CGI abuses Family for Nessus

ID	Name	Severity
100421	PHP 7.1.x < 7.1.5 Multiple Vulnerabilities	critical
100420	PHP 7.0.x < 7.0.19 Multiple Vulnerabilities	critical
100387	Cobalt RaQ4 Administrative Interface backup.cgi Command Execution (EXTINCTSPINACH)	critical
100385	Joomla! 3.7.x < 3.7.1 fields.php getListQuery() Method SQLi	critical
101301	Veritas NetBackup Appliance 2.7.x / 3.0.x Remote Command Execution (VTS17-005) (exploit)	critical
100321	NETGEAR Multiple Model PHP Remote Command Injection	critical
100298	WordPress < 4.7.5 Multiple Vulnerabilities	high
100297	Pivotal RabbitMQ Management Plugin Detection	info
100296	Pivotal RabbitMQ Management Plugin 3.4.x / 3.5.x / 3.6.x < 3.6.9 Multiple Vulnerabilities	medium
100273	Veritas NetBackup Appliance 2.7.x / 3.0.x Remote Command Execution (VTS17-005)	critical
100222	IBM WebSphere Portal Cross-Site Redirection	high
100220	Atlassian JIRA 4.2.4 < 6.3.0 Multiple Vulnerabilities	critical
100159	HP Network Automation 9.x, 10.x < 10.00.022 / 10.1x.x < 10.11.03 / 10.20.x < 10.21.01 Multiple Vulnerabilities	critical
100028	WordPress 2.3.0 - 4.8.3 Unauthorized Password Reset	medium
99986	Atlassian Confluence 6.0.x < 6.0.7 Drafts diff REST Information Disclosure	high
99984	Jenkins < 2.46.2 / 2.57 and Jenkins Enterprise < 1.625.24.1 / 1.651.24.1 / 2.7.24.0.1 / 2.46.2.1 Multiple Vulnerabilities	critical
99983	Kaa IoT Administration Server Detection	info
99933	Bitrix Product and Modules Detection	info
99932	Bitrix bitrix.xscan Module < 1.0.4 bitrix.xscan_worker.php 'file' Parameter Path Traversal File Disclosure	medium
99931	Bitrix bitrix.mpbuilder Module < 1.0.12 bitrix.mpbuilder_step2.php 'work[]' Path Traversal File Inclusion	high
99762	DNN (DotNetNuke) 6.2.x < 9.0.2 User Profile Information Disclosure	medium
99731	Adobe ColdFusion BlazeDS Java Object Deserialization RCE	critical
99730	Trend Micro Control Manager cgiShowClientAdm Security Bypass	high
99707	Splunk Enterprise 6.4.x < 6.4.7 Multiple Vulnerabilities	medium
99691	Joomla! < 3.7.0 Multiple Vulnerabilities	medium
99690	Drupal 8.x < 8.2.8 / 8.3.x < 8.3.1 Access Bypass Vulnerability (SA-CORE-2017-002)	high
99664	Apache ActiveMQ 5.x < 5.14.5 ControlCommand DoS	medium
99663	phpMyAdmin 4.6.x < 4.6.3 Multiple Vulnerabilities (PMASA-2016-17 - PMASA-2016-28)	critical
99662	phpMyAdmin 4.4.x < 4.4.15.7 Multiple Vulnerabilities (PMASA-2016-17, PMASA-2016-19, PMASA-2016-21 - PMASA-2016-24, PMASA-2016-26 - PMASA-2016-28)	critical
99661	phpMyAdmin 4.0.x < 4.0.10.16 Multiple Vulnerabilities (PMASA-2016-17, PMASA-2016-22 - PMASA-2016-24, PMASA-2016-26 - PMASA-2016-28)	critical
99595	Tenable Appliance < 4.5.0 Web UI simpleupload.py Remote Command Execution (CVE-2017-8051)	critical
99593	MySQL Enterprise Monitor 3.1.x < 3.1.7.8023 / 3.2.x < 3.2.7.1204 / 3.3.x < 3.3.3.1199 Multiple Vulnerabilities (April 2017 CPU)	critical
99592	Powershell Empire Detection	info
99280	phpMyAdmin 4.0.x < 4.0.10.19 / 4.4.x < 4.4.15.10 / 4.6.x < 4.6.6 Multiple Vulnerabilities (PMASA-2017-1 - PMASA-2017-7)	critical
99235	Splunk Enterprise < 5.0.18 / 6.0.14 / 6.1.13 / 6.2.13.1 / 6.3.10 / 6.4.6 / 6.5.3 / Splunk Light < 6.5.3 Multiple Vulnerabilities	low
97942	Drupal 8.x < 8.2.7 Multiple Vulnerabilities (SA-2017-001)	high
97895	Kodi Media Player Detection	info
97894	Kodi Local File Inclusion Information Disclosure	high
97665	NetGain Enterprise Manager Detection	info
97664	NetGain Enterprise Manager Command Injection	critical
97635	WordPress < 4.7.3 Multiple Vulnerabilities	medium
97610	Apache Struts 2.3.5 - 2.3.31 / 2.5.x < 2.5.10.1 Jakarta Multipart Parser RCE (remote)	critical
97609	Jenkins < 2.44 / 2.32.x < 2.32.2, Jenkins Operations Center < 1.625.22.1 / 2.7.22.0.1 / 2.32.2.1, and Jenkins Enterprise < 1.651.22.1 / 2.7.22.0.1 / 2.32.2.1 Multiple Vulnerabilities	high
97526	Splunk Enterprise 6.4.x < 6.4.6 Stored XSS Vulnerability	medium
97354	PHP 7.1.x < 7.1.2 Multiple Vulnerabilities	critical
97353	PHP 7.0.x < 7.0.16 Multiple Vulnerabilities	critical
97224	Trend Micro Control Manager download.php File Disclosure	high
97210	WordPress 4.7.x < 4.7.2 REST API 'id' Parameter Privilege Escalation	high
97100	Splunk Enterprise < 5.0.17 / 6.0.13 / 6.1.12 / 6.2.13 / 6.3.9 / 6.4.5 / 6.5.2 or Splunk Light < 6.5.2 Multiple Vulnerabilities	high
96906	WordPress < 4.7.2 Multiple Vulnerabilities	critical

Detections

Analytics

CGI abuses Family for Nessus

critical

critical

critical

critical

critical

critical

high

info

medium

critical

high

critical

critical

medium

high

critical

info

info

medium

high

medium

critical

high

medium

medium

high

medium

critical

critical

critical

critical

critical

info

critical

low

high

info

high

info

critical

medium

critical

high

medium

critical

critical

high

high

high

critical