SecuObs.com - L'observatoire de la sécurité internet - McAfee Common Management Agent Directory Traversal Vulnerability infos

Exoscan : audit gratuit de failles

Revue :

- Tous
- Français
- Par mot clé
- Par site
- Le tagwall

Sommaires :

- Tendances - Failles - Virus - Concours - Reportages - Acteurs - Outils - Breves - Infrastructures - Livres - Tutoriels - Interviews - Podcasts - Communiques - Commentaires

Top :

- Ensemble
- Articles
- Revue
- Videos
- Auteurs

Articles :

- Par mot clé
- Par auteur
- Par organisme
- Le tagwall

Videos :

- Toutes
- Par mot clé
- Par site
- Le tagwall

Exostat :

:: Détails tests :: Top Failles :: Top Divers :: Top Tests

Secumail :

- Secunia - Full Disclosure - Bugtraq - DailyDave - Vulnwatch - Vulndiscuss - FunSec - Focus-IDS - WebAppSec - Security-Basis

RSS/XML :

- Articles - Brèves - Revue - Revue FR - Videos - Secunia - Full Disclosure - Bugtraq - DailyDave - Vulnwatch - Vulndiscuss - FunSec - Focus-IDS - WebAppSec - Security-Basis

RSS SecuObs :

- sécurité - windows - exploit - réseau - vulnérabilité - système

RSS Revue :

- security - microsoft - windows - vulnérabilité - network - google

RSS Videos :

- virus - spyware - vmware - firmware - biometric - lockpicking

Revue de presse francophone :

- Qui vole un film, vole un boeuf
- Action policière contre le warez Français
- La mafia Napolitaine investit dans le warez
- SIP : la fin du PBX dans les centres de contacts
- Sécurité > Passerelles de sécurité : Finjan lève 22 millions de dollars
- Arrêt de Grande Chambre 12/11/2008
- Mesures provisoires accordées - 18/11/2008
- Arrêts récents - 14/11/2008
- Salon Infosecurity : les tendances
- Les spécifications de l'USB 3.0 rendues publiques
- Audience en novembre
- Symantec Backup Exec pour Windows Servers : Vulnérabilités Diverses
- HP OpenView Network Node Manager : Vulnérabilités Cross-Site Scripting
- Produits W3matter Multiple f[password] : Vulnérabilité d'Injection SQL
- SIP : la fin de l'IPBX dans les centres de contacts

+ d'articles en français de la revue de presse

Mini-Tagwall

Revue de presse : security, microsoft, windows, vulnérabilité, network, google, vulnerability, hacker, attack, inject, remote, mobile, server

+ de mots clés pour la revue de presse

Annuaires des videos : virus, spyware, vmware, firmware, biometric, lockpicking, wimax, password, kernel, malware, spammer, windows, iphone

+ de mots clés pour les videos

Dernier articles de SecuObs :

- Une vulnérabilité dans la pile TCP/IP des systèmes d'exploitation Microsoft Windows Vista - Un système d’exploitation certifié EAL 6 commercialisé pour le secteur privé - BotHunter une solution pour la détection des flux malveillants - Netwitness Investigator, un outil de monitoring sous stéroïdes - RepRap un projet Opensource de constructeur universel et de système de prototypage - Des vulnérabilités découvertes dans plusieurs applications de gestion des flux VoIP - IKAT un outil d'audit pour les terminaux des kiosques Internet - Vxclass ou la classification de codes malveillants par isomorphisme graphique - Des publicités Google Adsense pour le malware Antivirus XP 2008 - Des probabilités de visualisation des données en clair lors des connexions SSH + d'articles publiés par SecuObs

Top des articles de SecuObs

- WPA TKIP aurait été partiellement cassé
- Collecte d’informations et social engineering via les réseaux sociaux
- [Sécuriser un réseau sans fil - Partie 1] Introduction à la sécurité du WI-FI
- Rustock.C, un rootkit robuste
- Une nouvelle faille RPC dans les systèmes Windows

Voir le top des articles de SecuObs en entier

Top de la revue de presse

- 15 minutes pour casser une clé WPA TKIP
- Un logiciel pour dupliquer des clés à distance
- Avis du CERTA : Bulletin d'actualité numéro 045 de l'année 2008
- scapy vs hping3 : spectrographe de distribution ISN
- VIPeers, un combiné Rapidshare et Bittorrent

Voir le top de la revue de presse en entier

Top de l'annuaire des videos

- metasploit 3 autopwn
- Fallout 3 Lockpicking tutorial
- HACK WINDOWS XP PASSWORD
- SSH into your iPod Touch/iPhone via USB on Windows!
- How to Remove Antivirus 2009 | Antivirus2009 Removal Guide

Voir le top de l'annuaire des videos en entier

Revue de presse internationale :

- The Case of the Insecure Security Software
- The Case of the Unexpected PsList Error
- The Case of the Failed File Compression
- Vista Multimedia Playback and Network Throughput
- The Case of the Failed File Copy
- The Case of the Frozen Clock Gadget
- The Case of the Missing AutoPlay
- Inside Vista SP1 File Copy Improvements
- The Case of the System Process CPU Spikes
- Guest Post: The Case of the FrontPage Error

+ d'articles mondiaux de la revue de presse

Dernières brèves de SecuObs :

- Licence Checkpoint Zone Alarm Pro gratuite pour un an le 18 novembre 2008 - Version 3.0 du CD de secours F-Secure - Appel de la dernière chance pour Gary McKinnon - 20% de remise sur les certificats SSL VeriSign jusqu'au 31 mai 2008 - Vol de données à Harvard + de breves publiées par SecuObs

Annuaire des videos

- whax
- Antispyware Adware Remover
- Demo 07: Ceelox, Inc. Scram
- Kirlian Camera Kaczynski Code / edit by Hipnosis Italy
- PS3 Firmware Update Video

+ de videos de l'annuaire

Commentaires sur SecuObs :

- An Ad for DDoS Services - Network, Phone, Competition http://www - How-to: The Bus Pirate, universal serial interface http://www.se - FREE 1 Year BitDefender Antivirus 2009 Genuine License for EVERY - Metasploit Framework 3.2 Released https://www.secuobs.com/secuma - GPCode Ransom Trojan Decoder http://www.securescience.net/home/ + de commentaires publiés sur SecuObs

