard.php Accessible 04 Apr 2014 5 (v2) Medium Pass Ajax Pagination (twitter Style) Plugin for WordPress Local File Inclusion 07 Apr 2014 5 (v2) Medium Pass ASUS Routers flag Parameter XSS 25 Feb 2014 4.3 (v2) Medium Pass HP Universal Configuration Management Database Server (UCMDB) Local Information Disclosure (HPSBGN03504)CVE-2015-5440 22 Sep 2015 4.9 (v2) Medium Pass Cisco ONS 15454 Controller Card DoS (CSCug97315) CVE-2014-2139 10 Apr 2014 5 (v2) Medium Pass Canon PIXMA Printer WLAN Credential Disclosure CVE-2013-4614 07 Apr 2014 2.1 (v2) Low Pass OpenSSL Heartbeat Information Disclosure (Heartbleed) CVE-2014-0160 08 Apr 2014 7.5 (v3) High Pass NAS4Free Web UI Default Credentials 14 Apr 2014 10 (v2) Critical Pass CA ERwin Web Portal 9.5 Multiple Directory Traversals CVE-2014-2210 29 Apr 2014 7.5 (v2) High Pass BSD in.lpd File Name Handling Remote Overflow CVE-2001-0670 CVE-1999-0061 17 Mar 2003 7.5 (v2) High Pass Symantec Endpoint Protection Manager Java Object Deserialization RCE (SYM15-011) CVE-2015-6554 18 Dec 2015 8.8 (v3) High Pass IBM DB2 9.5 < Fix Pack 6a Multiple Vulnerabilities CVE-2009-3471 CVE-2009-3555 CVE-2010-0462 CVE-2010-3193 CVE-2010-3194 CVE-2010-3195 CVE-2010-3731 CVE-2010-3732 CVE-2010-3733 CVE-2010-3734 CVE-2010-3735 CVE-2010-3736 CVE-2010-3737 CVE-2010-3738 CVE-2010-3739 CVE-2010-374007 Sep 2010 9.8 (v3) Critical Pass OS Identification: SinFP with Machine Learning 15 Jan 2020 None Pass OpenSSL < 0.9.6e Multiple Vulnerabilities CVE-2002-0655 CVE-2002-0656 CVE-2002-0659 04 Jan 2012 7.5 (v2) High Pass APC < 3.8.0 apcupsd Multiple Vulnerabilities CVE-2001-0040 CVE-2003-0098 CVE-2003-0099 26 Mar 2003 10 (v2) Critical Pass Microsoft SharePoint Server Unsupported Version Detection 30 May 2014 10 (v3) Critical Pass OpenSSL < 0.9.7h / 0.9.8a Protocol Version Rollback CVE-2005-2969 04 Jan 2012 5 (v2) Medium Pass HP OneView Unspecified Remote Privilege Escalation (HPSBGN03034) CVE-2014-2602 13 Jun 2014 6.5 (v2) Medium Pass PoPToP PPTP ctrlpacket.c Negative Read Remote Overflow CVE-2003-0213 16 Apr 2003 10 (v2) Critical Pass OpenSSH < 3.7.1 Multiple Vulnerabilities CVE-2003-0682 CVE-2003-0693 CVE-2003-0695 CVE-2004-2760 16 Sep 2003 10 (v2) Critical Pass Apache 2.0.x < 2.0.51 Multiple Vulnerabilities (OF, DoS) CVE-2004-0747 CVE-2004-0748 CVE-2004-0751 CVE-2004-0786 CVE-2004-0809 16 Sep 2004 5.6 (v3) Medium Pass Splunk '/en-US/app/' Referer Header XSS CVE-2014-8380 30 May 2014 4.3 (v2) Medium Pass Snitz Forums 2000 < 3.4.03 register.asp Email Parameter SQL Injection CVE-2003-0286 04 Aug 2004 7.5 (v2) High Pass F5 Networks ARX Data Manager Unsupported Version Detection 01 Jul 2014 10 (v2) Critical Pass Unsupported Microsoft DNS Server Detection 12 Jun 2014 10 (v3) Critical Pass EMC Documentum D2 Privilege Escalation (ESA-2014-045) CVE-2014-2504 06 Jun 2014 9 (v2) High Pass McAfee Cloud Single Sign On WebUI Default Credentials 25 Mar 2014 7.5 (v2) High Pass IBM WebSphere Application Server 7.0 < Fix Pack 13 Multiple Vulnerabilities CVE-2010-0781 CVE-2010-0783 CVE-2010-0784 CVE-2010-0785 CVE-2010-0786 CVE-2010-1632 CVE-2010-3186 CVE-2010-4220 11 Nov 2010 7.5 (v2) High Pass Puppet Enterprise 3.x < 3.1.3 LibYAML Heap-Based Buffer Overflow CVE-2013-6393 21 Mar 2014 6.8 (v2) Medium Pass Tivoli Provisioning Manager Express for Software Distribution Detection 29 Mar 2012 None Pass Oracle iPlanet Web Server 7.0.x < 7.0.9 Multiple Vulnerabilities CVE-2010-3512 CVE-2010-3514 CVE-2010-3544 CVE-2010-3545 13 Dec 2010 5.8 (v2) Medium Pass Cisco TelePresence Supervisor MSE 8050 Multiple Vulnerabilities in OpenSSL CVE-2014-0224 CVE-2014-3470 18 Jun 2014 5.8 (v2) Medium Pass Cisco ONS 15400 Series Devices Multiple Vulnerabilities in OpenSSL CVE-2014-0076 CVE-2014-3470 18 Jun 2014 1.9 (v2) Low Pass Woltlab Burning Board pms.php folderid Parameter XSS CVE-2005-1327 12 May 2005 4.3 (v2) Medium Pass Better WP Security Plugin for WordPress Multiple XSS CVE-2012-4263 CVE-2012-4264 31 Mar 2014 4.3 (v2) Medium Pass SSH Tectia Server SFTP Filename Logging Format String CVE-2006-0705 15 Feb 2006 5 (v2) Medium Pass Cloudera Manager Default Credentials 26 Jun 2014 10 (v2) Critical Pass Apache Tomcat 6.0.x < 6.0.43 Multiple Vulnerabilities (POODLE) CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-513905 Mar 2015 7.3 (v3) High Pass Serv-U FTP Server < 15.1.0.458 Multiple Vulnerabilities 04 Jul 2014 6.4 (v2) Medium Pass OSSIM < 4.3.3.1 tele_stats.php SQL Injection 25 Jun 2014 7.5 (v2) High Pass IMAP Service STARTTLS Plaintext Command Injection CVE-2011-0411 CVE-2011-1926 10 Mar 2011 4 (v2) Medium Pass Symantec Data Insight < 4.5 Multiple Vulnerabilities (SYM14-012) CVE-2014-3432 CVE-2014-3433 03 Jul 2014 4.3 (v2) Medium Pass NETGEAR GS105PE Pro Safe Switch Hard-coded Credentials CVE-2014-2969 11 Jul 2014 8.3 (v2) High Pass SNMP 'GETBULK' Reflection DDoS 11 Jul 2014 5 (v2) Medium Pass VMware ESX / ESXi NFC Traffic Handling DoS (VMSA-2013-0011) (remote check) CVE-2013-1661 04 Mar 2016 4.3 (v2) Medium Pass ManageEngine Desktop Central < 9 build 90103 XSRF CVE-2014-9331 25 Mar 2015 6.8 (v2) Medium Pass HP SiteScope Unspecified Authentication Bypass CVE-2014-2614 09 Jul 2014 7.5 (v2) High Pass MailPoet Newsletters for WordPress Arbitrary File Upload CVE-2014-4725 16 Jul 2014 8.8 (v3) High Pass IBM Storwize V7000 Unified Service Account Unspecified Local Privilege Escalation CVE-2014-3043 24 Jul 2014 6.5 (v2) Medium Pass WebTitan 'categories-x.php' 