Exploit Store

The DORK Report

Loading


Hoyt LLC Network Audit Report

Site report for plesk

Audited on October 10 2010

Reported on October 10 2010

1 Executive Summary

This report represents a security audit performed by NeXpose from Hoyt LLC. It contains confidential information about the state of your network. Access to this information by unauthorized personnel may allow them to compromise your network.

Site Name

Start Time

End Time

Total Time

Status

plesk

October 10, 2010 11:49, EDT

October 10, 2010 12:25, EDT

36 minutes

Success

The audit was performed on one system which was found to be active and was scanned.

Vulnerabilities by Severity

There were 29 vulnerabilities found during this scan. Of these, 6 were critical vulnerabilities. Critical vulnerabilities require immediate attention. They are relatively easy for attackers to exploit and may provide them with full control of the affected systems. 18 vulnerabilities were severe. Severe vulnerabilities are often harder to exploit and may not provide the same access to affected systems. There were 5 moderate vulnerabilities discovered. These often provide information to attackers that may assist them in mounting subsequent attacks on your network. These should also be fixed in a timely manner, but are not as urgent as the other vulnerabilities.

Most Common Vulnerabilities
Most Common Vulnerability Categories

There were 209 occurrences of the http-basic-auth-cleartext vulnerability, making it the most common vulnerability. There were 255 vulnerabilities in the Web category, making it the most common vulnerability category.

Highest Risk Vulnerabilities

The mysql-yassl-multiple-bof, mysql-myisam-table-privilege-check-bypass and mysql-yassl-certdecodergetname-multiple-bofs vulnerabilities pose the highest risk to the organization with a risk score of 90. Vulnerability risk scores are calculated by looking at the likelihood of attack and impact, based upon CVSS metrics. The impact and likelihood are then multiplied by the number of instances of the vulnerability to come up with the final risk score.

One operating system was identified during this scan.

There were 9 services found to be running during this scan.

Most Common Services
Vulnerabilities by Service

The DNS, DNS-TCP, FTP, HTTP, HTTPS, IMAP, Microsoft Remote Display Protocol, MySQL and POP services were found on 1 systems, making them the most common services. The HTTP service was found to have the most vulnerabilities during this scan with 228 vulnerabilities.

2 Discovered Systems

Node

Operating System

Risk

Aliases

vulnerable.plesk.smb.10.2.0.host

Microsoft Windows Server 2008 R2

7.41

  • plesk.cloudscan.me

3 Discovered and Potential Vulnerabilities

3.1 Critical Vulnerabilities

3.1.1 HTTP Basic Authentication Enabled (http-basic-auth-cleartext)

Description:

The HTTP Basic Authentication scheme is not considered to be a secure method of user authentication (unless used in conjunction with some external secure system such as TLS/SSL), as the user name and password are passed over the network as cleartext.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/ADw-script AD4-alert(42) ADw-/ ( http://vulnerable.plesk.smb.10.2.0.host/test/php/ADw-script AD4-alert(42) ADw-/ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/adovbs.inc.old ( http://vulnerable.plesk.smb.10.2.0.host/test/php/adovbs.inc.old )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/adovbs.inc.tmp ( http://vulnerable.plesk.smb.10.2.0.host/test/php/adovbs.inc.tmp )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/adovbs.inc~ ( http://vulnerable.plesk.smb.10.2.0.host/test/php/adovbs.inc~ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/ADw-script AD4-alert(42) ADw-/script AD4- ( http://vulnerable.plesk.smb.10.2.0.host/test/php/ADw-script AD4-alert(42) ADw-/script AD4- )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/CVS/ ( http://vulnerable.plesk.smb.10.2.0.host/test/php/CVS/ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/CVS/Entries ( http://vulnerable.plesk.smb.10.2.0.host/test/php/CVS/Entries )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/CVS/Root ( http://vulnerable.plesk.smb.10.2.0.host/test/php/CVS/Root )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/DEADJOE ( http://vulnerable.plesk.smb.10.2.0.host/test/php/DEADJOE )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/test.CGI ( http://vulnerable.plesk.smb.10.2.0.host/test/php/test.CGI )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/test.FCGI ( http://vulnerable.plesk.smb.10.2.0.host/test/php/test.FCGI )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/test.php ( http://vulnerable.plesk.smb.10.2.0.host/test/php/test.php )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/test.PHP ( http://vulnerable.plesk.smb.10.2.0.host/test/php/test.PHP )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/test.php. ( http://vulnerable.plesk.smb.10.2.0.host/test/php/test.php. )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/test.php.bak ( http://vulnerable.plesk.smb.10.2.0.host/test/php/test.php.bak )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/test.php.old ( http://vulnerable.plesk.smb.10.2.0.host/test/php/test.php.old )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/test.php.tmp ( http://vulnerable.plesk.smb.10.2.0.host/test/php/test.php.tmp )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/test.php~ ( http://vulnerable.plesk.smb.10.2.0.host/test/php/test.php~ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/test.PHP3 ( http://vulnerable.plesk.smb.10.2.0.host/test/php/test.PHP3 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/test.PHP4 ( http://vulnerable.plesk.smb.10.2.0.host/test/php/test.PHP4 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/test.PHP5 ( http://vulnerable.plesk.smb.10.2.0.host/test/php/test.PHP5 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/test.PHTML ( http://vulnerable.plesk.smb.10.2.0.host/test/php/test.PHTML )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/test.PL ( http://vulnerable.plesk.smb.10.2.0.host/test/php/test.PL )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/test.PY ( http://vulnerable.plesk.smb.10.2.0.host/test/php/test.PY )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/test.RB ( http://vulnerable.plesk.smb.10.2.0.host/test/php/test.RB )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/test.SH ( http://vulnerable.plesk.smb.10.2.0.host/test/php/test.SH )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/test.SHTML ( http://vulnerable.plesk.smb.10.2.0.host/test/php/test.SHTML )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/Trace.axd ( http://vulnerable.plesk.smb.10.2.0.host/test/php/Trace.axd )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/WS_FTP.LOG ( http://vulnerable.plesk.smb.10.2.0.host/test/php/WS_FTP.LOG )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/ ( http://vulnerable.plesk.smb.10.2.0.host/test/python/ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- ( http://vulnerable.plesk.smb.10.2.0.host/test/python/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/%23adojavas.inc%23 ( http://vulnerable.plesk.smb.10.2.0.host/test/python/%23adojavas.inc%23 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/%23adovbs.inc%23 ( http://vulnerable.plesk.smb.10.2.0.host/test/python/%23adovbs.inc%23 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/%3f.jsp ( http://vulnerable.plesk.smb.10.2.0.host/test/python/%3f.jsp )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/%3f.jsp%5C ( http://vulnerable.plesk.smb.10.2.0.host/test/python/%3f.jsp%5C )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/.svn/ ( http://vulnerable.plesk.smb.10.2.0.host/test/python/.svn/ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/.svn/entries ( http://vulnerable.plesk.smb.10.2.0.host/test/python/.svn/entries )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/adojavas.inc ( http://vulnerable.plesk.smb.10.2.0.host/test/python/adojavas.inc )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/adojavas.inc.bak ( http://vulnerable.plesk.smb.10.2.0.host/test/python/adojavas.inc.bak )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/adojavas.inc.old ( http://vulnerable.plesk.smb.10.2.0.host/test/python/adojavas.inc.old )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/adojavas.inc.tmp ( http://vulnerable.plesk.smb.10.2.0.host/test/python/adojavas.inc.tmp )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/adojavas.inc~ ( http://vulnerable.plesk.smb.10.2.0.host/test/python/adojavas.inc~ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/adovbs.inc ( http://vulnerable.plesk.smb.10.2.0.host/test/python/adovbs.inc )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/adovbs.inc.bak ( http://vulnerable.plesk.smb.10.2.0.host/test/python/adovbs.inc.bak )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/adovbs.inc.old ( http://vulnerable.plesk.smb.10.2.0.host/test/python/adovbs.inc.old )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/adovbs.inc.tmp ( http://vulnerable.plesk.smb.10.2.0.host/test/python/adovbs.inc.tmp )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/adovbs.inc~ ( http://vulnerable.plesk.smb.10.2.0.host/test/python/adovbs.inc~ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/ADw-script AD4-alert(42) ADw-/ ( http://vulnerable.plesk.smb.10.2.0.host/test/python/ADw-script AD4-alert(42) ADw-/ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/ADw-script AD4-alert(42) ADw-/script AD4- ( http://vulnerable.plesk.smb.10.2.0.host/test/python/ADw-script AD4-alert(42) ADw-/script AD4- )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/CVS/ ( http://vulnerable.plesk.smb.10.2.0.host/test/python/CVS/ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/CVS/Entries ( http://vulnerable.plesk.smb.10.2.0.host/test/python/CVS/Entries )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/CVS/Root ( http://vulnerable.plesk.smb.10.2.0.host/test/python/CVS/Root )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/DEADJOE ( http://vulnerable.plesk.smb.10.2.0.host/test/python/DEADJOE )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/test.CGI ( http://vulnerable.plesk.smb.10.2.0.host/test/python/test.CGI )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/test.FCGI ( http://vulnerable.plesk.smb.10.2.0.host/test/python/test.FCGI )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/test.PHP ( http://vulnerable.plesk.smb.10.2.0.host/test/python/test.PHP )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/test.PHP3 ( http://vulnerable.plesk.smb.10.2.0.host/test/python/test.PHP3 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/test.PHP4 ( http://vulnerable.plesk.smb.10.2.0.host/test/python/test.PHP4 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/test.PHP5 ( http://vulnerable.plesk.smb.10.2.0.host/test/python/test.PHP5 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/test.PHTML ( http://vulnerable.plesk.smb.10.2.0.host/test/python/test.PHTML )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/test.PL ( http://vulnerable.plesk.smb.10.2.0.host/test/python/test.PL )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/test.py ( http://vulnerable.plesk.smb.10.2.0.host/test/python/test.py )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/test.PY ( http://vulnerable.plesk.smb.10.2.0.host/test/python/test.PY )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/test.py. ( http://vulnerable.plesk.smb.10.2.0.host/test/python/test.py. )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/test.RB ( http://vulnerable.plesk.smb.10.2.0.host/test/python/test.RB )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/test.SH ( http://vulnerable.plesk.smb.10.2.0.host/test/python/test.SH )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/test.SHTML ( http://vulnerable.plesk.smb.10.2.0.host/test/python/test.SHTML )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/Trace.axd ( http://vulnerable.plesk.smb.10.2.0.host/test/python/Trace.axd )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/python/WS_FTP.LOG ( http://vulnerable.plesk.smb.10.2.0.host/test/python/WS_FTP.LOG )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/Trace.axd ( http://vulnerable.plesk.smb.10.2.0.host/test/Trace.axd )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/WS_FTP.LOG ( http://vulnerable.plesk.smb.10.2.0.host/test/WS_FTP.LOG )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/ ( http://vulnerable.plesk.smb.10.2.0.host/test/ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- ( http://vulnerable.plesk.smb.10.2.0.host/test/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/%3f.jsp ( http://vulnerable.plesk.smb.10.2.0.host/test/%3f.jsp )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/.svn/entries ( http://vulnerable.plesk.smb.10.2.0.host/test/.svn/entries )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/adojavas.inc ( http://vulnerable.plesk.smb.10.2.0.host/test/adojavas.inc )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/adovbs.inc ( http://vulnerable.plesk.smb.10.2.0.host/test/adovbs.inc )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/ADw-script AD4-alert(42) ADw-/script AD4- ( http://vulnerable.plesk.smb.10.2.0.host/test/ADw-script AD4-alert(42) ADw-/script AD4- )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/ ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/%23adojavas.inc%23 ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/%23adojavas.inc%23 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/%23adovbs.inc%23 ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/%23adovbs.inc%23 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/%23test.aspx%23 ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/%23test.aspx%23 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/%3f.jsp ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/%3f.jsp )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/%3f.jsp%5C ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/%3f.jsp%5C )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/.svn/ ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/.svn/ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/.svn/entries ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/.svn/entries )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/adojavas.inc ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/adojavas.inc )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/adojavas.inc.bak ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/adojavas.inc.bak )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/adojavas.inc.old ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/adojavas.inc.old )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/adojavas.inc.tmp ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/adojavas.inc.tmp )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/adojavas.inc~ ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/adojavas.inc~ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/adovbs.inc ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/adovbs.inc )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/adovbs.inc.bak ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/adovbs.inc.bak )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/adovbs.inc.old ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/adovbs.inc.old )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/adovbs.inc.tmp ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/adovbs.inc.tmp )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/adovbs.inc~ ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/adovbs.inc~ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/ADw-script AD4-alert(42) ADw-/ ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/ADw-script AD4-alert(42) ADw-/ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/ADw-script AD4-alert(42) ADw-/script AD4- ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/ADw-script AD4-alert(42) ADw-/script AD4- )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/CVS/ ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/CVS/ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/CVS/Entries ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/CVS/Entries )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/CVS/Root ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/CVS/Root )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/DEADJOE ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/DEADJOE )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/test.aspx ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/test.aspx )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/test.aspx%3f.jsp ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/test.aspx%3f.jsp )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/test.aspx%3f.jsp%5C ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/test.aspx%3f.jsp%5C )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/test.aspx.bak ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/test.aspx.bak )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/test.aspx.old ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/test.aspx.old )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/test.aspx.tmp ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/test.aspx.tmp )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/test.aspx~ ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/test.aspx~ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/Trace.axd ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/Trace.axd )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/WS_FTP.LOG ( http://vulnerable.plesk.smb.10.2.0.host/test/aspnet/WS_FTP.LOG )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/CVS/Entries ( http://vulnerable.plesk.smb.10.2.0.host/test/CVS/Entries )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/CVS/Root ( http://vulnerable.plesk.smb.10.2.0.host/test/CVS/Root )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/DEADJOE ( http://vulnerable.plesk.smb.10.2.0.host/test/DEADJOE )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/ ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/%23adojavas.inc%23 ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/%23adojavas.inc%23 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/%23adovbs.inc%23 ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/%23adovbs.inc%23 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/%23info2www.cgi%23 ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/%23info2www.cgi%23 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/%23info2www.pl%23 ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/%23info2www.pl%23 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/%23test.pl%23 ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/%23test.pl%23 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/%3f.jsp ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/%3f.jsp )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/%3f.jsp%5C ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/%3f.jsp%5C )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/.svn/ ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/.svn/ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/.svn/entries ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/.svn/entries )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/adojavas.inc ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/adojavas.inc )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/adojavas.inc.bak ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/adojavas.inc.bak )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/adojavas.inc.old ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/adojavas.inc.old )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/adojavas.inc.tmp ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/adojavas.inc.tmp )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/adojavas.inc~ ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/adojavas.inc~ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/adovbs.inc ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/adovbs.inc )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/adovbs.inc.bak ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/adovbs.inc.bak )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/adovbs.inc.old ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/adovbs.inc.old )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/adovbs.inc.tmp ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/adovbs.inc.tmp )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/adovbs.inc~ ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/adovbs.inc~ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/ADw-script AD4-alert(42) ADw-/ ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/ADw-script AD4-alert(42) ADw-/ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/ADw-script AD4-alert(42) ADw-/script AD4- ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/ADw-script AD4-alert(42) ADw-/script AD4- )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/CVS/ ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/CVS/ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/CVS/Entries ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/CVS/Entries )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/CVS/Root ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/CVS/Root )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/DEADJOE ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/DEADJOE )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.cgi ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.cgi )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.CGI ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.CGI )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.cgi. ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.cgi. )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.cgi.bak ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.cgi.bak )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.cgi.old ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.cgi.old )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.cgi.tmp ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.cgi.tmp )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.cgi~ ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.cgi~ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.FCGI ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.FCGI )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.PHP ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.PHP )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.PHP3 ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.PHP3 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.PHP4 ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.PHP4 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.PHP5 ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.PHP5 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.PHTML ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.PHTML )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.pl ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.pl )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.PL ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.PL )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.pl. ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.pl. )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.pl.bak ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.pl.bak )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.pl.html ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.pl.html )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.pl.LOG ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.pl.LOG )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.pl.old ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.pl.old )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.pl.tdy ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.pl.tdy )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.pl.tmp ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.pl.tmp )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.pl~ ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.pl~ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.PY ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.PY )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.RB ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.RB )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.SH ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.SH )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.SHTML ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/info2www.SHTML )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.CGI ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.CGI )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.FCGI ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.FCGI )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.PHP ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.PHP )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.PHP3 ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.PHP3 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.PHP4 ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.PHP4 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.PHP5 ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.PHP5 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.PHTML ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.PHTML )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.pl ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.pl )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.PL ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.PL )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.pl. ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.pl. )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.pl.bak ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.pl.bak )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.pl.html ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.pl.html )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.pl.LOG ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.pl.LOG )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.pl.old ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.pl.old )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.pl.tdy ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.pl.tdy )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.pl.tmp ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.pl.tmp )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.pl~ ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.pl~ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.PY ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.PY )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.RB ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.RB )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.SH ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.SH )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.SHTML ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/test.SHTML )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/Trace.axd ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/Trace.axd )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/perl/WS_FTP.LOG ( http://vulnerable.plesk.smb.10.2.0.host/test/perl/WS_FTP.LOG )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/ ( http://vulnerable.plesk.smb.10.2.0.host/test/php/ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- ( http://vulnerable.plesk.smb.10.2.0.host/test/php/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/%23adojavas.inc%23 ( http://vulnerable.plesk.smb.10.2.0.host/test/php/%23adojavas.inc%23 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/%23adovbs.inc%23 ( http://vulnerable.plesk.smb.10.2.0.host/test/php/%23adovbs.inc%23 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/%23test.php%23 ( http://vulnerable.plesk.smb.10.2.0.host/test/php/%23test.php%23 )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/%3f.jsp ( http://vulnerable.plesk.smb.10.2.0.host/test/php/%3f.jsp )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/%3f.jsp%5C ( http://vulnerable.plesk.smb.10.2.0.host/test/php/%3f.jsp%5C )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/.svn/ ( http://vulnerable.plesk.smb.10.2.0.host/test/php/.svn/ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/.svn/entries ( http://vulnerable.plesk.smb.10.2.0.host/test/php/.svn/entries )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/adojavas.inc ( http://vulnerable.plesk.smb.10.2.0.host/test/php/adojavas.inc )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/adojavas.inc.bak ( http://vulnerable.plesk.smb.10.2.0.host/test/php/adojavas.inc.bak )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/adojavas.inc.old ( http://vulnerable.plesk.smb.10.2.0.host/test/php/adojavas.inc.old )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/adojavas.inc.tmp ( http://vulnerable.plesk.smb.10.2.0.host/test/php/adojavas.inc.tmp )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/adojavas.inc~ ( http://vulnerable.plesk.smb.10.2.0.host/test/php/adojavas.inc~ )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/adovbs.inc ( http://vulnerable.plesk.smb.10.2.0.host/test/php/adovbs.inc )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

vulnerable.plesk.smb.10.2.0.host:80

Running vulnerable HTTP service.

http://vulnerable.plesk.smb.10.2.0.host/test/php/adovbs.inc.bak ( http://vulnerable.plesk.smb.10.2.0.host/test/php/adovbs.inc.bak )

1: 
Basic
realm="vulnerable.plesk.smb.10.2.0.host"

References:

Source

Reference

URL

http://tools.ietf.org/html/rfc2617 ( http://tools.ietf.org/html/rfc2617 )

Vulnerability Solution:

  • Use Basic Authentication over TLS/SSL (HTTPS)

    Enable HTTPS on the Web server. The TLS/SSL protocol will protect cleartext Basic Authentication credentials.

  • Use Digest Authentication

    Replace Basic Authentication with the alternative Digest Authentication scheme. By modern cryptographic standards Digest Authentication is weak. But for a large range of purposes it is valuable as a replacement for Basic Authentication. It remedies some, but not all, weaknesses of Basic Authentication. See RFC 2617, section 4. Security Considerations ( http://tools.ietf.org/html/rfc2617#section-4 ) for more information.

3.1.2 MySQL Bug #32707: send_error() Buffer Overflow Vulnerability (mysql-bug-32707-send-error-bof)

Description:

A buffer overflow in MySQL 5.0 through 5.0.54 and 5.1 before 5.1.23 contains a flaw in the protocol layer. A long error message can cause a buffer overflow, potentially leading to execution of code.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:3306

Running vulnerable MySQL service: MySQL 5.0.45.

References:

Source

Reference

URL

http://bugs.mysql.com/bug.php?id=32707 ( http://bugs.mysql.com/bug.php?id=32707 )

Vulnerability Solution:

  • MySQL >= 5.0.0 and < 5.0.54

    Upgrade to MySQL v5.0.54

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.0.html ( http://dev.mysql.com/downloads/mysql/5.0.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL (?:^5.1.)

    Upgrade to MySQL v5.1.23

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.1.html ( http://dev.mysql.com/downloads/mysql/5.1.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

3.1.3 MySQL Bug #37428: User-Defind Function Remote Code Execution (mysql-bug-37428-user-defind-function-remote-codex)

Description:

MySQL server 5.0 before 5.0.67 contains a flaw in creating and dropping certain functions. Using MySQL's user-defined functions, an authenticated attacker can create a function in a shared library and run arbitrary code against the server.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:3306

Running vulnerable MySQL service: MySQL 5.0.45.

References:

Source

Reference

URL

http://bugs.mysql.com/bug.php?id=37428 ( http://bugs.mysql.com/bug.php?id=37428 )

Vulnerability Solution:

MySQL >= 5.0.0 and < 5.0.67

Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.0.html ( http://dev.mysql.com/downloads/mysql/5.0.html )

Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

3.1.4 MySQL dispatch_command() Multiple Format String Vulnerabilities (mysql-dispatch_command-multiple-format-string)

Description:

Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:3306

Running vulnerable MySQL service: MySQL 5.0.45.

References:

Source

Reference

BID

35609 ( http://www.securityfocus.com/bid/35609 )

SECUNIA

35767 ( http://secunia.com/advisories/35767/ )

XF

mysql-dispatchcommand-format-string(51614) ( http://xforce.iss.net/xforce/xfdb/51614 )

CVE

CVE-2009-2446 ( http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2446 )

Vulnerability Solution:

MySQL >= 5.0.0 and < 5.0.84

Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.0.html ( http://dev.mysql.com/downloads/mysql/5.0.html )

Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

3.1.5 MySQL yaSSL CertDecoder::GetName Multiple Buffer Overflows (mysql-yassl-certdecodergetname-multiple-bofs)

Description:

Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:3306

Running vulnerable MySQL service: MySQL 5.0.45.

References:

Source

Reference

BID

37943 ( http://www.securityfocus.com/bid/37943 )

SECUNIA

38364 ( http://secunia.com/advisories/38364/ )

XF

mysql-unspecified-bo(55416) ( http://xforce.iss.net/xforce/xfdb/55416 )

CVE

CVE-2009-4484 ( http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4484 )

URL

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html ( http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html )

URL

http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html ( http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html )

URL

http://bugs.mysql.com/bug.php?id=50227 ( http://bugs.mysql.com/bug.php?id=50227 )

Vulnerability Solution:

  • MySQL >= 5.0.0 and < 5.0.90

    Upgrade to MySQL v5.0.90

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.0.html ( http://dev.mysql.com/downloads/mysql/5.0.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL >= 5.1.0 and < 5.1.43

    Upgrade to MySQL v5.1.43

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.1.html ( http://dev.mysql.com/downloads/mysql/5.1.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

3.1.6 MySQL yaSSL Multiple Buffer Overflow Vulnerabilities (mysql-yassl-multiple-bof)

Description:

When configured with SSL support, MySQL 5.0.x before 5.0.54a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4a is vulnerable to multiple buffer overflow vulnerabilities in the yaSSL package used to provide SSL support. The most severe of these vulnerabilities may allow unauthenticated remote code execution.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:3306

Running vulnerable MySQL service: MySQL 5.0.45.

References:

Source

Reference

CVE

CVE-2008-0226 ( http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0226 )

CVE

CVE-2008-0227 ( http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0227 )

URL

http://bugs.mysql.com/bug.php?id=33814 ( http://bugs.mysql.com/bug.php?id=33814 )

BID

27140 ( http://www.securityfocus.com/bid/27140 )

Vulnerability Solution:

  • MySQL >= 5.0.0 and < 5.0.54a

    Upgrade to MySQL v5.0.54a

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.0.html ( http://dev.mysql.com/downloads/mysql/5.0.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL (?:^5.1.)

    Upgrade to MySQL v5.1.23

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.1.html ( http://dev.mysql.com/downloads/mysql/5.1.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL (?:^6.0.)

    Upgrade to MySQL v6.0.4a

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/6.0.html ( http://dev.mysql.com/downloads/mysql/6.0.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

3.2 Severe Vulnerabilities

3.2.1 MySQL Bug #29801: Remote Federated Engine Crash (mysql-bug-29801-remote-federated-engine-crash)

Description:

Versions of MySQL server before 5.0.52 and 5.1.23 suffer from a denial of service vulnerability via a flaw in the federated engine. On issuance of a command to a remote server (e.g., SHOW TABLE STATUS LIKE 'table'), the local federated server expects a query to contain fourteen columns. A response with less than fourteen columns causes the federated server to crash.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:3306

Running vulnerable MySQL service: MySQL 5.0.45.

References:

Source

Reference

URL

http://bugs.mysql.com/bug.php?id=29801 ( http://bugs.mysql.com/bug.php?id=29801 )

Vulnerability Solution:

  • MySQL >= 5.0.0 and < 5.0.52

    Upgrade to MySQL v5.0.52

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.0.html ( http://dev.mysql.com/downloads/mysql/5.0.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL (?:^5.1.)

    Upgrade to MySQL v5.1.23

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.1.html ( http://dev.mysql.com/downloads/mysql/5.1.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

3.2.2 MySQL Bug #38296: Nested Boolean Query Exhaustion Denial of Service (mysql-bug-38296-nested-boolean-query-exhaustion-dos)

Description:

There is a flaw in parsing queries in MySQL 5.0 before 5.0.68 and MySQL 5.1 before 5.1.28. An attacker can potentially cause the server to crash by sending a query with multiple nested logic operators, e.g. 'SELECT * FROM TABLE WHERE ... OR ( ... OR ( ... OR ( ...' etc.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:3306

Running vulnerable MySQL service: MySQL 5.0.45.