Exostats/Exoscan
Nombre de tests inclus	24271

Tests ajoutés	Aujourd'hui	Ce mois
Tests ajoutés	10	309

SecuToolBox : Bluetooth Stack Smasher v0.6 / Bluetooth Stack Smasher v0.8 / Slides Bluetooth Eurosec 2006 / Exposé vidéo Windows Shellcode - Kostya Kortchinsky / Exposé audio Reverse Engineering - Nicolas Brulez / Exposé vidéo Securitech - Pierre Betouin / WEP + Aircrack + Ubiquiti (MadWifi) 530 mW + Yagi / Secure WIFI WPA + EAP-TLS + Freeradius / Audit Windows / Captive Password Windows / USBDumper / USBDumper 2 / Hacking Hardware / WishMaster backdoor / DNS Auditing Tool / Ettercap SSL MITM / Exploit vulnérabilités Windows / Memory Dumper Kernel Hardening / Reverse Engineering / Scapy / SecUbuLIVE CD / Metasploit / eEye Blink Sec Center / eEye Retina Scanner

Détail du test :

ID	22046
Nom	McAfee Common Management Agent Directory Traversal Vulnerability
Auteurs	This script is Copyright (C) 2006-2007 Tenable Network Security
Catégorie	CGI abuses
Action	infos
Résumé	Checks version of Common Management Agent
Description	Synopsis : The remote web server is prone to a directory traversal vulnerability. Description : The remote host is running a Common Management Agent, a component of the ePolicy Orchestrator system security management solution from McAfee. According to its banner, the Common Management Agent on the remote host can be used by an anonymous attacker to gain write access to any file on the affected host with SYSTEM privileges. See also : http://research.eeye.com/html/advisories/published/AD20060713.html http://knowledge.mcafee.com/article/640/9925498_f.SAL_Public.html Solution : Upgrade to version 3.5.5 or later of the Common Management Agent as discussed in the vendor advisory above. Risk factor : Medium / CVSS Base Score : 5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)

Cliquer pour le detail - Liste des tests :

