CGI abuses Family for Nessus

ID	Name	Severity
99931	Bitrix bitrix.mpbuilder Module < 1.0.12 bitrix.mpbuilder_step2.php 'work[]' Path Traversal File Inclusion	high
99762	DNN (DotNetNuke) 6.2.x < 9.0.2 User Profile Information Disclosure	medium
99731	Adobe ColdFusion BlazeDS Java Object Deserialization RCE	critical
99730	Trend Micro Control Manager cgiShowClientAdm Security Bypass	high
99707	Splunk Enterprise 6.4.x < 6.4.7 Multiple Vulnerabilities	medium
99691	Joomla! < 3.7.0 Multiple Vulnerabilities	medium
99690	Drupal 8.x < 8.2.8 / 8.3.x < 8.3.1 Access Bypass Vulnerability (SA-CORE-2017-002)	high
99664	Apache ActiveMQ 5.x < 5.14.5 ControlCommand DoS	medium
99663	phpMyAdmin 4.6.x < 4.6.3 Multiple Vulnerabilities (PMASA-2016-17 - PMASA-2016-28)	critical
99662	phpMyAdmin 4.4.x < 4.4.15.7 Multiple Vulnerabilities (PMASA-2016-17, PMASA-2016-19, PMASA-2016-21 - PMASA-2016-24, PMASA-2016-26 - PMASA-2016-28)	critical
99661	phpMyAdmin 4.0.x < 4.0.10.16 Multiple Vulnerabilities (PMASA-2016-17, PMASA-2016-22 - PMASA-2016-24, PMASA-2016-26 - PMASA-2016-28)	critical
99595	Tenable Appliance < 4.5.0 Web UI simpleupload.py Remote Command Execution (CVE-2017-8051)	critical
99593	MySQL Enterprise Monitor 3.1.x < 3.1.7.8023 / 3.2.x < 3.2.7.1204 / 3.3.x < 3.3.3.1199 Multiple Vulnerabilities (April 2017 CPU)	critical
99592	Powershell Empire Detection	info
99280	phpMyAdmin 4.0.x < 4.0.10.19 / 4.4.x < 4.4.15.10 / 4.6.x < 4.6.6 Multiple Vulnerabilities (PMASA-2017-1 - PMASA-2017-7)	critical
99235	Splunk Enterprise < 5.0.18 / 6.0.14 / 6.1.13 / 6.2.13.1 / 6.3.10 / 6.4.6 / 6.5.3 / Splunk Light < 6.5.3 Multiple Vulnerabilities	low
97942	Drupal 8.x < 8.2.7 Multiple Vulnerabilities (SA-2017-001)	high
97895	Kodi Media Player Detection	info
97894	Kodi Local File Inclusion Information Disclosure	high
97665	NetGain Enterprise Manager Detection	info
97664	NetGain Enterprise Manager Command Injection	critical
97635	WordPress < 4.7.3 Multiple Vulnerabilities	medium
97610	Apache Struts 2.3.5 - 2.3.31 / 2.5.x < 2.5.10.1 Jakarta Multipart Parser RCE (remote)	critical
97609	Jenkins < 2.44 / 2.32.x < 2.32.2, Jenkins Operations Center < 1.625.22.1 / 2.7.22.0.1 / 2.32.2.1, and Jenkins Enterprise < 1.651.22.1 / 2.7.22.0.1 / 2.32.2.1 Multiple Vulnerabilities	high
97526	Splunk Enterprise 6.4.x < 6.4.6 Stored XSS Vulnerability	medium
97354	PHP 7.1.x < 7.1.2 Multiple Vulnerabilities	critical
97353	PHP 7.0.x < 7.0.16 Multiple Vulnerabilities	critical
97224	Trend Micro Control Manager download.php File Disclosure	high
97210	WordPress 4.7.x < 4.7.2 REST API 'id' Parameter Privilege Escalation	high
97100	Splunk Enterprise < 5.0.17 / 6.0.13 / 6.1.12 / 6.2.13 / 6.3.9 / 6.4.5 / 6.5.2 or Splunk Light < 6.5.2 Multiple Vulnerabilities	high
96906	WordPress < 4.7.2 Multiple Vulnerabilities	critical
96801	PHP 7.1.x < 7.1.1 Multiple Vulnerabilities	critical
96800	PHP 7.0.x < 7.0.15 Multiple Vulnerabilities	critical
96799	PHP 5.6.x < 5.6.30 Multiple DoS	critical
96771	MySQL Enterprise Monitor 3.3.x < 3.3.1.1112 Multiple Vulnerabilities (SWEET32) (January 2017 CPU)	critical
96770	MySQL Enterprise Monitor 3.2.x < 3.2.5.1141 Multiple Vulnerabilities (SWEET32) (January 2017 CPU)	critical
96769	MySQL Enterprise Monitor 3.2.x < 3.2.2.1075 Multiple Vulnerabilities (January 2017 CPU)	critical
96768	MySQL Enterprise Monitor 3.1.x < 3.1.6.7959 Java Object Deserialization RCE (January 2017 CPU)	critical
96767	MySQL Enterprise Monitor 3.1.x < 3.1.5.7958 Multiple Vulnerabilities (SWEET32) (January 2017 CPU)	high
96766	MySQL Enterprise Monitor 3.1.x < 3.1.4.7895 Agent Subcomponent RCE (January 2017 CPU)	high
96606	WordPress < 4.7.1 Multiple Vulnerabilities	critical
96532	HP Operations Orchestration wsExecutionBridgeService Servlet Java Object Deserialization RCE	critical
96449	HP Operations Orchestration 10.x < 10.70 wsExecutionBridgeService Servlet Java Object Deserialization RCE	critical
96305	SonicWALL Global Management System (GMS) 8.x < 8.2 Multiple Vulnerabilities	high
96146	IBM BigFix Remote Control Detection	info
96145	IBM BigFix Remote Control < 9.1.3 Multiple Vulnerabilities (SWEET32)	critical
95922	EMC Avamar ADS / AVE Server Detection	info
95920	Apache ActiveMQ 5.x < 5.14.2 Web-based Administration Console Unspecified XSS	medium
95916	Joomla! < 3.6.5 Multiple Vulnerabilities	critical
95875	PHP 7.0.x < 7.0.14 Multiple Vulnerabilities	critical

Detections

Analytics

CGI abuses Family for Nessus

high

medium

critical

high

medium

medium

high

medium

critical

critical

critical

critical

critical

info

critical

low

high

info

high

info

critical

medium

critical

high

medium

critical

critical

high

high

high

critical

critical

critical

critical

critical

critical

critical

critical

high

high

critical

critical

critical

high

info

critical

info

medium

critical

critical