References:

Source

Reference

URL

http://bugs.mysql.com/bug.php?id=38296 ( http://bugs.mysql.com/bug.php?id=38296 )

Vulnerability Solution:

  • MySQL >= 5.0.0 and < 5.0.68

    Upgrade to MySQL v5.0.68

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.0.html ( http://dev.mysql.com/downloads/mysql/5.0.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL >= 5.1.0 and < 5.1.28

    Upgrade to MySQL v5.1.28

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.1.html ( http://dev.mysql.com/downloads/mysql/5.1.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

3.2.3 MySQL COM_FIELD_LIST Command Buffer Overflow Vulnerability (mysql-com_field_list-command-bof)

Description:

A buffer overflow in MySQL 5.0 before 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to execute arbitrary code via a COM_FIELD_LIST command with a long table name.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:3306

Running vulnerable MySQL service: MySQL 5.0.45.

References:

Source

Reference

CVE

CVE-2010-1850 ( http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1850 )

URL

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-47.html ( http://dev.mysql.com/doc/refman/5.1/en/news-5-1-47.html )

URL

http://dev.mysql.com/doc/refman/5.0/en/news-5-0-91.html ( http://dev.mysql.com/doc/refman/5.0/en/news-5-0-91.html )

URL

http://bugs.mysql.com/bug.php?id=53237 ( http://bugs.mysql.com/bug.php?id=53237 )

Vulnerability Solution:

  • MySQL >= 5.0.0 and < 5.0.91

    Upgrade to MySQL v5.0.91

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.0.html ( http://dev.mysql.com/downloads/mysql/5.0.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL >= 5.1.0 and < 5.1.47

    Upgrade to MySQL v5.1.47

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.1.html ( http://dev.mysql.com/downloads/mysql/5.1.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

3.2.4 MySQL Directory Traversal and Arbitrary Table Access Vulnerability (mysql-directory-traversal-and-arbitrary-table-access)

Description:

Directory traversal vulnerability in MySQL 5.0 before 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:3306

Running vulnerable MySQL service: MySQL 5.0.45.

References:

Source

Reference

CVE

CVE-2010-1848 ( http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1848 )

URL

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-47.html ( http://dev.mysql.com/doc/refman/5.1/en/news-5-1-47.html )

URL

http://dev.mysql.com/doc/refman/5.0/en/news-5-0-91.html ( http://dev.mysql.com/doc/refman/5.0/en/news-5-0-91.html )

URL

http://bugs.mysql.com/bug.php?id=53371 ( http://bugs.mysql.com/bug.php?id=53371 )

Vulnerability Solution:

  • MySQL >= 5.0.0 and < 5.0.91

    Upgrade to MySQL v5.0.91

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.0.html ( http://dev.mysql.com/downloads/mysql/5.0.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL >= 5.1.0 and < 5.1.47

    Upgrade to MySQL v5.1.47

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.1.html ( http://dev.mysql.com/downloads/mysql/5.1.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

3.2.5 MySQL MyISAM Table Privilege Check Bypass (mysql-myisam-table-privilege-check-bypass)

Description:

Certain versions of MySQL allow local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified DATA DIRECTORY or INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:3306

Running vulnerable MySQL service: MySQL 5.0.45.

References:

Source

Reference

BID

29106 ( http://www.securityfocus.com/bid/29106 )

CVE

CVE-2008-4097 ( http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4097 )

CVE

CVE-2008-4098 ( http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4098 )

SECUNIA

30134 ( http://secunia.com/advisories/30134/ )

URL

http://bugs.mysql.com/bug.php?id=32167 ( http://bugs.mysql.com/bug.php?id=32167 )

URL

http://lists.mysql.com/commits/50036 ( http://lists.mysql.com/commits/50036 )

URL

http://lists.mysql.com/commits/50773 ( http://lists.mysql.com/commits/50773 )

Vulnerability Solution:

  • MySQL (?:^6.0.)

    Upgrade to MySQL v6.0.10

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/6.0.html ( http://dev.mysql.com/downloads/mysql/6.0.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL >= 5.1.0 and < 5.1.32

    Upgrade to MySQL v5.1.32

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.1.html ( http://dev.mysql.com/downloads/mysql/5.1.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL >= 5.0.0 and < 5.0.68

    Upgrade to MySQL v5.0.77

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.0.html ( http://dev.mysql.com/downloads/mysql/5.0.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL (?:^4.1.)

    Upgrade to MySQL v4.1.25

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/4.1.html ( http://dev.mysql.com/downloads/mysql/4.1.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

3.2.6 MySQL vio_verify_callback() Zero-Depth X.509 Certificate Vulnerability (mysql-vio_verify_callback-zero-depth-x-509-certificate)

Description:

The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 accepts a value of zero for the depth of X.509 certificates when OpenSSL is used. This allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:3306

Running vulnerable MySQL service: MySQL 5.0.45.

References:

Source

Reference

CVE

CVE-2009-4028 ( http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4028 )

URL

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html ( http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html )

URL

http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html ( http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html )

URL

http://bugs.mysql.com/bug.php?id=47320 ( http://bugs.mysql.com/bug.php?id=47320 )

Vulnerability Solution:

  • MySQL >= 5.0.0 and < 5.0.88

    Upgrade to MySQL v5.0.88

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.0.html ( http://dev.mysql.com/downloads/mysql/5.0.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL >= 5.1.0 and < 5.1.41

    Upgrade to MySQL v5.1.41

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.1.html ( http://dev.mysql.com/downloads/mysql/5.1.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

3.2.7 X.509 Certificate Subject CN Does Not Match the Entity Name (certificate-common-name-mismatch)

Description:

The subject common name (CN) field in the X.509 certificate does not match the name of the entity presenting the certificate.

Before issuing a certificate, a Certification Authority (CA) must check the identity of the entity requesting the certificate, as specified in the CA's Certification Practice Statement (CPS). Thus, standard certificate validation procedures require the subject CN field of a certificate to match the actual name of the entity presenting the certificate. For example, in a certificate presented by "https://www.example.com/", the CN should be "www.example.com".

In order to detect and prevent active eavesdropping attacks, the validity of a certificate must be verified, else an attacker could then launch a man-in-the-middle attack and gain full control of the data stream. Of particular importance is the validity of the subject's CN, that should match the name of the entity (hostname).

A CN mismatch most often occurs due to a configuration error, though it can also indicate that a man-in-the-middle attack is being conducted.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:443

The subject common name found in the X.509 certificate ('CN=Parallels Panel') does not seem to match the scan target 'vulnerable.plesk.smb.10.2.0.host':

  • Subject CN 'Parallels Panel' does not match node name 'vulnerable.plesk.smb.10.2.0.host'
  • Subject CN 'Parallels Panel' does not match DNS name 'plesk.cloudscan.me'

vulnerable.plesk.smb.10.2.0.host:8443

The subject common name found in the X.509 certificate ('CN=Parallels Panel') does not seem to match the scan target 'vulnerable.plesk.smb.10.2.0.host':

  • Subject CN 'Parallels Panel' does not match node name 'vulnerable.plesk.smb.10.2.0.host'
  • Subject CN 'Parallels Panel' does not match DNS name 'plesk.cloudscan.me'

References:

None

Vulnerability Solution:

The subject's common name (CN) field in the X.509 certificate should be fixed to reflect the name of the entity presenting the certificate (e.g., the hostname). This is done by generating a new certificate usually signed by a Certification Authority (CA) trusted by both the client and server.

3.2.8 Cross Site Scripting Vulnerability (http-cgi-0010)

Description:

The web application is vulnerable to cross-site scripting (XSS). Cross-site scripting vulnerabilities allow malicious attackers to take advantage of web server scripts to inject JavaScript or HTML code that is executed on the client-side browser. This is often caused by server-side scripts written in languages such as PHP, ASP, .NET, Perl or Java that do not adequately filter data sent along with page requests. This malicious code will appear to come from your web application when it runs in the browser of an unsuspecting user.

An exploit script can be made to:

  • access other sites inside another client's private intranet.
  • steal another client's cookie(s).
  • modify another client's cookie(s).
  • steal another client's submitted form data.
  • modify another client's submitted form data (before it reaches the server).
  • submit a form to your application on the user's behalf which modifies passwords or other application data

The two most common methods of attack are:

  • Clicking on a URL link sent in an e-mail
  • Clicking on a URL link while visiting a website

In both scenarios, the URL will generally link to the trusted site, but will contain additional data that is used to trigger the XSS attack.

Note that SSL connectivity does not protect against this issue.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:8443

Injected into the "login_name" form parameter on https://vulnerable.plesk.smb.10.2.0.host:8443/login_up.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/login_up.php3 ) :

28: 	turnAutocompleteOff();
29: 	loff();
30: 	var std_context = 'login_up';
31: 	SetHelpPrefix(''); SetContext(std_context, '');
32: ...ButtonByName("
<script>nxpxsstest
");

vulnerable.plesk.smb.10.2.0.host:8443

Injected into the "passwd" form parameter on https://vulnerable.plesk.smb.10.2.0.host:8443/login_up.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/login_up.php3 ) :

28: 	turnAutocompleteOff();
29: 	loff();
30: 	var std_context = 'login_up';
31: 	SetHelpPrefix(''); SetContext(std_context, '');
32: ...nByName("\'\'>
<script>nxpxsstest
");

vulnerable.plesk.smb.10.2.0.host:8443

Injected into the "passwd" form parameter on https://vulnerable.plesk.smb.10.2.0.host:8443/login_up.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/login_up.php3 ) :

28: 	turnAutocompleteOff();
29: 	loff();
30: 	var std_context = 'login_up';
31: 	SetHelpPrefix(''); SetContext(std_context, '');
32: ...onByName("\'\'
<script>nxpxsstest
");

vulnerable.plesk.smb.10.2.0.host:8443

Injected into the "locale_id" form parameter on https://vulnerable.plesk.smb.10.2.0.host:8443/login_up.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/login_up.php3 ) :

28: 	turnAutocompleteOff();
29: 	loff();
30: 	var std_context = 'login_up';
31: 	SetHelpPrefix(''); SetContext(std_context, '');
32: ...ButtonByName("
</XSS/*-*/STYLE=xss:e/**/xpression(nxpsstest)>
");

References:

Source

Reference

CERT

CA-2000-02 ( http://www.cert.org/advisories/CA-2000-02.html )

URL

http://en.wikipedia.org/wiki/Cross_site_scripting ( http://en.wikipedia.org/wiki/Cross_site_scripting )

Vulnerability Solution:

Audit the affected url and other similar dynamic pages or scripts that could be relaying untrusted malicious data from the user input. In general, the following practices should be followed while developing dynamic web content:

  • Explicitly set the character set encoding for each page generated by the web server
  • Identify special characters
  • Encode dynamic output elements
  • Filter specific characters in dynamic elements
  • Examine cookies

For more information on the above practices, read the following CERT advisory: CERT Advisory CA-2000-02 ( http://www.cert.org/tech_tips/malicious_code_mitigation.html )

  • For ASP.NET applications, the validateRequest attribute can be added to the page or the web.config. For example:

            <%@ Page ... validateRequest="true" %>
    
            OR
    
            <system.web>
             <pages validateRequest="true" />
            </system.web>
          

    In addition, all dynamic content should be HTML encoded using HTTPUtility.HTMLEncode.

  • For PHP applications, input data should be validated using functions such as strip_tags and utf8_decode. Dynamic content should be HTML encoded using htmlentities.

  • For Perl applications, input data should be validated whenever possible using regular expressions. Dynamic content should be HTML encoded using HTML::Entities::encode or Apache::Util::html_encode (when using mod_perl).

3.2.9 MySQL 'DATA DIRECTORY' and 'INDEX DIRECTORY' MyISAM Table Privilege Escalation Vulnerability (mysql-datadir-isam-table-privilege-escalation)

Description:

MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:3306

Running vulnerable MySQL service: MySQL 5.0.45.

References:

Source

Reference

CVE

CVE-2008-2079 ( http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2079 )

URL

http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html ( http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html )

URL

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html ( http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html )

URL

http://bugs.mysql.com/32091 ( http://bugs.mysql.com/32091 )

XF

mysql-datadirectory-privilege-escalation(38988) ( http://xforce.iss.net/xforce/xfdb/38988 )

Vulnerability Solution:

  • MySQL (?:^4.1.)

    Upgrade to MySQL v4.1.24

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/4.1.html ( http://dev.mysql.com/downloads/mysql/4.1.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL >= 5.0.0 and < 5.0.60

    Upgrade to MySQL v5.0.60

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.0.html ( http://dev.mysql.com/downloads/mysql/5.0.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL (?:^5.1.)

    Upgrade to MySQL v5.1.24

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.1.html ( http://dev.mysql.com/downloads/mysql/5.1.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL (?:^6.0.)

    Upgrade to MySQL v6.0.5

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/6.0.html ( http://dev.mysql.com/downloads/mysql/6.0.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

3.2.10 MySQL Empty Bit-String Literal Denial of Service (mysql-empty-bit-string-dos)

Description:

Certain versions of MySQL do not correctly handle SQL requests containing empty literal bit-string, such as:

       select b'';
    

This could allow a remote authenticated user to crash the service.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:3306

Running vulnerable MySQL service: MySQL 5.0.45.

References:

Source

Reference

CVE

CVE-2008-3963 ( http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3963 )

SECUNIA

31769 ( http://secunia.com/advisories/31769/ )

URL

http://bugs.mysql.com/bug.php?id=35658 ( http://bugs.mysql.com/bug.php?id=35658 )

Vulnerability Solution:

  • MySQL (?:^5.0.)

    Upgrade to MySQL v5.0.66

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.0.html ( http://dev.mysql.com/downloads/mysql/5.0.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL (?:^5.1.)

    Upgrade to MySQL v5.1.26

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.1.html ( http://dev.mysql.com/downloads/mysql/5.1.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL (?:^6.0.)

    Upgrade to MySQL v6.0.6

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/6.0.html ( http://dev.mysql.com/downloads/mysql/6.0.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

3.2.11 MySQL Federated Engine SHOW TABLE STATUS query denial-of-service (mysql-federated-engine-show-table-status-dos)

Description:

The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:3306

Running vulnerable MySQL service: MySQL 5.0.45.

References:

Source

Reference

CVE

CVE-2007-6304 ( http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6304 )

BID

26832 ( http://www.securityfocus.com/bid/26832 )

URL

http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html ( http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html )

URL

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html ( http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html )

URL

http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html ( http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html )

XF

mysql-federated-engine-dos(38990) ( http://xforce.iss.net/xforce/xfdb/38990 )

Vulnerability Solution:

  • MySQL (?:^5.0.)

    Upgrade to MySQL v5.0.51a

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.0.html ( http://dev.mysql.com/downloads/mysql/5.0.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL (?:^5.1.)

    Upgrade to MySQL v5.1.23

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.1.html ( http://dev.mysql.com/downloads/mysql/5.1.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL (?:^6.0.)

    Upgrade to MySQL v6.0.4

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/6.0.html ( http://dev.mysql.com/downloads/mysql/6.0.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

3.2.12 TLS/SSL Server Supports SSLv2 (sslv2-and-up-enabled)

Description:

Although the server accepts clients using TLS or SSLv3, it also accepts clients using SSLv2. SSLv2 is an older implementation of the Secure Sockets Layer protocol. It suffers from a number of security flaws allowing attackers to capture and alter information passed between a client and the server, including the following weaknesses:

  • No protection from against man-in-the-middle attacks during the handshake.
  • Weak MAC construction and MAC relying solely on the MD5 hash function.
  • Exportable cipher suites unnecessarily weaken the MACs
  • Same cryptographic keys used for message authentication and encryption.
  • Vulnerable to truncation attarks by forged TCP FIN packets

SSLv2 has been deprecated and is no longer recommended. Note that neither SSLv2 nor SSLv3 meet the U.S. FIPS 140-2 standard, which governs cryptographic modules for use in federal information systems. Only the newer TLS (Transport Layer Security) protocol meets FIPS 140-2 requirements. In addition, the presence of an SSLv2-only service on a host is deemed a failure by the PCI (Payment Card Industry) Data Security Standard.

Note that this vulnerability will be reported when the remote server supports SSLv2 regardless of whether TLS or SSLv3 are also supported.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:443

SSLv2 is supported

vulnerable.plesk.smb.10.2.0.host:8443

SSLv2 is supported

References:

Source

Reference

URL

http://www.eucybervote.org/Reports/MSI-WP2-D7V1-V1.0-02.htm ( http://www.eucybervote.org/Reports/MSI-WP2-D7V1-V1.0-02.htm )

URL

https://www.pcisecuritystandards.org/pdfs/pcissc_assessors_nl_2008-11.pdf ( https://www.pcisecuritystandards.org/pdfs/pcissc_assessors_nl_2008-11.pdf )

Vulnerability Solution:

Configure the server to require clients to use at least SSLv3 or TLS.

For Microsoft IIS web servers, see Microsoft Knowledgebase article Q187498 ( http://support.microsoft.com/?id=187498 ) for instructions on disabling SSL 2.0.

For Apache web servers with mod_ssl, edit the Apache configuration file and change the SSLCipherSuite line to read:

SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:!SSLv2

The ! (exclamation point) before SSLv2 is what disables this protocol.

3.2.13 MySQL Bug #29908: ALTER VIEW Privilege Escalation Vulnerability (mysql-bug-29908-alter-view-priv-esc)

Description:

A flaw in the ALTER VIEW routine of MySQL allows for the opportunity of an authenticated user to elevate their privileges in certain contexts.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:3306

Running vulnerable MySQL service: MySQL 5.0.45.

References:

Source

Reference

URL

http://bugs.mysql.com/bug.php?id=29908 ( http://bugs.mysql.com/bug.php?id=29908 )

Vulnerability Solution:

  • MySQL >= 5.0.0 and < 5.0.52

    Upgrade to MySQL v5.0.52

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.0.html ( http://dev.mysql.com/downloads/mysql/5.0.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL (?:^5.1.)

    Upgrade to MySQL v5.1.23

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.1.html ( http://dev.mysql.com/downloads/mysql/5.1.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

3.2.14 MySQL Bug #44798: Stored Procedures Server Crash (mysql-bug-44798-stored-procedures-server-crash)

Description:

Versions of MySQL server 5.0 before 5.0.84 and 5.1 before 5.1.36 suffer from a privilege interpretation flaw that causes a server crash. A user created with the privileges to create stored procedures but not execute them will trigger this issue.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:3306

Running vulnerable MySQL service: MySQL 5.0.45.

References:

Source

Reference

URL

http://bugs.mysql.com/bug.php?id=44798 ( http://bugs.mysql.com/bug.php?id=44798 )

Vulnerability Solution:

  • MySQL >= 5.0.0 and < 5.0.84

    Upgrade to MySQL v5.0.84

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.0.html ( http://dev.mysql.com/downloads/mysql/5.0.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL (?:^5.1.)

    Upgrade to MySQL v5.1.36

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.1.html ( http://dev.mysql.com/downloads/mysql/5.1.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

3.2.15 MySQL InnoDB Denial of Service (mysql-innodb-dos)

Description:

Certain versions of MySQL contain an assertion error within the InnoDB engine. The convert_search_mode_to_innobase function in ha_innodb.cc allows remote authenticated users to cause a denial of service (database crash) with a query using CONTAINS on a column that does not support SPATIAL indexes.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:3306

Running vulnerable MySQL service: MySQL 5.0.45.

References:

Source

Reference

BID

26353 ( http://www.securityfocus.com/bid/26353 )

CVE

CVE-2007-5925 ( http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5925 )

SECUNIA

27568 ( http://secunia.com/advisories/27568/ )

URL

http://bugs.mysql.com/bug.php?id=32125 ( http://bugs.mysql.com/bug.php?id=32125 )

Vulnerability Solution:

  • MySQL (?:^5.0.)

    Upgrade to MySQL v5.0.24

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.0.html ( http://dev.mysql.com/downloads/mysql/5.0.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL (?:^5.1.)

    Upgrade to MySQL v5.1.23

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.1.html ( http://dev.mysql.com/downloads/mysql/5.1.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL (?:^6.0.)

    Upgrade to MySQL v6.0.4

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/6.0.html ( http://dev.mysql.com/downloads/mysql/6.0.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

3.2.16 MySQL my_net_skip_rest Packet Length Denial of Service Vulnerability (mysql-my_net_skip_rest-packet-length-dos)

Description:

The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 before 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a large number of packets that exceed the maximum length.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:3306

Running vulnerable MySQL service: MySQL 5.0.45.

References:

Source

Reference

CVE

CVE-2010-1849 ( http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1849 )

URL

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-47.html ( http://dev.mysql.com/doc/refman/5.1/en/news-5-1-47.html )

URL

http://bugs.mysql.com/bug.php?id=53371 ( http://bugs.mysql.com/bug.php?id=53371 )

URL

http://bugs.mysql.com/bug.php?id=50974 ( http://bugs.mysql.com/bug.php?id=50974 )

Vulnerability Solution:

  • MySQL >= 5.0.0 and < 5.0.91

    Upgrade to MySQL v5.0.91

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.0.html ( http://dev.mysql.com/downloads/mysql/5.0.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL >= 5.1.0 and < 5.1.47

    Upgrade to MySQL v5.1.47

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.1.html ( http://dev.mysql.com/downloads/mysql/5.1.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

3.2.17 MySQL DATA DIRECTORY and INDEX DIRECTORY symlink system table overwrite (mysql-system-table-symlink-overwrite)

Description:

MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:3306

Running vulnerable MySQL service: MySQL 5.0.45.

References:

Source

Reference

BID

26765 ( http://www.securityfocus.com/bid/26765 )

CVE

CVE-2007-5969 ( http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5969 )

SECUNIA

27981 ( http://secunia.com/advisories/27981/ )

Vulnerability Solution:

  • MySQL (?:^5.0.)

    Upgrade to MySQL v5.0.51

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.0.html ( http://dev.mysql.com/downloads/mysql/5.0.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL (?:^5.1.)

    Upgrade to MySQL v5.1.23

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.1.html ( http://dev.mysql.com/downloads/mysql/5.1.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

  • MySQL (?:^6.0.)

    Upgrade to MySQL v6.0.4

    Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/6.0.html ( http://dev.mysql.com/downloads/mysql/6.0.html )

    Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

3.2.18 Self-signed TLS/SSL certificate (ssl-self-signed-certificate)

Description:

The server's TLS/SSL certificate is self-signed. Self-signed certificates cannot be trusted by default, especially because TLS/SSL man-in-the-middle attacks typically use self-signed certificates to eavesdrop on TLS/SSL connections.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:443

TLS/SSL certificate is self-signed.

vulnerable.plesk.smb.10.2.0.host:8443

TLS/SSL certificate is self-signed.

References:

None

Vulnerability Solution:

Obtain a new TLS/SSL server certificate that is NOT self-signed and install it on the server. The exact instructions for obtaining a new certificate depend on your organization's requirements. Generally, you will need to generate a certificate request and save the request as a file. This file is then sent to a Certificate Authority (CA) for processing. Your organization may have its own internal Certificate Authority. If not, you may have to pay for a certificate from a trusted external Certificate Authority, such as Thawte ( http://www.thawte.com ) or Verisign ( http://www.verisign.com ) .

3.3 Moderate Vulnerabilities

3.3.1 Microsoft IIS Authentication Method Disclosure (http-iis-auth-method-disclosure)

Description:

Microsoft IIS supports Basic and NTLM authentication. The authentication methods supported by a given IIS server can be revealed to an attacker through the inspection of returned error messages, even when anonymous access is also granted.

When a valid authentication request is submitted for either message with an invalid username and password, an error message will be returned. This happens even if anonymous access to the requested resource is allowed. An attacker may be able to use this information to launch further intelligent attacks against the server, or to launch a brute force password attack against a known user name.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:80

The server responded with a 401/Unauthorized error code when requesting:

http://vulnerable.plesk.smb.10.2.0.host:80/ ( http://vulnerable.plesk.smb.10.2.0.host:80/ )

with the header:

Authorization: Negotiate TlRMTVNTUAABAAAAB4IoAAAAAAAAAAAAAAAAAAAAAA=

vulnerable.plesk.smb.10.2.0.host:8443

The server responded with a 401/Unauthorized error code when requesting:

https://vulnerable.plesk.smb.10.2.0.host:8443/ ( https://vulnerable.plesk.smb.10.2.0.host:8443/ )

with the header:

Authorization: Negotiate TlRMTVNTUAABAAAAB4IoAAAAAAAAAAAAAAAAAAAAAA=

References:

Source

Reference

CVE

CVE-2002-0419 ( http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0419 )

BID

4235 ( http://www.securityfocus.com/bid/4235 )

Vulnerability Solution:

If the server is intended for public use then it may be possible to simply disable both basic and integrated Windows authentication. Sites that use form-based logins when users are authenticated against a database and track logged in users with cookies will be able to disable these authentication methods. Doing this will prevent such attacks.

If basic or integrated Windows authentication is required on the server, these steps should be considered:

  • Set the account lockout threshold to help minimize the risk of successful brute force attacks. Using the "passprop" utility it is possible to enable account lockout for the default "administrator" account.
  • Rename the administrator account if this has not already been done.

3.3.2 MySQL HTML Output Script Insertion Vulnerability (mysql-html-output-script-insertion)

Description:

A cross-site scripting (XSS) vulnerability exists in the command-line client when the "--html" option is enabled. This could allow attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by the client when composing an HTML document.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:3306

Running vulnerable MySQL service: MySQL 5.0.45.