Plumtree Portal User Object Information Disclosure Vulnerability
args.bat
PHP-Fusion < 6.00.110 Multiple SQL Injection Vulnerabilities
DB4Web TCP relay
AWStats is Openly Accessible
netscape publishingXpert 2 PSUser problem
SilverStream directory listing
PHPix directory traversal vulnerability
TextPortal Default Passwords
HappyMall Command Execution
Blog Torrent btdownload.php file Variable Traversal Arbitrary File Retrieval
directory.php
MoinMoin Cookie Handling Vulnerability
MailWatch authenticate Function SQL Injection Vulnerability
Original exif_prog Parameter Command Execution Vulnerability
TYPOlight < 2.2.5 Unspecified Security Vulnerability
DCP-Portal Multiple SQL Injection Vulnerabilities
WebActive world readable log file
InterScan VirusWall Remote Configuration Vulnerability
whois_raw
SPiD lang_path Remote File Include Vulnerability
Coppermine Gallery Remote Command Execution
Mono XSP Source Code Disclosure Vulnerability
FCKeditor upload.php Type Variable Arbitrary File Upload
phpScheduleIt < 1.0.1 Security Bypass Vulnerability
Clever Copy connect.inc Direct Request Information Disclosure
/cgi-bin Directory Browsable?
Exponent CMS < 0.96.4 Multiple Remote Vulnerabilities (XSS, SQLi, Code Exe, Disc)
Outlook Web anonymous access
e107 database dump
gallery authentication bypass
Burning Board modcp.php SQL Injection Vulnerabilities
SquirrelMail base_uri Parameter Information Disclosure Vulnerability
osTicket <= 1.3.1 Multiple Vulnerabilities
Kietu code injection
CakePHP vendors.php file Variable Traversal Arbitrary File Access
PostNuke Install Script
ColdFusion Path Disclosure
Cacti < 0.8.6f Multiple Vulnerabilities
php < 4.3.3
Exhibit Engine toroot Parameter Remote File Include Vulnerability
paFileDB password hash disclosure
Serendipity Detection
WebSite pro reveals the physical file path of web directories
WebMatic Security Vulnerability
XOOPS XFSection Module dir_module Parameter Remote File Include Vulnerability
CubeCart Detection
RCBlog post Parameter Directory Traversal Vulnerability
TWiki configure Script Arbitrary Command Execution Vulnerability
Netquery <= 3.11 Arbitrary Command Execution Vulnerability
Cacti < 0.8.6e Multiple Vulnerabilities
IlohaMail Contacts Deletion Vulnerability
Post-Nuke SQL injection
DotNetNuke Upgrade Process validationkey Generation Weakness Privilege Escalation
WebSpeed remote configuration
JamMail Jammail.pl Remote Arbitrary Command Execution Vulnerability
SpiderSales Shopping Cart SQL injection
bBlog SQL injection flaw
Simple Machines Forum userspec Parameter SQL Injection Vulnerability
PHP < 5.2.5 Multiple Vulnerabilities
phpBannerExchange Template Class Local File Include Vulnerability
Joomla < 1.0.11 Multiple Vulnerabilities
McAfee Common Management Agent 3.6.0.546 Multiple Vulnerabilities
Movable Type config file
miniBB SQL Injection
HP OpenView Network Node Manager CGI Buffer Overflow Vulnerabilities
Read any file thanks to ~nobody/
msmmask.exe
CuteNews Detection
Ingo Detection
Allaire JRun WEB-INF Directory Listing
Moodle < 1.5.3 Multiple SQL Injection Vulnerabilities
vpasswd.cgi
CubeCart SQL injection
Boozt index.cgi overflow
WebCalendar SQL Injection Vulnerability
ServerView Arbitrary Command Execution Vulnerability
php4 multiple flaws
Webapp.org WebAPP < 0.9.9.6 Multiple Vulnerabilities
Web Wiz Forums database disclosure
CuteNews Client-IP Header Code Injection Vulnerability
DUware Multiple Remote Vulnerabilities (SQLi, XSS)
Orion Application Server JSP Script Source Disclosure Vulnerability
paFAQ Multiple Vulnerabilities
Plone Unprotected MembershipTool Methods Vulnerability
MyBB <= RC4 Multiple SQL Injection Vulnerabilities
PHPAuction Admin Authentication Bypass
CVSTrac filediff vulnerability
Nukedit email Parameter SQL Injection Vulnerability
NOCC <= 1.0 Multiple Vulnerabilities
SQL injection in XTreme ASP Photo Gallery
counter.php file overwrite
webadmin.dll detection
iisPROTECT sql injection
Mambo < 4.6.5 mos_user_template Local File Include Vulnerability
X7 Chat day Parameter SQL Injection Vulnerability
Interactive Story Directory Traversal Vulnerability
Dokeos < 1.6.4 / 2.0.3 Remote File Include Vulnerabilities
DevTrack Web Service UserName Field SQL Injection
Super Guestbook config disclosure
MODx CMS base_path Parameter Remote File Include Vulnerability
RiSearch Arbitrary File Access
Cacti index.php/sql.php Login Action login_username Variable SQL Injection
Horde Default Admin Password Vulnerability
e107 Detection
Resin Directory Traversal Vulnerability (2)
AppServ appserv/main.php appserv_root Variable Remote File Inclusion
Singapore Gallery Multiple Flaws
Interspire ArticleLive Multiple Remote Vulnerabilities
Xoops Dictionary Module id Parameter SQL Injection Vulnerability
BugPort unspecified attachment handling flaw
Vignette StoryServer Information Disclosure
Cross-Referencing Linux (lxr) file reading
Les Visiteurs Multiple Remote File Inclusion
Mambo Detection
phpBB <= 2.0.16 Nested BBCode URL Tags Cross-Site Scripting Vulnerability
/perl Directory Browsable?
phpPgAdmin arbitrary files reading
TikiWiki < 1.8.6 / 1.9.1 Multiple Vulnerabilities
UBB.threads doeditconfig Command Injection Vulnerability
ArGoSoft Mail Server Multiple Remote Vulnerabilities (XSS, DoS, Traversal)
ZixForum Database Disclosure
ListManager < 9.3b / 9.2c / 8.95d Multiple Vulnerabilities
phpWebThings editor_insert_bottom Parameter Remote File Include Vulnerability
GWExtranet gwextranet/scp.dll Multiple Variable Traversal Local File Inclusion
e107 ePing Plugin Arbitrary Code Execution Vulnerability
websendmail
CVSTrac history.c history_update function overflow
Dokeos claro_init_local.inc.php extAuthSource Parameter Array Remote File Inclusion
SQL injection in ReviewPost PHP Pro
MyReview email SQL Injection Vulnerability
GOsa code injection
CubeCart 2.0.6 and Earlier Multiple SQL Injection Vulnerabilities
Plogger checked[] Parameter SQL Injection Vulnerability
Basilix Webmail .class / .inc Direct Request Remote Information Disclosure
osTicket Attachment Code Execution Vulnerability