'sortkey' Parameter SQL Injection CVE-2014-4307 18 Jul 2014 7.5 (v2) High Pass Autodesk VRED Python API Remote Code Execution CVE-2014-2967 24 Jul 2014 10 (v2) Critical Pass VMware Harbor 1.8.x < 1.8.4 (VMSA-2019-0016) CVE-2019-16919 22 Oct 2019 7.5 (v3) High Pass Junos OS: Cross-Site Scripting (XSS) in J-Web (JSA10986) CVE-2020-1607 17 Jan 2020 7.5 (v3) High Pass OpenSSL 1.0.2 < 1.0.2k Multiple Vulnerabilities CVE-2016-7055 CVE-2017-3731 CVE-2017-3732 30 Jan 2017 5.9 (v3) Medium Pass Cisco ONS 15454 Controller Card DoS (CSCug97416) CVE-2014-2141 10 Apr 2014 4 (v2) Medium Pass VMware ESX Multiple Vulnerabilities (VMSA-2010-0015) (remote check) CVE-2009-2409 CVE-2009-3245 CVE-2009-3555 CVE-2009-3767 CVE-2010-0433 CVE-2010-0734 CVE-2010-0826 CVE-2010-1646 08 Mar 2016 10 (v2) Critical Pass NetIQ Sentinel < 7.4.1 Multiple Vulnerabilities CVE-2014-3576 CVE-2015-0851 26 Apr 2016 5 (v2) Medium Pass IBM WebSphere Application Server 8.0 < Fix Pack 9 Multiple Vulnerabilities CVE-2013-6323 CVE-2013-6329 CVE-2013-6438 CVE-2013-6738 CVE-2013-6747 CVE-2014-0050 CVE-2014-0076 CVE-2014-0098 CVE-2014-0453 CVE-2014-0460 CVE-2014-0823 CVE-2014-0857 CVE-2014-0859 CVE-2014-0878 CVE-2014-0891 CVE-2014-0963 CVE-2014-0965 CVE-2014-302204 Aug 2014 7.5 (v2) High Pass EMC Documentum D2 Privilege Escalation (ESA-2014-067) CVE-2014-2515 21 Aug 2014 8.5 (v2) High Pass HP LaserJet Printers Unspecified Information Disclosure (HPSBPI03546) CVE-2016-2244 15 Mar 2016 5.9 (v3) Medium Pass Juniper Junos Fragmented TCP Packet Sequence Handling DoS (JSA10696) CVE-2014-6449 21 Oct 2015 5 (v2) Medium Pass Allegro RomPager HTTP Cookie Management Remote Code Execution Vulnerability (Misfortune Cookie) CVE-2014-9222 CVE-2014-9223 30 Dec 2014 10 (v2) Critical Pass Juniper Junos jdhcpd crash denial of service (JSA10926) CVE-2019-0037 19 Apr 2019 7.5 (v3) High Pass HP StoreVirtual Storage Remote Unauthorized Access CVE-2013-2352 10 Apr 2014 9.4 (v2) High Pass Barco ClickShare Device Default Credentials 19 Aug 2014 10 (v2) Critical Pass Apache Traffic Server 4.x < 4.2.1.1 / 5.x < 5.0.1 Synthetic Health Check Vulnerability CVE-2014-3525 22 Jan 2015 10 (v2) Critical Pass IBM Rational License Key Server Administration and Reporting Tool Default Credentials 16 Sep 2014 7.5 (v2) High Pass Fortinet FortiOS User Interface Default Credentials 15 Apr 2014 10 (v2) Critical Pass Splunk 6.x < 6.0.3 Multiple OpenSSL Vulnerabilities (Heartbleed) CVE-2013-4353 CVE-2014-0160 16 Apr 2014 7.5 (v3) High Pass phpMyAdmin 3.4.x < 3.4.6 XSS (PMASA-2011-16) CVE-2011-4064 26 Oct 2011 4.3 (v2) Medium Pass Oracle Real User Experience Insight October 2014 CPU CVE-2014-6557 26 Jan 2015 4.9 (v2) Medium Pass Palo Alto Networks PAN-OS HTTP Header Handling