References:

Source

Reference

BID

31486 ( http://www.securityfocus.com/bid/31486 )

CVE

CVE-2008-4456 ( http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4456 )

SECUNIA

32072 ( http://secunia.com/advisories/32072/ )

URL

http://bugs.mysql.com/bug.php?id=27884 ( http://bugs.mysql.com/bug.php?id=27884 )

URL

http://www.henlich.de/it-security/mysql-command-line-client-html-injection-vulnerability ( http://www.henlich.de/it-security/mysql-command-line-client-html-injection-vulnerability )

Vulnerability Solution:

MySQL (?:^5.1.)

Download and apply the upgrade from: http://dev.mysql.com/downloads/mysql/5.1.html ( http://dev.mysql.com/downloads/mysql/5.1.html )

Please note that individual platforms and OS distributions may provide their own means of upgrading MySQL (via an RPM, for example). These supported upgrade methods should be used if available, instead of building the distribution from scratch.

3.3.3 ICMP timestamp response (generic-icmp-timestamp)

Description:

The remote host responded to an ICMP timestamp request. The ICMP timestamp response contains the remote host's date and time. This information could theoretically be used against some systems to exploit weak time-based random number generators in other services.

In addition, the versions of some operating systems can be accurately fingerprinted by analyzing their responses to invalid ICMP timestamp requests.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host

Remote system time: 12:04:06.000 EDT

References:

Source

Reference

XF

icmp-timestamp(322) ( http://xforce.iss.net/xforce/xfdb/322 )

CVE

CVE-1999-0524 ( http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-0524 )

Vulnerability Solution:

  • HP-UX

    Disable ICMP timestamp responses on HP/UX

    Execute the following command:

    ndd -set /dev/ip ip_respond_to_timestamp_broadcast 0

    The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response).

  • Cisco IOS

    Disable ICMP timestamp responses on Cisco IOS

    Use ACLs to block ICMP types 13 and 14. For example:

       deny icmp any any 13

       deny icmp any any 14

    Note that it is generally preferable to use ACLs that block everything by default and then selectively allow certain types of traffic in. For example, block everything and then only allow ICMP unreachable, ICMP echo reply, ICMP time exceeded, and ICMP source quench:

       permit icmp any any unreachable

       permit icmp any any echo-reply

       permit icmp any any time-exceeded

       permit icmp any any source-quench

    The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response).

  • SGI Irix

    Disable ICMP timestamp responses on SGI Irix

    IRIX does not offer a way to disable ICMP timestamp responses. Therefore, you should block ICMP on the affected host using ipfilterd, and/or block it at any external firewalls.

    The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response).

  • Linux

    Disable ICMP timestamp responses on Linux

    Linux offers neither a sysctl nor a /proc/sys/net/ipv4 interface to disable ICMP timestamp responses. Therefore, you should block ICMP on the affected host using iptables, and/or block it at the firewall. For example:

       ipchains -A input -p icmp --icmp-type timestamp-request -j DROP

       ipchains -A output -p icmp --icmp-type timestamp-reply -j DROP

    The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response).

  • Microsoft Windows NT, Microsoft Windows NT Workstation, Microsoft Windows NT Server, Microsoft Windows NT Advanced Server, Microsoft Windows NT Server, Enterprise Edition, Microsoft Windows NT Server, Terminal Server Edition

    Disable ICMP timestamp responses on Windows NT 4

    Windows NT 4 does not provide a way to block ICMP packets. Therefore, you should block them at the firewall.

    The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response).

  • OpenBSD

    Disable ICMP timestamp responses on OpenBSD

    Set the "net.inet.icmp.tstamprepl" sysctl variable to 0.

       sysctl -w net.inet.icmp.tstamprepl=0

    The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response).

  • Cisco PIX

    Disable ICMP timestamp responses on Cisco PIX

    A properly configured PIX firewall should never respond to ICMP packets on its external interface. In PIX Software versions 4.1(6) until 5.2.1, ICMP traffic to the PIX's internal interface is permitted; the PIX cannot be configured to NOT respond. Beginning in PIX Software version 5.2.1, ICMP is still permitted on the internal interface by default, but ICMP responses from its internal interfaces can be disabled with the icmp command, as follows, where <inside> is the name of the internal interface:

       icmp deny any 13 <inside>

       icmp deny any 14 <inside>

    Don't forget to save the configuration when you are finished.

    See Cisco's support document Handling ICMP Pings with the PIX Firewall ( http://www.cisco.com/warp/public/110/31.html ) for more information.

    The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response).

  • Sun Solaris

    Disable ICMP timestamp responses on Solaris

    Execute the following commands:

       /usr/sbin/ndd -set /dev/ip ip_respond_to_timestamp 0

       /usr/sbin/ndd -set /dev/ip ip_respond_to_timestamp_broadcast 0

    The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response).

  • Microsoft Windows 2000, Microsoft Windows 2000 Professional, Microsoft Windows 2000 Server, Microsoft Windows 2000 Advanced Server, Microsoft Windows 2000 Datacenter Server

    Disable ICMP timestamp responses on Windows 2000

    Use the IPSec filter feature to define an apply an IP filter list that blocks ICMP types 13 and 14. Note that the standard TCP/IP blocking capability under the "Networking and Dialup Connections" control panel is NOT capable of blocking ICMP (only TCP and UDP). The IPSec filter features, while they may seem strictly related to the IPSec standards, will allow you to selectively block these ICMP packets. See http://support.microsoft.com/kb/313190 ( http://support.microsoft.com/kb/313190 ) for more information.

    The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response).

  • Microsoft Windows XP, Microsoft Windows XP Home, Microsoft Windows XP Professional, Microsoft Windows Server 2003, Microsoft Windows Server 2003, Standard Edition, Microsoft Windows Server 2003, Enterprise Edition, Microsoft Windows Server 2003, Datacenter Edition, Microsoft Windows Server 2003, Web Edition, Microsoft Windows Small Business Server 2003

    Disable ICMP timestamp responses on Windows XP/2K3

    ICMP timestamp responses can be disabled by deselecting the "allow incoming timestamp request" option in the ICMP configuration panel of Windows Firewall.

    1. Go to the Network Connections control panel.
    2. Right click on the network adapter and select "properties", or select the internet adapter and select File->Properties.
    3. Select the "Advanced" tab.
    4. In the Windows Firewall box, select "Settings".
    5. Select the "General" tab.
    6. Enable the firewall by selecting the "on (recommended)" option.
    7. Select the "Advanced" tab.
    8. In the ICMP box, select "Settings".
    9. Deselect (uncheck) the "Allow incoming timestamp request" option.
    10. Select "OK" to exit the ICMP Settings dialog and save the settings.
    11. Select "OK" to exit the Windows Firewall dialog and save the settings.
    12. Select "OK" to exit the internet adapter dialog.

    For more information, see: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/hnw_understanding_firewall.mspx?mfr=true ( http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/hnw_understanding_firewall.mspx?mfr=true )

  • Microsoft Windows Vista, Microsoft Windows Vista Home, Basic Edition, Microsoft Windows Vista Home, Basic N Edition, Microsoft Windows Vista Home, Premium Edition, Microsoft Windows Vista Ultimate Edition, Microsoft Windows Vista Enterprise Edition, Microsoft Windows Vista Business Edition, Microsoft Windows Vista Business N Edition, Microsoft Windows Vista Starter Edition, Microsoft Windows Server 2008, Microsoft Windows Server 2008 Standard Edition, Microsoft Windows Server 2008 Enterprise Edition, Microsoft Windows Server 2008 Datacenter Edition, Microsoft Windows Server 2008 HPC Edition, Microsoft Windows Server 2008 Web Edition, Microsoft Windows Server 2008 Storage Edition, Microsoft Windows Small Business Server 2008, Microsoft Windows Essential Business Server 2008

    Disable ICMP timestamp responses on Windows Vista/2008

    ICMP timestamp responses can be disabled via the netsh command line utility.

    1. Go to the Windows Control Panel.
    2. Select "Windows Firewall".
    3. In the Windows Firewall box, select "Change Settings".
    4. Enable the firewall by selecting the "on (recommended)" option.
    5. Open a Command Prompt.
    6. Enter "netsh firewall set icmpsetting 13 disable"

    For more information, see: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/hnw_understanding_firewall.mspx?mfr=true ( http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/hnw_understanding_firewall.mspx?mfr=true )

  • Disable ICMP timestamp responses

    Disable ICMP timestamp replies for the device. If the device does not support this level of configuration, the easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response).

3.3.4 Database Open Access (database-open-access)

Description:

The database allows any remote system the ability to connect to it. It is recommended to limit direct access to trusted systems because databases may contain sensitive data, and new vulnerabilities and exploits are discovered routinely for them. For this reason, it is a violation of PCI DSS section 1.3.7 to have databases listening on ports accessible from the Internet, even when protected with secure authentication mechanisms.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:3306

Running vulnerable MySQL service.

References:

Source

Reference

URL

https://www.pcisecuritystandards.org/security_standards/download.html?id=pci_dss_v1-2.pdf ( https://www.pcisecuritystandards.org/security_standards/download.html?id=pci_dss_v1-2.pdf )

Vulnerability Solution:

Configure the database server to only allow access to trusted systems. For example, the PCI DSS standard requires to place the database in an internal network zone, segregated from the DMZ

3.3.5 WebDAV Extensions are Enabled (http-generic-webdav-enabled)

Description:

WebDAV is a set of extensions to the HTTP protocol that allows users to collaboratively edit and manage files on remote web servers. Many web servers enable WebDAV extensions by default, even when they are not needed. Because of its added complexity, it is considered good practice to disable WebDAV if it is not currently in use.

Affected Nodes:

Affected Nodes:

Additional Information:

vulnerable.plesk.smb.10.2.0.host:80

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/img/common/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:80

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:80

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:80

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/css/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:80

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/css/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:80

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/images/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:80

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/images/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:80

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/img/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:80

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/img/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:80

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/img/apps/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:80

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/img/apps/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:80

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/img/common/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:80

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/img/glyph/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:80

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/img/glyph/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:80

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/img/icons/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:80

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/img/icons/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:80

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/include/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:80

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/include/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:443

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/css/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:443

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/img/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:443

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/img/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:443

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/img/apps/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:443

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/img/apps/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:443

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/img/common/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:443

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/img/common/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:443

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/img/glyph/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:443

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/img/glyph/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:443

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/img/icons/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:443

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/img/icons/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:443

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/include/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:443

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/include/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:443

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/images/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:443

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/images/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:443

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/css/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:443

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/', it is apparent that WebDAV is enabled.

vulnerable.plesk.smb.10.2.0.host:443

Because the HTTP methods 'GET, HEAD, OPTIONS, TRACE, COPY, PROPFIND, LOCK, UNLOCK' were found in the OPTIONS response on the directory '/', it is apparent that WebDAV is enabled.

References:

Source

Reference

URL

http://www.nextgenss.com/papers/iisrconfig.pdf ( http://www.nextgenss.com/papers/iisrconfig.pdf )

Vulnerability Solution:

  • IIS, PWS, Microsoft-IIS, Internet Information Server, Internet Information Services, Microsoft-PWS

    Disable WebDAV for IIS

    For Microsoft IIS, follow Microsoft's instructions ( http://support.microsoft.com/default.aspx?kbid=241520 ) to disable WebDAV for the entire server.

  • Apache

    Disable WebDAV for Apache

    Make sure the mod_dav module is disabled, or ensure that authentication is required on directories where DAV is required.

  • Apache Tomcat, Tomcat, Tomcat Web Server

    Disable WebDAV for Apache Tomcat

    Disable the WebDAV Servlet for all web applications found on the web server. This can be done by removing the servlet definition for WebDAV (the org.apache.catalina.servlets.WebdavServlet class) and remove all servlet mappings referring to the WebDAV servlet.

  • Java System Web Server, iPlanet, SunONE WebServer, Sun-ONE-Web-Server

    Disable WebDAV for iPlanet/Sun ONE

    Disable WebDAV on the web server. This can be done by disabling WebDAV for the server instance and for all virtual servers.

    To disable WebDAV for the server instance, enter the Server Manager and uncheck the "Enable WebDAV Globally" checkbox then click the "OK" button.

    To disable WebDAV for each virtual server, enter the Class Manager and uncheck the "Enable WebDAV Globally" checkbox next to each server instance then click the "OK" button.

4 Discovered Services

4.1 DNS

DNS, the Domain Name System, provides naming services on the Internet. DNS is primarily used to convert names, such as www.rapid7.com to their corresponding IP address for use by network programs, such as a browser.

4.1.1 Discovered Instances of this Service

Device

Protocol

Port

Vulnerabilities

Additional Information

vulnerable.plesk.smb.10.2.0.host

udp

53

0

4.2 DNS-TCP

DNS, the Domain Name System, provides naming services on the Internet. DNS is primarily used to convert names, such as www.rapid7.com to their corresponding IP address for use by network programs, such as a browser. This service is used primarily for zone transfers between DNS servers. It can, however, be used for standard DNS queries as well.

4.2.1 Discovered Instances of this Service

Device

Protocol

Port

Vulnerabilities

Additional Information

vulnerable.plesk.smb.10.2.0.host

tcp

53

0

4.3 FTP

FTP, the File Transfer Protocol, is used to transfer files between systems. On the Internet, it is often used on web pages to download files from a web site using a browser. FTP uses two connections, one for control connections used to authenticate, navigate the FTP server and initiate file transfers. The other connection is used to transfer data, such as files or directory listings.

4.3.1 General Security Issues

4.3.1.1 Cleartext authentication

The original FTP specification only provided means for authentication with cleartext user ids and passwords. Though FTP has added support for more secure mechanisms such as Kerberos, cleartext authentication is still the primary mechanism. If a malicious user is in a position to monitor FTP traffic, user ids and passwords can be stolen.

4.3.2 Discovered Instances of this Service

Device

Protocol

Port

Vulnerabilities

Additional Information

vulnerable.plesk.smb.10.2.0.host

tcp

21

0

  • Microsoft IIS
  • ftp.banner: 220 Microsoft FTP Service

4.4 HTTP

HTTP, the HyperText Transfer Protocol, is used to exchange multimedia content on the World Wide Web. The multimedia files commonly used with HTTP include text, sound, images and video.

4.4.1 General Security Issues

4.4.1.1 Simple authentication scheme

Many HTTP servers use BASIC as their primary mechanism for user authentication. This is a very simple scheme that uses base 64 to encode the cleartext user id and password. If a malicious user is in a position to monitor HTTP traffic, user ids and passwords can be stolen by decoding the base 64 authentication data. To secure the authentication process, use HTTPS (HTTP over TLS/SSL) connections to transmit the authentication data.

4.4.2 Discovered Instances of this Service

Device

Protocol

Port

Vulnerabilities

Additional Information

vulnerable.plesk.smb.10.2.0.host

tcp

80

3

  • Microsoft IIS 7.5
  • .NET CLR:
  • ASP.NET:
  • WebDAV:
  • http.banner: Microsoft-IIS/7.5
  • http.banner.server: Microsoft-IIS/7.5
  • http.banner.x-powered-by: ASP.NET
  • verbs-1: COPY
  • verbs-2: GET
  • verbs-3: HEAD
  • verbs-4: LOCK
  • verbs-5: OPTIONS
  • verbs-6: PROPFIND
  • verbs-7: TRACE
  • verbs-8: UNLOCK
  • verbs-count: 8

4.5 HTTPS

HTTPS, the HyperText Transfer Protocol over TLS/SSL, is used to exchange multimedia content on the World Wide Web using encrypted (TLS/SSL) connections. Once the TLS/SSL connection is established, the standard HTTP protocol is used. The multimedia files commonly used with HTTP include text, sound, images and video.

4.5.1 Discovered Instances of this Service

Device

Protocol

Port

Vulnerabilities

Additional Information

vulnerable.plesk.smb.10.2.0.host

tcp

443

3

  • Microsoft IIS 7.5
  • .NET CLR:
  • ASP.NET:
  • WebDAV:
  • http.banner: Microsoft-IIS/7.5
  • http.banner.server: Microsoft-IIS/7.5
  • http.banner.x-powered-by: ASP.NET
  • https.cert.issuer.dn: EMAILADDRESS=info@parallels.com, CN=Parallels Panel, OU=Parallels Panel, O="Parallels, Inc.", L=Herndon, ST=Virginia, C=US
  • https.cert.key.alg.name: RSA
  • https.cert.not.valid.after: Fri, 30 Sep 2011 22:25:08 EDT
  • https.cert.not.valid.before: Thu, 30 Sep 2010 22:25:08 EDT
  • https.cert.selfsigned: true
  • https.cert.serial.number: 462886
  • https.cert.sig.alg.name: SHA1withRSA
  • https.cert.subject.dn: EMAILADDRESS=info@parallels.com, CN=Parallels Panel, OU=Parallels Panel, O="Parallels, Inc.", L=Herndon, ST=Virginia, C=US
  • https.cert.validsignature: true
  • tls: true
  • tls.version.ssl20: true
  • verbs-1: COPY
  • verbs-2: GET
  • verbs-3: HEAD
  • verbs-4: LOCK
  • verbs-5: OPTIONS
  • verbs-6: PROPFIND
  • verbs-7: TRACE
  • verbs-8: UNLOCK
  • verbs-count: 8

vulnerable.plesk.smb.10.2.0.host

tcp

8443

3

  • Microsoft IIS 7.5
  • http.banner: Microsoft-IIS/7.5
  • http.banner.server: Microsoft-IIS/7.5
  • http.banner.x-powered-by: ASP.NET
  • https.cert.issuer.dn: EMAILADDRESS=info@parallels.com, CN=Parallels Panel, OU=Parallels Panel, O="Parallels, Inc.", L=Herndon, ST=Virginia, C=US
  • https.cert.key.alg.name: RSA
  • https.cert.not.valid.after: Fri, 30 Sep 2011 22:25:08 EDT
  • https.cert.not.valid.before: Thu, 30 Sep 2010 22:25:08 EDT
  • https.cert.selfsigned: true
  • https.cert.serial.number: 462886
  • https.cert.sig.alg.name: SHA1withRSA
  • https.cert.subject.dn: EMAILADDRESS=info@parallels.com, CN=Parallels Panel, OU=Parallels Panel, O="Parallels, Inc.", L=Herndon, ST=Virginia, C=US
  • https.cert.validsignature: true
  • tls: true
  • tls.version.ssl20: true
  • verbs-1: GET
  • verbs-2: HEAD
  • verbs-3: OPTIONS
  • verbs-4: TRACE
  • verbs-count: 4

4.6 IMAP

IMAP, the Interactive Mail Access Protocol or Internet Message Access Protocol, is used to access and manipulate electronic mail (e-mail). IMAP servers can contain several folders, aka mailboxes, containing messages (e-mails) for users.

4.6.1 Discovered Instances of this Service

Device

Protocol

Port

Vulnerabilities

Additional Information

vulnerable.plesk.smb.10.2.0.host

tcp

143

0

  • imap.banner: * OK IMAP4rev1 server ready at 10/10/10 10:51:26

4.7 Microsoft Remote Display Protocol

4.7.1 Discovered Instances of this Service

Device

Protocol

Port

Vulnerabilities

Additional Information

vulnerable.plesk.smb.10.2.0.host

tcp

3389

0

4.8 MySQL

4.8.1 Discovered Instances of this Service

Device

Protocol

Port

Vulnerabilities

Additional Information

vulnerable.plesk.smb.10.2.0.host

tcp

3306

6

  • MySQL 5.0.45
  • logging: disabled
  • protocolVersion: 10

4.9 POP

The Post Office Protocol allows workstations to retrieve e-mail dynamically from a mailbox server.

4.9.1 Discovered Instances of this Service

Device

Protocol

Port

Vulnerabilities

Additional Information

vulnerable.plesk.smb.10.2.0.host

tcp

110

0

  • pop.banner: +OK Welcome to MailEnable POP3 Server

5 Discovered Users and Groups

No user or group information was discovered during the scan.

6 Discovered Databases

No database information was discovered during the scan.

7 Discovered Files and Directories

No file or directory information was discovered during the scan.

8 Policy Evaluations

No policy evaluations were performed.

9 Spidered Web Sites

9.1 http://vulnerable.plesk.smb.10.2.0.host:80

9.1.1 Common Default URLs

The following URLs were guessed. They are often included with default web server or web server add-on installations.

9.1.1.1 Access Error (403)

  • css ( http://vulnerable.plesk.smb.10.2.0.host:80/css/ )
  • images ( http://vulnerable.plesk.smb.10.2.0.host:80/images/ )
  • img ( http://vulnerable.plesk.smb.10.2.0.host:80/img/ )
  • include ( http://vulnerable.plesk.smb.10.2.0.host:80/include/ )

9.1.1.2 Error (500)

  • cgi-bin ( http://vulnerable.plesk.smb.10.2.0.host:80/cgi-bin/ )
    • printenv ( http://vulnerable.plesk.smb.10.2.0.host:80/cgi-bin/printenv )
    • test-cgi ( http://vulnerable.plesk.smb.10.2.0.host:80/cgi-bin/test-cgi )

9.1.1.3 Requires Authentication (401)

  • test ( http://vulnerable.plesk.smb.10.2.0.host:80/test/ )

9.1.2 Guessed URLs

The following URLs were guessed using various tricks based on the discovered web site content.

9.1.2.1 Access Error (403)

  • Trace.axd ( http://vulnerable.plesk.smb.10.2.0.host:80/Trace.axd )
  • css
    • ?P=+ADw-script+AD4-alert(42)+ADw-
      • script+AD4- ( http://vulnerable.plesk.smb.10.2.0.host:80/css/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
      • script+AD4- ( http://vulnerable.plesk.smb.10.2.0.host:80/images/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
      • script+AD4- ( http://vulnerable.plesk.smb.10.2.0.host:80/img/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
      • script+AD4- ( http://vulnerable.plesk.smb.10.2.0.host:80/img/apps/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
      • script+AD4- ( http://vulnerable.plesk.smb.10.2.0.host:80/img/common/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
      • script+AD4- ( http://vulnerable.plesk.smb.10.2.0.host:80/img/glyph/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
      • script+AD4- ( http://vulnerable.plesk.smb.10.2.0.host:80/img/icons/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
      • script+AD4- ( http://vulnerable.plesk.smb.10.2.0.host:80/include/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
    • Trace.axd ( http://vulnerable.plesk.smb.10.2.0.host:80/css/Trace.axd )
  • images
    • Trace.axd ( http://vulnerable.plesk.smb.10.2.0.host:80/images/Trace.axd )
  • img
    • Trace.axd ( http://vulnerable.plesk.smb.10.2.0.host:80/img/Trace.axd )
    • apps ( http://vulnerable.plesk.smb.10.2.0.host:80/img/apps/ )
      • Trace.axd ( http://vulnerable.plesk.smb.10.2.0.host:80/img/apps/Trace.axd )
    • common ( http://vulnerable.plesk.smb.10.2.0.host:80/img/common/ )
      • Trace.axd ( http://vulnerable.plesk.smb.10.2.0.host:80/img/common/Trace.axd )
    • glyph ( http://vulnerable.plesk.smb.10.2.0.host:80/img/glyph/ )
      • Trace.axd ( http://vulnerable.plesk.smb.10.2.0.host:80/img/glyph/Trace.axd )
    • icons ( http://vulnerable.plesk.smb.10.2.0.host:80/img/icons/ )
      • Trace.axd ( http://vulnerable.plesk.smb.10.2.0.host:80/img/icons/Trace.axd )
  • include
    • Trace.axd ( http://vulnerable.plesk.smb.10.2.0.host:80/include/Trace.axd )

9.1.2.2 Error (400)

  • "<script>TestScriptValueHere< ( http://vulnerable.plesk.smb.10.2.0.host:80/"<script>TestScriptValueHere</ )
    • script>" ( http://vulnerable.plesk.smb.10.2.0.host:80/"<script>TestScriptValueHere</script>" )
  • index.html
    • <script>xss<
      • script> ( http://vulnerable.plesk.smb.10.2.0.host:80/index.html/<script>xss</script> )
      • script> ( http://vulnerable.plesk.smb.10.2.0.host:80/index.php/<script>xss</script> )
      • script> ( http://vulnerable.plesk.smb.10.2.0.host:80/page1.php/<script>xss</script> )
      • script> ( http://vulnerable.plesk.smb.10.2.0.host:80/page2.php/<script>xss</script> )
      • script> ( http://vulnerable.plesk.smb.10.2.0.host:80/page3.php/<script>xss</script> )
      • script> ( http://vulnerable.plesk.smb.10.2.0.host:80/page4.php/<script>xss</script> )
      • script> ( http://vulnerable.plesk.smb.10.2.0.host:80/page5.php/<script>xss</script> )
      • script> ( http://vulnerable.plesk.smb.10.2.0.host:80/page6.php/<script>xss</script> )
      • script> ( http://vulnerable.plesk.smb.10.2.0.host:80/page7.php/<script>xss</script> )
      • script> ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/test.aspx/<script>xss</script> )
      • script> ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/test.pl.html/<script>xss</script> )
      • script> ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/test.php/<script>xss</script> )
  • index.php
    • page1.php
      • page2.php
        • page3.php
          • page4.php
            • page5.php
              • page6.php
                • page7.php
                  • test
                    • aspnet
                      • %3f.jsp%00 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/%3f.jsp%00 )
                      • test.aspx%3f.jsp%00 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/test.aspx%3f.jsp%00 )
                      • test.aspx
                      • perl
                        • %3f.jsp%00 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/%3f.jsp%00 )
                        • info2www.cgi%00 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.cgi%00 )
                        • test.pl.html
                        • php
                          • %3f.jsp%00 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/%3f.jsp%00 )
                          • test.php
                          • python
                            • %3f.jsp%00 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/%3f.jsp%00 )

