AI Content Chat (Beta) logo

Pass Kerio WinRoute Firewall Web Server Remote Source Code Disclosure 20 Jun 2012 5 (v2) Medium Pass Cisco Prime Collaboration Assurance 10.5.1.x < 10.5.1.58480 Multiple Vulnerabilities CVE-2015-6328 CVE-2015-6331 09 May 2016 6.8 (v2) Medium Pass Apache Tomcat 8.5.0 < 8.5.63 Multiple Vulnerabilities CVE-2020-9484 CVE-2021-25122 CVE-2021-25329 04 Mar 2021 7.5 (v3) High Pass NSClient Default Password 20 Jul 2009 5 (v2) Medium Pass Basilic diff.php Command Injection CVE-2012-3399 05 Jul 2012 7.5 (v2) High Pass SecurityReporter < 4.6.3p1 Multiple Vulnerabilities CVE-2007-3985 CVE-2007-3986 06 Sep 2007 5 (v2) Medium Pass Palo Alto Networks PAN-OS 6.1.x <= 6.1.20 / 7.1.x < 7.1.21 / 8.0.x < 8.0.14 / 8.1.x < 8.1.4 Multiple Vulnerabilities (PCVE-2018-0732 CVE-2018-0737 CVE-2018-0739AN-SA-2018-0015) 29 Mar 2019 5.9 (v3) Medium Pass Altiris Deployment Solution Server DB Manager Unauthenticated Command Execution CVE-2009-3107 31 Aug 2009 7.5 (v2) High Pass Spiceworks HTTP Response Accept Header Handling Overflow DoS 11 Aug 2009 10 (v2) Critical Pass Citrix NetScaler Application Delivery Controller Multiple Vulnerabilities CVE-2012-2141 CVE-2013-6938 CVE-2013-6939 CVE-2013-6940 CVE-2013-6941 CVE-2013-6942 CVE-2013-6943 CVE-2013-6944 26 Mar 2014 10 (v2) Critical Pass Novell GroupWise WebAccess User.interface Directory Traversal CVE-2012-0410 13 Jul 2012 5 (v2) Medium Pass Scrutinizer < 9.5.2 exporters.php XSS CVE-2012-3848 23 Aug 2012 4.3 (v2) Medium Pass Juniper Junos vMX 14.1 < 14.1R8 / 15.1 < 15.1F5 Local Information Disclosure (JSA10766) CVE-2016-4924 04 Nov 2016 6.5 (v3) Medium Pass WordPress < 2.8.4 Password Reset CVE-2009-2762 12 Aug 2009 6.4 (v2) Medium Pass Apache Tomcat 7.0.0 < 7.0.108 RCE CVE-2020-9484 CVE-2021-25329 05 Mar 2021 7 (v3) High Pass OpenWrt Router with a Blank Password (telnet check) CVE-1999-0508 23 Jul 2009 10 (v2) Critical Pass Cisco IOS Software Multiple Network Address Translation (NAT) Denial of Service Vulnerabilities (cisco-sa-20140326-nat)CVE-2014-2109 CVE-2014-2111 04 Apr 2014 7.8 (v2) High Pass Xerox WorkCentre Web Services Extensible Interface Platform Unauthorized Access (XRX09-003) 28 Aug 2009 5 (v2) Medium Pass CMS Made Simple url Parameter Arbitrary File Access 11 Aug 2009 5 (v2) Medium Pass Cisco IOS IKEv1 Fragmentation DoS (cisco-sa-20160928-ios-ikev1) CVE-2016-6381 14 Nov 2016 7.5 (v3) High Pass Apple iTunes < 9.0.1 PLS File Buffer Overflow (uncredentialed check) CVE-2009-2817 23 Sep 2009 9.3 (v2) High Pass Browsable Web Directories 15 Sep 2009 5.3 (v3) Medium Pass Altiris Deployment Solution < 6.9.176 Multiple Vulnerabilities CVE-2008-2286 CVE-2008-2287 CVE-2008-2288 CVE-2008-2289 CVE-2008-2291 15 May 2008 10 (v2) Critical Pass Dell OpenManage Server Administrator omalogin.html DOM-based XSS CVE-2012-4955 20 Nov 2012 6.1 (v3) Medium Pass NaviCOPA ::$DATA Extension Request Source Code Disclosure CVE-2009-3646 28 Sep 2009 5 (v2) Medium Pass McAfee Web Gateway Multiple OpenSSL Vulnerabilities (SB10075) CVE-2010-5298 CVE-2014-0076 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 19 Jun 2014 6.8 (v2) Medium Pass SNMP Agent Default Community Name (public) CVE-1999-0517 25 Nov 2002 7.5 (v2) High Pass Adobe RoboHelp Server Security Bypass (APSA09-05) CVE-2009-3068 30 Sep 2009 10 (v2) Critical Pass Adobe RoboHelp Server Security Bypass (APSA09-05 / intrusive check) CVE-2009-3068 30 Sep 2009 10 (v2) Critical Pass NaviCOPA Encoded Space Request Source Code Disclosure CVE-2009-4529 15 Oct 2009 5 (v2) Medium Pass CGI Generic SSI Injection 07 Oct 2009 7.5 (v2) High Pass CGI Generic Local File Inclusion 07 Oct 2009 5 (v2) Medium Pass Unencrypted Telnet Server 27 Oct 2009 6.5 (v3) Medium Pass Infoblox IPAM Appliance Default Credentials 22 Oct 2009 7.5 (v2) High Pass OSSIM Web Frontend Default Credentials 02 Nov 2009 7.5 (v2) High Pass XOOPS misc.php Query String XSS CVE-2009-3963 10 Nov 2009 4.3 (v2) Medium Pass osCommerce file_manager.php Arbitrary PHP Code Injection 03 Nov 2009 7.5 (v2) High Pass OpenVMPS Logging Function Format String CVE-2005-4714 20 Oct 2005 7.5 (v2) High Pass Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10629) CVE-2010-5298 CVE-2014-0198 CVE-2014-0224 CVE-2014-3470 05 Aug 2014 6.8 (v2) Medium Pass CGI Generic SQL Injection (HTTP Cookies) 06 Nov 2009 7.5 (v2) High Pass SugarCRM on Apache / Windows .htaccess Direct Request Arbitrary File Access 01 Dec 2009 5 (v2) Medium Pass CGI Generic SSI Injection (HTTP headers) 06 Nov 2009 7.5 (v2) High Pass Gallery Plugin for WordPress 'load' Parameter Remote File Inclusion CVE-2012-4919 11 Feb 2013 7.5 (v2) High Pass Symantec (Blue Coat) Reporter CLI OS Command Injection Vulnerability (SYMSA1465) CVE-2018-12237 18 Jan 2019 7.2 (v3) High Pass Novell eDirectory < 8.8.5.2 / 8.7.3.10 ftf2 'NDS Verb' Request Buffer Overflow CVE-2009-0895 07 Dec 2009 10 (v2) Critical Pass OpenSSH X11 Forwarding Session Hijacking CVE-2008-1483 CVE-2008-3234 03 Apr 2008 6.9 (v2) Medium Pass Juniper Junos CLI Local Privilege Escalation (JSA10803) CVE-2017-10602 31 Jul 2017 7.8 (v3) High Pass Kiwi Syslog Server Web Access Login Username Enumeration 14 Dec 2009 5 (v2) Medium Pass Sun Java System Identity Manager Default Credentials 15 Dec 2008 7.5 (v2) High Pass Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10649) CVE-2014-3509 CVE-2014-3511 CVE-2014-3512 CVE-2014-5139 14 Oct 2014 7.5 (v2) High Pass Snitz Forums 2000 active.asp HTTP X-Forwarded-For Header SQL Injection 07 Jan 2010 7.5 (v2) High Pass TurboFTP Server < 1.00.720 DoS 13 Jan 2010 4 (v2) Medium Pass Novell NetWare 6.5 OpenSSH Remote Stack Buffer Overflow 04 Oct 2011 9 (v2) High Pass OpenSSH < 2.9.9p1 Resource Limit Bypass CVE-2001-1459 04 Oct 2011 7.5 (v2) High Pass OpenSSH < 2.9.9 / 2.9p2 Symbolic Link 'cookies' File Removal CVE-2001-0529 04 Oct 2011 3.3 (v2) Low Pass OpenSSH < 3.2.3 YP Netgroups Authentication Bypass CVE-2002-0765 04 Oct 2011 7.5 (v2) High Pass OpenSSH < 2.9.9p2 echo simulation Information Disclosure CVE-2001-1382 04 Oct 2011 5 (v2) Medium Pass Juniper Junos J-Web Reflected XSS (JSA10764) CVE-2016-4923 27 Oct 2016 4.3 (v3) Medium Pass OpenSSH < 4.0 known_hosts Plaintext Host Information Disclosure CVE-2005-2666 CVE-2007-4654 CVE-2004-2760 04 Oct 2011 1.2 (v2) Low Pass OpenSSH < 4.3 scp Command Line Filename Processing Command Injection