awstatstotals.php remote command execution
Coppermine imageObjectIM.class.php Command Execution Vulnerabilities
SPIP < 1.8.2-g SQL Injection and XSS Flaws
Limbo catid Parameter SQL Injection Vulnerability
PHP Easy Download admin/save.php Paramater Code Injection Vulnerability
myPHPNuke phptonuke.php Directory Traversal
OpenDocMan Access Control Bypass
Netquery <= 3.1 Multiple Vulnerabilities
Hosting Controller vulnerable ASP pages
Seditio Detection
OpenNMS Web Console Detection
Asterisk Recording Interface (ARI) misc/audio.php recording Variable Traversal Arbitrary File Access
Kayako SupportSuite < 3.30.01 Multiple Vulnerabilities
PHP < 4.4.7 / 5.2.2 Multiple Vulnerabilities
SquirrelMail plugins Parameter Local File Include Vulnerability
Sympa Detection
phpMyAdmin < 2.6.4-pl3 Multiple Vulnerabilities
WordPress Pingback Information Disclosure Vulnerability
phpSysInfo < 2.4.1 Multiple Vulnerabilities
WEBInsta CMS templates_dir Parameter Remote File Include Vulnerability
wrap
PHP-Calendar Remote File Include Vulnerability
TWiki filename Parameter Directory Traversal Vulnerability
YaBB SE Cookie Authentication Bypass Vulnerability
eFiction < 2.0.2 Multiple Remote Vulnerabilities (SQLi, XSS, Disc)
WordPress code/sql injection
Multiple Local File Include Vulnerabilities in phpMyAdmin
Snapstream PVS web directory traversal
A1Stats a1disp Traversal Arbitrary File Access
ATutor < 1.5.1-pl1 Multiple Remote Vulnerabilities (XSS, RFI, Command Exe)
mailnews.cgi
phpMyAdmin < 2.9.1 Multiple Vulnerabilities
@lex Guestbook Remote File Inclusion
JBoss source disclosure
php.cgi
Openfire AuthCheck Authentication Bypass
CMS Made Simple modules/TinyMCE/content_css.php templateid Variable SQL Injection
LiteCommerce SQL Injection Vulnerabilities
OpenBB XSS and SQL injection flaws
phpListPro returnpath Remote File Include Vulnerabilities
CuteNews directory traversal flaw
sgdynamo_path
bigconf
Horde url Parameter File Disclosure Vulnerability
my_gallery Plugin for e107 dload.php file Variable Arbitrary File PHP Source Disclosure
IkonBoard SQL injection vulnerabilties
WebCalendar includedir Parameter Remote File Include Vulnerability
Geeklog lib-sessions.php Session Cookie Handling Authentication Bypass
SAXoPRESS url Parameter Directory Traversal Vulnerability
phpMyFAQ Image Upload Authentication Bypass
Aborior Encore WebForum display.cgi file Variable Command Execution
viralator
Xoops Multiple Vulnerabilities
Open WebMail Detection
PHP < 4.4.5 Multiple Vulnerabilities
SQL injection in JPortal
Ruby on Rails Routing Denial of Service Vulnerability
Shells in /cgi-bin
Multiple vulnerabilities in phpBB 2.0.13 and older
Invision Power Board < 2.0.4 Multiple Vulnerabilities
BasiliX login.php3 username Variable Arbitrary Command Execution
Google Search Appliance proxystylesheet Parameter Multiple Remote Vulnerabilities (XSS, Code Exec, ID)
php 4.2.x malformed POST
Symantec Reporting Server < 1.0.224.0 Multiple Vulnerabilities
WebAPP Directory Traversal
Webhosting Component catid Parameter SQL Injection Vulnerability
MediaWiki Detection
e107 resetcore.php SQL Injection
Squirrelcart cart_isp_root Remote File Include Vulnerability
MiniWebsvr Directory Traversal Vulnerability
PlusMail vulnerability
PHPCatalog SQL injection
eLDAPo cleartext passwords
IlohaMail Unspecified Vulnerability
XOOPS xoopsConfig Parameter Local File Inclusion Vulnerabilities
Master Index directory traversal vulnerability
ASG-Sentry CGI Detection
LedgerSMB / SQL-Ledger authentication Bypass Vulnerability
counter.exe vulnerability
guestbook.cgi
aprox portal file disclosure
Trend Micro ControlManager Multiple Vulnerabilities
RunCMS <= 1.2 Multiple Vulnerabilities
AWOL helperfunction.php includedir Variable Remote File Inclusion
SimpGB Guestbook.PHP SQL Injection Vulnerability
XOOPS Jobs Module cid Parameter SQL Injection Vulnerability
MailEnable HTTPMail Service Content-Length Overflow Vulnerability
PHProjekt path_pre Parameter Remote File Include Vulnerability
FUDforum < 2.7.1 Avatar Upload Vulnerability
phpWebSite hub_dir Parameter Local File Include Vulnerability
Dokeos main/inc/lib/events.lib.inc.php Referer HTTP Header SQL Injection
/doc/packages Directory Browsable?
MyDMS SQL Injection and Directory Traversal
Dune Web Server Overflow
Hosting Controller <= 6.1 Hotfix 2.3 Information Disclosure Vulnerabilities
Simple PHP Blog <= 0.4.0 Multiple Vulnerabilities
Multiple Remote Vulnerabilities in PhotoPost PHP 5.0 RC3 and Older
Claroline < 1.5.4 / 1.6.0 Multiple Input Validation Vulnerabilities
Webmin / Usermin Arbitrary File Disclosure Vulnerability
PortalApp sortby Parameter SQL Injection Vulnerability
WordPress AdServe id Parameter SQL Injection Vulnerability
CWmail.exe vulnerability
cPanel Backup File Disclosure
LedgerSMB / SQL-Ledger file Parameter Multiple Vulnerabilities
CodeGrrl Applications Remote File Inclusion Vulnerabilities
Invision Power Board Privilege Escalation Vulnerability / SQL Injection
Turba Path Disclosure
ViRobot Linux Server Remote Buffer Overflow Vulnerability
Centreon include/doc/get_image.php img Variable Traversal Arbitrary File Access
Help Center Live Admin Authentication Bypass Vulnerabilities
BroadVision Physical Path Disclosure Vulnerability
Turbo Seek files reading
Simple PHP Blog Detection
PHPMyBackupPro Input Validation Issues
Sambar /cgi-bin/mailit.pl installed ?
MiniBB PathToFiles Parameter Remote File Include Vulnerability
CuteNews search.php files_arch Array Arbitrary File Access
PhpGroupWare Detection
Active WebCam Webserver <= 5.5 Multiple Vulnerabilities (DoS, Path Disc)
BlackBoard Internet Newsboard System checkdb.inc.php libpath Variable Remote File Inclusion
PT News Unauthorized Administrative Access
biztalk server flaws
PHP3 Physical Path Disclosure Vulnerability
Dream4 Koobi CMS Index.PHP SQL Injection Vulnerability
ListManager < 8.9b Multiple Vulnerabilities
QuickEStore CFTOKEN parameter SQL Injection Vulnerability
Hosting Controller Multiple Information Disclosure Vulnerability
Ultimate PHP Board username Parameter Arbitrary Command Execution Vulnerability
