GHDB :: Vulnerable Servers

Date Title Summary  
2003-07-08 Hassan
Consulting's
Shopping Cart
Version 1.1…		 These servers can be messed with in many ways.
One specific way is by way of the
"../" bug. This lets you cruise
around the web server in a …
2004-03-04 "YaBB SE Dev
Team"		 Yet Another Bulletin Board (YABB) SE (versions
1.5.4 and 1.5.5 and perhaps others) contain an
SQL injection vulnerability which may allow
several atta …
2004-03-04 Gallery in
configuration mode		 Gallery is a nice little php program that
allows users to post personal pictures on
their website. So handy, in fact, that I use
it on my site! Howeve …
2004-03-04 intitle:osCommerce
inurl:admin
intext:"redist.
..		 This is a decent way to explore the admin
interface of osCommerce e-commerce sites.
Depending on how bad the setup of the web
store is, web surfers ca …
2004-03-04 inurl:ManyServers.ht
m		 Microsoft Terminal Services Multiple Clients
pages. These pages are not necessarily
insecure, sine many layers of security can be
wrapped around the a …
2004-03-04 intitle:"Termin
al Services Web
Connection&quo…		 Microsoft Terminal Services Web Connector
pages. These pages are not necessarily
insecure, sine many layers of security can be
wrapped around the actu …
2004-03-04 intitle:"Remote
Desktop Web
Connection"		 Microsoft Remote Desktop Connection Web
Connection pages. These pages are not
necessarily insecure, sine many layers of
security can be wrapped around …
0000-00-00 "Welcome to
Intranet"		 According to whatis.com: "An intranet is
a private network that is contained within an
enterprise. [...] The main purpose of an
intranet is to sh …
2004-03-04 inurl:search.php
vbulletin		 Version 3.0.0 candidate 4 and earlier of
Vbulletin may have a cross-site scripting
vulnerability. See
http://www.securityfocus.com/bid/9656 for more
i …
2004-03-14 inurl:footer.inc.php From http://www.securityfocus.com/bid/9664,
the AllMyPHP family of products (Versions
0.1.2 – 0.4) contains several potential
vulnerabilities, som ela …
2004-03-14 inurl:info.inc.php From http://www.securityfocus.com/bid/9664,
the AllMyPHP family of products (Versions
0.1.2 – 0.4) contains several potential
vulnerabilities, som ela …
2004-03-18 "Welcome to
PHP-Nuke"
congratulations		 This finds default installations of the
postnuke CMS system. In many cases, default
installations can be insecure especially
considering that the admi …
2004-03-29 "Select a
database to
view"
intitle:&quo…		 An oldie but a goodie. This search locates
servers which provides access to Filemaker pro
databases via the web. The severity of this
search varies wi …
2004-03-29 allinurl:intranet
admin		 According to whatis.com: "An intranet is
a private network that is contained within an
enterprise. [...] The main purpose of an
intranet is to sh …
2004-04-06 allinurl:install/ins
tall.php		 Pages with install/install.php files may be in
the process of installing a new service or
program. These servers may be insecure due to
insecure defau …
2004-04-28 inurl:pls/admin_/gat
eway.htm		 This is a default login portal used by Oracle.
In addition to the fact that this file can be
used to footprint a web server and determine
it's ve …
2004-04-28 intitle:"Gatewa
y Configuration
Menu"		 This is a normally protected configuration
menu for Oracle Portal Database Access
Descriptors (DADs) and Listener settings. This
page is normally pass …
2004-05-04 intitle:"Samba
Web Administration
Tool" …		 This search reveals wide-open samba web
adminitration servers. Attackers can change
options on the server. …
2004-06-04 filetype:php
inurl:vAuthenticate		 vAuthenticate is a multi-platform compatible
PHP and MySQL script which allows creation of
new user accounts new user groups,
activate/inactivate grou …
2004-06-04 "Welcome to the
Prestige Web-Based
Configurat…		 This is the configuration screen for a
Prestige router. This page indicates that the
router has not yet been setup and any web user
can make changes t …
2004-07-26 ("Indexed.By&qu
ot;|"Monitored.
By") …		 hAcxFtpScan – software that use 'l33t
h@x0rz' to monitor their file stroz on
ftp. On the ftp server usualy it is a
directory like:/Monitored …
2004-07-26 filetype:cgi
inurl:"Web_Stor
e.cgi"		 Zero X reported that "Web_Store.cgi"
allows Command Execution:This application was
written by Selena Sol and Gunther Birznieks.
You can exec …
2004-07-26 filetype:cgi
inurl:"fileman.
cgi"		 This brings up alot of insecure as well as
secure filemanagers. These software solutions
are often used by companies offering a
"simple" but …
2004-07-29 inurl:"index.ph
p?
module=ew_filemanage
r"		 http://www.cirt.net/advisories/ew_file_manager
.shtml:Product: EasyWeb FileManager Module -

http://home.postnuke.ru/index.phpDescription:

EasyWeb FileM …
2004-07-29 allinurl:"index
.php"
"site=sglinks&.
..		 Easyins Stadtportal v4 is a German Content
Management System for cities and regions.
Version 4 and prior seems to be vulnerable to
a code inclusion in …
2004-08-13 intext:"Warning
: * am able * write
** configu…		 OsCommerce has some security issues, including
the following warning message: "Warning:
I am able to write to the configuration
file". Addit …
2004-08-20 "ftp://"
"www.eastgame.n
et"		 Use this search to find eastgame.net ftp
servers, loads of warez and that sort of
thing."thankyou4share" ! …
2004-08-21 intitle:phpMyAdmin
"Welcome to
phpMyAdmin ***…		 search for phpMyAdmin installations that are
configured to run the MySQL database with root
priviledges. …
2004-10-31 intitle:phpMyAdmin
"Welcome to
phpMyAdmin ***…		 phpMyAdmin is a tool written in PHP intended
to handle the administration of MySQL over the
Web. Currently it can create and drop
databases, create/dr …
2004-11-05 natterchat
inurl:home.asp
-site:natterchat.co.
uk		 NatterChat is a webbased chat system written
in ASP.An SQL injection vulnerability is
identified in the application that may allow
attackers to pass m …
2004-11-06 inurl:aol*/_do/rss_p
opup?blogID=		 AOL Journals BlogID Incrementing Discloses
Account Names and Email AddressesAOL Journals
is basically "America Online's
version of a blog (w …
2004-11-07 (inurl:/shop.cgi/pag
e=) |
(inurl:/shop.pl/page
=)		 This is a "double dork" finds two
different shopping carts, both vulnerable1)
Cyber-Village Online Consulting Shopping
CartCyber-Village …
2004-11-07 inurl:newsdesk.cgi?
inurl:"t="		 Newsdesk is a cgi script designed to allow
remote administration of website news
headlines.Due to a failure in the sanitization
of parameters a remote …
2004-12-04 intitle:"Mail
Server CMailServer
Webmail&quot…		 CMailServer is a small mail webmail server.
Multiple vulnerabilities were found, including
buffer overflow, SQL Injection and
XXS.http://www.securitea …
2004-12-27 "There are no
Administrators
Accounts" i…		 This is a more specific search for the
vulnerable PhpNuke index already seen on this
website.PhpNuke asks you to set up an admin
account when it is fi …
2005-01-06 inurl:servlet/webacc I was playing around on the net when I found a
small problem with Novell's WebAcces.
With User.lang you can give in you're
language as param …
2005-01-26 inurl:"/NSearch
/AdminServlet"		 This search brings up results for Novell
NetWare's Web Search Manager.. at best
the sites will be password protected, at worst
the site will requ …
2005-03-19 "Powered by:
vBulletin Version
1.1.5"		 This google dork reveals vulnerable message
boards. It works for all Vbulletin version up
to 2.0 beta 2. To try for other versions just
change the ver …
2005-06-11 "html
allowed"
guestbook		 When this is typed in google it finds websites
which have HTML Enabled guestbooks. This is
really stupid as users could totally mess up
their guestboo …
2005-07-03 "set up the
administrator
user"
inurl:pi…		 Using this, you can find sites with a Pivot
weblog installed but not set up. The default
set up screen on Pivot has you create an
administrator accoun …
2005-09-15 "you can now
password" |
"this is a…		 IMchaos link tracker admin pages. Reveals AIM
screennames, IP ADDRESSES AND OTHER INFO via
details link. Logs can also be viewed and
deleted from this …
2005-09-16 XOOPS Custom
Installation		 XOOPS custom installation wizards, allow users
to modify installation parameters. May also
reveal sql username, password and table
installations via p …
2005-09-17 "Welcome to
Administration"
"Genera…		 This reveals admin site for Argo Software
Design Mail Server. …
2006-01-16 filetype:pl
intitle:"Ultrab
oard Setup"		 setup pages to the ultraboard system. …
2006-01-22 inurl:rpSys.html Web configuration pages for various types of
systems. Many of these systems are not
password protected. …
2006-02-03 intitle:"Horde
:: My Portal"
-"[Tic…		 Hi It will give you administrative ownership
over Horde webmail system plus all users in
Horde webmail system.. also php shell :) and
much more …E …
2006-04-25 intitle:"MvBlog
powered"		 MvBlog is prone to multiple input-validation
vulnerabilities. These issues are due to a
failure in the application to properly
sanitize user-supplied …
2006-05-03 intitle:"Upload
er – Uploader
v6" -pixloa…		 File upload servers, dangerous if used in
couple with mytrashmail.com …