Pass Trouble Ticket Express fid Parameter Arbitrary Remote Code Execution 17 Mar 2010 8.8 (v3) High Pass eFront 'langname' Parameter Traversal Local File Inclusion CVE-2010-1003 22 Mar 2010 6.8 (v2) Medium Pass DNN (DotNetNuke) < 5.3.0 SearchResults.aspx XSS 22 Mar 2010 4.3 (v2) Medium Pass Serv-U < 9.4.0.0 24 Mar 2010 6.5 (v2) Medium Pass SiteX photo.php albumid Parameter SQL Injection CVE-2010-1343 26 Mar 2010 7.5 (v2) High Pass ViewVC viewvc.cgi search Parameter XSS CVE-2010-0132 02 Apr 2010 2.6 (v2) Low Pass Logitech Touch Mouse Server Detection 07 Apr 2010 None Pass MediaWiki Login Cross-Site Request Forgery 07 Apr 2010 3.5 (v2) Low Pass Joomla! / Mambo Component 'view' Parameter Local File Include CVE-2010-1313 CVE-2010-1476 CVE-2010-1531 CVE-2010-1533 CVE-2010-1535 CVE-2010-1983 CVE-2010-2128 12 Apr 2010 9.8 (v3) Critical Pass Properties Component for Joomla! 'aid' Parameter SQLi CVE-2010-1874 13 Apr 2010 7.3 (v3) High Pass MS10-024: Vulnerabilities in Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service (981832) (uncrCVE-2010-0024 CVE-2010-0025edentialed check) 13 Apr 2010 5 (v2) Medium Pass Apache ActiveMQ Web Console Test Pages Information Disclosure 16 Apr 2010 5 (v2) Medium Pass Iomega smbwebclient.php Unauthenticated Filesystem Access 19 Apr 2010 10 (v3) Critical Pass YaBB Shadow BBCode Tag XSS 30 Nov 2004 4.3 (v2) Medium Pass Atlassian JIRA 500page.jsp Referer XSS CVE-2010-1164 20 Apr 2010 4.3 (v2) Medium Pass ActiveMQ Double Slash Request Source Code Disclosure CVE-2010-1587 24 Apr 2010 5 (v2) Medium Pass Alt-N MDaemon < 11.0.1 Multiple Remote DoS 26 Apr 2010 7.8 (v2) High Pass Hydra: Cisco 01 Dec 2004 7.5 (v2) High Pass HP System Management Homepage < 6.0.0.96 / 6.0.0-95 Multiple Vulnerabilities CVE-2008-1468 CVE-2008-4226 CVE-2008-5557 CVE-2008-5814 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 CVE-2009-4185 CVE-2010-103427 Apr 2010 10 (v2) Critical Pass IBM DB2 9.1 < Fix Pack 9 Multiple Vulnerabilities CVE-2009-3471 CVE-2009-3555 CVE-2010-0462 CVE-2010-3193 CVE-2010-3194 CVE-2010-3195 28 Apr 2010 6.3 (v3) Medium Pass MODx SearchHighlight plugin XSS CVE-2010-1427 29 Apr 2010 4.3 (v2) Medium Pass CGI Generic Path Traversal (write test) 30 Apr 2010 6.4 (v2) Medium Pass CGI Generic Path Traversal (extended test) 30 Apr 2010 5 (v2) Medium Pass Hydra: Cisco enable 01 Dec 2004 7.5 (v2) High Pass Campsite TinyMCE plugin 'attachments.php' 'article_id' Parameter SQL Injection CVE-2010-1867 05 May 2010 7.5 (v2) High Pass Default Password (alien) for 'root' Account CVE-1999-0502 06 May 2010 9.8 (v3) Critical Pass HP Mercury LoadRunner Agent Remote Command Execution CVE-2010-1549 07 May 2010 10 (v3) Critical Pass Visitor Data Module for Joomla! X-Forwarded-For Header RCE 13 May 2010 9.8 (v3) Critical Pass RokModule Component for Joomla! 