uploader.exe
Multiple vulnerabilities in PHP TopSites
PHPSurveyor sid SQL Injection Flaw
Coppermine Photo Gallery < 1.3.2 Multiple Vulnerabilities
osCommerce Unprotected Admin Directory
Multiple Vulnerabilities in paFileDB 3.1 and older
Gallery Zipcart Module Arbitrary File Disclosure
e107 email.php Arbitrary Mail Relay
IronWebMail Pathname Reference Directory Traversal Vulnerability
EGroupWare Multiple Vulnerabilitie
GTcatalog code injection
Allaire JRun Encoded JSP Request Arbitrary Directory Listing
Security Center < 3.4.2.1 Directory Traversal Vulnerabilities
Webnews.exe vulnerability
PhpGedView PGV_BASE_DIRECTORY Parameter Remote File Include Vulnerability
php4/5 Vulnerabilities
Goscript command execution
PhotoPost PHP Detection
GTcatalog password disclosure
SilverNews < 2.0.4 Multiple Vulnerabilities
PHP Rocket Add-in File Traversal
JWalk server traversal
IBM WebSphere Application Server %20 source disclosure
Symantec Mail Security for SMTP Default Credentials
hsx directory traversal
Instaboard SQL injection
Yawcam Directory Traversal
MyBB < 1.01 SQL Injection Vulnerabilities
WebLogic clear-text passwords
thttpd ssi Directory Traversal Vulnerability
DUamazon Pro Multiple SQL Injection Vulnerabilities
test-cgi
Cacti cmd.php Multiple Variable SQL Injection Arbitrary Command Execution
phpBB Fetch All < 2.0.12
GNU Mailman Multiple Unspecified Remote Vulnerabilities
nph-test-cgi
php safemode
UBB.threads dosearch.php SQL injection
SQLiteManager spaw_root Parameter File Include Vulnerability
Drupal XML-RPC for PHP Remote Code Injection Vulnerability
RedHat 6.0 cachemgr.cgi
e_Board arbitrary file reading
PHP < 4.4.3 / 5.1.4 Multiple Vulnerabilities
Joomla! < 1.0.8 Multiple Vulnerabilities
Sun Server Console Authentication Bypass Vulnerability
Various Dangerous CGI Scripts
Excite for WebServers
ePolicy Orchestrator Local Information Disclosure Vulnerability
Joomla! Detection
PunBB < 1.2.8 Multiple Vulnerabilities
MetaCart E-Shop ProductsByCategory.ASP SQL and XSS Injection Vulnerabilities
PunBB detection
PmWiki < 2.1 beta 21 Multiple Vulnerabilities
BASE Authentication Redirect Authentication Bypass
WoltLab Burning Board search.php Multiple Variable SQL Injection
GForge CVSWeb CGI cvsweb.php PATH_INFO Variable Arbitrary Command Execution
MailWatch for MailScanner doc Parameter File Include Vulnerability
YaPiG Password Protected Directory Access Flaw
Symantec AntiVirus Scan Engine Multiple Remote Vulnerabilities
PostNuke Detection
processit
MDPro topicid parameter SQL Injection Vulnerability
Winmail Server <= 4.2 Build 0824 Multiple Vulnerabilities
Sugar Open Source Detection
PunBB profile.php SQL Injection Vulnerability
PerlDesk SQL Injection Vulnerability (SQLi)
Sympa queue utility privilege escalation vulnerability
phpix remote command execution
phpWebSite multiple flaws
PmWiki < 2.1.21 Global Variables Overwrite Vulnerability
PHP < 5.2.6 Multiple Vulnerabilities
SWC Overflow
PHP Doc System Show Parameter Local File Include Vulnerability
phpWebSite <= 0.10.1 Multiple Vulnerabilities
MS Site Server Information Leak
MyBB Global Variable Overwrite Vulnerability
Woppoware PostMaster <= 4.2.2 Multiple Vulnerabilities
Mailman Detection
ELOG Web LogBook global Denial of Service
phpDocumentor <= 1.3.0 RC4 Local And Remote File Inclusion Vulnerability
toendaCMS < 0.6.2.1 Multiple Vulnerabilities
Mantis Detection
nBill Component cid Parameter SQL Injection Vulnerability
Philboard philboard_admin.ASP Authentication Bypass
Ultimate PHP Board users.dat Information Disclosure
php-proxima file reading
Snitz Forums 2000 SQL injection
ping.asp
iXmail arbitrary file upload
guestbook.pl
paNews showpost Parameter Cross-Site Scripting Vulnerability
PGPMail.pl detection
FlatNuke < 2.5.6 Multiple Remote Vulnerabilities (XSS, Disc, Command Exe)
Drupal Privilege Escalation Vulnerability
Novell iManager < 2.7 SP1 Security Bypass Vulnerability
SQL injection in XPression Software
Oreon file Parameter Remote File Include Vulnerability
PHP < 5.2.4 Multiple Vulnerabilities
Unknown CGIs arguments torture
INL ulog-php SQL injection
Simple PHP Blog config/users.php Information Disclosure Vulnerability
PHPAuction include_path Parameter File Include Vulnerabilities
DokuWiki Detection
ASP Source Disclosure (%20)
ModernBill 4.3.0 and older Multiple Vulnerabilities
DokuWiki Spell Checker Embedded Link Arbitrary PHP Code Execution
MiniVend Piped command
Symantec Backup Exec System Recovery Manager FileUpload Class Unauthorized File Upload Vulnerability
wwwwais
CuteNews Debug Info Disclosure
phpBB < 2.0.22 Multiple Vulnerabilities
paFileDB Detection
Count.cgi
Cerberus Helpdesk rpc.php Arbitrary Ticket Information Disclosure
NETFile Default Admin User / Password Vulnerability
DokuWiki doku.php X-FORWARDED-FOR HTTP Header Arbitrary Code Injection
WebAPP Detection
ActivePerl perlIS.dll Buffer Overflow
PerlDesk File Inclusion
phpWebSite Detection
IMP Session Hijacking Bug
PBLang lang Parameter Local File Include Vulnerability
perlcal
PHP iCalendar Cookie Data Local File Include Vulnerability
SiteBuilder-FX admindir Parameter Remote File Include Vulnerability
e107 e107_cookie Variable SQL Injection
The Includer remote command execution flaw
Web Server load balancer detection
Owl Login bypass
Cold Fusion Administration Page Overflow
webadmin.php detection
vBulletin Email Field Cross-Site Scripting Vulnerability
AngelineCMS loadkernel.php installPath Variable Remote File Inclusion
Symantec Web Security Detection
IBM WebSphere Commerce Remote Information Disclosure Vulnerability
X7 Chat help_file Parameter Local File Include Vulnerability
CubeCart FCKeditor connector.php Arbitrary File Upload
phpPGAds HTTP Response Splitting Vulnerability
PHP-Blogger pref.db Information Disclosure Vulnerability
AsteriDex callboth.php Multiple Variable CRLF Injection Arbitrary Command Execution
RunCMS lid Parameter SQL Injection Vulnerability
MediaWiki Multiple Remote Vulnerabilities
paNews admin_setup.php Remote Code Execution Vulnerability