URL Filter Bypass (PAN-SA-2016-0006) 28 Apr 2016 5 (v2) Medium Pass SYAC DigiEye Backdoor Detection 10 Sep 2014 9.3 (v2) High Pass Oracle GlassFish Server 3.0.1 / 3.1.2 / Enterprise 2.1.1 DoS CVE-2012-3155 05 Sep 2014 5 (v2) Medium Pass F5 Networks rsync RCE CVE-2014-2927 14 Oct 2014 9.3 (v2) High Pass ManageEngine DeviceExpert Unauthorized Information Disclosure CVE-2014-5377 04 Sep 2014 5 (v2) Medium Pass OpenSSL 1.x < 1.0.0f Multiple Vulnerabilities CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2012-0027 09 Jan 2012 5 (v2) Medium Pass FreeNAS WebGUI Blank Password CVE-2014-5334 18 Sep 2014 9.8 (v3) Critical Pass ManageEngine EventLog Analyzer Default Credentials 02 Sep 2014 7.5 (v2) High Pass Palo Alto Networks PAN-OS 7.0.x < 7.0.14 / 7.1.x < 7.1.9 Multiple Vulnerabilities (PAN-SA-2017-0008 - PAN-SA-2017-0010)CVE-2017-7126 CVE-2017-7217 CVE-2017-7218 18 Apr 2017 7.8 (v3) High Pass Cisco Content Security Management Appliance Open Redirect Multiple Vulnerabilities (cisco-sa-sma-opn-rCVE-2020-3178drct-yPPMdsMQ) 21 May 2020 6.1 (v3) Medium Pass Juniper Junos libgd Compressed GD2 Data RCE (JSA10798) CVE-2016-3074 31 Jul 2017 9.8 (v3) Critical Pass macOS 10.13.x < 10.13.2 Multiple Vulnerabilities (Meltdown) CVE-2017-1000254 CVE-2017-13847 CVE-2017-13848 CVE-2017-13855 CVE-2017-13858 CVE-2017-13860 CVE-2017-13862 CVE-2017-13865 CVE-2017-13867 CVE-2017-13868 CVE-2017-13869 CVE-2017-13871 CVE-2017-13872 CVE-2017-13875 CVE-2017-13876 CVE-2017-13878 CVE-2017-13883 CVE-2017-13886 CVE-2017-13887 CVE-2017-13892 CVE-2017-13904 CVE-2017-13905 CVE-2017-13911 CVE-2017-15422 CVE-2017-3735 CVE-2017-5754 CVE-2017-7151 CVE-2017-7154 CVE-2017-7155 CVE-2017-7158 CVE-2017-7159 CVE-2017-7162 CVE-2017-7163 CVE-2017-7171 CVE-2017-7172 CVE-2017-7173 CVE-2017-979807 Dec 2017 7.8 (v3) High Pass ESXi 5.5 < Build 1980513 glibc Library Multiple Vulnerabilities (remote check) CVE-2013-0242 CVE-2013-1914 09 Oct 2014 5 (v2) Medium Pass HP Printers Security Bypass (HPSBPI03107) CVE-2014-0224 09 Oct 2014 5.8 (v2) Medium Pass TIBCO Spotfire Analytics Server Authentication Module Unspecified Information Disclosure CVE-2012-0690 13 Oct 2014 5 (v2) Medium Pass TIBCO Spotfire Server Authentication Module Unspecified Remote Code Execution CVE-2014-2544 13 Oct 2014 7.5 (v2) High Pass TIBCO Spotfire Server Unsupported Version Detection 13 Oct 2014 10 (v3) Critical Pass TIBCO Spotfire Server Authentication Module Unspecified Privilege Escalation CVE-2014-5285 13 Oct 2014 7.5 (v2) High Pass Lexmark Printer config.html Administrator Authentication Bypass (FREAK) CVE-2015-0204 CVE-2015-1637 19 Oct 2015 4.3 (v2) Medium Pass Apple iTunes < 12.0.1 Multiple Vulnerabilities (uncredentialed check) CVE-2013-2871 CVE-2013-2875 CVE-2013-2909 CVE-2013-2926 CVE-2013-2927 CVE-2013-2928 CVE-2013-5195 CVE-2013-5196 CVE-2013-5197 CVE-2013-5198 CVE-2013-5199 CVE-2013-5225 CVE-2013-5228 CVE-2013-6625 CVE-2013-6635 CVE-2013-6663 CVE-2014-1268 CVE-2014-1269 CVE-2014-1270 CVE-2014-1289 CVE-2014-1290 CVE-2014-1291 CVE-2014-1292 CVE-2014-1293 CVE-2014-1294 CVE-2014-1298 CVE-2014-1299 CVE-2014-1300 CVE-2014-1301 CVE-2014-1302 CVE-2014-1303 CVE-2014-1304 CVE-2014-1305 CVE-2014-1307 CVE-2014-1308 CVE-2014-1309 CVE-2014-1310 CVE-2014-1311 CVE-2014-1312 CVE-2014-1313 CVE-2014-1323 CVE-2014-1324 CVE-2014-1325 CVE-2014-1326 CVE-2014-1327 CVE-2014-1329 CVE-2014-1330 CVE-2014-1331 CVE-2014-1333 CVE-2014-1334 CVE-2014-1335 CVE-2014-1336 CVE-2014-1337 CVE-2014-1338 CVE-2014-1339 CVE-2014-1340 CVE-2014-1341 CVE-2014-1342 CVE-2014-1343 CVE-2014-1344 CVE-2014-1362 CVE-2014-1363 CVE-2014-1364 CVE-2014-1365 CVE-2014-1366 CVE-2014-1367 CVE-2014-1368 CVE-2014-1382 CVE-2014-1384 CVE-2014-1385 CVE-2014-1386 CVE-2014-1387 CVE-2014-1388 CVE-2014-1389 CVE-2014-1390 CVE-2014-1713 CVE-2014-1731 CVE-2014-4410 CVE-2014-4411 CVE-2014-4412 CVE-2014-4413 CVE-2014-4414 CVE-2014-441521 Oct 2014 10 (v2) Critical Pass macOS 10.13.x < 10.13.5 Multiple Vulnerabilities CVE-2018-4141 CVE-2018-4159 CVE-2018-4180 CVE-2018-4181 CVE-2018-4182 CVE-2018-4183 CVE-2018-4184 CVE-2018-4193 CVE-2018-4194 CVE-2018-4196 CVE-2018-4198 CVE-2018-4202 CVE-2018-4211 CVE-2018-4217 CVE-2018-4219 CVE-2018-4221 CVE-2018-4223 CVE-2018-4224 CVE-2018-4225 CVE-2018-4226 CVE-2018-4227 CVE-2018-4228 CVE-2018-4229 CVE-2018-4230 CVE-2018-4234 CVE-2018-4235 CVE-2018-4236 CVE-2018-4237 CVE-2018-4240 CVE-2018-4241 CVE-2018-4242 CVE-2018-4243 CVE-2018-4249 CVE-2018-4251 CVE-2018-4253 CVE-2018-4254 CVE-2018-4255 CVE-2018-4256 CVE-2018-4257 CVE-2018-4258 CVE-2018-4404 CVE-2018-4478 CVE-2018-5383 CVE-2018-758405 Jun 2018 9.8 (v3) Critical Pass HP Operations Manager / Operations Agent < 11.13 XSS (HPSBMU03126) CVE-2014-2647 22 Oct 2014 4.3 (v2) Medium Pass Oracle Business Transaction Management 'FlashTunnelService' 'WriteToFile' Message RCE 31 Oct 2014 10 (v2) Critical Pass macOS 10.13.x < 10.13.6 Multiple Vulnerabilities CVE-2017-0898 CVE-2017-10784 CVE-2017-14033 CVE-2017-14064 CVE-2017-17405 CVE-2017-17742 CVE-2018-3665 CVE-2018-4178 CVE-2018-4248 CVE-2018-4259 CVE-2018-4268 CVE-2018-4269 CVE-2018-4276 CVE-2018-4277 CVE-2018-4280 CVE-2018-4283 CVE-2018-4285 CVE-2018-4286 CVE-2018-4287 CVE-2018-4288 CVE-2018-4289 CVE-2018-4291 CVE-2018-4293 CVE-2018-4456 CVE-2018-4470 CVE-2018-5383 CVE-2018-6797 CVE-2018-6913 CVE-2018-6914 CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-878017 Jul 2018 9.8 (v3) Critical Pass Cisco Nexus 3000 Series and 9000 Series Switches