偵測

Plugin

Nessus 的 CGI abuses 系列

ID	名稱	嚴重性
152137	Atlassian Jira Data Center/Jira Service Management Data Center 驗證缺失 (2021-07-21)	critical
151974	Oracle Primavera Gateway (2021 年 7 月 CPU)	critical
151973	Oracle Primavera Unifier (2021 年 7 月 CPU)	high
151932	Drupal 7.x < 7.82 / 8.9.x < 8.9.17 / 9.1.x < 9.1.11 / 9.2.x < 9.2.2 Drupal 弱點 (SA-CORE-2021-004)	high
151892	Oracle Primavera P6 Enterprise Project Portfolio Management (2021 年 7 月 CPU)	medium
151620	Liferay Portal 7.3.5 SQLi	high
151577	Liferay Portal 7.3.4 < 7.3.6 XSS	medium
151576	Liferay Portal 7.3.x < 7.3.6 資訊洩漏	medium
151575	Liferay Portal 7.2.x < 7.3.6 XSS	medium
151489	OpenTSDB yrange RCE (直接檢查)	critical
151429	Joomla 2.5.x < 3.9.28 多個弱點 (5840-joomla-3-9-28)	high
151292	Liferay Portal 7.x <= 7.2.1 / 7.3 < 7.3.6 多個弱點	medium
151291	ForgeRock Access Management < 7.0 RCE	critical
151288	ForgeRock 存取管理偵測	info
151286	ManageEngine ServiceDesk Plus < 11.2 Build 11205 RCE	high
151193	Jenkins LTS < 2.289.2 / Jenkins 每週版 < 2.300 多個弱點	high
151189	Easy WP SMTP Plugin for WordPress < 1.4.4 敏感資訊洩漏	high
151025	WordPress 外掛程式「SRS Simple Hits Counter」資訊洩漏 (直接檢查)	high
151011	Liferay Portal 不安全還原序列化 (CST-7213)	high
150866	Citrix ADC 和 Citrix NetScaler Gateway 多個弱點 (CTX297155)	medium
150865	Citrix SD-WAN Center 測試構建網路 DoS (CTX297155)	medium
150720	SonicWall Secure Remote Access (SRA) 身分驗證前 SQLi 弱點 (CVE-2019-7481)	high
150715	SonicWall Secure Remote Access (SRA) 不受支援的版本	critical
150440	Adobe Connect <11.2.2 權限提升 (APSB21-36)	medium
150245	HPE Edgeline Infrastructure Manager 驗證繞過 (HPESBGN04124)	critical
150057	Nagios XI < 5.8 權限提升	critical
150056	Nagios XI < 5.7 程式碼插入	high
150055	Nagios XI < 5.7.5 多個弱點	high
150054	Nagios Fusion < 4.1.9 多個弱點	critical
150049	EMC RSA Archer 6.6 < 6.6 P8 / 6.7 < 6.7 P8 / 6.8 < 6.8 P5 / 6.9 < 6.9 SP1 P1 儲存型跨網站指令碼弱點	medium
150048	EMC RSA Archer 6.6 < 6.6 P8 / 6.7 < 6.7 P8 / 6.8 < 6.8 P5 / 6.9 < 6.9 P2 不安全的憑證儲存弱點	medium
149999	Drupal 8.9.x < 8.9.16 / 9.x < 9.0.14 / 9.1.x < 9.1.9 Drupal 弱點 (SA-CORE-2021-003)	high
149899	Joomla 3.0.x < 3.9.27 多個弱點 (5836-joomla-3-9-27)	medium
149878	Citrix ADC 驗證繞過 (CTX261055)	critical
149475	WordPress 5.7 < 5.7.2 / 5.6 < 5.6.4 / 5.5 < 5.5.5 / 5.4 < 5.4.6 / 5.3 < 5.3.8 / 5.2 < 5.2.11	high
149439	Atlassian Confluence < 7.11.0 SSRF (CONFSERVER-61453)	medium
149348	PHP 7.4.x < 7.4.18 / 8.x < 8.0.5 整數溢位	high
149047	SonicWall Email Security 10.0.x < 10.0.9.6173 / 6177 多個弱點	critical
148986	Oracle MySQL Enterprise Monitor 多個弱點 (2021 年 4 月 CPU)	critical
148975	Jenkins LTS < 2.277.3 / Jenkins 每週版 < 2.286	high
148956	Dell iDRAC 多個弱點 (DSA-2021-073)	high
148955	Dell iDRAC XSS (DSA-2021-073)	medium
148935	Drupal 7.x < 7.80 / 8.9.x < 8.9.14 / 9.x < 9.0.12 / 9.1.x < 9.1.7 XSS (SA-CORE-2021-002)	medium
148918	Oracle Primavera Unifier (2021 年 4 月 CPU)	medium
148916	Oracle Primavera Gateway (2021 年 4 月 CPU)	medium
148896	Drupal 7.x < 7.78 / 8.9.x < 8.9.13 / 9.x < 9.0.11 / 9.1.x < 9.1.3 目錄遊走 (SA-CORE-2021-001)	high
148844	WordPress 5.7 < 5.7.1 / 5.6 < 5.6.3 / 5.5 < 5.5.4 / 5.4 < 5.4.5 / 5.3 < 5.3.7 / 5.2 < 5.2.10 / 5.1 < 5.1.9 / 5.0 < 5.0.12 / 4.9 < 4.9.17 / 4.8 < 4.8.16 / 4.7 < 4.7.20	medium
148825	Dell OpenManage Server Administrator 驗證繞過 (DSA-2021-040)	critical
148641	Joomla 3.0.x < 3.9.26 多個弱點 (5835-joomla-3-9-26)	medium
148430	ManageEngine AssentExplorer < 6.8 未經驗證儲存型 XSS	medium

偵測

Nessus 的 CGI abuses 系列

critical

critical

high

high

medium

high

medium

medium

medium

critical

high

medium

critical

info

high

high

high

high

high

medium

medium

high

critical

medium

critical

critical

high

high

critical

medium

medium

high

medium

critical

high

medium

high

critical

critical

high

high

medium

medium

medium

medium

high

medium

critical

medium

medium