) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): Nikto
- Search Type: Search All
- CPE Name Search: false
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2019-20463 |
An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. A crash and reboot can be triggered by crafted IP traffic, as demonstrated by the Nikto vulnerability scanner. For example, sending the 111111 string to UDP port 20188 causes a reboot. To deny service for a long time period, the crafted IP traffic may be sent periodically. Published: April 02, 2021; 12:15:12 PM -0400 |
V3.1: 7.5 HIGH V2.0: 7.8 HIGH |
| CVE-2018-11652 |
CSV Injection vulnerability in Nikto 2.1.6 and earlier allows remote attackers to inject arbitrary OS commands via the Server field in an HTTP response header, which is directly injected into a CSV report. Published: June 01, 2018; 11:29:00 AM -0400 |
V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |
| CVE-2005-4703 |
Apache Tomcat 4.0.3, when running on Windows, allows remote attackers to obtain sensitive information via a request for a file that contains an MS-DOS device name such as lpt9, which leaks the pathname in an error message, as demonstrated by lpt9.xtp using Nikto. Published: December 31, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2005-2860 |
Cross-site scripting (XSS) vulnerability in Nikto 1.35 and earlier allows remote attackers to inject arbitrary web script or HTML via the Server field in an HTTP response header, which is directly injected into an HTML report. Published: September 08, 2005; 6:03:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |