Pass ModernBill <= 4.3.0 Multiple Vulnerabilities CVE-2005-1053 CVE-2005-1054 11 Apr 2005 6.8 (v2) Medium Pass paFileDB auth.php pafiledbcookie Cookie SQL Injection CVE-2005-2723 25 Aug 2005 5.1 (v2) Medium Pass Gravity Board X <= 1.1 Multiple Vulnerabilities (SQLi, XSS, PD, Cmd Exe) CVE-2005-2562 CVE-2005-2563 CVE-2005-2564 CVE-2005-2565 08 Aug 2005 7.5 (v2) High Pass Limbo CMS index.php Itemid Parameter Arbitrary Command Execution CVE-2006-1662 03 Mar 2006 7.5 (v2) High Pass AutoLinks Pro 'al_initialize.php alpath Parameter Remote File Inclusion CVE-2005-2782 29 Aug 2005 6.8 (v2) Medium Pass VMware Workspace One Access / VMware Identity Manager Server-side Template Injection RCE (CVE-2022-22954)CVE-2022-22954 25 Apr 2022 9.8 (v3) Critical Pass SolarWinds Orion NPM < 10.7 Multiple Vulnerabilities CVE-2014-3459 12 May 2014 6.8 (v2) Medium Pass WebGUI < 6.7.3 Multiple Command Execution Vulnerabilities CVE-2005-2837 06 Sep 2005 7.5 (v2) High Pass Juniper Junos OS Vulnerability (JSA69503) CVE-2022-22193 25 Apr 2022 5.5 (v3) Medium Pass Fortinet FortiAuthenticator Default Credentials 16 Feb 2015 10 (v2) Critical Pass RaidenHTTPD check.php SoftParserFileXml Parameter Remote File Inclusion CVE-2006-4723 11 Sep 2006 5.1 (v2) Medium Pass paFileDB pafiledb.php id Parameter XSS CVE-2002-1931 CVE-2005-0952 26 Mar 2003 4.3 (v2) Medium Pass WP Super Cache Plugin for WordPress Multiple Insecure PHP Code Inclusion Macros Remote Code ExecutionCVE-2013-2009 CVE-2013-2011 03 May 2013 8.8 (v3) High Pass GNUMP3d < 2.9.6 Multiple Remote Vulnerabilities (XSS, Traversal) CVE-2005-3123 CVE-2005-3424 CVE-2005-3425 31 Oct 2005 5 (v2) Medium Pass phpMyDirectory review.php subcat Parameter XSS CVE-2005-0896 25 Mar 2005 4.3 (v2) Medium Pass phpAdsNew XML-RPC Library Remote Code Injection CVE-2005-1921 11 Nov 2005 7.3 (v3) High Pass Citrix Access Gateway 5.x < 5.0.4.223524 Unspecified Security Bypass CVE-2013-2263 12 Apr 2013 5 (v2) Medium Pass MyBB ratethread.php 'rating' Parameter SQLi CVE-2005-4200 17 Sep 2005 7.5 (v2) High Pass NetworkActiv Web Server Crafted Filename Request Script Source Disclosure CVE-2006-0815 27 Mar 2006 5 (v2) Medium Pass WebCalendar includes/functions.php noSet Variable Overwrite CVE-2007-1343 07 Mar 2007 7.5 (v2) High Pass Visual Mining NetCharts Server Default Credentials (Web UI) 17 Dec 2014 7.5 (v2) High Pass Philboard /database/philboard.mdb Direct Request Database Disclosure 02 Jun 2003 5 (v2) Medium Pass Symantec Web Gateway < 5.2.2 Authenticated OS Command Injection (SYM14-016) CVE-2014-7285 19 Dec 2014 6.5 (v2) Medium Pass Alibaba tst.bat Arbitrary Command Execution CVE-1999-0885 04 Nov 1999 5 (v2) Medium Pass Link-Local Multicast Name Resolution (LLMNR) Service Detection 28 Apr 2022 None Pass ColdFusion Web Server User-Agent HTTP Header Error Message XSS CVE-2007-0817 06 Feb 2007 4.3 (v2) Medium Pass ALCASAR 'index.php' Crafted HTTP Header RCE 20 Jan 2015 7.5 (v2) High Pass ManageEngine Password Manager Pro 6.5 < 7.1 Build 7105 Blind SQL Injection CVE-2014-8499 23 Jan 2015 6.3 (v3) Medium Pass ManageEngine Password Manager Pro < 7.0 Build 7003 SQL Injection CVE-2014-3996 CVE-2014-3997 23 Jan 2015 7.3 (v3) High Pass rot13sj.cgi Arbitrary File Access 03 Jun 2003 7.5 (v2) High Pass Fortinet FortiAuthenticator 'operation' Parameter XSS CVE-2015-1455 CVE-2015-1456 CVE-2015-1457 CVE-2015-1458 CVE-2015-1459 16 Feb 2015 7.5 (v2) High Pass Adobe ColdFusion Authentication Bypass (APSB13-13) CVE-2013-1389 14 May 2013 10 (v2) Critical Pass ManageEngine OpManager Default Credentials CVE-2015-7765 16 Feb 2015 9 (v2) High Pass ManageEngine OpManager 'probeName' SQL Injection Vulnerability CVE-2014-7867 16 Feb 2015 7.5 (v2) High Pass Symantec Data Center Security Server 'environment.jsp' Information Disclosure (SYM15-001) CVE-2014-9225 26 Feb 2015 4 (v2) Medium Pass wwwcount Count.cgi Remote Overflow CVE-1999-0021 22 Jun 1999 7.5 (v2) High Pass Symantec Data Center Security Server 'SSO-Error.jsp' XSS (SYM15-001) CVE-2014-9224 26 Feb 2015 3.5 (v2) Low Pass Symantec Data Center Security Server SQLi (SYM15-001) CVE-2014-7289 26 Feb 2015 6.5 (v2) Medium Pass ManageEngine Desktop Central NativeAppServlet UDID JSON RCE CVE-2014-9371 09 Mar 2015 10 (v2) Critical Pass NETGEAR SOAP Request Handling Remote Authentication Bypass 12 Mar 2015 8.8 (v3) High Pass HP Operations Orchestration 10.x Remote Information Disclosure CVE-2015-2108 12 May 2015 3.5 (v2) Low Pass Websense TRITON Unauthorized File Disclosure CVE-2015-2748 21 May 2015 5 (v2) Medium Pass SPIP < 1.8.2-g Multiple Vulnerabilities CVE-2006-0517 CVE-2006-0518 CVE-2006-0519 25 Feb 2006 7.5 (v2) High Pass Scrutinizer < 9.5.2 Multiple Vulnerabilities CVE-2012-2626 CVE-2012-2627 CVE-2012-3848 23 Aug 2012 9.4 (v2) High Pass alpha_auth_check() Function Remote Authentication Bypass CVE-2013-6026 15 Oct 2013 10 (v2) Critical Pass IBM DB2 Content Manager eClient < 8.4.1.1 Unspecified Security Vulnerability CVE-2009-1231 23 Sep 2013 10 (v2) Critical Pass phpMoAdmin saveObject Remote Command Execution CVE-2015-2208 16 Jun 2015 7.5 (v2) High Pass Western Digital Arkeia Virtual Appliance Unsupported Version Detection 28 May 2014 10 (v2) Critical Pass Western Digital Arkeia 10.1.x < 10.1.19 / 10.2.x < 10.2.9 Multiple Vulnerabilities (Heartbleed) CVE-2014-0160 CVE-2014-2846 02 Jun 2014 7.5 (v3) High Pass Splunk < 5.0.6 Unspecified XSS CVE-2013-6870 27 Nov 2013 4.3 (v2) Medium Pass Huawei Multiple Device Authentication Bypass CVE-2013-6031 24 Mar 2014 4.3 (v2) Medium Pass Oracle Containers for J2EE Component Unspecified XSS CVE-2013-5773 10 Jan 2014 4.3 (v2) Medium Pass Sophos Web Protection Appliance patience.cgi 'id' Parameter Directory Traversal CVE-2013-2641 09 Apr 2013 5.3 (v3) Medium Pass IBM Rational Focal Point Login Servlet File Disclosure CVE-2013-5397 06 Mar 2014 3.3 (v2) Low Pass Oracle Containers for J2EE Multiple Unspecified HTTP Vulnerabilities (April 2014 CPU) CVE-2014-0413 CVE-2014-0414 CVE-2014-0426 21 May 2014 5 (v2) Medium Pass Blackboard Learning System <= 8.0 SP6 Unspecified XSS CVE-2014-0811 13 Jun 2014 4.3 (v2) Medium Pass Infinite Mobile Delivery Webmail Multiple Vulnerabilities (XSS, PD) CVE-2005-0323 CVE-2005-0324 31 Jan 2005 4.3 (v2) Medium Pass HP AutoPass License Server Remote Code Execution (HPSBMU03045) CVE-2013-6221 27 Jun 2014 10 (v2) Critical Pass ionCube loader-wizard.php Remote Information Disclosure 04 Apr 2014 5 (v2) Medium Pass Halon Security Router User Interface Default Credentials 11 Aug 2014 10 (v2) Critical Pass Riverbed SteelApp (Stingray) Traffic Manager < 9.7 Multiple XSS CVE-2014-5264 CVE-2014-5348 15 Sep 2014 4.3 (v2) Medium Pass Usermin 'miniserv.pl' Arbitrary File Disclosure CVE-2006-3392 16 Sep 2014 5 (v2) Medium Pass Elasticsearch Groovy Script RCE CVE-2015-1427 13 Mar 2015 7.5 (v2) High Pass PHP 5.6.0 Multiple Vulnerabilities CVE-2013-6712 CVE-2013-7226 CVE-2013-7327 CVE-2013-7345 CVE-2014-0185 CVE-2014-0207 CVE-2014-0236 CVE-2014-0237 CVE-2014-0238 CVE-2014-1943 CVE-2014-2270 CVE-2014-2497 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3515 CVE-2014-3538 CVE-2014-3587 CVE-2014-3597 CVE-2014-3981 CVE-2014-4049 CVE-2014-4670 CVE-2014-4698 CVE-2014-4721 CVE-2014-512017 Oct 2014 7.3 (v3) High Pass Novell GroupWise WebAccess User.interface XSS CVE-2012-0410 19 Jul 2012 5 (v2) Medium Pass ArGoSoft Mail Server Pro <= 1.8.7.6 Multiple Vulnerabilities (XSS, Traversal, Priv Esc) CVE-2005-1282 CVE-2005-1283 CVE-2005-1284 26 Apr 2005 5 (v2) Medium Pass Nagios XI < 2011R1.9 login.php XSS 06 Aug 2012 4.3 (v2) Medium Pass RabidHamster R4 left_console.html cmd Parameter loadfile() Function Traversal Arbitrary File Access 09 Aug 2012 4.3 (v2) Medium Pass McAfee Agent 4.6.x < 4.8.0.1938 / 5.0.x < 5.0.1 Log View Clickjacking (SB10094) CVE-2015-2053 02 Jun 2015 4.7 (v3) Medium Pass West Wind Web Connection Unprotected Configuration Editor Application 19 Sep 2012 10 (v2) Critical Pass Splunk 4.3.x < 4.3.6 Unspecified XSS CVE-2013-2766 19 Apr 2013 4.3 (v2) Medium Pass NetIQ Privileged User Manager Password Change Authentication Bypass (intrusive check) CVE-2012-5930 21 Nov 2012 6.4 (v2) Medium Pass IceWarp Webmail raw.php Information Disclosure 19 Dec 2012 5 (v2) Medium Pass Advanced Custom Fields Plugin for WordPress 'acf_abspath' Parameter Remote File Inclusion 21 Dec 2012 7.5 (v2) High Pass Trend Micro Threat Intelligence Manager sampleReporting.php 'fakename' Parameter File Disclosure CVE-2014-2204 22 Jul 2015 7.8 (v2) High Pass WebYaST Host Modification MiTM CVE-2012-0435 25 Jan 2013 5.8 (v2) Medium Pass HP Diagnostics Server Default Credentials 05 Feb 2013 7.5 (v2) High Pass EMC Data Protection Advisor Web UI Directory Traversal CVE-2012-4616 20 Feb 2013 5 (v2) Medium Pass WP Symposium Plugin for WordPress 'symposium_groups_functions.php' 'gid' Parameter SQL Injection 26 Feb 2013 7.5 (v2) High Pass cPanel <= 9.1.0 Multiple Vulnerabilities CVE-2004-1769 CVE-2004-1770 CVE-2004-2308 14 Mar 2004 10 (v2) Critical Pass Adobe InDesign Server RunScript Arbitrary Command Execution 08 Mar 2013 7.5 (v2) High Pass Mambo Open Source Multiple Vulnerabilities CVE-2006-0871 CVE-2006-1794 27 Mar 2006 5.1 (v2) Medium Pass Git Repository Served by Web Server 27 Mar 2013 5 (v2) Medium