'moduleid' Parameter SQi CVE-2010-1479 15 May 2010 7.3 (v3) High Pass c99shell Backdoor Detection 14 May 2010 7.5 (v2) High Pass r57shell Backdoor Detection 14 May 2010 7.5 (v2) High Pass e107 BBCode Arbitrary PHP Code Execution CVE-2010-2099 21 May 2010 7.5 (v2) High Pass Hydra: FTP 01 Dec 2004 7.5 (v2) High Pass Hydra: HTTP 01 Dec 2004 7.5 (v2) High Pass Open-AudIT include_lang.php language Parameter Traversal Local File Inclusion 24 May 2010 7.5 (v2) High Pass TikiWiki tiki-lastchanges.php Empty sort_mode Parameter Information Disclosure CVE-2006-5702 27 May 2010 5 (v2) Medium Pass Apache Axis2 'xsd' Parameter Directory Traversal 27 May 2010 5 (v2) Medium Pass PHP expose_php Information Disclosure 03 Jun 2010 5 (v2) Medium Pass MoinMoin PageEditor.py template Parameter XSS CVE-2010-2487 07 Jun 2010 4.3 (v2) Medium Pass Symphony 2.0.6 mode Parameter Local File Inclusion CVE-2010-2143 07 Jun 2010 7.5 (v2) High Pass UnrealIRCd Backdoor Detection CVE-2010-2075 14 Jun 2010 10 (v2) Critical Pass Apache Tomcat JK Connector Content-Length Header Cross-User Information Disclosure CVE-2008-5519 14 Jun 2010 2.6 (v2) Low Pass Moodle < 1.9.6 / 1.8.10 Multiple Vulnerabilities 24 Jun 2010 6.8 (v2) Medium Pass eyeMax DVR Server Detection 25 Jun 2010 None Pass Kerio Connect < 7.0.0 Products Administration Console File Disclosure and Corruption Vulnerabilities 25 Jun 2010 8 (v2) High Pass Bugzilla 'time-tracking' fields Information Disclosure CVE-2010-0180 CVE-2010-1204 CVE-2010-2470 30 Jun 2010 5 (v2) Medium Pass IIS 5.x Alternate Data Stream Authentication Bypass CVE-2010-2731 05 Jul 2010 7.5 (v2) High Pass ArtForms Component for Joomla! 'viewform' Parameter SQLi CVE-2010-2847 12 Jul 2010 7.3 (v3) High Pass Ipswitch IMail Server < 11.02 Multiple Vulnerabilities 16 Jul 2010 10 (v2) Critical Pass Hydra: HTTP proxy 01 Dec 2004 7.5 (v2) High Pass Hydra: ICQ 01 Dec 2004 7.5 (v2) High Pass Hydra: IMAP 01 Dec 2004 7.5 (v2) High Pass Bitweaver wiki/rankings.php style Parameter Traversal Local File Inclusion 15 Jul 2010 7.5 (v2) High Pass Pligg search.php search Parameter XSS 20 Jul 2010 4.3 (v2) Medium Pass Hydra: MS SQL 01 Dec 2004 7.5 (v2) High Pass Hydra: SMTP AUTH 01 Dec 2004 7.5 (v2) High Pass Hydra: SNMP 01 Dec 2004 7.5 (v2) High Pass Hydra: telnet 01 Dec 2004 10 (v2) Critical Pass Timbuktu Detection (TCP) 01 Dec 2004 None Pass CGI Generic XSS (comprehensive test) 26 Jul 2010 4.3 (v2) Medium Pass Nessus Web Server XSS CVE-2010-2914 26 Jul 2010 4.7 (v3) Medium Pass MediaWiki profileinfo.php 'filter' Parameter XSS CVE-2010-2788 29 Jul 2010 2.6 (v2) Low Pass Huru Helpdesk Component for Joomla! 