7.8CVSS
8.1AI Score
0.006EPSS
SAP Solution Manager Web Detection
The web interface for SAP Solution Manager was detected on the remote host. SAP Solution Manager is application lifecycle management software. Note: This plugin does not report anything. Instead, it collects information stored in host tags for the future development of this...
0.4AI Score
Cisco HyperFlex Web API Detection
The web API for Cisco HyperFlex was detected on the remote...
1AI Score
Cisco Energy Management Web Detection
Cisco Energy Management, a power management solution for IT assets, was detected based on the web...
2.1AI Score
Apache Nifi Web Interface Detection
The web interface for Apache Nifi was detected on the remote host. Apache Nifi is a software project designed to automate the flow of data between software systems. NOTE: Nifi version 14.0 and later requires the server's hostname to be added to nifi.web.https.host in nifi.properties to be scanned.....
3.9AI Score
Oracle iPlanet Web Server Detection
Oracle iPlanet Web Server (formerly Sun Java System Web Server) was detected on the remote host. iPlanet is a web server that is used for secure infrastructure hosting found in enterprise...
0.8AI Score
7.4AI Score
OwnCloud OwnCloud Web Interface Detection
The web interface for OwnCloud OwnCloud, an open-source file sync, share and content collaboration software, was detected on the remote...
7.5AI Score
Fortinet FortiSIEM Web Interface Detection
The web interface for Fortinet FortiSIEM, a Security Information and Event Management system was detected on the remote...
7.5AI Score
Extreme Networks ExtremeXOS Web Detection
The web interface for Extreme Networks ExtremeXOS was detected on the remote. Note that HTTP form credentials are required to retrieve version...
7.3AI Score
VMware Cloud Foundation Web Detection
VMware Cloud Foundation, a Hybrid Cloud Platform web application that manages virtual machines was detected on the remote host. Note: To obtain accurate version information from the web server, provide credentials to support HTTP basic...
1.7AI Score
JetBrains TeamCity Web Interface Detection
Detects the web interface for JetBrains TeamCity on the remote...
0.7AI Score
Adobe Experience Manager Web Detection
The remote host is running Adobe Experience Manager, a digital asset and content management software. Note: To retrieve patch level information this plugin requires the HTTP credentials of the web console. For accurate results, you may need to enable the Adobe Experience Manager ports (by default,....
0.2AI Score
Vacron NVR Web Interface Detection
Nessus was able to detect the web interface for a Vacron network video recorder on the remote...
1.3AI Score
QlikView Server Web UI Detection
The web user interface (UI) for QlikView Server, a business intelligence platform, is running on the remote...
1.6AI Score
Acunetix Web Vulnerability Scanner Detection
The remote Windows host has one or more installs of Acunetix Web Vulnerability Scanner (WVS), a dynamic vulnerability scanner for web...
1.6AI Score
7.5AI Score
Palo Alto Expedition Web Detection
The web interface for Palo Alto Expedition was detected on the remote host. Expedition is software designed to enable migration of firewall policies and configurations. It is possible to extract version information if login credentials are...
2.5AI Score
IBM BigFix Web Reports Detection
The remote host is running IBM BigFix Web Reports, a high-level web application that connects to one or more IBM BigFix databases to aggregate, analyze, and manage network...
6.9AI Score
Visualware MyConnection Server Web Detection
The remote host is running the web based user interface for Visualware MyConnection Server (MCS), a network quality management application. It was possible to read the version from a standard...
2.3AI Score
6.5CVSS
6.8AI Score
0.001EPSS
Microsoft Exchange Outlook Web App / Outlook Web Access (OWA) Detection (HTTP)
HTTP based detection of the Microsoft Exchange Outlook Web App / Outlook Web Access (OWA) and the Microsoft Exchange Server running this OWA...
7.3AI Score
RHEL 6 : icedtea-web (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. icedtea-web: unsigned code injection in a signed JAR file (CVE-2019-10181) icedtea-web: directory...
8.3AI Score
0.027EPSS
A vulnerability, which was classified as problematic, has been found in cloudfavorites favorites-web 1.3.0. Affected by this issue is some unknown functionality of the component Nickname Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has...
5.4CVSS
5.2AI Score
0.001EPSS
A vulnerability was found in ytti Oxidized Web. It has been classified as problematic. Affected is an unknown function of the file lib/oxidized/web/views/conf_search.haml. The manipulation of the argument to_research leads to cross site scripting. It is possible to launch the attack remotely. The.....
5.4CVSS
5.2AI Score
0.001EPSS
A vulnerability was found in ityouknow favorites-web. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Comment Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the.....
5.4CVSS
5.2AI Score
0.001EPSS
An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could craft a special...
8.8CVSS
7.8AI Score
0.135EPSS
An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could craft a special...
5.5CVSS
5.5AI Score
0.014EPSS
A vulnerability, which was classified as critical, has been found in WeiYe-Jing datax-web 2.1.2. Affected by this issue is some unknown functionality of the file /api/log/killJob of the component HTTP POST Request Handler. The manipulation of the argument processId leads to os command injection....
9.8CVSS
9.8AI Score
0.003EPSS
DirectAdmin Web Control Panel Login Utility
This module will attempt to authenticate to a DirectAdmin Web Control...
7.2AI Score
BAVision IP Camera Web Server Login
This module will attempt to authenticate to an IP camera created by BAVision via the web service. By default, the vendor ships a default credential admin:123456 to its cameras, and the web server does not enforce lockouts in case of a bruteforce...
7.2AI Score
Chef Web UI Brute Force Utility
This module attempts to login to Chef Web UI server instance using username and password combinations indicated by the USER_FILE, PASS_FILE, and USERPASS_FILE options. It will also test for the default login...
7.5AI Score
A vulnerability classified as problematic has been found in web-cyradm. This affects an unknown part of the file search.php. The manipulation of the argument searchstring leads to sql injection. It is recommended to apply a patch to fix this issue. The identifier VDB-217449 was assigned to this...
7.5CVSS
7.9AI Score
0.001EPSS
A vulnerability, which was classified as critical, has been found in web-cyradm. Affected by this issue is some unknown functionality of the file auth.inc.php. The manipulation of the argument login/login_password/LANG leads to sql injection. The attack may be launched remotely. The name of the...
9.8CVSS
9.7AI Score
0.002EPSS
Web Server Directory Enumeration
This plugin attempts to determine the presence of various common directories on the remote web server. By sending a request for a directory, the web server response code indicates if it is a valid directory or...
9.6AI Score
0.002EPSS
The addon.stdin service in addon-ssh (aka Home Assistant Community Add-on: SSH & Web Terminal) before 10.0.0 has an attack surface that requires social engineering. NOTE: the vendor does not agree that this is a vulnerability; however, addon.stdin was removed as a defense-in-depth measure against.....
8.8CVSS
8.6AI Score
0.002EPSS
Twonky Server Unprotected Web Console (HTTP)
The remote Twonky Server web console is not protected by a username and...
7.4AI Score
Outlook Web Access URL Injection
Due to a lack of sanitization of the user input, the remote version of Microsoft Outlook Web Access 2003 is vulnerable to URL injection which can be exploited to redirect a user to a different, unauthorized web server after authenticating to...
7AI Score
0.972EPSS
YusASP Web Asset Manager Vulnerability
YusASP Web Asset Manager is a complete file manager for your website. If left uprotected, the YusASP allows you to anage the remote...
6.8AI Score
0.006EPSS
Web Application Scanning Consolidation / Info Reporting
The script consolidates and reports various information for web application (formerly...
7.1AI Score
Zyxel NAS Device Web UI Detection
The remote web server hosts a Zyxel web application which indicates it is a Zyxel...
7.5AI Score
Fortinet FortiClient EMS Web Interface Detection
The web interface for Fortinet FortiClient EMS, an endpoint management solution, was detected on the remote...
7.5AI Score
Quest DR Series Appliance Web Detection
The web interface for a Quest DR Series disk backup appliance, formerly Dell DR Series, was detected on the remote...
1.5AI Score
Veritas NetBackup Appliance Web Console Detection
An administrative web console for Veritas NetBackup Appliance, a device for storage and backup applications, is running on the remote...
7.1AI Score
VMware Aria Operations Web UI Detection
The remote web server is running the web UI for VMWare Aria Operations (formerly VMware vRealize Operations Manager), a cloud operations management...
7.5AI Score
iniNet SpiderControl SCADA Web Server Detection
The remote host is running the iniNet SpiderControl Web Server, a component of a software platform for managing and monitoring remote SCADA...
1AI Score
Schneider Electric InduSoft Web Studio Detection
The remote host is running Schneider Electric InduSoft Web Studio, a software application for managing and monitoring remote SCADA...
0.8AI Score
Visualware MyConnection Server Web Default Credentials
The remote host is configured to accept the default credentials for Visualware MyConnection Server (MCS), a web-based network quality management application. A remote attacker can exploit this to gain administrative...
3AI Score
Advantech WebAccess Web Administration Interface Detection
The remote host is running a web interface for Advantech WebAccess, a web-based SCADA HMI...
2AI Score
Microsoft Azure CycleCloud Web Interface Detection
The web interface for Microsoft Azure CycleCloud was detected on the remote...
0.8AI Score