                        9.1.2.3 Error (500)

                        • cgi-bin
                          • %3f.jsp ( http://vulnerable.plesk.smb.10.2.0.host:80/cgi-bin/%3f.jsp )
                          • .svn
                            • entries ( http://vulnerable.plesk.smb.10.2.0.host:80/cgi-bin/.svn/entries )
                          • ?P=+ADw-script+AD4-alert(42)+ADw-
                            • script+AD4- ( http://vulnerable.plesk.smb.10.2.0.host:80/cgi-bin/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                          • ADw-script AD4-alert(42) ADw-
                            • script AD4- ( http://vulnerable.plesk.smb.10.2.0.host:80/cgi-bin/ADw-script AD4-alert(42) ADw-/script AD4- )
                          • CVS
                            • Entries ( http://vulnerable.plesk.smb.10.2.0.host:80/cgi-bin/CVS/Entries )
                            • Root ( http://vulnerable.plesk.smb.10.2.0.host:80/cgi-bin/CVS/Root )
                          • DEADJOE ( http://vulnerable.plesk.smb.10.2.0.host:80/cgi-bin/DEADJOE )
                          • Trace.axd ( http://vulnerable.plesk.smb.10.2.0.host:80/cgi-bin/Trace.axd )
                          • WS_FTP.LOG ( http://vulnerable.plesk.smb.10.2.0.host:80/cgi-bin/WS_FTP.LOG )
                          • Web.sitemap ( http://vulnerable.plesk.smb.10.2.0.host:80/cgi-bin/Web.sitemap )
                          • adojavas.inc ( http://vulnerable.plesk.smb.10.2.0.host:80/cgi-bin/adojavas.inc )
                          • adovbs.inc ( http://vulnerable.plesk.smb.10.2.0.host:80/cgi-bin/adovbs.inc )
                          • web.config ( http://vulnerable.plesk.smb.10.2.0.host:80/cgi-bin/web.config )

                        9.1.2.4 Requires Authentication (401)

                        • test
                          • %3f.jsp ( http://vulnerable.plesk.smb.10.2.0.host:80/test/%3f.jsp )
                          • .svn
                            • entries ( http://vulnerable.plesk.smb.10.2.0.host:80/test/.svn/entries )
                          • ?P=+ADw-script+AD4-alert(42)+ADw-
                            • script+AD4- ( http://vulnerable.plesk.smb.10.2.0.host:80/test/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                            • script+AD4- ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                            • script+AD4- ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                            • script+AD4- ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                            • script+AD4- ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                          • ADw-script AD4-alert(42) ADw-
                            • script AD4- ( http://vulnerable.plesk.smb.10.2.0.host:80/test/ADw-script AD4-alert(42) ADw-/script AD4- )
                          • CVS
                            • Entries ( http://vulnerable.plesk.smb.10.2.0.host:80/test/CVS/Entries )
                            • Root ( http://vulnerable.plesk.smb.10.2.0.host:80/test/CVS/Root )
                          • DEADJOE ( http://vulnerable.plesk.smb.10.2.0.host:80/test/DEADJOE )
                          • Trace.axd ( http://vulnerable.plesk.smb.10.2.0.host:80/test/Trace.axd )
                          • WS_FTP.LOG ( http://vulnerable.plesk.smb.10.2.0.host:80/test/WS_FTP.LOG )
                          • adojavas.inc ( http://vulnerable.plesk.smb.10.2.0.host:80/test/adojavas.inc )
                          • adovbs.inc ( http://vulnerable.plesk.smb.10.2.0.host:80/test/adovbs.inc )
                          • aspnet ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/ )
                            • %23adojavas.inc%23 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/%23adojavas.inc%23 )
                            • %23adovbs.inc%23 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/%23adovbs.inc%23 )
                            • %23test.aspx%23 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/%23test.aspx%23 )
                            • %3f.jsp ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/%3f.jsp )
                            • %3f.jsp%5C ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/%3f.jsp%5C )
                            • .svn ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/.svn/ )
                              • entries ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/.svn/entries )
                            • ADw-script AD4-alert(42) ADw- ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/ADw-script AD4-alert(42) ADw-/ )
                              • script AD4- ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/ADw-script AD4-alert(42) ADw-/script AD4- )
                            • CVS ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/CVS/ )
                              • Entries ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/CVS/Entries )
                              • Root ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/CVS/Root )
                            • DEADJOE ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/DEADJOE )
                            • Trace.axd ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/Trace.axd )
                            • WS_FTP.LOG ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/WS_FTP.LOG )
                            • adojavas.inc ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/adojavas.inc )
                            • adojavas.inc.bak ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/adojavas.inc.bak )
                            • adojavas.inc.old ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/adojavas.inc.old )
                            • adojavas.inc.tmp ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/adojavas.inc.tmp )
                            • adojavas.inc~ ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/adojavas.inc~ )
                            • adovbs.inc ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/adovbs.inc )
                            • adovbs.inc.bak ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/adovbs.inc.bak )
                            • adovbs.inc.old ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/adovbs.inc.old )
                            • adovbs.inc.tmp ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/adovbs.inc.tmp )
                            • adovbs.inc~ ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/adovbs.inc~ )
                            • test.aspx%3f.jsp ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/test.aspx%3f.jsp )
                            • test.aspx%3f.jsp%5C ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/test.aspx%3f.jsp%5C )
                            • test.aspx.bak ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/test.aspx.bak )
                            • test.aspx.old ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/test.aspx.old )
                            • test.aspx.tmp ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/test.aspx.tmp )
                            • test.aspx~ ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/test.aspx~ )
                          • perl ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/ )
                            • %23adojavas.inc%23 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/%23adojavas.inc%23 )
                            • %23adovbs.inc%23 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/%23adovbs.inc%23 )
                            • %23info2www.cgi%23 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/%23info2www.cgi%23 )
                            • %23info2www.pl%23 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/%23info2www.pl%23 )
                            • %23test.pl%23 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/%23test.pl%23 )
                            • %3f.jsp ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/%3f.jsp )
                            • %3f.jsp%5C ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/%3f.jsp%5C )
                            • .svn ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/.svn/ )
                              • entries ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/.svn/entries )
                            • ADw-script AD4-alert(42) ADw- ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/ADw-script AD4-alert(42) ADw-/ )
                              • script AD4- ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/ADw-script AD4-alert(42) ADw-/script AD4- )
                            • CVS ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/CVS/ )
                              • Entries ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/CVS/Entries )
                              • Root ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/CVS/Root )
                            • DEADJOE ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/DEADJOE )
                            • Trace.axd ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/Trace.axd )
                            • WS_FTP.LOG ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/WS_FTP.LOG )
                            • adojavas.inc ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/adojavas.inc )
                            • adojavas.inc.bak ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/adojavas.inc.bak )
                            • adojavas.inc.old ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/adojavas.inc.old )
                            • adojavas.inc.tmp ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/adojavas.inc.tmp )
                            • adojavas.inc~ ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/adojavas.inc~ )
                            • adovbs.inc ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/adovbs.inc )
                            • adovbs.inc.bak ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/adovbs.inc.bak )
                            • adovbs.inc.old ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/adovbs.inc.old )
                            • adovbs.inc.tmp ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/adovbs.inc.tmp )
                            • adovbs.inc~ ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/adovbs.inc~ )
                            • info2www ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www )
                            • info2www.CGI ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.CGI )
                            • info2www.FCGI ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.FCGI )
                            • info2www.PHP ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.PHP )
                            • info2www.PHP3 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.PHP3 )
                            • info2www.PHP4 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.PHP4 )
                            • info2www.PHP5 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.PHP5 )
                            • info2www.PHTML ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.PHTML )
                            • info2www.PL ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.PL )
                            • info2www.PY ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.PY )
                            • info2www.RB ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.RB )
                            • info2www.SH ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.SH )
                            • info2www.SHTML ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.SHTML )
                            • info2www.cgi ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.cgi )
                            • info2www.cgi. ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.cgi. )
                            • info2www.cgi.bak ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.cgi.bak )
                            • info2www.cgi.old ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.cgi.old )
                            • info2www.cgi.tmp ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.cgi.tmp )
                            • info2www.cgi~ ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.cgi~ )
                            • info2www.pl ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.pl )
                            • info2www.pl. ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.pl. )
                            • info2www.pl.LOG ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.pl.LOG )
                            • info2www.pl.bak ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.pl.bak )
                            • info2www.pl.html ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.pl.html )
                            • info2www.pl.old ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.pl.old )
                            • info2www.pl.tdy ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.pl.tdy )
                            • info2www.pl.tmp ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.pl.tmp )
                            • info2www.pl~ ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/info2www.pl~ )
                            • test.CGI ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/test.CGI )
                            • test.FCGI ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/test.FCGI )
                            • test.PHP ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/test.PHP )
                            • test.PHP3 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/test.PHP3 )
                            • test.PHP4 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/test.PHP4 )
                            • test.PHP5 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/test.PHP5 )
                            • test.PHTML ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/test.PHTML )
                            • test.PL ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/test.PL )
                            • test.PY ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/test.PY )
                            • test.RB ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/test.RB )
                            • test.SH ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/test.SH )
                            • test.SHTML ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/test.SHTML )
                            • test.pl. ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/test.pl. )
                            • test.pl.LOG ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/test.pl.LOG )
                            • test.pl.bak ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/test.pl.bak )
                            • test.pl.html ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/test.pl.html )
                            • test.pl.old ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/test.pl.old )
                            • test.pl.tdy ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/test.pl.tdy )
                            • test.pl.tmp ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/test.pl.tmp )
                            • test.pl~ ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/test.pl~ )
                          • php ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/ )
                            • %23adojavas.inc%23 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/%23adojavas.inc%23 )
                            • %23adovbs.inc%23 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/%23adovbs.inc%23 )
                            • %23test.php%23 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/%23test.php%23 )
                            • %3f.jsp ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/%3f.jsp )
                            • %3f.jsp%5C ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/%3f.jsp%5C )
                            • .svn ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/.svn/ )
                              • entries ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/.svn/entries )
                            • ADw-script AD4-alert(42) ADw- ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/ADw-script AD4-alert(42) ADw-/ )
                              • script AD4- ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/ADw-script AD4-alert(42) ADw-/script AD4- )
                            • CVS ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/CVS/ )
                              • Entries ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/CVS/Entries )
                              • Root ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/CVS/Root )
                            • DEADJOE ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/DEADJOE )
                            • Trace.axd ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/Trace.axd )
                            • WS_FTP.LOG ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/WS_FTP.LOG )
                            • adojavas.inc ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/adojavas.inc )
                            • adojavas.inc.bak ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/adojavas.inc.bak )
                            • adojavas.inc.old ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/adojavas.inc.old )
                            • adojavas.inc.tmp ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/adojavas.inc.tmp )
                            • adojavas.inc~ ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/adojavas.inc~ )
                            • adovbs.inc ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/adovbs.inc )
                            • adovbs.inc.bak ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/adovbs.inc.bak )
                            • adovbs.inc.old ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/adovbs.inc.old )
                            • adovbs.inc.tmp ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/adovbs.inc.tmp )
                            • adovbs.inc~ ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/adovbs.inc~ )
                            • test.CGI ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/test.CGI )
                            • test.FCGI ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/test.FCGI )
                            • test.PHP ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/test.PHP )
                            • test.PHP3 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/test.PHP3 )
                            • test.PHP4 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/test.PHP4 )
                            • test.PHP5 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/test.PHP5 )
                            • test.PHTML ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/test.PHTML )
                            • test.PL ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/test.PL )
                            • test.PY ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/test.PY )
                            • test.RB ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/test.RB )
                            • test.SH ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/test.SH )
                            • test.SHTML ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/test.SHTML )
                            • test.php. ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/test.php. )
                            • test.php.bak ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/test.php.bak )
                            • test.php.old ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/test.php.old )
                            • test.php.tmp ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/test.php.tmp )
                            • test.php~ ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/test.php~ )
                          • python ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/ )
                            • %23adojavas.inc%23 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/%23adojavas.inc%23 )
                            • %23adovbs.inc%23 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/%23adovbs.inc%23 )
                            • %3f.jsp ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/%3f.jsp )
                            • %3f.jsp%5C ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/%3f.jsp%5C )
                            • .svn ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/.svn/ )
                              • entries ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/.svn/entries )
                            • ADw-script AD4-alert(42) ADw- ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/ADw-script AD4-alert(42) ADw-/ )
                              • script AD4- ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/ADw-script AD4-alert(42) ADw-/script AD4- )
                            • CVS ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/CVS/ )
                              • Entries ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/CVS/Entries )
                              • Root ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/CVS/Root )
                            • DEADJOE ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/DEADJOE )
                            • Trace.axd ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/Trace.axd )
                            • WS_FTP.LOG ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/WS_FTP.LOG )
                            • adojavas.inc ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/adojavas.inc )
                            • adojavas.inc.bak ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/adojavas.inc.bak )
                            • adojavas.inc.old ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/adojavas.inc.old )
                            • adojavas.inc.tmp ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/adojavas.inc.tmp )
                            • adojavas.inc~ ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/adojavas.inc~ )
                            • adovbs.inc ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/adovbs.inc )
                            • adovbs.inc.bak ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/adovbs.inc.bak )
                            • adovbs.inc.old ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/adovbs.inc.old )
                            • adovbs.inc.tmp ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/adovbs.inc.tmp )
                            • adovbs.inc~ ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/adovbs.inc~ )
                            • test.CGI ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/test.CGI )
                            • test.FCGI ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/test.FCGI )
                            • test.PHP ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/test.PHP )
                            • test.PHP3 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/test.PHP3 )
                            • test.PHP4 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/test.PHP4 )
                            • test.PHP5 ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/test.PHP5 )
                            • test.PHTML ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/test.PHTML )
                            • test.PL ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/test.PL )
                            • test.PY ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/test.PY )
                            • test.RB ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/test.RB )
                            • test.SH ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/test.SH )
                            • test.SHTML ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/test.SHTML )
                            • test.py. ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/test.py. )

                        9.1.2.5 Successful (200)

                        • ?P=+ADw-script+AD4-alert(42)+ADw-
                          • script+AD4- ( http://vulnerable.plesk.smb.10.2.0.host:80/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                        • index.PHP ( http://vulnerable.plesk.smb.10.2.0.host:80/index.PHP )
                        • index.html ( http://vulnerable.plesk.smb.10.2.0.host:80/index.html )
                        • index.php ( http://vulnerable.plesk.smb.10.2.0.host:80/index.php )
                        • page1.PHP ( http://vulnerable.plesk.smb.10.2.0.host:80/page1.PHP )
                        • page2.PHP ( http://vulnerable.plesk.smb.10.2.0.host:80/page2.PHP )
                        • page3.PHP ( http://vulnerable.plesk.smb.10.2.0.host:80/page3.PHP )
                        • page4.PHP ( http://vulnerable.plesk.smb.10.2.0.host:80/page4.PHP )
                        • page5.PHP ( http://vulnerable.plesk.smb.10.2.0.host:80/page5.PHP )
                        • page6.PHP ( http://vulnerable.plesk.smb.10.2.0.host:80/page6.PHP )
                        • page7.PHP ( http://vulnerable.plesk.smb.10.2.0.host:80/page7.PHP )

                        9.1.3 Linked URLs

                        The following URLs were found as links in the content of other web pages.

                        9.1.3.1 Requires Authentication (401)

                        • test
                          • aspnet
                            • test.aspx ( http://vulnerable.plesk.smb.10.2.0.host:80/test/aspnet/test.aspx )
                          • perl
                            • test.pl ( http://vulnerable.plesk.smb.10.2.0.host:80/test/perl/test.pl )
                          • php
                            • test.php ( http://vulnerable.plesk.smb.10.2.0.host:80/test/php/test.php )
                          • python
                            • test.py ( http://vulnerable.plesk.smb.10.2.0.host:80/test/python/test.py )

                        9.1.3.2 Successful (200)

                        • css
                        • header.js ( http://vulnerable.plesk.smb.10.2.0.host:80/header.js )
                        • page1.php ( http://vulnerable.plesk.smb.10.2.0.host:80/page1.php )
                        • page2.php ( http://vulnerable.plesk.smb.10.2.0.host:80/page2.php )
                        • page3.php ( http://vulnerable.plesk.smb.10.2.0.host:80/page3.php )
                        • page4.php ( http://vulnerable.plesk.smb.10.2.0.host:80/page4.php )
                        • page5.php ( http://vulnerable.plesk.smb.10.2.0.host:80/page5.php )
                        • page6.php ( http://vulnerable.plesk.smb.10.2.0.host:80/page6.php )
                        • page7.php ( http://vulnerable.plesk.smb.10.2.0.host:80/page7.php )

                        9.2 https://vulnerable.plesk.smb.10.2.0.host:443

                        9.2.1 Common Default URLs

                        The following URLs were guessed. They are often included with default web server or web server add-on installations.

                        9.2.1.1 Access Error (403)

                        • css ( https://vulnerable.plesk.smb.10.2.0.host:443/css/ )
                        • images ( https://vulnerable.plesk.smb.10.2.0.host:443/images/ )
                        • img ( https://vulnerable.plesk.smb.10.2.0.host:443/img/ )
                        • include ( https://vulnerable.plesk.smb.10.2.0.host:443/include/ )

                        9.2.1.2 Error (500)

                        • cgi-bin ( https://vulnerable.plesk.smb.10.2.0.host:443/cgi-bin/ )
                          • printenv ( https://vulnerable.plesk.smb.10.2.0.host:443/cgi-bin/printenv )
                          • test-cgi ( https://vulnerable.plesk.smb.10.2.0.host:443/cgi-bin/test-cgi )

                        9.2.1.3 Requires Authentication (401)

                        • test ( https://vulnerable.plesk.smb.10.2.0.host:443/test/ )

                        9.2.2 Guessed URLs

                        The following URLs were guessed using various tricks based on the discovered web site content.

                        9.2.2.1 Access Error (403)

                        • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:443/Trace.axd )
                        • css
                          • ?P=+ADw-script+AD4-alert(42)+ADw-
                            • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:443/css/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                            • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:443/images/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                            • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:443/img/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                            • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:443/img/apps/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                            • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:443/img/common/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                            • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:443/img/glyph/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                            • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:443/img/icons/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                            • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:443/include/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                          • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:443/css/Trace.axd )
                        • images
                          • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:443/images/Trace.axd )
                        • img
                          • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:443/img/Trace.axd )
                          • apps ( https://vulnerable.plesk.smb.10.2.0.host:443/img/apps/ )
                            • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:443/img/apps/Trace.axd )
                          • common ( https://vulnerable.plesk.smb.10.2.0.host:443/img/common/ )
                            • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:443/img/common/Trace.axd )
                          • glyph ( https://vulnerable.plesk.smb.10.2.0.host:443/img/glyph/ )
                            • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:443/img/glyph/Trace.axd )
                          • icons ( https://vulnerable.plesk.smb.10.2.0.host:443/img/icons/ )
                            • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:443/img/icons/Trace.axd )
                        • include
                          • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:443/include/Trace.axd )

                        9.2.2.2 Error (400)

                        • "<script>TestScriptValueHere< ( https://vulnerable.plesk.smb.10.2.0.host:443/"<script>TestScriptValueHere</ )
                          • script>" ( https://vulnerable.plesk.smb.10.2.0.host:443/"<script>TestScriptValueHere</script>" )
                        • index.html
                          • <script>xss<
                            • script> ( https://vulnerable.plesk.smb.10.2.0.host:443/index.html/<script>xss</script> )
                            • script> ( https://vulnerable.plesk.smb.10.2.0.host:443/index.php/<script>xss</script> )
                            • script> ( https://vulnerable.plesk.smb.10.2.0.host:443/page1.php/<script>xss</script> )
                            • script> ( https://vulnerable.plesk.smb.10.2.0.host:443/page2.php/<script>xss</script> )
                            • script> ( https://vulnerable.plesk.smb.10.2.0.host:443/page3.php/<script>xss</script> )
                            • script> ( https://vulnerable.plesk.smb.10.2.0.host:443/page4.php/<script>xss</script> )
                            • script> ( https://vulnerable.plesk.smb.10.2.0.host:443/page5.php/<script>xss</script> )
                            • script> ( https://vulnerable.plesk.smb.10.2.0.host:443/page6.php/<script>xss</script> )
                            • script> ( https://vulnerable.plesk.smb.10.2.0.host:443/page7.php/<script>xss</script> )
                            • script> ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/test.aspx/<script>xss</script> )
                            • script> ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/test.pl.html/<script>xss</script> )
                            • script> ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/test.php/<script>xss</script> )
                        • index.php
                          • page1.php
                            • page2.php
                              • page3.php
                                • page4.php
                                  • page5.php
                                    • page6.php
                                      • page7.php
                                        • test
                                          • aspnet
                                            • %3f.jsp%00 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/%3f.jsp%00 )
                                            • test.aspx%3f.jsp%00 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/test.aspx%3f.jsp%00 )
                                            • test.aspx
                                            • perl
                                              • %3f.jsp%00 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/%3f.jsp%00 )
                                              • info2www.cgi%00 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.cgi%00 )
                                              • test.pl.html
                                              • php
                                                • %3f.jsp%00 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/%3f.jsp%00 )
                                                • test.php
                                                • python
                                                  • %3f.jsp%00 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/%3f.jsp%00 )

                                              9.2.2.3 Error (500)

                                              • cgi-bin
                                                • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:443/cgi-bin/%3f.jsp )
                                                • .svn
                                                  • entries ( https://vulnerable.plesk.smb.10.2.0.host:443/cgi-bin/.svn/entries )
                                                • ?P=+ADw-script+AD4-alert(42)+ADw-
                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:443/cgi-bin/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                • ADw-script AD4-alert(42) ADw-
                                                  • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:443/cgi-bin/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                • CVS
                                                  • Entries ( https://vulnerable.plesk.smb.10.2.0.host:443/cgi-bin/CVS/Entries )
                                                  • Root ( https://vulnerable.plesk.smb.10.2.0.host:443/cgi-bin/CVS/Root )
                                                • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:443/cgi-bin/DEADJOE )
                                                • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:443/cgi-bin/Trace.axd )
                                                • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:443/cgi-bin/WS_FTP.LOG )
                                                • Web.sitemap ( https://vulnerable.plesk.smb.10.2.0.host:443/cgi-bin/Web.sitemap )
                                                • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:443/cgi-bin/adojavas.inc )
                                                • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:443/cgi-bin/adovbs.inc )
                                                • web.config ( https://vulnerable.plesk.smb.10.2.0.host:443/cgi-bin/web.config )