EasyDynamicPages edp_relative_path Parameter Remote File Include Vulnerability
Horde Help Viewer Code Execution Vulnerability
w-Agora remote directory traversal flaw
Macallan Mail Solution Multiple HTTP vulnerabilities
Multiple Vulnerabilities in yappa-ng < 2.3.2
UebiMiau selected_theme Multiple Vulnerabilities
CVSTrac invalid ticket DoS
quickstore traversal
Trixbox Dashboard langChoice Parameter File Include Vulnerability
Nuked-klan file include
WoltLab Burning Board Lite thread.php decode_cookie Function threadvisit Cookie Variable SQL Injection
PHP-Fusion extract() Variable Overwriting Vulnerabilities
BEA WebLogic Operator/Admin Password Disclosure Vulnerability
Multiple Vulnerabilities in PostNuke 0.760 RC2 and older
htgrep
ad.cgi
Sympa invalid LDAP password DoS
vpopmail.php command execution
Detects LDU version
IIS ASP.NET Application Trace Enabled
Bugzilla Multiple Flaws
Simplog <= 0.9.2 Multiple Vulnerabilities
Coppermine Photo Gallery showdoc.php f Variable Local File Inclusion
Invision Power Board Arcade SQL Injection Vulnerability
CuteNews code injection
w-Agora inc_dir Parameter Remote File Include Vulnerabilities
OpenBB SQL injection
ADOdb server.php sql Variable SQL Injection
Novell GroupWise WebAccess Authentication Bypass
MediaWiki < 1.3.17 / 1.4.11 / 1.5.0 Multiple Vulnerabilities
GuppY inc/includes.inc selskin Parameter Traversal Local File Inclusion
ncbook/book.cgi
Snoop Servlet path disclosure
CVSTrac timeline.c timeline_page function overflow
Synchrologic User account information disclosure
ibillpm.pl
WebLogic source code disclosure
WowBB <= 1.61 multiple flaws
Community Link Pro webeditor login.cgi remote command execution
Dwarf HTTP Server < 1.3.3 Multiple Remote Vulnerabilities (XSS, Disc)
PHPFM Arbitrary File Upload Vulnerability
ndcgi.exe vulnerability
TYPO3 cmw_linklist Extension SQL Injection Vulnerability
Claroline Multiple RemoteVulnerabilities (RFI, Traversal, XSS)
VsSetCookie.exe vulnerability
Site Documentation Module for Drupal Database Tables Access Content Permission Remote Session ID Disclosure
Invision Power Board ssi.php SQL Injection Vulnerability
Invision Community Blog Multiple Input Validation Vulnerabilities
Observer <= 0.3.2.1 Multiple Remote Command Execution Vulnerabilities
AWStats rawlog.pm logfile Parameter Arbitrary Command Execution
Sambar webserver pagecount hole
Mambo Code injection Vulnerability
Sendcard SQL injection
iXmail SQL injection (SQLi)
PhpGroupWare unspecified remote file include vulnerability
HastyMail HTML Attachement Script Execution
PHP < 5.2 Multiple Vulnerabilities
phpBB Advanced GuestBook addentry.php phpbb_root_path Variable Remote File Inclusion
TWiki rev Parameter Command Execution Vulnerability
Packeteer Web Management Interface Detection
CuteNews inc/function.php archive Variable Arbitrary File Access
cPanel Login Command Execution
TrueGalerie admin access
XMB SQL Injection
ASP-Rider SQL Injection
MPM Guestbook file reading
ASP.NET Malformed File Request Path Disclosure
IceWarp Web Mail Multiple Flaws (2)
ScanMail file check
Mailman Log Spoofing Vulnerability
AN-HTTPd Multiple Test CGIs Arbitrary Command Execution
Campas
Horde et al test Disclosure
phpWebFTP language Parameter Local File Include Vulnerability
TalentSoft Web+ Input Validation Bug Vulnerability
PHP-Fusion <= 6.00.106 Multiple Vulnerabilities
CubeCart < 3.0.13 Multiple Remote Vulnerabilities (LFI, SQLi, XSS)
Serendipity < 0.8.1 Multiple Vulnerabilities
PCCS-Mysql User/Password Exposure
Geeklog auth.inc.php loginname Variable SQL Injec
Bugzilla Information Disclosure Vulnerabilities
gallery code injection (2)
Discuz! <= 4.0.0 rc4 Arbitrary File Upload Flaw
TrailScout Module For Drupal SQL Injection
OpenEMR fileroot Parameter Remote File Include Vulnerability
Zen Cart custom SQL Injection Vulnerability
SunSolve CD CGI user input validation
Listserv < 14.3-2005a Multiple Vulnerabilities
ArGoSoft Mail Server Unspecified XSS
IBM Websphere default user information leak
SugarCRM <= 4.0 beta Remote File Inclusion Vulnerability
paNews Detection
Bugzilla Authentication Bypass and Information Disclosure
ideabox code injection
SQL injection in phpBB (3)
ASP Source Disclosure (::$DATA)
WebSpeed Development Mode Check
ASP.NET DEBUG Method Enabled
Land Down Under / Seditio id parameter SQL Injection Vulnerability
newdsn.exe check
Adobe Breeze Directory Traversal Arbitrary File Access
Sambar Web Server CGI scripts
Multiple Remote Vulnerabilities in myEvent
Multiple Vulnerabilities in PostNuke <= 0.760 RC4b
WebAPP File Disclosure Vulnerability
Serendipity SQL Injections
phpWebNotes t_path_core Parameter File Include Vulnerability
Windmail.exe allows any user to execute arbitrary commands
printenv
IPCheck Server Monitor Directory Traversal Vulnerability
Phorum Detection
PHP Mail Function Header Spoofing Vulnerability
PhpGroupWare plaintext cookie authentication credentials vulnerability
wpoison (nasl version)
Philboard database access
VisNetic / Merak Mail Server multiple flaws
Segue CMS themesdir Parameter Remote File Include Vulnerability
Jinzora include_path Parameter Remote File Include Vulnerabilities
ProductCart Multiple Input Validation Vulnerabilities
Xerver < 4.20 Multiple Vulnerabilities
PHP < 4.4.9 Multiple Vulnerabilities
CVSTrac cgi.c multiple overflows
Edgewall Software Trac SQL injection flaw
Claroline Multiple Script includePath Parameter Remote File Inclusion
Mambo MOStlyCE Mambot File Rename Vulnerability
Drupal Detection
File Inclusion Vulnerability in Jaws
Ecartis Username Spoofing
Land Down Under HTTP Referer SQL Injection Vulnerability
IceWarp Web Mail Multiple Flaws
Web DBM Remote Buffer Overflow Vulnerability
phpMyAdmin Multiple Remote Vulnerabilities
Plesk locale_id Parameter Directory Traversal Vulnerability
ttforum multiple flaws
readfile.tcl
Alchemy Eye HTTP Command Execution
Aardvark Topsites CONFIG[path] Parameter Remote File Inclusion Vulnerability
PHP-Kit Multiple Flaws
Openfire Admin Console Privilege Escalation Vulnerability
Monkey HTTP Daemon < 0.9.1 Multiple Vulnerabilities