'cid[0]' Parameter SQLi CVE-2010-2907 30 Jul 2010 7.3 (v3) High Pass TYPO3 Back-end 'index.php' 'redirect_url' Redirect 03 Aug 2010 4.3 (v2) Medium Pass PHP 5.2 < 5.2.14 Multiple Vulnerabilities CVE-2007-1581 CVE-2010-0397 CVE-2010-1860 CVE-2010-1862 CVE-2010-1864 CVE-2010-2097 CVE-2010-2100 CVE-2010-2101 CVE-2010-2190 CVE-2010-2191 CVE-2010-2225 CVE-2010-2484 CVE-2010-2531 CVE-2010-306504 Aug 2010 7.5 (v2) High Pass CUPS Internet Printing Protocol (IPP) Implementation Empty UDP Datagram Remote DoS CVE-2004-0558 03 Dec 2004 5 (v2) Medium Pass PHP 5.3 < 5.3.3 Multiple Vulnerabilities CVE-2007-1581 CVE-2010-0397 CVE-2010-1860 CVE-2010-1862 CVE-2010-1864 CVE-2010-1917 CVE-2010-2097 CVE-2010-2100 CVE-2010-2101 CVE-2010-2190 CVE-2010-2191 CVE-2010-2225 CVE-2010-2484 CVE-2010-2531 CVE-2010-3062 CVE-2010-3063 CVE-2010-3064 CVE-2010-306504 Aug 2010 9.3 (v2) High Pass Atlassian JIRA ConfigureReport.jspa 'reportKey' Information Disclosure 06 Aug 2010 5 (v2) Medium Pass Default Password (0p3nm35h) for 'root' Account CVE-1999-0502 09 Aug 2010 9.8 (v3) Critical Pass Adobe Flash Media Server < 3.0.6 / 3.5.4 Multiple Vulnerabilities (APSB10-19) CVE-2010-2217 CVE-2010-2218 CVE-2010-2219 CVE-2010-2220 11 Aug 2010 10 (v2) Critical Pass Bugzilla 'reporter' field Information Disclosure CVE-2010-2756 12 Aug 2010 5.3 (v3) Medium Pass FuseTalk categories.aspx FTVAR_SORTORDER Parameter XSS 17 Aug 2010 4.3 (v2) Medium Pass FuseTalk usersearchresults.cfm keyword Parameter XSS 17 Aug 2010 4.3 (v2) Medium Pass QNX pdebug Service Detection 17 Aug 2010 10 (v2) Critical Pass Serv-U < 10.2.0.0 25 Aug 2010 5 (v2) Medium Pass phpMyAdmin setup.php Arbitrary PHP Code Execution (PMASA-2010-4) CVE-2010-3055 27 Aug 2010 7.5 (v2) High Pass CGI Generic 2nd Order SQL Injection Detection (potential) 30 Aug 2010 7.5 (v2) High Pass Splunk Default Administrator Credentials (splunkd) 01 Sep 2010 7.5 (v2) High Pass SnortReport nmap.php target Parameter Arbitrary Command Execution 02 Sep 2010 8.8 (v3) High Pass Horde util/icon_browser.php subdir Parameter XSS CVE-2010-3077 07 Sep 2010 4.3 (v2) Medium Pass phpMyAdmin setup.php Verbose Server Name XSS (PMASA-2010-7) CVE-2010-3263 08 Sep 2010 4.3 (v2) Medium Pass HP System Management Homepage < 6.2 Multiple Vulnerabilities CVE-2009-3555 CVE-2009-4017 CVE-2009-4018 CVE-2009-4143 CVE-2010-1586 CVE-2010-2068 CVE-2010-3009 CVE-2010-3011 CVE-2010-3012 CVE-2010-3283 CVE-2010-328417 Sep 2010 9 (v2) High Pass Linksys Router Debug Credentials (Gemtek / gemtekswd) CVE-2010-1573 22 Sep 2010 10 (v2) Critical Pass Atmail WebMail < 6.2.0 (6.20) 'MailType' Parameter XSS CVE-2010-4930 30 Sep 2010 4.3 (v2) Medium Pass Mura CMS FILEID Parameter Directory Traversal CVE-2010-3468 30 Sep 2010 5 (v2) Medium Pass TikiWiki 