                                              9.2.2.4 Requires Authentication (401)

                                              • test
                                                • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:443/test/%3f.jsp )
                                                • .svn
                                                  • entries ( https://vulnerable.plesk.smb.10.2.0.host:443/test/.svn/entries )
                                                • ?P=+ADw-script+AD4-alert(42)+ADw-
                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:443/test/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                • ADw-script AD4-alert(42) ADw-
                                                  • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:443/test/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                • CVS
                                                  • Entries ( https://vulnerable.plesk.smb.10.2.0.host:443/test/CVS/Entries )
                                                  • Root ( https://vulnerable.plesk.smb.10.2.0.host:443/test/CVS/Root )
                                                • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:443/test/DEADJOE )
                                                • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:443/test/Trace.axd )
                                                • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:443/test/WS_FTP.LOG )
                                                • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:443/test/adojavas.inc )
                                                • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:443/test/adovbs.inc )
                                                • aspnet ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/ )
                                                  • %23adojavas.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/%23adojavas.inc%23 )
                                                  • %23adovbs.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/%23adovbs.inc%23 )
                                                  • %23test.aspx%23 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/%23test.aspx%23 )
                                                  • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/%3f.jsp )
                                                  • %3f.jsp%5C ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/%3f.jsp%5C )
                                                  • .svn ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/.svn/ )
                                                    • entries ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/.svn/entries )
                                                  • ADw-script AD4-alert(42) ADw- ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/ADw-script AD4-alert(42) ADw-/ )
                                                    • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                  • CVS ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/CVS/ )
                                                    • Entries ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/CVS/Entries )
                                                    • Root ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/CVS/Root )
                                                  • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/DEADJOE )
                                                  • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/Trace.axd )
                                                  • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/WS_FTP.LOG )
                                                  • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/adojavas.inc )
                                                  • adojavas.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/adojavas.inc.bak )
                                                  • adojavas.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/adojavas.inc.old )
                                                  • adojavas.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/adojavas.inc.tmp )
                                                  • adojavas.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/adojavas.inc~ )
                                                  • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/adovbs.inc )
                                                  • adovbs.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/adovbs.inc.bak )
                                                  • adovbs.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/adovbs.inc.old )
                                                  • adovbs.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/adovbs.inc.tmp )
                                                  • adovbs.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/adovbs.inc~ )
                                                  • test.aspx%3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/test.aspx%3f.jsp )
                                                  • test.aspx%3f.jsp%5C ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/test.aspx%3f.jsp%5C )
                                                  • test.aspx.bak ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/test.aspx.bak )
                                                  • test.aspx.old ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/test.aspx.old )
                                                  • test.aspx.tmp ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/test.aspx.tmp )
                                                  • test.aspx~ ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/test.aspx~ )
                                                • perl ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/ )
                                                  • %23adojavas.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/%23adojavas.inc%23 )
                                                  • %23adovbs.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/%23adovbs.inc%23 )
                                                  • %23info2www.cgi%23 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/%23info2www.cgi%23 )
                                                  • %23info2www.pl%23 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/%23info2www.pl%23 )
                                                  • %23test.pl%23 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/%23test.pl%23 )
                                                  • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/%3f.jsp )
                                                  • %3f.jsp%5C ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/%3f.jsp%5C )
                                                  • .svn ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/.svn/ )
                                                    • entries ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/.svn/entries )
                                                  • ADw-script AD4-alert(42) ADw- ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/ADw-script AD4-alert(42) ADw-/ )
                                                    • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                  • CVS ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/CVS/ )
                                                    • Entries ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/CVS/Entries )
                                                    • Root ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/CVS/Root )
                                                  • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/DEADJOE )
                                                  • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/Trace.axd )
                                                  • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/WS_FTP.LOG )
                                                  • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/adojavas.inc )
                                                  • adojavas.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/adojavas.inc.bak )
                                                  • adojavas.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/adojavas.inc.old )
                                                  • adojavas.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/adojavas.inc.tmp )
                                                  • adojavas.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/adojavas.inc~ )
                                                  • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/adovbs.inc )
                                                  • adovbs.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/adovbs.inc.bak )
                                                  • adovbs.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/adovbs.inc.old )
                                                  • adovbs.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/adovbs.inc.tmp )
                                                  • adovbs.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/adovbs.inc~ )
                                                  • info2www ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www )
                                                  • info2www.CGI ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.CGI )
                                                  • info2www.FCGI ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.FCGI )
                                                  • info2www.PHP ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.PHP )
                                                  • info2www.PHP3 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.PHP3 )
                                                  • info2www.PHP4 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.PHP4 )
                                                  • info2www.PHP5 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.PHP5 )
                                                  • info2www.PHTML ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.PHTML )
                                                  • info2www.PL ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.PL )
                                                  • info2www.PY ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.PY )
                                                  • info2www.RB ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.RB )
                                                  • info2www.SH ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.SH )
                                                  • info2www.SHTML ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.SHTML )
                                                  • info2www.cgi ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.cgi )
                                                  • info2www.cgi. ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.cgi. )
                                                  • info2www.cgi.bak ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.cgi.bak )
                                                  • info2www.cgi.old ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.cgi.old )
                                                  • info2www.cgi.tmp ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.cgi.tmp )
                                                  • info2www.cgi~ ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.cgi~ )
                                                  • info2www.pl ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.pl )
                                                  • info2www.pl. ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.pl. )
                                                  • info2www.pl.LOG ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.pl.LOG )
                                                  • info2www.pl.bak ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.pl.bak )
                                                  • info2www.pl.html ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.pl.html )
                                                  • info2www.pl.old ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.pl.old )
                                                  • info2www.pl.tdy ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.pl.tdy )
                                                  • info2www.pl.tmp ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.pl.tmp )
                                                  • info2www.pl~ ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/info2www.pl~ )
                                                  • test.CGI ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/test.CGI )
                                                  • test.FCGI ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/test.FCGI )
                                                  • test.PHP ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/test.PHP )
                                                  • test.PHP3 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/test.PHP3 )
                                                  • test.PHP4 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/test.PHP4 )
                                                  • test.PHP5 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/test.PHP5 )
                                                  • test.PHTML ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/test.PHTML )
                                                  • test.PL ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/test.PL )
                                                  • test.PY ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/test.PY )
                                                  • test.RB ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/test.RB )
                                                  • test.SH ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/test.SH )
                                                  • test.SHTML ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/test.SHTML )
                                                  • test.pl. ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/test.pl. )
                                                  • test.pl.LOG ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/test.pl.LOG )
                                                  • test.pl.bak ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/test.pl.bak )
                                                  • test.pl.html ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/test.pl.html )
                                                  • test.pl.old ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/test.pl.old )
                                                  • test.pl.tdy ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/test.pl.tdy )
                                                  • test.pl.tmp ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/test.pl.tmp )
                                                  • test.pl~ ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/test.pl~ )
                                                • php ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/ )
                                                  • %23adojavas.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/%23adojavas.inc%23 )
                                                  • %23adovbs.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/%23adovbs.inc%23 )
                                                  • %23test.php%23 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/%23test.php%23 )
                                                  • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/%3f.jsp )
                                                  • %3f.jsp%5C ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/%3f.jsp%5C )
                                                  • .svn ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/.svn/ )
                                                    • entries ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/.svn/entries )
                                                  • ADw-script AD4-alert(42) ADw- ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/ADw-script AD4-alert(42) ADw-/ )
                                                    • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                  • CVS ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/CVS/ )
                                                    • Entries ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/CVS/Entries )
                                                    • Root ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/CVS/Root )
                                                  • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/DEADJOE )
                                                  • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/Trace.axd )
                                                  • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/WS_FTP.LOG )
                                                  • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/adojavas.inc )
                                                  • adojavas.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/adojavas.inc.bak )
                                                  • adojavas.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/adojavas.inc.old )
                                                  • adojavas.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/adojavas.inc.tmp )
                                                  • adojavas.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/adojavas.inc~ )
                                                  • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/adovbs.inc )
                                                  • adovbs.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/adovbs.inc.bak )
                                                  • adovbs.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/adovbs.inc.old )
                                                  • adovbs.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/adovbs.inc.tmp )
                                                  • adovbs.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/adovbs.inc~ )
                                                  • test.CGI ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/test.CGI )
                                                  • test.FCGI ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/test.FCGI )
                                                  • test.PHP ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/test.PHP )
                                                  • test.PHP3 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/test.PHP3 )
                                                  • test.PHP4 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/test.PHP4 )
                                                  • test.PHP5 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/test.PHP5 )
                                                  • test.PHTML ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/test.PHTML )
                                                  • test.PL ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/test.PL )
                                                  • test.PY ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/test.PY )
                                                  • test.RB ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/test.RB )
                                                  • test.SH ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/test.SH )
                                                  • test.SHTML ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/test.SHTML )
                                                  • test.php. ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/test.php. )
                                                  • test.php.bak ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/test.php.bak )
                                                  • test.php.old ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/test.php.old )
                                                  • test.php.tmp ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/test.php.tmp )
                                                  • test.php~ ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/test.php~ )
                                                • python ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/ )
                                                  • %23adojavas.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/%23adojavas.inc%23 )
                                                  • %23adovbs.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/%23adovbs.inc%23 )
                                                  • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/%3f.jsp )
                                                  • %3f.jsp%5C ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/%3f.jsp%5C )
                                                  • .svn ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/.svn/ )
                                                    • entries ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/.svn/entries )
                                                  • ADw-script AD4-alert(42) ADw- ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/ADw-script AD4-alert(42) ADw-/ )
                                                    • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                  • CVS ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/CVS/ )
                                                    • Entries ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/CVS/Entries )
                                                    • Root ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/CVS/Root )
                                                  • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/DEADJOE )
                                                  • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/Trace.axd )
                                                  • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/WS_FTP.LOG )
                                                  • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/adojavas.inc )
                                                  • adojavas.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/adojavas.inc.bak )
                                                  • adojavas.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/adojavas.inc.old )
                                                  • adojavas.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/adojavas.inc.tmp )
                                                  • adojavas.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/adojavas.inc~ )
                                                  • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/adovbs.inc )
                                                  • adovbs.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/adovbs.inc.bak )
                                                  • adovbs.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/adovbs.inc.old )
                                                  • adovbs.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/adovbs.inc.tmp )
                                                  • adovbs.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/adovbs.inc~ )
                                                  • test.CGI ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/test.CGI )
                                                  • test.FCGI ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/test.FCGI )
                                                  • test.PHP ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/test.PHP )
                                                  • test.PHP3 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/test.PHP3 )
                                                  • test.PHP4 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/test.PHP4 )
                                                  • test.PHP5 ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/test.PHP5 )
                                                  • test.PHTML ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/test.PHTML )
                                                  • test.PL ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/test.PL )
                                                  • test.PY ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/test.PY )
                                                  • test.RB ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/test.RB )
                                                  • test.SH ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/test.SH )
                                                  • test.SHTML ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/test.SHTML )
                                                  • test.py. ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/test.py. )

                                              9.2.2.5 Successful (200)

                                              • ?P=+ADw-script+AD4-alert(42)+ADw-
                                                • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:443/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                              • index.PHP ( https://vulnerable.plesk.smb.10.2.0.host:443/index.PHP )
                                              • index.html ( https://vulnerable.plesk.smb.10.2.0.host:443/index.html )
                                              • index.php ( https://vulnerable.plesk.smb.10.2.0.host:443/index.php )
                                              • page1.PHP ( https://vulnerable.plesk.smb.10.2.0.host:443/page1.PHP )
                                              • page2.PHP ( https://vulnerable.plesk.smb.10.2.0.host:443/page2.PHP )
                                              • page3.PHP ( https://vulnerable.plesk.smb.10.2.0.host:443/page3.PHP )
                                              • page4.PHP ( https://vulnerable.plesk.smb.10.2.0.host:443/page4.PHP )
                                              • page5.PHP ( https://vulnerable.plesk.smb.10.2.0.host:443/page5.PHP )
                                              • page6.PHP ( https://vulnerable.plesk.smb.10.2.0.host:443/page6.PHP )
                                              • page7.PHP ( https://vulnerable.plesk.smb.10.2.0.host:443/page7.PHP )

                                              9.2.3 Linked URLs

                                              The following URLs were found as links in the content of other web pages.

                                              9.2.3.1 Requires Authentication (401)

                                              • test
                                                • aspnet
                                                  • test.aspx ( https://vulnerable.plesk.smb.10.2.0.host:443/test/aspnet/test.aspx )
                                                • perl
                                                  • test.pl ( https://vulnerable.plesk.smb.10.2.0.host:443/test/perl/test.pl )
                                                • php
                                                  • test.php ( https://vulnerable.plesk.smb.10.2.0.host:443/test/php/test.php )
                                                • python
                                                  • test.py ( https://vulnerable.plesk.smb.10.2.0.host:443/test/python/test.py )

                                              9.2.3.2 Successful (200)

                                              • css
                                              • header.js ( https://vulnerable.plesk.smb.10.2.0.host:443/header.js )
                                              • page1.php ( https://vulnerable.plesk.smb.10.2.0.host:443/page1.php )
                                              • page2.php ( https://vulnerable.plesk.smb.10.2.0.host:443/page2.php )
                                              • page3.php ( https://vulnerable.plesk.smb.10.2.0.host:443/page3.php )
                                              • page4.php ( https://vulnerable.plesk.smb.10.2.0.host:443/page4.php )
                                              • page5.php ( https://vulnerable.plesk.smb.10.2.0.host:443/page5.php )
                                              • page6.php ( https://vulnerable.plesk.smb.10.2.0.host:443/page6.php )
                                              • page7.php ( https://vulnerable.plesk.smb.10.2.0.host:443/page7.php )

                                              9.3 https://vulnerable.plesk.smb.10.2.0.host:8443

                                              9.3.1 Common Default URLs

                                              The following URLs were guessed. They are often included with default web server or web server add-on installations.

                                              9.3.1.1 Access Error (403)

                                              • images ( https://vulnerable.plesk.smb.10.2.0.host:8443/images/ )
                                              • javascript ( https://vulnerable.plesk.smb.10.2.0.host:8443/javascript/ )

                                              9.3.1.2 Redirect (301)

                                              • aspnet_client
                                                • system_web ( https://vulnerable.plesk.smb.10.2.0.host:8443/aspnet_client/system_web )

                                              9.3.1.3 Successful (200)

                                              • login.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/login.php3 )
                                              • plesk ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/ )

                                              9.3.2 Guessed URLs

                                              The following URLs were guessed using various tricks based on the discovered web site content.

                                              9.3.2.1 Access Error (403)

                                              • aspnet_client ( https://vulnerable.plesk.smb.10.2.0.host:8443/aspnet_client/ )
                                                • system_web
                                                  • ?P=+ADw-script+AD4-alert(42)+ADw-
                                                    • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/aspnet_client/system_web/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                    • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/images/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                    • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/javascript/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                    • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                    • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                    • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                    • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                    • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                    • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                    • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                    • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                    • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/big/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                              • images
                                                • javascript
                                                  • skins ( https://vulnerable.plesk.smb.10.2.0.host:8443/skins/ )
                                                    • vista ( https://vulnerable.plesk.smb.10.2.0.host:8443/skins/vista/ )
                                                      • css ( https://vulnerable.plesk.smb.10.2.0.host:8443/skins/vista/css/ )
                                                        • main ( https://vulnerable.plesk.smb.10.2.0.host:8443/skins/vista/css/main/ )
                                                        • top ( https://vulnerable.plesk.smb.10.2.0.host:8443/skins/vista/css/top/ )
                                                      • icons ( https://vulnerable.plesk.smb.10.2.0.host:8443/skins/vista/icons/ )
                                                        • gauge ( https://vulnerable.plesk.smb.10.2.0.host:8443/skins/vista/icons/gauge/ )
                                                        • tabs ( https://vulnerable.plesk.smb.10.2.0.host:8443/skins/vista/icons/tabs/ )
                                                      • images ( https://vulnerable.plesk.smb.10.2.0.host:8443/skins/vista/images/ )
                                                  • smb
                                                    • externals ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/ )
                                                      • images ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/images/ )
                                                      • scripts ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/ )
                                                        • components ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/ )
                                                          • forms ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/ )
                                                        • styles ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/ )
                                                          • css ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/ )
                                                            • img ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/ )
                                                              • icons ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/ )
                                                                • big ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/big/ )

                                                          9.3.2.2 Error (400)

                                                          • "<script>TestScriptValueHere<
                                                            • script>" ( https://vulnerable.plesk.smb.10.2.0.host:8443/"<script>TestScriptValueHere</script>" )
                                                          • get_password.php
                                                            • <script>xss<
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/get_password.php/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/javascript/chk.js.php/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/login.php3/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/login_up.php3/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.asp/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.aspx/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.htm/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.html/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.php/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.shtml/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.asp/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.aspx/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.htm/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.html/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.php/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.php3/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.shtml/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-login.php/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.asp/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.aspx/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.htm/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.html/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.php/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.shtml/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.asp/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.aspx/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.htm/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.html/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.php/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.php3/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.shtml/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-login.php/<script>xss</script> )
                                                              • script> ( https://vulnerable.plesk.smb.10.2.0.host:8443/top.php3/<script>xss</script> )
                                                          • javascript
                                                            • chk.js.php
                                                            • login.php3
                                                              • login_up.php3
                                                                • smb
                                                                  • %3f.jsp%00 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/%3f.jsp%00 )
                                                                  • change-password
                                                                    • %3f.jsp%00 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/%3f.jsp%00 )
                                                                    • default.asp%81 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.asp%81 )
                                                                    • default.asp
                                                                      • default.aspx
                                                                        • default.htm
                                                                          • default.html
                                                                            • default.jsp%00 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.jsp%00 )
                                                                            • default.php
                                                                              • default.shtml
                                                                                • index.asp%81 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.asp%81 )
                                                                                • index.asp
                                                                                  • index.aspx
                                                                                    • index.cgi%00 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.cgi%00 )
                                                                                    • index.htm
                                                                                      • index.html
                                                                                        • index.jsp%00 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.jsp%00 )
                                                                                        • index.php
                                                                                          • index.php3
                                                                                            • index.shtml
                                                                                              • wp-login.php
                                                                                              • default.asp%81 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.asp%81 )
                                                                                              • default.jsp%00 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.jsp%00 )
                                                                                              • externals
                                                                                                • %3f.jsp%00 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/%3f.jsp%00 )
                                                                                              • index.asp%81 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.asp%81 )
                                                                                              • index.cgi%00 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.cgi%00 )
                                                                                              • index.jsp%00 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.jsp%00 )
                                                                                              • scripts
                                                                                                • %3f.jsp%00 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/%3f.jsp%00 )
                                                                                                • components
                                                                                                  • %3f.jsp%00 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/%3f.jsp%00 )
                                                                                                  • forms
                                                                                                    • %3f.jsp%00 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/%3f.jsp%00 )
                                                                                              • styles
                                                                                                • %3f.jsp%00 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/%3f.jsp%00 )
                                                                                                • css
                                                                                                  • %3f.jsp%00 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/%3f.jsp%00 )
                                                                                                • img
                                                                                                  • %3f.jsp%00 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/%3f.jsp%00 )
                                                                                                  • icons
                                                                                                    • %3f.jsp%00 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/%3f.jsp%00 )
                                                                                            • top.php3

                                                                                              9.3.2.3 Redirect (301)

                                                                                              • smb ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb )

                                                                                              9.3.2.4 Redirect (302)

                                                                                              • help.php?context= ( https://vulnerable.plesk.smb.10.2.0.host:8443/help.php?context= )
                                                                                              • smb
                                                                                                • %23adojavas.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/%23adojavas.inc%23 )
                                                                                                • %23adovbs.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/%23adovbs.inc%23 )
                                                                                                • %23default.asp%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/%23default.asp%23 )
                                                                                                • %23default.aspx%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/%23default.aspx%23 )
                                                                                                • %23default.jsp%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/%23default.jsp%23 )
                                                                                                • %23default.php%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/%23default.php%23 )
                                                                                                • %23index.asp%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/%23index.asp%23 )
                                                                                                • %23index.aspx%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/%23index.aspx%23 )
                                                                                                • %23index.cfm%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/%23index.cfm%23 )
                                                                                                • %23index.cgi%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/%23index.cgi%23 )
                                                                                                • %23index.jsp%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/%23index.jsp%23 )
                                                                                                • %23index.php%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/%23index.php%23 )
                                                                                                • %23wp-login.php%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/%23wp-login.php%23 )
                                                                                                • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/%3f.jsp )
                                                                                                • %3f.jsp%5C ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/%3f.jsp%5C )
                                                                                                • .svn ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/.svn/ )
                                                                                                  • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/.svn/entries )
                                                                                                  • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/.svn/entries )
                                                                                                  • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/.svn/entries )
                                                                                                  • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/.svn/entries )
                                                                                                  • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/.svn/entries )
                                                                                                  • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/.svn/entries )
                                                                                                  • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/.svn/entries )
                                                                                                  • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/.svn/entries )
                                                                                                  • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/.svn/entries )
                                                                                                  • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/.svn/entries )
                                                                                                • ?P=+ADw-script+AD4-alert(42)+ADw-
                                                                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                                  • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                                • ADw-script AD4-alert(42) ADw- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/ADw-script AD4-alert(42) ADw-/ )
                                                                                                  • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                  • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                  • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                  • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                  • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                  • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                  • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                  • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                  • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                  • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                • CVS ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/CVS/ )
                                                                                                  • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/CVS/Entries )
                                                                                                  • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/CVS/Root )
                                                                                                  • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/CVS/Entries )
                                                                                                  • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/CVS/Root )
                                                                                                  • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/CVS/Entries )
                                                                                                  • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/CVS/Root )
                                                                                                  • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/CVS/Entries )
                                                                                                  • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/CVS/Root )
                                                                                                  • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/CVS/Entries )
                                                                                                  • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/CVS/Root )
                                                                                                  • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/CVS/Entries )
                                                                                                  • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/CVS/Root )
                                                                                                  • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/CVS/Entries )
                                                                                                  • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/CVS/Root )
                                                                                                  • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/CVS/Entries )
                                                                                                  • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/CVS/Root )
                                                                                                  • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/CVS/Entries )
                                                                                                  • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/CVS/Root )
                                                                                                  • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/CVS/Entries )
                                                                                                  • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/CVS/Root )
                                                                                                • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/DEADJOE )
                                                                                                • README ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/README )
                                                                                                • README.TXT ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/README.TXT )
                                                                                                • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/Trace.axd )
                                                                                                • WEB-INF ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/ )
                                                                                                  • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/%3f.jsp )
                                                                                                  • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/DEADJOE )
                                                                                                  • README ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/README )
                                                                                                  • README.TXT ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/README.TXT )
                                                                                                  • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/Trace.axd )
                                                                                                  • WEB-INF ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/WEB-INF/ )
                                                                                                    • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/WS_FTP.LOG )
                                                                                                    • _vti_bin ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/_vti_bin/ )
                                                                                                    • _vti_bot ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/_vti_bot/ )
                                                                                                    • _vti_cnf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/_vti_cnf/ )
                                                                                                    • _vti_log ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/_vti_log/ )
                                                                                                    • _vti_pvt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/_vti_pvt/ )
                                                                                                    • _vti_script ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/_vti_script/ )
                                                                                                    • _vti_shm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/_vti_shm/ )
                                                                                                    • _vti_txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/_vti_txt/ )
                                                                                                    • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/adojavas.inc )
                                                                                                    • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/adovbs.inc )
                                                                                                    • default.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/default.asp )
                                                                                                    • default.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/default.aspx )
                                                                                                    • default.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/default.htm )
                                                                                                    • default.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/default.html )
                                                                                                    • default.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/default.jsp )
                                                                                                    • default.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/default.php )
                                                                                                    • default.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/default.shtml )
                                                                                                    • default.wml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/default.wml )
                                                                                                    • index.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/index.asp )
                                                                                                    • index.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/index.aspx )
                                                                                                    • index.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/index.bak )
                                                                                                    • index.cfm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/index.cfm )
                                                                                                    • index.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/index.cgi )
                                                                                                    • index.chtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/index.chtml )
                                                                                                    • index.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/index.htm )
                                                                                                    • index.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/index.html )
                                                                                                    • index.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/index.jsp )
                                                                                                    • index.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/index.old )
                                                                                                    • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/index.php )
                                                                                                    • index.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/index.php3 )
                                                                                                    • index.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/index.shtml )
                                                                                                    • index.swf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/index.swf )
                                                                                                    • readme.txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/readme.txt )
                                                                                                    • servlet ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/servlet/ )
                                                                                                    • sitemap.xml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/sitemap.xml )
                                                                                                    • web-inf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/web-inf/ )
                                                                                                    • wp-login.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WEB-INF/wp-login.php )
                                                                                                • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/WS_FTP.LOG )
                                                                                                • _vti_bin ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/ )
                                                                                                  • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/%3f.jsp )
                                                                                                  • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/DEADJOE )
                                                                                                  • README ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/README )
                                                                                                  • README.TXT ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/README.TXT )
                                                                                                  • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/Trace.axd )
                                                                                                  • WEB-INF ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/WEB-INF/ )
                                                                                                  • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/WS_FTP.LOG )
                                                                                                  • _vti_bin ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/_vti_bin/ )
                                                                                                    • _vti_bot ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/_vti_bot/ )
                                                                                                    • _vti_cnf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/_vti_cnf/ )
                                                                                                    • _vti_log ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/_vti_log/ )
                                                                                                    • _vti_pvt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/_vti_pvt/ )
                                                                                                    • _vti_script ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/_vti_script/ )
                                                                                                    • _vti_shm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/_vti_shm/ )
                                                                                                    • _vti_txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/_vti_txt/ )
                                                                                                    • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/adojavas.inc )
                                                                                                    • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/adovbs.inc )
                                                                                                    • default.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/default.asp )
                                                                                                    • default.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/default.aspx )
                                                                                                    • default.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/default.htm )
                                                                                                    • default.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/default.html )
                                                                                                    • default.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/default.jsp )
                                                                                                    • default.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/default.php )
                                                                                                    • default.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/default.shtml )
                                                                                                    • default.wml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/default.wml )
                                                                                                    • index.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/index.asp )
                                                                                                    • index.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/index.aspx )
                                                                                                    • index.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/index.bak )
                                                                                                    • index.cfm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/index.cfm )
                                                                                                    • index.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/index.cgi )
                                                                                                    • index.chtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/index.chtml )
                                                                                                    • index.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/index.htm )
                                                                                                    • index.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/index.html )
                                                                                                    • index.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/index.jsp )
                                                                                                    • index.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/index.old )
                                                                                                    • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/index.php )
                                                                                                    • index.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/index.php3 )
                                                                                                    • index.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/index.shtml )
                                                                                                    • index.swf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/index.swf )
                                                                                                    • readme.txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/readme.txt )
                                                                                                    • servlet ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/servlet/ )
                                                                                                    • sitemap.xml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/sitemap.xml )
                                                                                                    • web-inf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/web-inf/ )
                                                                                                    • wp-login.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bin/wp-login.php )
                                                                                                • _vti_bot ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/ )
                                                                                                  • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/%3f.jsp )
                                                                                                  • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/DEADJOE )
                                                                                                  • README ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/README )
                                                                                                  • README.TXT ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/README.TXT )
                                                                                                  • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/Trace.axd )
                                                                                                  • WEB-INF ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/WEB-INF/ )
                                                                                                  • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/WS_FTP.LOG )
                                                                                                  • _vti_bin ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/_vti_bin/ )
                                                                                                  • _vti_bot ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/_vti_bot/ )
                                                                                                    • _vti_cnf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/_vti_cnf/ )
                                                                                                    • _vti_log ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/_vti_log/ )
                                                                                                    • _vti_pvt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/_vti_pvt/ )
                                                                                                    • _vti_script ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/_vti_script/ )
                                                                                                    • _vti_shm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/_vti_shm/ )
                                                                                                    • _vti_txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/_vti_txt/ )
                                                                                                    • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/adojavas.inc )
                                                                                                    • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/adovbs.inc )
                                                                                                    • default.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/default.asp )
                                                                                                    • default.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/default.aspx )
                                                                                                    • default.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/default.htm )
                                                                                                    • default.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/default.html )
                                                                                                    • default.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/default.jsp )
                                                                                                    • default.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/default.php )
                                                                                                    • default.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/default.shtml )
                                                                                                    • default.wml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/default.wml )
                                                                                                    • index.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/index.asp )
                                                                                                    • index.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/index.aspx )
                                                                                                    • index.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/index.bak )
                                                                                                    • index.cfm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/index.cfm )
                                                                                                    • index.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/index.cgi )
                                                                                                    • index.chtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/index.chtml )
                                                                                                    • index.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/index.htm )
                                                                                                    • index.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/index.html )
                                                                                                    • index.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/index.jsp )
                                                                                                    • index.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/index.old )
                                                                                                    • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/index.php )
                                                                                                    • index.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/index.php3 )
                                                                                                    • index.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/index.shtml )
                                                                                                    • index.swf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/index.swf )
                                                                                                    • readme.txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/readme.txt )
                                                                                                    • servlet ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/servlet/ )
                                                                                                    • sitemap.xml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/sitemap.xml )
                                                                                                    • web-inf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/web-inf/ )
                                                                                                    • wp-login.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_bot/wp-login.php )
                                                                                                • _vti_cnf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/ )
                                                                                                  • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/%3f.jsp )
                                                                                                  • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/DEADJOE )
                                                                                                  • README ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/README )
                                                                                                  • README.TXT ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/README.TXT )
                                                                                                  • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/Trace.axd )
                                                                                                  • WEB-INF ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/WEB-INF/ )
                                                                                                  • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/WS_FTP.LOG )
                                                                                                  • _vti_bin ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/_vti_bin/ )
                                                                                                  • _vti_bot ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/_vti_bot/ )
                                                                                                  • _vti_cnf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/_vti_cnf/ )
                                                                                                    • _vti_log ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/_vti_log/ )
                                                                                                    • _vti_pvt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/_vti_pvt/ )
                                                                                                    • _vti_script ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/_vti_script/ )
                                                                                                    • _vti_shm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/_vti_shm/ )
                                                                                                    • _vti_txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/_vti_txt/ )
                                                                                                    • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/adojavas.inc )
                                                                                                    • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/adovbs.inc )
                                                                                                    • default.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/default.asp )
                                                                                                    • default.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/default.aspx )
                                                                                                    • default.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/default.htm )
                                                                                                    • default.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/default.html )
                                                                                                    • default.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/default.jsp )
                                                                                                    • default.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/default.php )
                                                                                                    • default.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/default.shtml )
                                                                                                    • default.wml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/default.wml )
                                                                                                    • index.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/index.asp )
                                                                                                    • index.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/index.aspx )
                                                                                                    • index.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/index.bak )
                                                                                                    • index.cfm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/index.cfm )
                                                                                                    • index.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/index.cgi )
                                                                                                    • index.chtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/index.chtml )
                                                                                                    • index.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/index.htm )
                                                                                                    • index.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/index.html )
                                                                                                    • index.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/index.jsp )
                                                                                                    • index.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/index.old )
                                                                                                    • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/index.php )
                                                                                                    • index.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/index.php3 )
                                                                                                    • index.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/index.shtml )
                                                                                                    • index.swf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/index.swf )
                                                                                                    • readme.txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/readme.txt )
                                                                                                    • servlet ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/servlet/ )
                                                                                                    • sitemap.xml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/sitemap.xml )
                                                                                                    • web-inf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/web-inf/ )
                                                                                                    • wp-login.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_cnf/wp-login.php )
                                                                                                • _vti_log ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/ )
                                                                                                  • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/%3f.jsp )
                                                                                                  • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/DEADJOE )
                                                                                                  • README ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/README )
                                                                                                  • README.TXT ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/README.TXT )
                                                                                                  • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/Trace.axd )
                                                                                                  • WEB-INF ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/WEB-INF/ )
                                                                                                  • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/WS_FTP.LOG )
                                                                                                  • _vti_bin ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/_vti_bin/ )
                                                                                                  • _vti_bot ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/_vti_bot/ )
                                                                                                  • _vti_cnf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/_vti_cnf/ )
                                                                                                  • _vti_log ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/_vti_log/ )
                                                                                                    • _vti_pvt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/_vti_pvt/ )
                                                                                                    • _vti_script ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/_vti_script/ )
                                                                                                    • _vti_shm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/_vti_shm/ )
                                                                                                    • _vti_txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/_vti_txt/ )
                                                                                                    • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/adojavas.inc )
                                                                                                    • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/adovbs.inc )
                                                                                                    • default.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/default.asp )
                                                                                                    • default.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/default.aspx )
                                                                                                    • default.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/default.htm )
                                                                                                    • default.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/default.html )
                                                                                                    • default.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/default.jsp )
                                                                                                    • default.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/default.php )
                                                                                                    • default.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/default.shtml )
                                                                                                    • default.wml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/default.wml )
                                                                                                    • index.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/index.asp )
                                                                                                    • index.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/index.aspx )
                                                                                                    • index.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/index.bak )
                                                                                                    • index.cfm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/index.cfm )
                                                                                                    • index.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/index.cgi )
                                                                                                    • index.chtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/index.chtml )
                                                                                                    • index.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/index.htm )
                                                                                                    • index.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/index.html )
                                                                                                    • index.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/index.jsp )
                                                                                                    • index.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/index.old )
                                                                                                    • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/index.php )
                                                                                                    • index.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/index.php3 )
                                                                                                    • index.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/index.shtml )
                                                                                                    • index.swf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/index.swf )
                                                                                                    • readme.txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/readme.txt )
                                                                                                    • servlet ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/servlet/ )
                                                                                                    • sitemap.xml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/sitemap.xml )
                                                                                                    • web-inf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/web-inf/ )
                                                                                                    • wp-login.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_log/wp-login.php )
                                                                                                • _vti_pvt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/ )
                                                                                                  • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/%3f.jsp )
                                                                                                  • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/DEADJOE )
                                                                                                  • README ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/README )
                                                                                                  • README.TXT ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/README.TXT )
                                                                                                  • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/Trace.axd )
                                                                                                  • WEB-INF ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/WEB-INF/ )
                                                                                                  • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/WS_FTP.LOG )
                                                                                                  • _vti_bin ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/_vti_bin/ )
                                                                                                  • _vti_bot ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/_vti_bot/ )
                                                                                                  • _vti_cnf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/_vti_cnf/ )
                                                                                                  • _vti_log ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/_vti_log/ )
                                                                                                  • _vti_pvt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/_vti_pvt/ )
                                                                                                    • _vti_script ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/_vti_script/ )
                                                                                                    • _vti_shm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/_vti_shm/ )
                                                                                                    • _vti_txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/_vti_txt/ )
                                                                                                    • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/adojavas.inc )
                                                                                                    • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/adovbs.inc )
                                                                                                    • default.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/default.asp )
                                                                                                    • default.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/default.aspx )
                                                                                                    • default.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/default.htm )
                                                                                                    • default.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/default.html )
                                                                                                    • default.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/default.jsp )
                                                                                                    • default.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/default.php )
                                                                                                    • default.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/default.shtml )
                                                                                                    • default.wml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/default.wml )
                                                                                                    • index.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/index.asp )
                                                                                                    • index.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/index.aspx )
                                                                                                    • index.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/index.bak )
                                                                                                    • index.cfm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/index.cfm )
                                                                                                    • index.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/index.cgi )
                                                                                                    • index.chtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/index.chtml )
                                                                                                    • index.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/index.htm )
                                                                                                    • index.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/index.html )
                                                                                                    • index.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/index.jsp )
                                                                                                    • index.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/index.old )
                                                                                                    • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/index.php )
                                                                                                    • index.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/index.php3 )
                                                                                                    • index.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/index.shtml )
                                                                                                    • index.swf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/index.swf )
                                                                                                    • readme.txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/readme.txt )
                                                                                                    • servlet ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/servlet/ )
                                                                                                    • sitemap.xml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/sitemap.xml )
                                                                                                    • web-inf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/web-inf/ )
                                                                                                    • wp-login.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_pvt/wp-login.php )
                                                                                                • _vti_script ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/ )
                                                                                                  • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/%3f.jsp )
                                                                                                  • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/DEADJOE )
                                                                                                  • README ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/README )
                                                                                                  • README.TXT ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/README.TXT )
                                                                                                  • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/Trace.axd )
                                                                                                  • WEB-INF ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/WEB-INF/ )
                                                                                                  • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/WS_FTP.LOG )
                                                                                                  • _vti_bin ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/_vti_bin/ )
                                                                                                  • _vti_bot ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/_vti_bot/ )
                                                                                                  • _vti_cnf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/_vti_cnf/ )
                                                                                                  • _vti_log ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/_vti_log/ )
                                                                                                  • _vti_pvt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/_vti_pvt/ )
                                                                                                  • _vti_script ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/_vti_script/ )
                                                                                                    • _vti_shm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/_vti_shm/ )
                                                                                                    • _vti_txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/_vti_txt/ )
                                                                                                    • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/adojavas.inc )
                                                                                                    • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/adovbs.inc )
                                                                                                    • default.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/default.asp )
                                                                                                    • default.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/default.aspx )
                                                                                                    • default.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/default.htm )
                                                                                                    • default.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/default.html )
                                                                                                    • default.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/default.jsp )
                                                                                                    • default.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/default.php )
                                                                                                    • default.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/default.shtml )
                                                                                                    • default.wml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/default.wml )
                                                                                                    • index.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/index.asp )
                                                                                                    • index.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/index.aspx )
                                                                                                    • index.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/index.bak )
                                                                                                    • index.cfm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/index.cfm )
                                                                                                    • index.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/index.cgi )
                                                                                                    • index.chtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/index.chtml )
                                                                                                    • index.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/index.htm )
                                                                                                    • index.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/index.html )
                                                                                                    • index.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/index.jsp )
                                                                                                    • index.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/index.old )
                                                                                                    • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/index.php )
                                                                                                    • index.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/index.php3 )
                                                                                                    • index.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/index.shtml )
                                                                                                    • index.swf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/index.swf )
                                                                                                    • readme.txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/readme.txt )
                                                                                                    • servlet ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/servlet/ )
                                                                                                    • sitemap.xml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/sitemap.xml )
                                                                                                    • web-inf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/web-inf/ )
                                                                                                    • wp-login.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_script/wp-login.php )
                                                                                                • _vti_shm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/ )
                                                                                                  • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/%3f.jsp )
                                                                                                  • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/DEADJOE )
                                                                                                  • README ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/README )
                                                                                                  • README.TXT ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/README.TXT )
                                                                                                  • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/Trace.axd )
                                                                                                  • WEB-INF ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/WEB-INF/ )
                                                                                                  • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/WS_FTP.LOG )
                                                                                                  • _vti_bin ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/_vti_bin/ )
                                                                                                  • _vti_bot ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/_vti_bot/ )
                                                                                                  • _vti_cnf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/_vti_cnf/ )
                                                                                                  • _vti_log ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/_vti_log/ )
                                                                                                  • _vti_pvt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/_vti_pvt/ )
                                                                                                  • _vti_script ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/_vti_script/ )
                                                                                                  • _vti_shm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/_vti_shm/ )
                                                                                                    • _vti_txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/_vti_txt/ )
                                                                                                    • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/adojavas.inc )
                                                                                                    • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/adovbs.inc )
                                                                                                    • default.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/default.asp )
                                                                                                    • default.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/default.aspx )
                                                                                                    • default.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/default.htm )
                                                                                                    • default.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/default.html )
                                                                                                    • default.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/default.jsp )
                                                                                                    • default.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/default.php )
                                                                                                    • default.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/default.shtml )
                                                                                                    • default.wml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/default.wml )
                                                                                                    • index.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/index.asp )
                                                                                                    • index.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/index.aspx )
                                                                                                    • index.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/index.bak )
                                                                                                    • index.cfm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/index.cfm )
                                                                                                    • index.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/index.cgi )
                                                                                                    • index.chtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/index.chtml )
                                                                                                    • index.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/index.htm )
                                                                                                    • index.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/index.html )
                                                                                                    • index.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/index.jsp )
                                                                                                    • index.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/index.old )
                                                                                                    • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/index.php )
                                                                                                    • index.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/index.php3 )
                                                                                                    • index.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/index.shtml )
                                                                                                    • index.swf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/index.swf )
                                                                                                    • readme.txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/readme.txt )
                                                                                                    • servlet ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/servlet/ )
                                                                                                    • sitemap.xml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/sitemap.xml )
                                                                                                    • web-inf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/web-inf/ )
                                                                                                    • wp-login.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_shm/wp-login.php )
                                                                                                • _vti_txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/ )
                                                                                                  • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/%3f.jsp )
                                                                                                  • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/DEADJOE )
                                                                                                  • README ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/README )
                                                                                                  • README.TXT ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/README.TXT )
                                                                                                  • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/Trace.axd )
                                                                                                  • WEB-INF ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/WEB-INF/ )
                                                                                                  • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/WS_FTP.LOG )
                                                                                                  • _vti_bin ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/_vti_bin/ )
                                                                                                  • _vti_bot ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/_vti_bot/ )
                                                                                                  • _vti_cnf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/_vti_cnf/ )
                                                                                                  • _vti_log ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/_vti_log/ )
                                                                                                  • _vti_pvt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/_vti_pvt/ )
                                                                                                  • _vti_script ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/_vti_script/ )
                                                                                                  • _vti_shm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/_vti_shm/ )
                                                                                                  • _vti_txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/_vti_txt/ )
                                                                                                    • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/adojavas.inc )
                                                                                                    • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/adovbs.inc )
                                                                                                    • default.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/default.asp )
                                                                                                    • default.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/default.aspx )
                                                                                                    • default.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/default.htm )
                                                                                                    • default.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/default.html )
                                                                                                    • default.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/default.jsp )
                                                                                                    • default.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/default.php )
                                                                                                    • default.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/default.shtml )
                                                                                                    • default.wml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/default.wml )
                                                                                                    • index.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/index.asp )
                                                                                                    • index.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/index.aspx )
                                                                                                    • index.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/index.bak )
                                                                                                    • index.cfm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/index.cfm )
                                                                                                    • index.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/index.cgi )
                                                                                                    • index.chtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/index.chtml )
                                                                                                    • index.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/index.htm )
                                                                                                    • index.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/index.html )
                                                                                                    • index.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/index.jsp )
                                                                                                    • index.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/index.old )
                                                                                                    • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/index.php )
                                                                                                    • index.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/index.php3 )
                                                                                                    • index.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/index.shtml )
                                                                                                    • index.swf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/index.swf )
                                                                                                    • readme.txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/readme.txt )
                                                                                                    • servlet ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/servlet/ )
                                                                                                    • sitemap.xml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/sitemap.xml )
                                                                                                    • web-inf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/web-inf/ )
                                                                                                    • wp-login.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/_vti_txt/wp-login.php )
                                                                                                • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/adojavas.inc )
                                                                                                • adojavas.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/adojavas.inc.bak )
                                                                                                • adojavas.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/adojavas.inc.old )
                                                                                                • adojavas.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/adojavas.inc.tmp )
                                                                                                • adojavas.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/adojavas.inc~ )
                                                                                                • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/adovbs.inc )
                                                                                                • adovbs.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/adovbs.inc.bak )
                                                                                                • adovbs.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/adovbs.inc.old )
                                                                                                • adovbs.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/adovbs.inc.tmp )
                                                                                                • adovbs.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/adovbs.inc~ )
                                                                                                • change-password ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/ )
                                                                                                  • %23adojavas.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/%23adojavas.inc%23 )
                                                                                                  • %23adovbs.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/%23adovbs.inc%23 )
                                                                                                  • %23default.asp%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/%23default.asp%23 )
                                                                                                  • %23default.aspx%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/%23default.aspx%23 )
                                                                                                  • %23default.jsp%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/%23default.jsp%23 )
                                                                                                  • %23default.php%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/%23default.php%23 )
                                                                                                  • %23index.asp%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/%23index.asp%23 )
                                                                                                  • %23index.aspx%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/%23index.aspx%23 )
                                                                                                  • %23index.cfm%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/%23index.cfm%23 )
                                                                                                  • %23index.cgi%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/%23index.cgi%23 )
                                                                                                  • %23index.jsp%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/%23index.jsp%23 )
                                                                                                  • %23index.php%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/%23index.php%23 )
                                                                                                  • %23wp-login.php%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/%23wp-login.php%23 )
                                                                                                  • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/%3f.jsp )
                                                                                                  • %3f.jsp%5C ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/%3f.jsp%5C )
                                                                                                  • .svn ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/.svn/ )
                                                                                                    • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/.svn/entries )
                                                                                                    • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/.svn/entries )
                                                                                                    • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/.svn/entries )
                                                                                                    • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/.svn/entries )
                                                                                                    • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/.svn/entries )
                                                                                                    • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/.svn/entries )
                                                                                                    • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/.svn/entries )
                                                                                                    • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/.svn/entries )
                                                                                                    • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/.svn/entries )
                                                                                                    • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/.svn/entries )
                                                                                                    • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/.svn/entries )
                                                                                                    • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/.svn/entries )
                                                                                                  • ADw-script AD4-alert(42) ADw- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/ADw-script AD4-alert(42) ADw-/ )
                                                                                                    • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                    • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                    • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                    • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                    • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                    • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                    • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                    • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                    • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                    • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                    • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                  • CVS ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/CVS/ )
                                                                                                    • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/CVS/Entries )
                                                                                                    • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/CVS/Root )
                                                                                                    • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/CVS/Entries )
                                                                                                    • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/CVS/Root )
                                                                                                    • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/CVS/Entries )
                                                                                                    • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/CVS/Root )
                                                                                                    • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/CVS/Entries )
                                                                                                    • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/CVS/Root )
                                                                                                    • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/CVS/Entries )
                                                                                                    • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/CVS/Root )
                                                                                                    • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/CVS/Entries )
                                                                                                    • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/CVS/Root )
                                                                                                    • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/CVS/Entries )
                                                                                                    • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/CVS/Root )
                                                                                                    • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/CVS/Entries )
                                                                                                    • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/CVS/Root )
                                                                                                    • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/CVS/Entries )
                                                                                                    • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/CVS/Root )
                                                                                                    • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/CVS/Entries )
                                                                                                    • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/CVS/Root )
                                                                                                    • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/CVS/Entries )
                                                                                                    • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/CVS/Root )
                                                                                                    • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/CVS/Entries )
                                                                                                    • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/CVS/Root )
                                                                                                  • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/DEADJOE )
                                                                                                  • README ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/README )
                                                                                                  • README.TXT ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/README.TXT )
                                                                                                  • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/Trace.axd )
                                                                                                  • WEB-INF ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/ )
                                                                                                    • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/%3f.jsp )
                                                                                                    • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/DEADJOE )
                                                                                                    • README ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/README )
                                                                                                    • README.TXT ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/README.TXT )
                                                                                                    • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/Trace.axd )
                                                                                                    • WEB-INF ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/WEB-INF/ )
                                                                                                      • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/WS_FTP.LOG )
                                                                                                      • _vti_bin ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/_vti_bin/ )
                                                                                                      • _vti_bot ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/_vti_bot/ )
                                                                                                      • _vti_cnf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/_vti_cnf/ )
                                                                                                      • _vti_log ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/_vti_log/ )
                                                                                                      • _vti_pvt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/_vti_pvt/ )
                                                                                                      • _vti_script ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/_vti_script/ )
                                                                                                      • _vti_shm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/_vti_shm/ )
                                                                                                      • _vti_txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/_vti_txt/ )
                                                                                                      • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/adojavas.inc )
                                                                                                      • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/adovbs.inc )
                                                                                                      • default.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/default.asp )
                                                                                                      • default.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/default.aspx )
                                                                                                      • default.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/default.htm )
                                                                                                      • default.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/default.html )
                                                                                                      • default.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/default.jsp )
                                                                                                      • default.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/default.php )
                                                                                                      • default.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/default.shtml )
                                                                                                      • default.wml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/default.wml )
                                                                                                      • index.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/index.asp )
                                                                                                      • index.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/index.aspx )
                                                                                                      • index.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/index.bak )
                                                                                                      • index.cfm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/index.cfm )
                                                                                                      • index.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/index.cgi )
                                                                                                      • index.chtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/index.chtml )
                                                                                                      • index.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/index.htm )
                                                                                                      • index.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/index.html )
                                                                                                      • index.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/index.jsp )
                                                                                                      • index.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/index.old )
                                                                                                      • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/index.php )
                                                                                                      • index.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/index.php3 )
                                                                                                      • index.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/index.shtml )
                                                                                                      • index.swf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/index.swf )
                                                                                                      • readme.txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/readme.txt )
                                                                                                      • servlet ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/servlet/ )
                                                                                                      • sitemap.xml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/sitemap.xml )
                                                                                                      • web-inf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/web-inf/ )
                                                                                                      • wp-login.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WEB-INF/wp-login.php )
                                                                                                  • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/WS_FTP.LOG )
                                                                                                  • _vti_bin ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/ )
                                                                                                    • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/%3f.jsp )
                                                                                                    • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/DEADJOE )
                                                                                                    • README ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/README )
                                                                                                    • README.TXT ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/README.TXT )
                                                                                                    • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/Trace.axd )
                                                                                                    • WEB-INF ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/WEB-INF/ )
                                                                                                    • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/WS_FTP.LOG )
                                                                                                    • _vti_bin ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/_vti_bin/ )
                                                                                                      • _vti_bot ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/_vti_bot/ )
                                                                                                      • _vti_cnf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/_vti_cnf/ )
                                                                                                      • _vti_log ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/_vti_log/ )
                                                                                                      • _vti_pvt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/_vti_pvt/ )
                                                                                                      • _vti_script ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/_vti_script/ )
                                                                                                      • _vti_shm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/_vti_shm/ )
                                                                                                      • _vti_txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/_vti_txt/ )
                                                                                                      • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/adojavas.inc )
                                                                                                      • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/adovbs.inc )
                                                                                                      • default.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/default.asp )
                                                                                                      • default.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/default.aspx )
                                                                                                      • default.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/default.htm )
                                                                                                      • default.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/default.html )
                                                                                                      • default.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/default.jsp )
                                                                                                      • default.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/default.php )
                                                                                                      • default.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/default.shtml )
                                                                                                      • default.wml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/default.wml )
                                                                                                      • index.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/index.asp )
                                                                                                      • index.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/index.aspx )
                                                                                                      • index.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/index.bak )
                                                                                                      • index.cfm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/index.cfm )
                                                                                                      • index.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/index.cgi )
                                                                                                      • index.chtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/index.chtml )
                                                                                                      • index.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/index.htm )
                                                                                                      • index.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/index.html )
                                                                                                      • index.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/index.jsp )
                                                                                                      • index.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/index.old )
                                                                                                      • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/index.php )
                                                                                                      • index.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/index.php3 )
                                                                                                      • index.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/index.shtml )
                                                                                                      • index.swf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/index.swf )
                                                                                                      • readme.txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/readme.txt )
                                                                                                      • servlet ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/servlet/ )
                                                                                                      • sitemap.xml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/sitemap.xml )
                                                                                                      • web-inf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/web-inf/ )
                                                                                                      • wp-login.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bin/wp-login.php )
                                                                                                  • _vti_bot ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/ )
                                                                                                    • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/%3f.jsp )
                                                                                                    • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/DEADJOE )
                                                                                                    • README ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/README )
                                                                                                    • README.TXT ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/README.TXT )
                                                                                                    • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/Trace.axd )
                                                                                                    • WEB-INF ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/WEB-INF/ )
                                                                                                    • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/WS_FTP.LOG )
                                                                                                    • _vti_bin ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/_vti_bin/ )
                                                                                                    • _vti_bot ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/_vti_bot/ )
                                                                                                      • _vti_cnf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/_vti_cnf/ )
                                                                                                      • _vti_log ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/_vti_log/ )
                                                                                                      • _vti_pvt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/_vti_pvt/ )
                                                                                                      • _vti_script ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/_vti_script/ )
                                                                                                      • _vti_shm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/_vti_shm/ )
                                                                                                      • _vti_txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/_vti_txt/ )
                                                                                                      • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/adojavas.inc )
                                                                                                      • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/adovbs.inc )
                                                                                                      • default.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/default.asp )
                                                                                                      • default.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/default.aspx )
                                                                                                      • default.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/default.htm )
                                                                                                      • default.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/default.html )
                                                                                                      • default.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/default.jsp )
                                                                                                      • default.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/default.php )
                                                                                                      • default.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/default.shtml )
                                                                                                      • default.wml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/default.wml )
                                                                                                      • index.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/index.asp )
                                                                                                      • index.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/index.aspx )
                                                                                                      • index.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/index.bak )
                                                                                                      • index.cfm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/index.cfm )
                                                                                                      • index.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/index.cgi )
                                                                                                      • index.chtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/index.chtml )
                                                                                                      • index.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/index.htm )
                                                                                                      • index.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/index.html )
                                                                                                      • index.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/index.jsp )
                                                                                                      • index.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/index.old )
                                                                                                      • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/index.php )
                                                                                                      • index.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/index.php3 )
                                                                                                      • index.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/index.shtml )
                                                                                                      • index.swf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/index.swf )
                                                                                                      • readme.txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/readme.txt )
                                                                                                      • servlet ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/servlet/ )
                                                                                                      • sitemap.xml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/sitemap.xml )
                                                                                                      • web-inf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/web-inf/ )
                                                                                                      • wp-login.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_bot/wp-login.php )
                                                                                                  • _vti_cnf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/ )
                                                                                                    • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/%3f.jsp )
                                                                                                    • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/DEADJOE )
                                                                                                    • README ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/README )
                                                                                                    • README.TXT ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/README.TXT )
                                                                                                    • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/Trace.axd )
                                                                                                    • WEB-INF ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/WEB-INF/ )
                                                                                                    • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/WS_FTP.LOG )
                                                                                                    • _vti_bin ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/_vti_bin/ )
                                                                                                    • _vti_bot ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/_vti_bot/ )
                                                                                                    • _vti_cnf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/_vti_cnf/ )
                                                                                                      • _vti_log ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/_vti_log/ )
                                                                                                      • _vti_pvt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/_vti_pvt/ )
                                                                                                      • _vti_script ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/_vti_script/ )
                                                                                                      • _vti_shm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/_vti_shm/ )
                                                                                                      • _vti_txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/_vti_txt/ )
                                                                                                      • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/adojavas.inc )
                                                                                                      • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/adovbs.inc )
                                                                                                      • default.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/default.asp )
                                                                                                      • default.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/default.aspx )
                                                                                                      • default.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/default.htm )
                                                                                                      • default.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/default.html )
                                                                                                      • default.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/default.jsp )
                                                                                                      • default.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/default.php )
                                                                                                      • default.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/default.shtml )
                                                                                                      • default.wml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/default.wml )
                                                                                                      • index.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/index.asp )
                                                                                                      • index.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/index.aspx )
                                                                                                      • index.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/index.bak )
                                                                                                      • index.cfm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/index.cfm )
                                                                                                      • index.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/index.cgi )
                                                                                                      • index.chtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/index.chtml )
                                                                                                      • index.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/index.htm )
                                                                                                      • index.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/index.html )
                                                                                                      • index.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/index.jsp )
                                                                                                      • index.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/index.old )
                                                                                                      • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/index.php )
                                                                                                      • index.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/index.php3 )
                                                                                                      • index.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/index.shtml )
                                                                                                      • index.swf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/index.swf )
                                                                                                      • readme.txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/readme.txt )
                                                                                                      • servlet ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/servlet/ )
                                                                                                      • sitemap.xml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/sitemap.xml )
                                                                                                      • web-inf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/web-inf/ )
                                                                                                      • wp-login.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_cnf/wp-login.php )
                                                                                                  • _vti_log ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/ )
                                                                                                    • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/%3f.jsp )
                                                                                                    • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/DEADJOE )
                                                                                                    • README ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/README )
                                                                                                    • README.TXT ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/README.TXT )
                                                                                                    • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/Trace.axd )
                                                                                                    • WEB-INF ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/WEB-INF/ )
                                                                                                    • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/WS_FTP.LOG )
                                                                                                    • _vti_bin ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/_vti_bin/ )
                                                                                                    • _vti_bot ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/_vti_bot/ )
                                                                                                    • _vti_cnf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/_vti_cnf/ )
                                                                                                    • _vti_log ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/_vti_log/ )
                                                                                                      • _vti_pvt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/_vti_pvt/ )
                                                                                                      • _vti_script ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/_vti_script/ )
                                                                                                      • _vti_shm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/_vti_shm/ )
                                                                                                      • _vti_txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/_vti_txt/ )
                                                                                                      • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/adojavas.inc )
                                                                                                      • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/adovbs.inc )
                                                                                                      • default.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/default.asp )
                                                                                                      • default.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/default.aspx )
                                                                                                      • default.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/default.htm )
                                                                                                      • default.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/default.html )
                                                                                                      • default.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/default.jsp )
                                                                                                      • default.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/default.php )
                                                                                                      • default.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/default.shtml )
                                                                                                      • default.wml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/default.wml )
                                                                                                      • index.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/index.asp )
                                                                                                      • index.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/index.aspx )
                                                                                                      • index.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/index.bak )
                                                                                                      • index.cfm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/index.cfm )
                                                                                                      • index.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/index.cgi )
                                                                                                      • index.chtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/index.chtml )
                                                                                                      • index.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/index.htm )
                                                                                                      • index.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/index.html )
                                                                                                      • index.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/index.jsp )
                                                                                                      • index.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/index.old )
                                                                                                      • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/index.php )
                                                                                                      • index.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/index.php3 )
                                                                                                      • index.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/index.shtml )
                                                                                                      • index.swf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/index.swf )
                                                                                                      • readme.txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/readme.txt )
                                                                                                      • servlet ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/servlet/ )
                                                                                                      • sitemap.xml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/sitemap.xml )
                                                                                                      • web-inf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/web-inf/ )
                                                                                                      • wp-login.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_log/wp-login.php )
                                                                                                  • _vti_pvt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/ )
                                                                                                    • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/%3f.jsp )
                                                                                                    • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/DEADJOE )
                                                                                                    • README ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/README )
                                                                                                    • README.TXT ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/README.TXT )
                                                                                                    • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/Trace.axd )
                                                                                                    • WEB-INF ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/WEB-INF/ )
                                                                                                    • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/WS_FTP.LOG )
                                                                                                    • _vti_bin ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/_vti_bin/ )
                                                                                                    • _vti_bot ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/_vti_bot/ )
                                                                                                    • _vti_cnf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/_vti_cnf/ )
                                                                                                    • _vti_log ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/_vti_log/ )
                                                                                                    • _vti_pvt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/_vti_pvt/ )
                                                                                                      • _vti_script ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/_vti_script/ )
                                                                                                      • _vti_shm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/_vti_shm/ )
                                                                                                      • _vti_txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/_vti_txt/ )
                                                                                                      • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/adojavas.inc )
                                                                                                      • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/adovbs.inc )
                                                                                                      • default.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/default.asp )
                                                                                                      • default.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/default.aspx )
                                                                                                      • default.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/default.htm )
                                                                                                      • default.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/default.html )
                                                                                                      • default.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/default.jsp )
                                                                                                      • default.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/default.php )
                                                                                                      • default.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/default.shtml )
                                                                                                      • default.wml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/default.wml )
                                                                                                      • index.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/index.asp )
                                                                                                      • index.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/index.aspx )
                                                                                                      • index.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/index.bak )
                                                                                                      • index.cfm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/index.cfm )
                                                                                                      • index.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/index.cgi )
                                                                                                      • index.chtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/index.chtml )
                                                                                                      • index.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/index.htm )
                                                                                                      • index.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/index.html )
                                                                                                      • index.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/index.jsp )
                                                                                                      • index.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/index.old )
                                                                                                      • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/index.php )
                                                                                                      • index.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/index.php3 )
                                                                                                      • index.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/index.shtml )
                                                                                                      • index.swf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/index.swf )
                                                                                                      • readme.txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/readme.txt )
                                                                                                      • servlet ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/servlet/ )
                                                                                                      • sitemap.xml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/sitemap.xml )
                                                                                                      • web-inf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/web-inf/ )
                                                                                                      • wp-login.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_pvt/wp-login.php )
                                                                                                  • _vti_script ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/ )
                                                                                                    • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/%3f.jsp )
                                                                                                    • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/DEADJOE )
                                                                                                    • README ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/README )
                                                                                                    • README.TXT ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/README.TXT )
                                                                                                    • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/Trace.axd )
                                                                                                    • WEB-INF ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/WEB-INF/ )
                                                                                                    • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/WS_FTP.LOG )
                                                                                                    • _vti_bin ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/_vti_bin/ )
                                                                                                    • _vti_bot ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/_vti_bot/ )
                                                                                                    • _vti_cnf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/_vti_cnf/ )
                                                                                                    • _vti_log ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/_vti_log/ )
                                                                                                    • _vti_pvt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/_vti_pvt/ )
                                                                                                    • _vti_script ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/_vti_script/ )
                                                                                                      • _vti_shm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/_vti_shm/ )
                                                                                                      • _vti_txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/_vti_txt/ )
                                                                                                      • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/adojavas.inc )
                                                                                                      • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/adovbs.inc )
                                                                                                      • default.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/default.asp )
                                                                                                      • default.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/default.aspx )
                                                                                                      • default.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/default.htm )
                                                                                                      • default.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/default.html )
                                                                                                      • default.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/default.jsp )
                                                                                                      • default.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/default.php )
                                                                                                      • default.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/default.shtml )
                                                                                                      • default.wml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/default.wml )
                                                                                                      • index.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/index.asp )
                                                                                                      • index.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/index.aspx )
                                                                                                      • index.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/index.bak )
                                                                                                      • index.cfm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/index.cfm )
                                                                                                      • index.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/index.cgi )
                                                                                                      • index.chtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/index.chtml )
                                                                                                      • index.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/index.htm )
                                                                                                      • index.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/index.html )
                                                                                                      • index.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/index.jsp )
                                                                                                      • index.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/index.old )
                                                                                                      • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/index.php )
                                                                                                      • index.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/index.php3 )
                                                                                                      • index.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/index.shtml )
                                                                                                      • index.swf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/index.swf )
                                                                                                      • readme.txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/readme.txt )
                                                                                                      • servlet ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/servlet/ )
                                                                                                      • sitemap.xml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/sitemap.xml )
                                                                                                      • web-inf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/web-inf/ )
                                                                                                      • wp-login.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_script/wp-login.php )
                                                                                                  • _vti_shm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/ )
                                                                                                    • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/%3f.jsp )
                                                                                                    • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/DEADJOE )
                                                                                                    • README ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/README )
                                                                                                    • README.TXT ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/README.TXT )
                                                                                                    • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/Trace.axd )
                                                                                                    • WEB-INF ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/WEB-INF/ )
                                                                                                    • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/WS_FTP.LOG )
                                                                                                    • _vti_bin ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/_vti_bin/ )
                                                                                                    • _vti_bot ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/_vti_bot/ )
                                                                                                    • _vti_cnf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/_vti_cnf/ )
                                                                                                    • _vti_log ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/_vti_log/ )
                                                                                                    • _vti_pvt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/_vti_pvt/ )
                                                                                                    • _vti_script ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/_vti_script/ )
                                                                                                    • _vti_shm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/_vti_shm/ )
                                                                                                      • _vti_txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/_vti_txt/ )
                                                                                                      • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/adojavas.inc )
                                                                                                      • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/adovbs.inc )
                                                                                                      • default.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/default.asp )
                                                                                                      • default.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/default.aspx )
                                                                                                      • default.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/default.htm )
                                                                                                      • default.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/default.html )
                                                                                                      • default.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/default.jsp )
                                                                                                      • default.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/default.php )
                                                                                                      • default.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/default.shtml )
                                                                                                      • default.wml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/default.wml )
                                                                                                      • index.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/index.asp )
                                                                                                      • index.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/index.aspx )
                                                                                                      • index.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/index.bak )
                                                                                                      • index.cfm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/index.cfm )
                                                                                                      • index.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/index.cgi )
                                                                                                      • index.chtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/index.chtml )
                                                                                                      • index.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/index.htm )
                                                                                                      • index.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/index.html )
                                                                                                      • index.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/index.jsp )
                                                                                                      • index.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/index.old )
                                                                                                      • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/index.php )
                                                                                                      • index.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/index.php3 )
                                                                                                      • index.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/index.shtml )
                                                                                                      • index.swf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/index.swf )
                                                                                                      • readme.txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/readme.txt )
                                                                                                      • servlet ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/servlet/ )
                                                                                                      • sitemap.xml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/sitemap.xml )
                                                                                                      • web-inf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/web-inf/ )
                                                                                                      • wp-login.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_shm/wp-login.php )
                                                                                                  • _vti_txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/ )
                                                                                                    • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/%3f.jsp )
                                                                                                    • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/DEADJOE )
                                                                                                    • README ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/README )
                                                                                                    • README.TXT ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/README.TXT )
                                                                                                    • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/Trace.axd )
                                                                                                    • WEB-INF ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/WEB-INF/ )
                                                                                                    • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/WS_FTP.LOG )
                                                                                                    • _vti_bin ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/_vti_bin/ )
                                                                                                    • _vti_bot ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/_vti_bot/ )
                                                                                                    • _vti_cnf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/_vti_cnf/ )
                                                                                                    • _vti_log ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/_vti_log/ )
                                                                                                    • _vti_pvt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/_vti_pvt/ )
                                                                                                    • _vti_script ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/_vti_script/ )
                                                                                                    • _vti_shm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/_vti_shm/ )
                                                                                                    • _vti_txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/_vti_txt/ )
                                                                                                      • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/adojavas.inc )
                                                                                                      • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/adovbs.inc )
                                                                                                      • default.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/default.asp )
                                                                                                      • default.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/default.aspx )
                                                                                                      • default.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/default.htm )
                                                                                                      • default.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/default.html )
                                                                                                      • default.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/default.jsp )
                                                                                                      • default.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/default.php )
                                                                                                      • default.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/default.shtml )
                                                                                                      • default.wml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/default.wml )
                                                                                                      • index.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/index.asp )
                                                                                                      • index.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/index.aspx )
                                                                                                      • index.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/index.bak )
                                                                                                      • index.cfm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/index.cfm )
                                                                                                      • index.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/index.cgi )
                                                                                                      • index.chtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/index.chtml )
                                                                                                      • index.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/index.htm )
                                                                                                      • index.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/index.html )
                                                                                                      • index.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/index.jsp )
                                                                                                      • index.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/index.old )
                                                                                                      • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/index.php )
                                                                                                      • index.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/index.php3 )
                                                                                                      • index.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/index.shtml )
                                                                                                      • index.swf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/index.swf )
                                                                                                      • readme.txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/readme.txt )
                                                                                                      • servlet ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/servlet/ )
                                                                                                      • sitemap.xml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/sitemap.xml )
                                                                                                      • web-inf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/web-inf/ )
                                                                                                      • wp-login.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/_vti_txt/wp-login.php )
                                                                                                  • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/adojavas.inc )
                                                                                                  • adojavas.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/adojavas.inc.bak )
                                                                                                  • adojavas.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/adojavas.inc.old )
                                                                                                  • adojavas.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/adojavas.inc.tmp )
                                                                                                  • adojavas.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/adojavas.inc~ )
                                                                                                  • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/adovbs.inc )
                                                                                                  • adovbs.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/adovbs.inc.bak )
                                                                                                  • adovbs.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/adovbs.inc.old )
                                                                                                  • adovbs.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/adovbs.inc.tmp )
                                                                                                  • adovbs.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/adovbs.inc~ )
                                                                                                  • default.CGI ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.CGI )
                                                                                                  • default.FCGI ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.FCGI )
                                                                                                  • default.PHP ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.PHP )
                                                                                                  • default.PHP3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.PHP3 )
                                                                                                  • default.PHP4 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.PHP4 )
                                                                                                  • default.PHP5 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.PHP5 )
                                                                                                  • default.PHTML ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.PHTML )
                                                                                                  • default.PL ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.PL )
                                                                                                  • default.PY ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.PY )
                                                                                                  • default.RB ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.RB )
                                                                                                  • default.SH ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.SH )
                                                                                                  • default.SHTML ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.SHTML )
                                                                                                  • default.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.asp )
                                                                                                  • default.asp%2E ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.asp%2E )
                                                                                                  • default.asp%3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.asp%3f.jsp )
                                                                                                  • default.asp. ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.asp. )
                                                                                                  • default.asp.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.asp.bak )
                                                                                                  • default.asp.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.asp.old )
                                                                                                  • default.asp.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.asp.tmp )
                                                                                                  • default.asp::$DATA ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.asp::$DATA )
                                                                                                  • default.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.aspx )
                                                                                                  • default.aspx%3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.aspx%3f.jsp )
                                                                                                  • default.aspx.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.aspx.bak )
                                                                                                  • default.aspx.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.aspx.old )
                                                                                                  • default.aspx.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.aspx.tmp )
                                                                                                  • default.aspx~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.aspx~ )
                                                                                                  • default.asp~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.asp~ )
                                                                                                  • default.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.htm )
                                                                                                  • default.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.html )
                                                                                                  • default.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.jsp )
                                                                                                  • default.jsp%5C ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.jsp%5C )
                                                                                                  • default.jsp.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.jsp.bak )
                                                                                                  • default.jsp.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.jsp.old )
                                                                                                  • default.jsp.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.jsp.tmp )
                                                                                                  • default.jsp~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.jsp~ )
                                                                                                  • default.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.php )
                                                                                                  • default.php. ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.php. )
                                                                                                  • default.php.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.php.bak )
                                                                                                  • default.php.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.php.old )
                                                                                                  • default.php.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.php.tmp )
                                                                                                  • default.php~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.php~ )
                                                                                                  • default.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.shtml )
                                                                                                  • default.shtml. ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.shtml. )
                                                                                                  • default.wml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/default.wml )
                                                                                                  • index.CGI ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.CGI )
                                                                                                  • index.FCGI ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.FCGI )
                                                                                                  • index.PHP ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.PHP )
                                                                                                  • index.PHP3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.PHP3 )
                                                                                                  • index.PHP4 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.PHP4 )
                                                                                                  • index.PHP5 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.PHP5 )
                                                                                                  • index.PHTML ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.PHTML )
                                                                                                  • index.PL ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.PL )
                                                                                                  • index.PY ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.PY )
                                                                                                  • index.RB ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.RB )
                                                                                                  • index.SH ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.SH )
                                                                                                  • index.SHTML ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.SHTML )
                                                                                                  • index.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.asp )
                                                                                                  • index.asp%2E ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.asp%2E )
                                                                                                  • index.asp%3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.asp%3f.jsp )
                                                                                                  • index.asp. ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.asp. )
                                                                                                  • index.asp.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.asp.bak )
                                                                                                  • index.asp.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.asp.old )
                                                                                                  • index.asp.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.asp.tmp )
                                                                                                  • index.asp::$DATA ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.asp::$DATA )
                                                                                                  • index.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.aspx )
                                                                                                  • index.aspx%3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.aspx%3f.jsp )
                                                                                                  • index.aspx.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.aspx.bak )
                                                                                                  • index.aspx.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.aspx.old )
                                                                                                  • index.aspx.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.aspx.tmp )
                                                                                                  • index.aspx~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.aspx~ )
                                                                                                  • index.asp~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.asp~ )
                                                                                                  • index.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.bak )
                                                                                                  • index.cfm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.cfm )
                                                                                                  • index.cfm.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.cfm.bak )
                                                                                                  • index.cfm.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.cfm.old )
                                                                                                  • index.cfm.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.cfm.tmp )
                                                                                                  • index.cfm~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.cfm~ )
                                                                                                  • index.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.cgi )
                                                                                                  • index.cgi. ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.cgi. )
                                                                                                  • index.cgi.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.cgi.bak )
                                                                                                  • index.cgi.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.cgi.old )
                                                                                                  • index.cgi.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.cgi.tmp )
                                                                                                  • index.cgi~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.cgi~ )
                                                                                                  • index.chtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.chtml )
                                                                                                  • index.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.htm )
                                                                                                  • index.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.html )
                                                                                                  • index.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.jsp )
                                                                                                  • index.jsp%5C ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.jsp%5C )
                                                                                                  • index.jsp.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.jsp.bak )
                                                                                                  • index.jsp.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.jsp.old )
                                                                                                  • index.jsp.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.jsp.tmp )
                                                                                                  • index.jsp~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.jsp~ )
                                                                                                  • index.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.old )
                                                                                                  • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.php )
                                                                                                  • index.php. ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.php. )
                                                                                                  • index.php.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.php.bak )
                                                                                                  • index.php.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.php.old )
                                                                                                  • index.php.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.php.tmp )
                                                                                                  • index.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.php3 )
                                                                                                  • index.php3. ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.php3. )
                                                                                                  • index.php?paged=-1 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.php?paged=-1 )
                                                                                                  • index.php~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.php~ )
                                                                                                  • index.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.shtml )
                                                                                                  • index.shtml. ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.shtml. )
                                                                                                  • index.swf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/index.swf )
                                                                                                  • info2www ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/info2www )
                                                                                                  • info2www.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/info2www.cgi )
                                                                                                  • info2www.pl ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/info2www.pl )
                                                                                                  • readme.txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/readme.txt )
                                                                                                  • servlet ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/ )
                                                                                                    • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/%3f.jsp )
                                                                                                    • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/DEADJOE )
                                                                                                    • README ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/README )
                                                                                                    • README.TXT ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/README.TXT )
                                                                                                    • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/Trace.axd )
                                                                                                    • WEB-INF ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/WEB-INF/ )
                                                                                                    • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/WS_FTP.LOG )
                                                                                                    • _vti_bin ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/_vti_bin/ )
                                                                                                    • _vti_bot ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/_vti_bot/ )
                                                                                                    • _vti_cnf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/_vti_cnf/ )
                                                                                                    • _vti_log ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/_vti_log/ )
                                                                                                    • _vti_pvt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/_vti_pvt/ )
                                                                                                    • _vti_script ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/_vti_script/ )
                                                                                                    • _vti_shm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/_vti_shm/ )
                                                                                                    • _vti_txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/_vti_txt/ )
                                                                                                    • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/adojavas.inc )
                                                                                                    • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/adovbs.inc )
                                                                                                    • default.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/default.asp )
                                                                                                    • default.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/default.aspx )
                                                                                                    • default.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/default.htm )
                                                                                                    • default.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/default.html )
                                                                                                    • default.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/default.jsp )
                                                                                                    • default.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/default.php )
                                                                                                    • default.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/default.shtml )
                                                                                                    • default.wml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/default.wml )
                                                                                                    • index.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/index.asp )
                                                                                                    • index.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/index.aspx )
                                                                                                    • index.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/index.bak )
                                                                                                    • index.cfm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/index.cfm )
                                                                                                    • index.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/index.cgi )
                                                                                                    • index.chtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/index.chtml )
                                                                                                    • index.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/index.htm )
                                                                                                    • index.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/index.html )
                                                                                                    • index.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/index.jsp )
                                                                                                    • index.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/index.old )
                                                                                                    • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/index.php )
                                                                                                    • index.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/index.php3 )
                                                                                                    • index.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/index.shtml )
                                                                                                    • index.swf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/index.swf )
                                                                                                    • readme.txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/readme.txt )
                                                                                                    • servlet ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/servlet/ )
                                                                                                      • sitemap.xml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/sitemap.xml )
                                                                                                      • web-inf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/web-inf/ )
                                                                                                      • wp-login.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/servlet/wp-login.php )
                                                                                                  • sitemap.xml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/sitemap.xml )
                                                                                                  • web-inf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/ )
                                                                                                    • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/%3f.jsp )
                                                                                                    • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/DEADJOE )
                                                                                                    • README ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/README )
                                                                                                    • README.TXT ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/README.TXT )
                                                                                                    • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/Trace.axd )
                                                                                                    • WEB-INF ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/WEB-INF/ )
                                                                                                    • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/WS_FTP.LOG )
                                                                                                    • _vti_bin ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/_vti_bin/ )
                                                                                                    • _vti_bot ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/_vti_bot/ )
                                                                                                    • _vti_cnf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/_vti_cnf/ )
                                                                                                    • _vti_log ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/_vti_log/ )
                                                                                                    • _vti_pvt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/_vti_pvt/ )
                                                                                                    • _vti_script ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/_vti_script/ )
                                                                                                    • _vti_shm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/_vti_shm/ )
                                                                                                    • _vti_txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/_vti_txt/ )
                                                                                                    • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/adojavas.inc )
                                                                                                    • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/adovbs.inc )
                                                                                                    • default.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/default.asp )
                                                                                                    • default.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/default.aspx )
                                                                                                    • default.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/default.htm )
                                                                                                    • default.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/default.html )
                                                                                                    • default.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/default.jsp )
                                                                                                    • default.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/default.php )
                                                                                                    • default.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/default.shtml )
                                                                                                    • default.wml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/default.wml )
                                                                                                    • index.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/index.asp )
                                                                                                    • index.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/index.aspx )
                                                                                                    • index.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/index.bak )
                                                                                                    • index.cfm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/index.cfm )
                                                                                                    • index.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/index.cgi )
                                                                                                    • index.chtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/index.chtml )
                                                                                                    • index.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/index.htm )
                                                                                                    • index.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/index.html )
                                                                                                    • index.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/index.jsp )
                                                                                                    • index.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/index.old )
                                                                                                    • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/index.php )
                                                                                                    • index.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/index.php3 )
                                                                                                    • index.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/index.shtml )
                                                                                                    • index.swf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/index.swf )
                                                                                                    • readme.txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/readme.txt )
                                                                                                    • servlet ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/servlet/ )
                                                                                                    • sitemap.xml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/sitemap.xml )
                                                                                                    • web-inf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/web-inf/ )
                                                                                                      • wp-login.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/web-inf/wp-login.php )
                                                                                                  • wp-config.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-config.bak )
                                                                                                  • wp-config.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-config.old )
                                                                                                  • wp-config.php.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-config.php.bak )
                                                                                                  • wp-config.php.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-config.php.old )
                                                                                                  • wp-config.php.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-config.php.tmp )
                                                                                                  • wp-config.php~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-config.php~ )
                                                                                                  • wp-config.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-config.tmp )
                                                                                                  • wp-login.CGI ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-login.CGI )
                                                                                                  • wp-login.FCGI ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-login.FCGI )
                                                                                                  • wp-login.PHP ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-login.PHP )
                                                                                                  • wp-login.PHP3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-login.PHP3 )
                                                                                                  • wp-login.PHP4 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-login.PHP4 )
                                                                                                  • wp-login.PHP5 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-login.PHP5 )
                                                                                                  • wp-login.PHTML ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-login.PHTML )
                                                                                                  • wp-login.PL ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-login.PL )
                                                                                                  • wp-login.PY ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-login.PY )
                                                                                                  • wp-login.RB ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-login.RB )
                                                                                                  • wp-login.SH ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-login.SH )
                                                                                                  • wp-login.SHTML ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-login.SHTML )
                                                                                                  • wp-login.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-login.php )
                                                                                                  • wp-login.php. ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-login.php. )
                                                                                                  • wp-login.php.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-login.php.bak )
                                                                                                  • wp-login.php.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-login.php.old )
                                                                                                  • wp-login.php.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-login.php.tmp )
                                                                                                  • wp-login.php~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-login.php~ )
                                                                                                  • wp-settings.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/wp-settings.php )
                                                                                                • default.CGI ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.CGI )
                                                                                                • default.FCGI ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.FCGI )
                                                                                                • default.PHP ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.PHP )
                                                                                                • default.PHP3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.PHP3 )
                                                                                                • default.PHP4 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.PHP4 )
                                                                                                • default.PHP5 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.PHP5 )
                                                                                                • default.PHTML ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.PHTML )
                                                                                                • default.PL ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.PL )
                                                                                                • default.PY ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.PY )
                                                                                                • default.RB ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.RB )
                                                                                                • default.SH ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.SH )
                                                                                                • default.SHTML ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.SHTML )
                                                                                                • default.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.asp )
                                                                                                • default.asp%2E ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.asp%2E )
                                                                                                • default.asp%3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.asp%3f.jsp )
                                                                                                • default.asp. ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.asp. )
                                                                                                • default.asp.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.asp.bak )
                                                                                                • default.asp.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.asp.old )
                                                                                                • default.asp.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.asp.tmp )
                                                                                                • default.asp::$DATA ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.asp::$DATA )
                                                                                                • default.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.aspx )
                                                                                                • default.aspx%3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.aspx%3f.jsp )
                                                                                                • default.aspx.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.aspx.bak )
                                                                                                • default.aspx.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.aspx.old )
                                                                                                • default.aspx.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.aspx.tmp )
                                                                                                • default.aspx~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.aspx~ )
                                                                                                • default.asp~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.asp~ )
                                                                                                • default.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.htm )
                                                                                                • default.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.html )
                                                                                                • default.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.jsp )
                                                                                                • default.jsp%5C ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.jsp%5C )
                                                                                                • default.jsp.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.jsp.bak )
                                                                                                • default.jsp.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.jsp.old )
                                                                                                • default.jsp.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.jsp.tmp )
                                                                                                • default.jsp~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.jsp~ )
                                                                                                • default.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.php )
                                                                                                • default.php. ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.php. )
                                                                                                • default.php.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.php.bak )
                                                                                                • default.php.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.php.old )
                                                                                                • default.php.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.php.tmp )
                                                                                                • default.php~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.php~ )
                                                                                                • default.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.shtml )
                                                                                                • default.shtml. ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.shtml. )
                                                                                                • default.wml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/default.wml )
                                                                                                • externals
                                                                                                  • %23adojavas.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/%23adojavas.inc%23 )
                                                                                                  • %23adovbs.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/%23adovbs.inc%23 )
                                                                                                  • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/%3f.jsp )
                                                                                                  • %3f.jsp%5C ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/%3f.jsp%5C )
                                                                                                  • .svn ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/.svn/ )
                                                                                                    • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/.svn/entries )
                                                                                                  • ADw-script AD4-alert(42) ADw- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/ADw-script AD4-alert(42) ADw-/ )
                                                                                                    • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                  • CVS ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/CVS/ )
                                                                                                    • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/CVS/Entries )
                                                                                                    • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/CVS/Root )
                                                                                                  • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/DEADJOE )
                                                                                                  • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/Trace.axd )
                                                                                                  • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/WS_FTP.LOG )
                                                                                                  • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/adojavas.inc )
                                                                                                  • adojavas.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/adojavas.inc.bak )
                                                                                                  • adojavas.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/adojavas.inc.old )
                                                                                                  • adojavas.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/adojavas.inc.tmp )
                                                                                                  • adojavas.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/adojavas.inc~ )
                                                                                                  • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/adovbs.inc )
                                                                                                  • adovbs.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/adovbs.inc.bak )
                                                                                                  • adovbs.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/adovbs.inc.old )
                                                                                                  • adovbs.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/adovbs.inc.tmp )
                                                                                                  • adovbs.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/externals/adovbs.inc~ )
                                                                                                • index.CGI ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.CGI )
                                                                                                • index.FCGI ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.FCGI )
                                                                                                • index.PHP ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.PHP )
                                                                                                • index.PHP3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.PHP3 )
                                                                                                • index.PHP4 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.PHP4 )
                                                                                                • index.PHP5 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.PHP5 )
                                                                                                • index.PHTML ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.PHTML )
                                                                                                • index.PL ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.PL )
                                                                                                • index.PY ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.PY )
                                                                                                • index.RB ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.RB )
                                                                                                • index.SH ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.SH )
                                                                                                • index.SHTML ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.SHTML )
                                                                                                • index.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.asp )
                                                                                                • index.asp%2E ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.asp%2E )
                                                                                                • index.asp%3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.asp%3f.jsp )
                                                                                                • index.asp. ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.asp. )
                                                                                                • index.asp.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.asp.bak )
                                                                                                • index.asp.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.asp.old )
                                                                                                • index.asp.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.asp.tmp )
                                                                                                • index.asp::$DATA ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.asp::$DATA )
                                                                                                • index.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.aspx )
                                                                                                • index.aspx%3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.aspx%3f.jsp )
                                                                                                • index.aspx.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.aspx.bak )
                                                                                                • index.aspx.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.aspx.old )
                                                                                                • index.aspx.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.aspx.tmp )
                                                                                                • index.aspx~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.aspx~ )
                                                                                                • index.asp~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.asp~ )
                                                                                                • index.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.bak )
                                                                                                • index.cfm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.cfm )
                                                                                                • index.cfm.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.cfm.bak )
                                                                                                • index.cfm.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.cfm.old )
                                                                                                • index.cfm.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.cfm.tmp )
                                                                                                • index.cfm~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.cfm~ )
                                                                                                • index.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.cgi )
                                                                                                • index.cgi. ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.cgi. )
                                                                                                • index.cgi.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.cgi.bak )
                                                                                                • index.cgi.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.cgi.old )
                                                                                                • index.cgi.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.cgi.tmp )
                                                                                                • index.cgi~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.cgi~ )
                                                                                                • index.chtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.chtml )
                                                                                                • index.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.htm )
                                                                                                • index.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.html )
                                                                                                • index.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.jsp )
                                                                                                • index.jsp%5C ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.jsp%5C )
                                                                                                • index.jsp.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.jsp.bak )
                                                                                                • index.jsp.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.jsp.old )
                                                                                                • index.jsp.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.jsp.tmp )
                                                                                                • index.jsp~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.jsp~ )
                                                                                                • index.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.old )
                                                                                                • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.php )
                                                                                                • index.php.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.php.bak )
                                                                                                • index.php.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.php.old )
                                                                                                • index.php.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.php.tmp )
                                                                                                • index.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.php3 )
                                                                                                • index.php3. ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.php3. )
                                                                                                • index.php?paged=-1 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.php?paged=-1 )
                                                                                                • index.php~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.php~ )
                                                                                                • index.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.shtml )
                                                                                                • index.shtml. ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.shtml. )
                                                                                                • index.swf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/index.swf )
                                                                                                • info2www ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/info2www )
                                                                                                • info2www.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/info2www.cgi )
                                                                                                • info2www.pl ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/info2www.pl )
                                                                                                • readme.txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/readme.txt )
                                                                                                • scripts
                                                                                                  • %23adojavas.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/%23adojavas.inc%23 )
                                                                                                  • %23adovbs.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/%23adovbs.inc%23 )
                                                                                                  • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/%3f.jsp )
                                                                                                  • %3f.jsp%5C ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/%3f.jsp%5C )
                                                                                                  • .svn ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/.svn/ )
                                                                                                    • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/.svn/entries )
                                                                                                  • ADw-script AD4-alert(42) ADw- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/ADw-script AD4-alert(42) ADw-/ )
                                                                                                    • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                  • CVS ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/CVS/ )
                                                                                                    • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/CVS/Entries )
                                                                                                    • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/CVS/Root )
                                                                                                  • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/DEADJOE )
                                                                                                  • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/Trace.axd )
                                                                                                  • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/WS_FTP.LOG )
                                                                                                  • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/adojavas.inc )
                                                                                                  • adojavas.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/adojavas.inc.bak )
                                                                                                  • adojavas.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/adojavas.inc.old )
                                                                                                  • adojavas.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/adojavas.inc.tmp )
                                                                                                  • adojavas.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/adojavas.inc~ )
                                                                                                  • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/adovbs.inc )
                                                                                                  • adovbs.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/adovbs.inc.bak )
                                                                                                  • adovbs.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/adovbs.inc.old )
                                                                                                  • adovbs.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/adovbs.inc.tmp )
                                                                                                  • adovbs.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/adovbs.inc~ )
                                                                                                  • components
                                                                                                    • %23adojavas.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/%23adojavas.inc%23 )
                                                                                                    • %23adovbs.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/%23adovbs.inc%23 )
                                                                                                    • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/%3f.jsp )
                                                                                                    • %3f.jsp%5C ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/%3f.jsp%5C )
                                                                                                    • .svn ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/.svn/ )
                                                                                                      • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/.svn/entries )
                                                                                                    • ADw-script AD4-alert(42) ADw- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/ADw-script AD4-alert(42) ADw-/ )
                                                                                                      • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                    • CVS ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/CVS/ )
                                                                                                      • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/CVS/Entries )
                                                                                                      • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/CVS/Root )
                                                                                                    • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/DEADJOE )
                                                                                                    • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/Trace.axd )
                                                                                                    • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/WS_FTP.LOG )
                                                                                                    • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/adojavas.inc )
                                                                                                    • adojavas.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/adojavas.inc.bak )
                                                                                                    • adojavas.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/adojavas.inc.old )
                                                                                                    • adojavas.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/adojavas.inc.tmp )
                                                                                                    • adojavas.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/adojavas.inc~ )
                                                                                                    • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/adovbs.inc )
                                                                                                    • adovbs.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/adovbs.inc.bak )
                                                                                                    • adovbs.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/adovbs.inc.old )
                                                                                                    • adovbs.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/adovbs.inc.tmp )
                                                                                                    • adovbs.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/adovbs.inc~ )
                                                                                                    • forms
                                                                                                      • %23adojavas.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/%23adojavas.inc%23 )
                                                                                                      • %23adovbs.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/%23adovbs.inc%23 )
                                                                                                      • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/%3f.jsp )
                                                                                                      • %3f.jsp%5C ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/%3f.jsp%5C )
                                                                                                      • .svn ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/.svn/ )
                                                                                                        • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/.svn/entries )
                                                                                                        • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/.svn/entries )
                                                                                                      • ADw-script AD4-alert(42) ADw- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/ADw-script AD4-alert(42) ADw-/ )
                                                                                                        • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                        • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                      • CVS ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/CVS/ )
                                                                                                        • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/CVS/Entries )
                                                                                                        • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/CVS/Root )
                                                                                                        • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/CVS/Entries )
                                                                                                        • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/CVS/Root )
                                                                                                      • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/DEADJOE )
                                                                                                      • Smb.Login ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/Smb.Login )
                                                                                                      • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/Trace.axd )
                                                                                                      • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/WS_FTP.LOG )
                                                                                                      • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/adojavas.inc )
                                                                                                      • adojavas.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/adojavas.inc.bak )
                                                                                                      • adojavas.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/adojavas.inc.old )
                                                                                                      • adojavas.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/adojavas.inc.tmp )
                                                                                                      • adojavas.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/adojavas.inc~ )
                                                                                                      • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/adovbs.inc )
                                                                                                      • adovbs.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/adovbs.inc.bak )
                                                                                                      • adovbs.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/adovbs.inc.old )
                                                                                                      • adovbs.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/adovbs.inc.tmp )
                                                                                                      • adovbs.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/adovbs.inc~ )
                                                                                                • servlet ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/ )
                                                                                                  • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/%3f.jsp )
                                                                                                  • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/DEADJOE )
                                                                                                  • README ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/README )
                                                                                                  • README.TXT ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/README.TXT )
                                                                                                  • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/Trace.axd )
                                                                                                  • WEB-INF ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/WEB-INF/ )
                                                                                                  • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/WS_FTP.LOG )
                                                                                                  • _vti_bin ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/_vti_bin/ )
                                                                                                  • _vti_bot ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/_vti_bot/ )
                                                                                                  • _vti_cnf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/_vti_cnf/ )
                                                                                                  • _vti_log ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/_vti_log/ )
                                                                                                  • _vti_pvt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/_vti_pvt/ )
                                                                                                  • _vti_script ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/_vti_script/ )
                                                                                                  • _vti_shm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/_vti_shm/ )
                                                                                                  • _vti_txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/_vti_txt/ )
                                                                                                  • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/adojavas.inc )
                                                                                                  • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/adovbs.inc )
                                                                                                  • default.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/default.asp )
                                                                                                  • default.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/default.aspx )
                                                                                                  • default.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/default.htm )
                                                                                                  • default.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/default.html )
                                                                                                  • default.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/default.jsp )
                                                                                                  • default.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/default.php )
                                                                                                  • default.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/default.shtml )
                                                                                                  • default.wml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/default.wml )
                                                                                                  • index.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/index.asp )
                                                                                                  • index.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/index.aspx )
                                                                                                  • index.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/index.bak )
                                                                                                  • index.cfm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/index.cfm )
                                                                                                  • index.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/index.cgi )
                                                                                                  • index.chtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/index.chtml )
                                                                                                  • index.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/index.htm )
                                                                                                  • index.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/index.html )
                                                                                                  • index.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/index.jsp )
                                                                                                  • index.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/index.old )
                                                                                                  • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/index.php )
                                                                                                  • index.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/index.php3 )
                                                                                                  • index.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/index.shtml )
                                                                                                  • index.swf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/index.swf )
                                                                                                  • readme.txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/readme.txt )
                                                                                                  • servlet ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/servlet/ )
                                                                                                    • sitemap.xml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/sitemap.xml )
                                                                                                    • web-inf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/web-inf/ )
                                                                                                    • wp-login.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/servlet/wp-login.php )
                                                                                                • sitemap.xml ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/sitemap.xml )
                                                                                                • styles
                                                                                                  • %23adojavas.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/%23adojavas.inc%23 )
                                                                                                  • %23adovbs.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/%23adovbs.inc%23 )
                                                                                                  • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/%3f.jsp )
                                                                                                  • %3f.jsp%5C ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/%3f.jsp%5C )
                                                                                                  • .svn ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/.svn/ )
                                                                                                    • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/.svn/entries )
                                                                                                  • ADw-script AD4-alert(42) ADw- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/ADw-script AD4-alert(42) ADw-/ )
                                                                                                    • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                  • CVS ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/CVS/ )
                                                                                                    • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/CVS/Entries )
                                                                                                    • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/CVS/Root )
                                                                                                  • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/DEADJOE )
                                                                                                  • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/Trace.axd )
                                                                                                  • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/WS_FTP.LOG )
                                                                                                  • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/adojavas.inc )
                                                                                                  • adojavas.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/adojavas.inc.bak )
                                                                                                  • adojavas.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/adojavas.inc.old )
                                                                                                  • adojavas.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/adojavas.inc.tmp )
                                                                                                  • adojavas.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/adojavas.inc~ )
                                                                                                  • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/adovbs.inc )
                                                                                                  • adovbs.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/adovbs.inc.bak )
                                                                                                  • adovbs.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/adovbs.inc.old )
                                                                                                  • adovbs.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/adovbs.inc.tmp )
                                                                                                  • adovbs.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/adovbs.inc~ )
                                                                                                  • css
                                                                                                    • %23adojavas.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/%23adojavas.inc%23 )
                                                                                                    • %23adovbs.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/%23adovbs.inc%23 )
                                                                                                    • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/%3f.jsp )
                                                                                                    • %3f.jsp%5C ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/%3f.jsp%5C )
                                                                                                    • .svn ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/.svn/ )
                                                                                                      • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/.svn/entries )
                                                                                                    • ADw-script AD4-alert(42) ADw- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/ADw-script AD4-alert(42) ADw-/ )
                                                                                                      • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                      • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                    • CVS ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/CVS/ )
                                                                                                      • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/CVS/Entries )
                                                                                                      • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/CVS/Root )
                                                                                                    • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/DEADJOE )
                                                                                                    • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/Trace.axd )
                                                                                                    • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/WS_FTP.LOG )
                                                                                                    • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/adojavas.inc )
                                                                                                    • adojavas.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/adojavas.inc.bak )
                                                                                                    • adojavas.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/adojavas.inc.old )
                                                                                                    • adojavas.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/adojavas.inc.tmp )
                                                                                                    • adojavas.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/adojavas.inc~ )
                                                                                                    • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/adovbs.inc )
                                                                                                    • adovbs.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/adovbs.inc.bak )
                                                                                                    • adovbs.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/adovbs.inc.old )
                                                                                                    • adovbs.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/adovbs.inc.tmp )
                                                                                                    • adovbs.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/adovbs.inc~ )
                                                                                                  • img
                                                                                                    • %23adojavas.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/%23adojavas.inc%23 )
                                                                                                    • %23adovbs.inc%23 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/%23adovbs.inc%23 )
                                                                                                    • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/%3f.jsp )
                                                                                                    • %3f.jsp%5C ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/%3f.jsp%5C )
                                                                                                    • .svn ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/.svn/ )
                                                                                                      • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/.svn/entries )
                                                                                                    • CVS ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/CVS/ )
                                                                                                      • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/CVS/Entries )
                                                                                                      • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/CVS/Root )
                                                                                                      • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/CVS/Entries )
                                                                                                      • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/CVS/Root )
                                                                                                      • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/big/CVS/Entries )
                                                                                                      • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/big/CVS/Root )
                                                                                                    • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/DEADJOE )
                                                                                                    • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/Trace.axd )
                                                                                                    • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/WS_FTP.LOG )
                                                                                                    • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/adojavas.inc )
                                                                                                    • adojavas.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/adojavas.inc.bak )
                                                                                                    • adojavas.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/adojavas.inc.old )
                                                                                                    • adojavas.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/adojavas.inc.tmp )
                                                                                                    • adojavas.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/adojavas.inc~ )
                                                                                                    • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/adovbs.inc )
                                                                                                    • adovbs.inc.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/adovbs.inc.bak )
                                                                                                    • adovbs.inc.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/adovbs.inc.old )
                                                                                                    • adovbs.inc.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/adovbs.inc.tmp )
                                                                                                    • adovbs.inc~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/adovbs.inc~ )
                                                                                                    • icons
                                                                                                      • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/%3f.jsp )
                                                                                                      • %3f.jsp%5C ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/%3f.jsp%5C )
                                                                                                      • .svn ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/.svn/ )
                                                                                                        • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/.svn/entries )
                                                                                                        • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/big/.svn/entries )
                                                                                                      • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/DEADJOE )
                                                                                                      • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/Trace.axd )
                                                                                                      • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/WS_FTP.LOG )
                                                                                                      • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/adojavas.inc )
                                                                                                      • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/adovbs.inc )
                                                                                                      • big
                                                                                                        • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/big/%3f.jsp )
                                                                                                        • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/big/DEADJOE )
                                                                                                        • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/big/Trace.axd )
                                                                                                        • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/big/WS_FTP.LOG )
                                                                                                        • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/big/adojavas.inc )
                                                                                                        • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/img/icons/big/adovbs.inc )
                                                                                                • web-inf ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/web-inf/ )
                                                                                                • wp-config.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-config.bak )
                                                                                                • wp-config.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-config.old )
                                                                                                • wp-config.php.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-config.php.bak )
                                                                                                • wp-config.php.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-config.php.old )
                                                                                                • wp-config.php.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-config.php.tmp )
                                                                                                • wp-config.php~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-config.php~ )
                                                                                                • wp-config.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-config.tmp )
                                                                                                • wp-login.CGI ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-login.CGI )
                                                                                                • wp-login.FCGI ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-login.FCGI )
                                                                                                • wp-login.PHP ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-login.PHP )
                                                                                                • wp-login.PHP3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-login.PHP3 )
                                                                                                • wp-login.PHP4 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-login.PHP4 )
                                                                                                • wp-login.PHP5 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-login.PHP5 )
                                                                                                • wp-login.PHTML ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-login.PHTML )
                                                                                                • wp-login.PL ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-login.PL )
                                                                                                • wp-login.PY ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-login.PY )
                                                                                                • wp-login.RB ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-login.RB )
                                                                                                • wp-login.SH ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-login.SH )
                                                                                                • wp-login.SHTML ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-login.SHTML )
                                                                                                • wp-login.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-login.php )
                                                                                                • wp-login.php. ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-login.php. )
                                                                                                • wp-login.php.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-login.php.bak )
                                                                                                • wp-login.php.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-login.php.old )
                                                                                                • wp-login.php.tmp ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-login.php.tmp )
                                                                                                • wp-login.php~ ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-login.php~ )
                                                                                                • wp-settings.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/wp-settings.php )