PHP-Fusion members.php SQL injection
MailEnable NetWebAdmin Unauthorized Access Vulnerability (ME-10019)
Geeklog Multiple Script _CONF[path] Parameter Remote File Inclusion
Gallery PostNuke Integration Access Validation Vulnerability
Netref Cat_for_gen.PHP Remote PHP Script Injection Vulnerability
MyBBB rating Parameter SQL Injection Vulnerability
JBoss JMX Console DeploymentFileRepository Directory Traversal Vulnerability
DB4Web directory traversal
eggBlog _lib/user.php eb_login Function Cookie Handling SQL Injection
Mantis Multiple Flaws
x-news 1
MapServer Multiple Remote Vulnerabilities
Monster Top List Remote File Include
p-news Admin Access
PBLang BBS <= 4.65 Multiple Vulnerabilities
PHP < 4.4.8 Multiple Vulnerabilities
php IMAP overflow
EZShopper 3.0
PhpGroupWare multiple module SQL injection vulnerabilities
SQLiteManager SQLiteManager_currentTheme Cookie Local File Include Vulnerability
MailGust SQL Injection Vulnerability
Dumpenv
PBLang < 4.66z Multiple Vulnerabilities
Xoops Detection
PHPWebAdmin for hMailServer Multiple File Include Vulnerabilities
zentrack code injection
HP System Management Homepage Namazu lang Directory Traversal Vulnerability
3Com Network Supervisor Directory Traversal Vulnerability
FlexCast Server Terminal Authentication Vulnerability
X-Cart Multiple Vulnerabilities
UBB.threads editpost.php SQL Injection Vulnerability
Unify eWave ServletExec 3.0C file upload
ColdFusion Vulnerability
PHP-Fusion Viewthread.php Information Disclosure Vulnerability
phpMyAdmin arbitrary file reading (2)
Sympa unauthorised list creation security issue
TorrentTrader SQL Injection
Bitweaver wiki/edit.php suck_url Variable Traversal Source Code Disclosure
SilverStream database structure
Trend Micro OfficeScan Multiple Vulnerabilities
Tutos input validation Issues
PDGSoft Shopping cart vulnerability
ActualAnalyzer direct.php rf Variable Remote File Inclusion
Coppermine Gallery SQL injection
CVS directory spider
WebGUI < 6.7.3 Multiple Command Execution Vulnerabilities
GeekLog SQL vulns
album.pl Command Execution
phpBB Detection
Ingo Foldername Command Execution Vulnerability
boastMachine mail.php id Variable SQL Injection
WordPress check_ajax_referer() Function SQL Injection Vulnerability
Symantec Web Security flaws
phpMyFAQ < 1.6.8 Multiple SQL Injection Vulnerabilities
php-ping Count Parameter Command Execution Vulnerability
phpBB Module phpbb_root_path Parameter Remote File Include Vulnerability
Cerberus Helpdesk GUI Agent < 2.7.1 Multiple Remote Vulnerabilities (SQLi, XSS)
Xaraya module Parameter Directory Traversal Vulnerability
Gallery Unspecified HTML Injection Vulnerability
Packeteer Web Management Interface Login
Kayako SupportSuite syncml Information Disclosure Vulnerability
csSearch.cgi
EGroupWare Detection
Jave Source Code Disclosure
DUclassmate Multiple SQL Injection Vulnerabilities
My_eGallery code execution
FAQManager Arbitrary File Reading Vulnerability
Alexandria-dev Multiple Script Upload Spoofing Arbitrary File Access
mod_jk Long URL Stack Overflow Vulnerability
AWStats configdir Parameter Arbitrary Command Execution
VP-ASP SQL Injection (2)
dcforum
Xoops Incontent Module Directory Traversal Vulnerability
PostNuke < 0.762 Multiple Vulnerabilities
CVSTrac Detection
YaPiG Remote Server-Side Script Execution Vulnerability
WordPress 2.1.1 Backdoor Vulnerability
PunBB old_searches Parameter SQL Injection Vulnerability
Comersus BackOffice comersus_backoffice_menu.asp Multiple Variable SQL Injection
zml.cgi Directory Traversal
PayPal Store Front code injection
phpCOIN < 1.2.2 2005-12-13 Fix-File Multiple Vulnerabilities
Limbo CMS classes_dir Parameter Remote File Include Vulnerability
Fedora Directory Server Crafted IFRAME adm.conf Admin Server Password Disclosure
Mambo / Joomla Component / Module mosConfig_absolute_path Parameter Remote File Include Vulnerability
Help Center Live module.php local file include flaw
Resin DOS device path disclosure
sBLOG keyword Parameter SQL Injection Vulnerability
WebSpeed Workshop Command Execution
Moodle Detection
Hosting Controller Detection
EasyPHPCalendar serverPath Remote File Include Vulnerabilities
Winmail Server Unspecified Webmail Vulnerability
MyBB fid Parameter SQL Injection Vulnerability (2)
phpWebThings forum Parameter SQL Injection Vulnerabilities
osTicket Attachment Viewing Vulnerability
Verity Ultraseek search request XSS
NETFile FTP/Web Server Directory Traversal Vulnerabilities
OpenBiblio < 0.5.2 Multiple Local File Include Vulnerabilities
Super-M Son hServer Directory Traversal
OpenCA HTML Injection
Listserv < 14.5 Multiple Buffer Overflow Vulnerabilities
ocPortal Remote File Include
MailMaxWeb Path Disclosure
MailScan WebAdministrator Authentication Bypass Vulnerability
cgiWebupdate.exe vulnerability
VHCS include_path Parameter Remote File Include Vulnerability
ZPanel page Parameter Remote File Include Vulnerabilities
php arbitrary file upload
Joomla mosConfig_absolute_path Parameter File Include Vulnerability
ColdFusion Debug Mode
WebCalendar Detection
Plain Old Webserver Directory Traversal Vulnerability
TikiWiki < 1.9.8.2 Local File Include Vulnerabilities
Claroline claro_init_local.inc.php extAuthSource[newUser] Variable Remote File Inclusion
Sympa Malformed Content-Type Header Denial of Service Vulnerability
gallery code injection
Zen Cart admin_email Parameter SQL Injection Vulnerability
Mambo Open Source usercookie Parameter SQL Injection Vulnerability
Ektron CMS400.NET WorkArea/ContentRatingGraph.aspx res Variable SQL Injection
Jakarta Tomcat Path Disclosure
Mantis Multiple Flaws (3)
Cognos Powerplay WE Vulnerability
Hosting Controller ForumID Parameter SQL Injection Vulnerability
Interchange < 5.0.2 / 5.2.1 Multiple Vulnerabilities
Drupal Arbitrary PHP Code Execution Vulnerability
view_source
Loudblog < 0.42 Multiple Vulnerabilities
pmachine code injection
PAFileDB Error Message Path Disclosure Vulnerability
Claroline inc/lib/language.lib.php language Variable Traversal Local File Inclusion
Adcycle build.cgi Remote Password Disclosure
Terminal Services Web Detection
Polar HelpDesk Authentication Bypass
Docebo GLOBALS Variable Overwrite Vulnerability
php.cgi buffer overrun
Site@School cmsdir Parameter Remote File Include Vulnerabilities
phpAdsNew XML-RPC Library Remote Code Injection Vulnerability
PHPNews prevnext Parameter SQL Injection Vulnerability
webwho plus
EZsite Forum Discloses Passwords to Remote Users
phpCOIN _CCFG Parameter Remote File Include Vulnerability
PHP iCalendar getdate Parameter Remote File Include Vulnerability
osCommerce attributes SQL Injection Vulnerability
Detects Xaraya version
way-board
AWStats Referrer Arbitrary Command Execution Vulnerability
SquirrelCart SQL Injection
osCommerce Customer Testimonials testimonial_id SQL Injection Vulnerability
Symphony sym_auth Cookie SQL Injection Vulnerability
Athena Web Registration athenareg.php pass Variable Command Execution
vBulletin Forumdisplay.PHP Remote Command Execution Vulnerability
Sympa wwsympa do_search_list Overflow DoS
WebAdmin < 3.2.6 MDaemon Account Hijacking Vulnerability
phpinfo.php
nbmember.cgi information disclosure
Dolphin Multiple Remote File Include Vulnerabilities
Phpauction <= 2.5 Multiple Vulnerabilities
UBB.threads thispath Parameter Remote File Include Vulnerability
Multiple vulnerabilities in phpBB <= 2.0.12
PhpGroupWare arbitrary command execution
JBrowser multiple flaws
KW whois
/doc Directory Browsable?
IIS Global.asa Retrieval
WebCalendar User Account Enumeration Disclosure Issue
PMOS Help Desk form.php Authentication Bypass Vulnerability
DCP-Portal Path Disclosure
PHPlist Detection
Nabopoll path Parameter Remote File Include Vulnerability
Barracuda Spam Firewall Firmware < 3.1.18 Multiple Vulnerabilities (Cmd Exec, Traversal)
ServletExec 4.1 ISAPI File Reading
ListManager Error Message Information Disclosure Vulnerability
SecurityReporter < 4.6.3p1 Multiple Vulnerabilities
SimpleBBS users disclosure
MailMarshal Spam Quarantine Password Retrieval Vulnerability
Post-Nuke pnTresMailer Directory Traversal
cfWebStore SQL injection
WowBB view_user.php SQL Injection Flaw
Bugzilla SQL flaws
DUforum Multiple SQL Injection Vulnerabilities
UBB.threads < 6.5.2 beta Multiple Vulnerabilities
phpMyConferences lvc_include_dir Parameter Remote File Include Vulnerability
FormHandler.cgi
cgi.rb
phpping code execution
phpWebSite Search Module SQL Injection Vulnerability
RunCMS Remote Arbitrary File Upload Vulnerability
Poll It v2.0 cgi
AltaVista Intranet Search CGI query Traversal Arbitrary File Access
IIS phonebook
JBoss JMX Console Unrestricted Access Vulnerability
Bugzilla Detection
vCard match Parameter Remote File Inclusion Vulnerability
VChat information disclosure
DUportal Pro Multiple SQL Injection Vulnerabilities
Serendipity XML-RPC for PHP Remote Code Injection Vulnerability
viewpage.php arbitrary file reading
ELOG Web Logbook < 2.5.7 Multiple Remote Vulnerabilities (OF, Traversal)
UploadLite cgi
UBB.threads Detection
Vignette StoryServer TCL code injection
dotCMS id Parameter Directory Traversal Vulnerabilities
rot13sj.cgi
ViewVC CVSROOT Information Disclosure Vulnerability
openwebmail command execution
WHM AutoPilot Multiple Vulnerabilities
Sitemap.xml File and Directory Enumeration
SysCP < 1.2.11 Multiple Script Execution Vulnerabilities
iiprotect bypass
MODx < 0.9.1a Multiple Vulnerabilities
getID3 < 1.7.8-b1 Multiple Remote Vulnerabilities
MyBB referrer Parameter SQL Injection Vulnerability
AEC Subscription Manager Component usage Parameter SQL Injection
osCommerce readme_file Parameter File Disclosure Vulnerability
BulletScript MailList bsml.pl Information Disclosure
ActualAnalyzer Lite style Variable Traversal Local File Inclusion
Simple Form Mail Relaying via Subject Tags Vulnerability
ASG-Sentry CGI Default Credentials
Acajoom Component mailingid Parameter SQL Injection
ManageEngine Applications Manager Invalid URI Remote Information Disclosure
i-mall.cgi
PatchLink Update checkid SQL Injection Vulnerability
ddicgi.exe vulnerability
e107 class2.php e107language_e107cookie Cookie Traversal Local File Inclusion
Movable Type < 3.2 Multiple Vulnerabilities
Nag Detection
PaFileDB pafiledbcookie SQL Injection Vulnerability
PHP mylog.html/mlog.html read arbitrary file
MediaWiki Multiple Remote Vulnerabilities (2)
Multiple vulnerabilities in phpBB 2.0.11 and older
w-Agora Site parameter remote directory traversal flaw
Hosting Controller Authentication Bypass Vulnerability
OTRS SOAP Interface Security Bypass Vulnerability
ICECast FileSystem disclosure
WordPress < 1.5.1.3 Multiple Vulnerabilities
Adobe Document Server Default Credentials
miniPortail Cookie Admin Access
EATON MGE Network Shutdown Module < 3.20 Authentication Bypass / Command Execution
Fuji Xerox Printing Systems (FXPS) Print Engine Crafted Request HTTP Authentication Bypass
Adobe Connect Enterprise Server Information Disclosure
KorWeblog Remote Directory Listing Vulnerability
Site Sift Listings id SQL Injection Vulnerability
info2www
Joomla GMaps Component mapId SQL Injection Vulnerability
dotProject docs Directory Information Disclosure Vulnerabilities
Chora Remote Code Execution Vulnerability
Nucleus Multiple Vulnerabilities
Mambo Open Source Tar.php Remote File Include Vulnerability
ELOG < 2.6.1 Multiple Remote Vulnerabilities (Traversal, FS)
phpMyFAQ username SQL Injection Vulnerability
Apache < 2.2.6 Multiple Vulnerabilities (DoS, XSS, Info Disc)
JFFNMS user Parameter SQL Injection Vulnerability
Simple PHP Blog blog_language Parameter Local File Include Vulnerability
BEA WebLogic SSIServlet Invocation Source Code Disclosure
PHP Live Helper Multiple Remote File Include Vulnerabilities
Bugzilla Multiple Flaws (2)
Plogger config Parameter Remote File Include Vulnerability
ACal embed/day.php path Variable Remote File Inclusion
PHProjekt <= 5.1 Multiple Remote File Include Vulnerabilities
Qualiteam X-Cart remote command execution
AtomicBoard Multiple Remote Vulnerabilities (Traversal, Path Disc)
PhpWebGallery sort_by SQL Injection Vulnerability
Inktomi Search Physical Path Disclosure<