Pass Apache Solr < 4.3.1 XML External Entity Injection CVE-2013-6408 07 Jan 2014 6.4 (v2) Medium Pass WordPress check_ajax_referer() Function SQL Injection CVE-2007-2821 23 May 2007 7.5 (v2) High Pass TalentSoft Web+ webplus CGI Traversal Arbitrary File Access CVE-2000-0282 12 Apr 2000 5 (v2) Medium Pass Sybase EAServer 6.x < 6.3.1 ESD#3 Multiple Code Execution Vulnerabilities 03 Jul 2013 10 (v2) Critical Pass OpenSSL 1.0.2 < 1.0.2ze Vulnerability CVE-2022-1292 04 May 2022 9.8 (v3) Critical Pass OSSIM tele_compress.php Directory Traversal CVE-2013-6056 18 Jun 2014 7.8 (v2) High Pass Splunk < 5.0.4 X-FRAME-OPTIONS Clickjacking Vulnerability 09 Aug 2013 5.8 (v2) Medium Pass HP LaserJet Pro /dev/save_restore.xml Administrative Password Disclosure CVE-2013-4807 09 Aug 2013 7.8 (v2) High Pass Blue Coat ICAP Patience Page XSS CVE-2008-4485 22 Aug 2013 4.3 (v2) Medium Pass FreeNAS 'exec_raw.php' Arbitrary Command Execution 08 Nov 2010 10 (v2) Critical Pass eclime index.php ref Parameter SQL Injection CVE-2010-4851 13 Dec 2010 7.5 (v2) High Pass SEO Tools Plugin for WordPress 'file' Parameter Arbitrary File Access 17 Nov 2010 5 (v2) Medium Pass Server Message Block (SMB) Protocol Version Detection 04 May 2022 None Pass Pandora FMS Console Default Credentials 06 Dec 2010 7.5 (v2) High Pass CGI Generic XSS (persistent, 2nd pass) 14 Jan 2011 4.3 (v2) Medium Pass Netscape PSCOErrPage.htm errPagePath Parameter Traversal Arbitrary File Access CVE-2000-1196 12 Apr 2000 5 (v2) Medium Pass HP OpenView Network Node Manager Remote Execution of Arbitrary Code (HPSBMA02621 SSRT100352)CVE-2010-2703 CVE-2011-0261 CVE-2011-0262 CVE-2011-0263 CVE-2011-0264 CVE-2011-0265 CVE-2011-0266 CVE-2011-0267 CVE-2011-0268 CVE-2011-0269 CVE-2011-0270 CVE-2011-027121 Jan 2011 10 (v2) Critical Pass ManageEngine Desktop Central statusUpdate Arbitrary File Upload RCE (intrusive check) CVE-2014-5005 25 Mar 2015 7.5 (v2) High Pass WoltLab Burning Board search.php Multiple Parameter SQL Injection CVE-2007-0388 18 Jan 2007 7.5 (v2) High Pass Miva htmlscript Traversal Arbitrary File Access CVE-1999-0264 22 Jun 1999 7.8 (v2) High Pass MDaemon WorldClient < 12.0.3 Summary Page Email Subject XSS 20 May 2011 4.3 (v2) Medium Pass Veri-NAC Appliance unauthenticated URL Directory Traversal 09 Jun 2011 5.3 (v3) Medium Pass Symantec Web Gateway forget.php Blind SQL Injection (SYM11-008) CVE-2011-0549 20 Jul 2011 7.5 (v2) High Pass IceWarp Multiple Script Remote File Inclusion CVE-2006-0817 CVE-2006-0818 20 Jul 2006 5 (v2) Medium Pass Trend Micro OfficeScan Server CGI Modules Multiple Vulnerabilities CVE-2007-3454 CVE-2007-3455 29 Jun 2007 10 (v2) Critical Pass SAP DB / MaxDB Web Server DBM_INTERN_TEST Event Buffer Overflow CVE-2007-3614 10 Jul 2007 7.5 (v2) High Pass op5 Portal Arbitrary Command Execution CVE-2012-0261 17 Jan 2012 10 (v2) Critical Pass RunCMS xoopsOption Parameter Local File Inclusion 26 Nov 2007 5.1 (v2) Medium Pass ManageEngine DeviceExpert Default Administrator Credentials 22 Mar 2012 7.5 (v2) High 31
RELAYTO Penetration Test Results Page 30 Page 32