                                                                                              9.3.2.5 Successful (200)

                                                                                              • ?P=+ADw-script+AD4-alert(42)+ADw-
                                                                                                • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                                • script+AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4- )
                                                                                              • get_password.PHP ( https://vulnerable.plesk.smb.10.2.0.host:8443/get_password.PHP )
                                                                                              • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/index.php )
                                                                                              • javascript
                                                                                                • chk.js.PHP ( https://vulnerable.plesk.smb.10.2.0.host:8443/javascript/chk.js.PHP )
                                                                                              • login.PHP3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/login.PHP3 )
                                                                                              • login_up.PHP3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/login_up.PHP3 )
                                                                                              • plesk
                                                                                                • %3f.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/%3f.jsp )
                                                                                                • .svn
                                                                                                  • entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/.svn/entries )
                                                                                                • ADw-script AD4-alert(42) ADw-
                                                                                                  • script AD4- ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/ADw-script AD4-alert(42) ADw-/script AD4- )
                                                                                                • CVS
                                                                                                  • Entries ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/CVS/Entries )
                                                                                                  • Root ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/CVS/Root )
                                                                                                • DEADJOE ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/DEADJOE )
                                                                                                • README ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/README )
                                                                                                • README.TXT ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/README.TXT )
                                                                                                • Trace.axd ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/Trace.axd )
                                                                                                • WEB-INF ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/WEB-INF/ )
                                                                                                • WS_FTP.LOG ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/WS_FTP.LOG )
                                                                                                • _vti_bin ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/_vti_bin/ )
                                                                                                • _vti_bot ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/_vti_bot/ )
                                                                                                • _vti_cnf ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/_vti_cnf/ )
                                                                                                • _vti_log ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/_vti_log/ )
                                                                                                • _vti_pvt ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/_vti_pvt/ )
                                                                                                • _vti_script ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/_vti_script/ )
                                                                                                • _vti_shm ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/_vti_shm/ )
                                                                                                • _vti_txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/_vti_txt/ )
                                                                                                • adojavas.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/adojavas.inc )
                                                                                                • adovbs.inc ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/adovbs.inc )
                                                                                                • default.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/default.asp )
                                                                                                • default.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/default.aspx )
                                                                                                • default.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/default.htm )
                                                                                                • default.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/default.html )
                                                                                                • default.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/default.jsp )
                                                                                                • default.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/default.php )
                                                                                                • default.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/default.shtml )
                                                                                                • default.wml ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/default.wml )
                                                                                                • index.asp ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/index.asp )
                                                                                                • index.aspx ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/index.aspx )
                                                                                                • index.bak ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/index.bak )
                                                                                                • index.cfm ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/index.cfm )
                                                                                                • index.cgi ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/index.cgi )
                                                                                                • index.chtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/index.chtml )
                                                                                                • index.htm ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/index.htm )
                                                                                                • index.html ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/index.html )
                                                                                                • index.jsp ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/index.jsp )
                                                                                                • index.old ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/index.old )
                                                                                                • index.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/index.php )
                                                                                                • index.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/index.php3 )
                                                                                                • index.shtml ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/index.shtml )
                                                                                                • index.swf ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/index.swf )
                                                                                                • readme.txt ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/readme.txt )
                                                                                                • servlet ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/servlet/ )
                                                                                                • sitemap.xml ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/sitemap.xml )
                                                                                                • web-inf ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/web-inf/ )
                                                                                                • wp-login.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/plesk/wp-login.php )
                                                                                              • skins
                                                                                                • vista
                                                                                                  • css
                                                                                                    • ie.css ( https://vulnerable.plesk.smb.10.2.0.host:8443/skins/vista/css/ie.css )
                                                                                                    • ie.css?1278564502 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/ie.css?1278564502 )
                                                                                                    • ie8.css?1278564502 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/ie8.css?1278564502 )
                                                                                              • smb
                                                                                                • styles
                                                                                                • top.PHP3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/top.PHP3 )

                                                                                                9.3.3 Linked URLs

                                                                                                The following URLs were found as links in the content of other web pages.

                                                                                                9.3.3.1 Access Error (403)

                                                                                                • aspnet_client
                                                                                                  • system_web ( https://vulnerable.plesk.smb.10.2.0.host:8443/aspnet_client/system_web/ )

                                                                                                9.3.3.2 Redirect (301)

                                                                                                  9.3.3.3 Redirect (302)

                                                                                                  9.3.3.4 Successful (200)

                                                                                                  • get_password.php ( https://vulnerable.plesk.smb.10.2.0.host:8443/get_password.php )
                                                                                                  • javascript
                                                                                                  • login_up.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/login_up.php3 )
                                                                                                  • skins
                                                                                                    • vista
                                                                                                      • css
                                                                                                        • general.css ( https://vulnerable.plesk.smb.10.2.0.host:8443/skins/vista/css/general.css )
                                                                                                        • main
                                                                                                          • apps-control.css ( https://vulnerable.plesk.smb.10.2.0.host:8443/skins/vista/css/main/apps-control.css )
                                                                                                          • buttons.css ( https://vulnerable.plesk.smb.10.2.0.host:8443/skins/vista/css/main/buttons.css )
                                                                                                          • custom.css ( https://vulnerable.plesk.smb.10.2.0.host:8443/skins/vista/css/main/custom.css )
                                                                                                          • desktop.css ( https://vulnerable.plesk.smb.10.2.0.host:8443/skins/vista/css/main/desktop.css )
                                                                                                          • double-list-control.css ( https://vulnerable.plesk.smb.10.2.0.host:8443/skins/vista/css/main/double-list-control.css )
                                                                                                          • layout.css ( https://vulnerable.plesk.smb.10.2.0.host:8443/skins/vista/css/main/layout.css )
                                                                                                          • tabs.css ( https://vulnerable.plesk.smb.10.2.0.host:8443/skins/vista/css/main/tabs.css )
                                                                                                        • misc.css ( https://vulnerable.plesk.smb.10.2.0.host:8443/skins/vista/css/misc.css )
                                                                                                        • top
                                                                                                          • custom.css ( https://vulnerable.plesk.smb.10.2.0.host:8443/skins/vista/css/top/custom.css )
                                                                                                          • layout.css ( https://vulnerable.plesk.smb.10.2.0.host:8443/skins/vista/css/top/layout.css )
                                                                                                        • base.css?1278564502 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/base.css?1278564502 )
                                                                                                        • btns.css?1278564502 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/btns.css?1278564502 )
                                                                                                        • form.css?1278564502 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/styles/css/form.css?1278564502 )
                                                                                                  • smb
                                                                                                    • change-password
                                                                                                      • get-link ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/change-password/get-link )
                                                                                                    • externals
                                                                                                    • login?returnUrl=%2F ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/login?returnUrl=%2F )
                                                                                                    • scripts
                                                                                                      • components
                                                                                                        • forms
                                                                                                          • login.js?1278564502 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/components/forms/login.js?1278564502 )
                                                                                                      • jsw.js?1278564502 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/jsw.js?1278564502 )
                                                                                                      • smb.js?1278564502 ( https://vulnerable.plesk.smb.10.2.0.host:8443/smb/scripts/smb.js?1278564502 )
                                                                                                    • styles
                                                                                                  • top.php3 ( https://vulnerable.plesk.smb.10.2.0.host:8443/top.php3 )