'tiki-edit_wiki_section.php' type Parameter XSS 04 Oct 2010 4.3 (v2) Medium Pass Zen Cart index.php typefilter Parameter Traversal Local File Inclusion 04 Oct 2010 5 (v2) Medium Pass SurgeMail surgeweb XSS CVE-2010-3201 04 Oct 2010 4.3 (v2) Medium Pass mathTeX mathtex.cgi getdirective Function dpi Tag Arbitrary Code Execution CVE-2009-1383 06 Oct 2010 7.5 (v2) High Pass MantisBT nusoap/nusoap.php NuSOAP WSDL XSS CVE-2010-3070 07 Oct 2010 4.3 (v2) Medium Pass MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure (2418042) (uncredentialed check) CVE-2010-3332 08 Oct 2010 5 (v2) Medium Pass FreePBX admin/cdr/call-comp.php 'dst' Parameter SQLi 18 Oct 2010 7.5 (v2) High Pass BitDefender Update Server HTTP Request Traversal Arbitrary File Access CVE-2008-0396 21 Jan 2008 7.8 (v2) High Pass Crystal Reports Central Management Server Detection 23 Jan 2008 None Pass boastMachine mail.php id Parameter SQL Injection CVE-2008-0422 23 Jan 2008 7.5 (v2) High Pass Kayako SupportSuite syncml/index.php Direct Request Remote Information Disclosure CVE-2008-0395 23 Jan 2008 5 (v2) Medium Pass YaBB SE Cookie Authentication Bypass 23 Jan 2008 7.5 (v2) High Pass MoinMoin MOIN_ID Cookie userform Action Traversal Arbitrary File Overwrite CVE-2008-0782 24 Jan 2008 7.5 (v2) High Pass nagios-statd Daemon Detection 26 Jan 2008 None Pass AXIMilter Detection 28 Jan 2008 None Pass CandyPress Store admin/utilities_ConfigHelp.asp helpfield Parameter SQL Injection CVE-2008-0737 28 Jan 2008 7.5 (v2) High Pass vTiger CRM Directory File Disclosure CVE-2008-3458 28 Jan 2008 5 (v2) Medium Pass SQLiteManager confirm.php spaw_root Parameter Remote File Inclusion CVE-2008-0516 30 Jan 2008 6.8 (v2) Medium Pass VNCviewer in Listen Mode Detection 04 Feb 2008 None Pass AkoGallery Component for Mambo / Joomla! 'id' Parameter SQLi CVE-2008-0561 04 Feb 2008 7.3 (v3) High Pass IBM DB2 < 8.1 Fix Pack 16 Multiple Vulnerabilities CVE-2007-3676 CVE-2007-5757 CVE-2008-0698 05 Feb 2008 9.8 (v3) Critical Pass WinComLPD LPD Monitoring Server Detection 06 Feb 2008 None Pass Skype Web Content Zone Multiple Field Remote Code Execution (uncredentialed check) CVE-2008-0454 CVE-2008-0582 CVE-2008-0583 07 Feb 2008 7.6 (v2) High Pass ExtremeZ-IP File and Print Server Zidget/HTTP Server Traversal Arbitrary File Access CVE-2008-0758 12 Feb 2008 5 (v2) Medium Pass osCommerce Customer Testimonials customer_testimonials.php testimonial_id Parameter SQL Injection CVE-2008-0719 13 Feb 2008 7.5 (v2) High Pass Joomla! 'mosConfig_absolute_path' Parameter Remote File Include CVE-2008-5671 15 Feb 2008 9.8 (v3) Critical Pass Adobe Flash Media Server < 2.0.5 Multiple Remote Vulnerabilities CVE-2007-6148 CVE-2007-6149 CVE-2007-6431 15 Feb 2008 10 (v2) Critical 57