CVE-2006-0225 04 Oct 2011 4.6 (v2) Medium Pass OpenSSH < 4.7 Trusted X11 Cookie Connection Policy Bypass CVE-2007-4752 CVE-2007-2243 04 Oct 2011 7.5 (v2) High Pass OpenSSH < 4.9 'ForceCommand' Directive Bypass CVE-2008-1657 04 Oct 2011 6.5 (v2) Medium Pass Web Server Generic Cookie Injection 25 Jan 2010 4.3 (v2) Medium Pass SAP BusinessObjects 'HappyAxis2.jsp' Information Disclosure 01 Feb 2010 5 (v2) Medium Pass MoinMoin Detection 02 Feb 2010 None Pass QMTP Open Relay 15 May 2009 7.8 (v2) High Pass Web Application SQL Backend Identification 19 Feb 2010 5 (v2) Medium Pass Mac OS X 10.10.x < 10.10.2 Multiple Vulnerabilities (POODLE) CVE-2014-1595 CVE-2014-3192 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-4371 CVE-2014-4389 CVE-2014-4419 CVE-2014-4420 CVE-2014-4421 CVE-2014-4460 CVE-2014-4461 CVE-2014-4476 CVE-2014-4477 CVE-2014-4479 CVE-2014-4481 CVE-2014-4483 CVE-2014-4484 CVE-2014-4485 CVE-2014-4486 CVE-2014-4487 CVE-2014-4488 CVE-2014-4489 CVE-2014-4491 CVE-2014-4492 CVE-2014-4495 CVE-2014-4498 CVE-2014-4499 CVE-2014-6277 CVE-2014-7186 CVE-2014-7187 CVE-2014-7861 CVE-2014-8517 CVE-2014-8817 CVE-2014-8819 CVE-2014-8820 CVE-2014-8821 CVE-2014-8822 CVE-2014-8823 CVE-2014-8824 CVE-2014-8825 CVE-2014-8826 CVE-2014-8827 CVE-2014-8830 CVE-2014-8831 CVE-2014-8832 CVE-2014-8833 CVE-2014-8834 CVE-2014-8835 CVE-2014-8836 CVE-2014-8837 CVE-2014-8838 CVE-2014-883929 Jan 2015 9.8 (v3) Critical Pass Zabbix node_process_command() Function Crafted Request Arbitrary Command Execution CVE-2009-4498 15 Feb 2010 8.8 (v3) High Pass IBM WebSphere Application Server < 6.0.2.35 Multiple Vulnerabilities CVE-2009-1898 CVE-2009-1899 CVE-2009-1900 CVE-2009-1901 02 Jun 2009 5 (v2) Medium Pass Splunk 5.0.x < 5.0.3 Multiple Vulnerabilities CVE-2012-6447 CVE-2013-0166 CVE-2013-0169 06 Jun 2013 4.3 (v2) Medium Pass Cisco Nexus 9000 ACI Mode Shell Escape Vulnerability (cisco-sa-20190306-aci-shell-escape) CVE-2019-1591 01 Jun 2020 7.8 (v3) High Pass SpamAssassin Milter Plugin 'mlfi_envrcpt()' Remote Arbitrary Command Injection CVE-2010-1132 09 Mar 2010 10 (v2) Critical Pass MyDoom Virus Backdoor Detection 27 Jan 2004 10 (v2) Critical Pass CGI Generic Command Execution (time-based) 19 Feb 2010 7.5 (v2) High Pass McAfee LinuxShield Login Username Enumeration 04 Mar 2010 5 (v2) Medium Pass SilverStripe CMS Running in Development Mode 01 Mar 2010 5 (v2) Medium Pass Apache 2.2.x < 2.2.14 Multiple Vulnerabilities CVE-2009-2699 CVE-2009-3094 CVE-2009-3095 07 Oct 2009 7.3 (v3) High Pass Juniper Junos Virtualized Environment Guest-To-Host Privilege Escalation (JSA10787) CVE-2017-2341 23 Aug 2017 8.8 (v3) High Pass Session Fixation Attack on HTTP Cookies 17 Mar 2010 7.5 (v2) High Pass Multiple Vendor phf CGI Arbitrary Command Execution CVE-1999-0067 22 Jun 1999 10 (v2) Critical Pass eScan MWAdmin forgotpassword.php uname Parameter Arbitrary Command Execution 25 Mar 2010 10 (v2) Critical Pass Hyperic HQ Web GUI Default Credentials 26 Mar 2010 7.5 (v2) High Pass Juniper Junos SRX DHCP flowd DHCP Packet Handling DoS (JSA10789) CVE-2017-10605 23 Aug 2017 7.5 (v3) High Pass Mac OS X FTP Server Directory Traversal CVE-2010-0501 30 Mar 2010 5 (v2) Medium