in NX-OS Mode CLI Command Software Image SignaturCVE-2019-1810e Verification Vulnerability 07 Jun 2019 6.7 (v3) Medium Pass SolarWinds Log and Event Manager Unsupported Version Detection 07 Nov 2014 10 (v2) Critical Pass SolarWinds Log and Event Manager Default Credentials 07 Nov 2014 10 (v2) Critical Pass IBM Tivoli Endpoint Manager Server 9.1.x < 9.1.1117.0 OpenSSL Security Bypass CVE-2014-0224 19 Nov 2014 5.8 (v2) Medium Pass AFP Server Network Interface Enumeration CVE-2014-4426 24 Nov 2014 4.3 (v2) Medium Pass Google Calendar Events Plugin for WordPress 'admin-ajax.php' XSS CVE-2014-7138 21 Nov 2014 4.3 (v2) Medium Pass IBM WebSphere Application Server 8.0 < Fix Pack 2 Multiple Vulnerabilities CVE-2011-1376 CVE-2011-1377 CVE-2011-4889 04 Apr 2012 4.6 (v2) Medium Pass Apache Traffic Server Host HTTP XSS 28 Nov 2014 4.3 (v2) Medium Pass IlohaMail read_message.php Attachment Multiple Field XSS CVE-2005-1120 14 Apr 2005 4.3 (v2) Medium Pass Splunk Enterprise 6.0.x < 6.0.6 Multiple Vulnerabilities CVE-2014-3511 CVE-2014-8303 04 Dec 2014 4.3 (v2) Medium Pass Isilon OneFS SNMP Detection 14 Aug 2018 None Pass Mac OS X < 10.11.1 Multiple Vulnerabilities CVE-2012-6151 CVE-2014-3565 CVE-2015-0235 CVE-2015-0273 CVE-2015-5924 CVE-2015-5925 CVE-2015-5926 CVE-2015-5927 CVE-2015-5932 CVE-2015-5933 CVE-2015-5934 CVE-2015-5935 CVE-2015-5936 CVE-2015-5937 CVE-2015-5938 CVE-2015-5939 CVE-2015-5940 CVE-2015-5942 CVE-2015-5943 CVE-2015-5944 CVE-2015-5945 CVE-2015-6563 CVE-2015-6834 CVE-2015-6835 CVE-2015-6836 CVE-2015-6837 CVE-2015-6838 CVE-2015-6974 CVE-2015-6975 CVE-2015-6976 CVE-2015-6977 CVE-2015-6978 CVE-2015-6980 CVE-2015-6983 CVE-2015-6984 CVE-2015-6985 CVE-2015-6987 CVE-2015-6988 CVE-2015-6989 CVE-2015-6990 CVE-2015-6991 CVE-2015-6992 CVE-2015-6993 CVE-2015-6994 CVE-2015-6995 CVE-2015-6996 CVE-2015-7003 CVE-2015-7006 CVE-2015-7007 CVE-2015-7008 CVE-2015-7009 CVE-2015-7010 CVE-2015-7015 CVE-2015-7016 CVE-2015-7017 CVE-2015-7018 CVE-2015-7019 CVE-2015-7020 CVE-2015-7021 CVE-2015-7023 CVE-2015-7024 CVE-2015-703529 Oct 2015 10 (v2) Critical Pass IBM WebSphere Application Server 6.1 < 6.1.0.33 Multiple Vulnerabilities CVE-2010-0778 CVE-2010-0779 CVE-2010-0781 CVE-2010-3186 28 Sep 2010 10 (v2) Critical Pass SSL Certificate Chain Contains Weak RSA Keys 24 Jul 2012 4 (v2) Medium Pass Cisco TelePresence Multipoint Switch XML-RPC DoS (cisco-sa-20110223-telepresence-ctms) CVE-2011-0390 27 Jul 2012 7.8 (v2) High Pass MySQL Authentication Protocol Token Comparison Casting Failure Password Bypass CVE-2012-2122 02 Aug 2012 5.6 (v3) Medium Pass sipXtapi INVITE Message CSeq Field Header Remote Overflow CVE-2006-3524 25 Jul 2006 7.5 (v2) High 99
RELAYTO Penetration Test Results Page 98 Page 100