Pass IBM WebSphere Application Server 6.0 < 6.0.2.17 Multiple Vulnerabilities CVE-2006-6636 CVE-2006-6637 05 Apr 2010 10 (v2) Critical Pass SSL Certificate with Wrong Hostname 03 Apr 2010 5.3 (v3) Medium Pass IBM WebSphere Application Server 6.0 < 6.0.2.23 Unspecified Vulnerability (PK45726) CVE-2007-5483 05 Apr 2010 10 (v2) Critical Pass IBM WebSphere Application Server 6.0 < 6.0.2.19 HTTP Response Splitting CVE-2007-1608 05 Apr 2010 7.5 (v2) High Pass Apple Mac OS X Wiki Server File Upload Security Bypass CVE-2010-0523 08 Apr 2010 5 (v2) Medium Pass Cisco NX-OS Multiple ntpd Vulnerabilities CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 18 Mar 2015 7.5 (v2) High Pass IBM WebSphere Application Server 6.0 < 6.0.2.41 Multiple Vulnerabilities CVE-2010-0768 CVE-2010-0769 CVE-2010-0770 CVE-2010-0774 CVE-2010-0775 06 Apr 2010 4.3 (v2) Medium Pass Apache CouchDB Unauthenticated Administrative Access 07 Apr 2010 7.5 (v2) High Pass Samba < 3.0.35 / 3.2.13 / 3.3.6 Multiple Vulnerabilities CVE-2009-1886 CVE-2009-1888 CVE-2006-3403 24 Jun 2009 3.5 (v2) Low Pass VLC Web Interface XML Services Remote Command Execution CVE-2013-3564 23 Jul 2013 6.3 (v3) Medium Pass Apple Mac OS X Wiki Server Weblog SACL Security Bypass CVE-2010-0534 08 Apr 2010 4 (v2) Medium Pass Juniper Junos SRX Integrated User Firewall Hardcoded Credentials (JSA10791) CVE-2017-2343 23 Aug 2017 10 (v3) Critical Pass WindWeb <= 2.0 Malformed GET Request Remote DoS CVE-2005-3475 28 Oct 2005 5 (v2) Medium Pass Juniper Junos snmpd SNMP Packet Handling RCE (JSA10793) CVE-2017-2345 23 Aug 2017 9.8 (v3) Critical Pass Nessus Web UI Scanned Content Stored XSS CVE-2014-7280 25 Feb 2016 4.1 (v3) Medium Pass HP LaserJet Pro /IoMgmt/Adapters/wifi0/WPS/Pin WPS PIN Disclosure CVE-2013-4807 09 Aug 2013 7.8 (v2) High Pass Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities CVE-2005-3352 CVE-2006-5752 CVE-2007-3847 CVE-2007-5000 CVE-2007-6388 CVE-2008-2364 CVE-2010-0425 CVE-2010-0434 CVE-2010-2068 CVE-2011-0419 CVE-2011-3348 CVE-2012-268711 Aug 2013 10 (v2) Critical Pass CGI Generic XSS (HTTP Headers) 30 Apr 2010 2.6 (v2) Low Pass Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10679) (FREAK) CVE-2014-3569 CVE-2014-3570 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 21 Apr 2015 5 (v2) Medium Pass Ektron CMS400.NET 'workarea/reterror.aspx' info Parameter XSS 30 Apr 2010 4.3 (v2) Medium Pass Fixed HTTP Session Cookies 30 Apr 2010 5.6 (v3) Medium Pass Juniper Junos rpd MPLS Ping Packet Handling DoS (JSA10795) CVE-2017-2347 23 Aug 2017 6.5 (v3) Medium Pass Virtualizor < 2.3.1 Unspecified SQL Injection 24 Jul 2013 9 (v2) High Pass Resin resin-admin/digest.php XSS CVE-2010-2032 21 May 2010 4.3 (v2) Medium Pass Cisco NX-OS IS-IS Packet Processing Denial of Service Vulnerability CVE-2017-3804 07 Sep 2017 6.1 (v3) Medium Pass ManageEngine ADManager Plus 'computerName' Parameter XSS CVE-2010-5050 02 Jun 2010 4.3 (v2) Medium Pass Cisco Email Security Appliance Malformed EML Attachment Bypass Vulnerability (cisco-sa-20170906-esa)CVE-2017-12218 08 Sep 2017 5.8 (v3) Medium 3

RELAYTO Penetration Test Results - Page 3 RELAYTO Penetration Test Results Page 2 Page 4