Vulnerability templates

In addition to query-based vulnerability reporting, runZero natively detects exposures using an embedded version of the open-source Nuclei vulnerability scanner and it’s YAML-based vulnerability check templates. To maintain fast scan times and minimize network disruption, runZero dynamically selects appropriate templates based on the scan’s configured categories and precise asset and service fingerprinting.

The table below lists the templates available for scans. The full set can be found in our nuclei-templates repository.

Current templates

Name	Enabled by	Severity	Full YAML File
1Password SCIM Bridge - Panel	Identify web-based control panels	Info	Source
3COM NJ2000 Default Credentials	Identify default logins in web-based control panels	High	Source
3CX Phone System Management Console - Panel Detect	Identify web-based control panels	Info	Source
3CX Phone System Web Client Management Console - Panel Detect	Identify web-based control panels	Info	Source
3Com Wireless 8760 Dual Radio Default Credentials	Identify default logins in web-based control panels	High	Source
3ware Controller 3DM2 Default Credentials	Identify default logins in web-based control panels	High	Source
74cms - ajax_common.php SQL Injection	Identify critical remote vulnerabilities	Critical	Source
74cms - ajax_officebuilding.php SQL Injection	Identify critical remote vulnerabilities	Critical	Source
74cms - ajax_street.php 'key' SQL Injection	Identify critical remote vulnerabilities	Critical	Source
74cms - ajax_street.php 'x' SQL Injection	Identify critical remote vulnerabilities	Critical	Source
AC Centralized Management System - Default Login	Identify default logins in web-based control panels	High	Source
ACTi Video Monitoring Panel - Detection	Identify web-based control panels	Info	Source
AIC Intelligent Campus System - Password Exposure	Identify critical remote vulnerabilities	Medium	Source
AJ-Report < 1.4.1 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
AKHQ Panel - Detect	Identify web-based control panels	Info	Source
APC Rack PDU Default Login	Identify default logins in web-based control panels	High	Source
ARL Default Credentials	Identify default logins in web-based control panels	High	Source
ARRIS Touchstone Telephony Modem - Panel Detect	Identify web-based control panels	Info	Source
ASUS AiCloud Panel - Detect	Identify web-based control panels	Info	Source
ASUS GT-AC2900 - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
ASUS RT-N16 Default Credentials	Identify default logins in web-based control panels	High	Source
ASUS WL-500G Default Credentials	Identify default logins in web-based control panels	High	Source
ASUS WL-520GU Default Credentials	Identify default logins in web-based control panels	High	Source
ATutor < 2.2.1 - Cross Site Scripting	Identify critical remote vulnerabilities	Medium	Source
AVM FRITZ!Box 7530 AX - Unauthorized Access	Identify critical remote vulnerabilities	High	Source
AVTECH DVR - SSRF	Identify critical remote vulnerabilities	Medium	Source
AVTECH IP Camera - Command Injection	Identify critical remote vulnerabilities	High	Source
AVTECH Room Alert Login Panel - Detect	Identify web-based control panels	Info	Source
AVTECH Video Surveillance Product - Authentication Bypass	Identify critical remote vulnerabilities	High	Source
AVTECH Video Surveillance Product - Unauthenticated File Download	Identify critical remote vulnerabilities	High	Source
AWS EC2 Auto Scaling Lab	Identify web-based control panels	Info	Source
Academy LMS 6.2 - SQL Injection	Identify critical remote vulnerabilities	Medium	Source
AceNet AceReporter Report Panel - Detect	Identify web-based control panels	Info	Source
Ackee Panel - Detect	Identify web-based control panels	Info	Source
Acrolinx Dashboard	Identify web-based control panels	Info	Source
Actifio Resource Center - Panel	Identify web-based control panels	Info	Source
Acunetix Login Panel - Detect	Identify web-based control panels	Info	Source
AdGuard Panel - Detect	Identify web-based control panels	Info	Source
Adapt Authoring Tool - Panel	Identify web-based control panels	Info	Source
AddOnFinance Portal - Detect	Identify web-based control panels	Info	Source
Adfinity Login Panel - Detect	Identify web-based control panels	Info	Source
Adminer <=4.8.0 - Cross-Site Scripting	Identify critical remote vulnerabilities	High	Source
Adminer Default Credentials	Identify default logins in web-based control panels	High	Source
Adminer Login Panel - Detect	Identify web-based control panels	Info	Source
Adminer Login Panel - Detect	Identify web-based control panels	Info	Source
Adobe AEM CRX Package Manager - Panel Detect	Identify web-based control panels	Info	Source
Adobe AEM Default Credentials	Identify default logins in web-based control panels	High	Source
Adobe ColdFusion - Access Control Bypass	Identify critical remote vulnerabilities	High	Source
Adobe ColdFusion - Access Control Bypass	Identify critical remote vulnerabilities	High	Source
Adobe ColdFusion - Local File Read	Identify critical remote vulnerabilities	High	Source
Adobe ColdFusion 8.0/8.0.1/9.0/9.0.1 LFI	Identify critical remote vulnerabilities	Critical	Source
Adobe ColdFusion Component Browser Login Panel	Identify web-based control panels	Info	Source
Adobe ColdFusion WDDX Deserialization Gadgets	Identify critical remote vulnerabilities	Critical	Source
Adobe Coldfusion - Authentication Bypass	Identify critical remote vulnerabilities	High	Source
Adobe Connect < 12.1.5 - Local File Disclosure	Identify critical remote vulnerabilities	Medium	Source
Adobe Connect Central Login Panel	Identify web-based control panels	Info	Source
Adobe Experience Manager Felix Console Default Credentials	Identify default logins in web-based control panels	High	Source
Adobe Experience Manager Login Panel	Identify web-based control panels	Info	Source
Adobe Experience Manager Sling User Login - Detect	Identify web-based control panels	Info	Source
Adobe Media Server Login Panel	Identify web-based control panels	Info	Source
Ads Pro Plugin <= 4.89 - Local File Inclusion	Identify critical remote vulnerabilities	Critical	Source
Advanced eMail Solution DEEPMail - Panel	Identify web-based control panels	Info	Source
Advantech R-SeeNet 2.4.12 - OS Command Injection	Identify critical remote vulnerabilities	Critical	Source
Aerohive NetConfig UI	Identify web-based control panels	Info	Source
Aethra Telecommunications Login - Panel	Identify web-based control panels	Info	Source
Agentejo Cockpit < 0.11.2 - NoSQL Injection	Identify critical remote vulnerabilities	Critical	Source
Agentejo Cockpit <0.11.2 - NoSQL Injection	Identify critical remote vulnerabilities	Critical	Source
Agentejo Cockpit <0.12.0 - NoSQL Injection	Identify critical remote vulnerabilities	Critical	Source
AirNotifier Login Panel - Detect	Identify web-based control panels	Info	Source
AirOS Panel - Detect	Identify web-based control panels	Info	Source
Airflow Experimental <1.10.11 - REST API Auth Bypass	Identify critical remote vulnerabilities	Critical	Source
Akuiteo Login Panel - Detect	Identify web-based control panels	Info	Source
Alamos GmbH Panel - Detect	Identify web-based control panels	Info	Source
Alcatel-Lucent OmniPCX - Remote Command Execution	Identify critical remote vulnerabilities	Critical	Source
Alfresco Content App Panel - Detect	Identify web-based control panels	Info	Source
Alibaba Druid Monitor - Default Login	Identify default logins in web-based control panels	High	Source
Alibaba Nacos - Default Login	Identify default logins in web-based control panels	High	Source
AlienVault USM Login Panel	Identify web-based control panels	Info	Source
Allied Telesis Device GUI Login Panel - Detect	Identify web-based control panels	Info	Source
Allnet Default Credentials	Identify default logins in web-based control panels	High	Source
AlphaWeb XE Default Credentials	Identify default logins in web-based control panels	Medium	Source
Altenergy Power Control Software - SQL Injection	Identify critical remote vulnerabilities	Medium	Source
AlternC Desktop Panel - Detect	Identify web-based control panels	Info	Source
Amcrest Login	Identify web-based control panels	Info	Source
AmpJuke Default Credentials	Identify default logins in web-based control panels	High	Source
Ampache Login Panel - Detect	Identify web-based control panels	Info	Source
Anaqua Login - Panel	Identify web-based control panels	Info	Source
Ansible Semaphore Panel Detect	Identify web-based control panels	Info	Source
Ansible Tower - Detect	Identify web-based control panels	Info	Source
AnteeoWMS < v4.7.34 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Anyscale Ray - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
AnythingLLM - Information Disclosure	Identify critical remote vulnerabilities	High	Source
Apache 2.4.49 - Path Traversal and Remote Code Execution	Identify critical remote vulnerabilities	High	Source
Apache 2.4.49/2.4.50 - Path Traversal and Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Apache APISIX Login Panel - Detect	Identify web-based control panels	Info	Source
Apache ActiveMQ Artemis Console Default Login	Identify default logins in web-based control panels	High	Source
Apache ActiveMQ Default Login	Identify default logins in web-based control panels	High	Source
Apache ActiveMQ Exposure	Identify web-based control panels	Info	Source
Apache Airflow <1.10.14 - Authentication Bypass	Identify critical remote vulnerabilities	High	Source
Apache Airflow <=1.10.10 - Remote Code Execution	Identify critical remote vulnerabilities	High	Source
Apache Airflow Admin Login Panel	Identify web-based control panels	Info	Source
Apache Airflow Default Login	Identify default logins in web-based control panels	High	Source
Apache Airflow OS Command Injection	Identify critical remote vulnerabilities	High	Source
Apache Airflow v3 Default Login	Identify default logins in web-based control panels	High	Source
Apache Ambari Default Credentials	Identify default logins in web-based control panels	High	Source
Apache Apisix Admin Default Credentials	Identify default logins in web-based control panels	High	Source
Apache Apollo Default Credentials	Identify default logins in web-based control panels	High	Source
Apache Apollo Panel - Detect	Identify web-based control panels	Info	Source
Apache CloudStack Default Credentials	Identify default logins in web-based control panels	High	Source
Apache DolphinScheduler Default Credentials	Identify default logins in web-based control panels	High	Source
Apache Doris Default Credentials	Identify default logins in web-based control panels	High	Source
Apache HTTP Server - ACL Bypass	Identify critical remote vulnerabilities	High	Source
Apache HertzBeat - Default Credentials	Identify default logins in web-based control panels	High	Source
Apache JMeter Dashboard Login Panel - Detect	Identify web-based control panels	Info	Source
Apache Kafka Center Default Credentials	Identify default logins in web-based control panels	High	Source
Apache Kafka Consumer Offset Monitor Panel - Detect	Identify web-based control panels	Info	Source
Apache Kafka Control Center Login Panel - Detect	Identify web-based control panels	Info	Source
Apache Kafka Monitor Login Panel - Detect	Identify web-based control panels	Info	Source
Apache Karaf Default Credentials	Identify default logins in web-based control panels	High	Source
Apache Mesos - Panel Detect	Identify web-based control panels	Info	Source
Apache NiFi - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Apache NiFi - Information Disclosure	Identify critical remote vulnerabilities	Medium	Source
Apache OfBiz Default Login	Identify default logins in web-based control panels	High	Source
Apache Pinot < 1.3.0 - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Apache Ranger Default Credentials	Identify default logins in web-based control panels	High	Source
Apache RocketMQ Console Panel - Detect	Identify web-based control panels	Info	Source
Apache S2-032 Struts - Remote Code Execution	Identify critical remote vulnerabilities	High	Source
Apache ShardingSphere ElasticJob-UI privilege escalation	Identify critical remote vulnerabilities	Medium	Source
Apache Solr - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Apache Solr - Host Environment Variables Leak via Metrics API	Identify critical remote vulnerabilities	Medium	Source
Apache Solr Admin Panel - Detect	Identify web-based control panels	Info	Source
Apache Spark Panel - Detect	Identify web-based control panels	Info	Source
Apache Spark UI - Remote Command Injection	Identify critical remote vulnerabilities	High	Source
Apache StreamPipes <= 0.93.0 - Use of Cryptographically Weak PRNG in Recovery Token Generation	Identify critical remote vulnerabilities	Critical	Source
Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution	Identify critical remote vulnerabilities	Critical	Source
Apache Struts 2 - Remote Command Execution	Identify critical remote vulnerabilities	Critical	Source
Apache Struts 2.0.0-2.5.25 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Apache Struts <=2.5.20 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Apache Struts2 S2-008 RCE	Identify critical remote vulnerabilities	Medium	Source
Apache Struts2 S2-012 RCE	Identify critical remote vulnerabilities	Critical	Source
Apache Struts2 S2-053 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Apache Struts2 S2-053 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Apache Struts2 S2-057 - Remote Code Execution	Identify critical remote vulnerabilities	High	Source
Apache Superset - Authentication Bypass	Identify critical remote vulnerabilities	High	Source
Apache Superset Login Panel - Detect	Identify web-based control panels	Info	Source
Apache Tomcat Default Credentials	Identify default logins in web-based control panels	Info	Source
Apache Tomcat Manager Default Credentials	Identify default logins in web-based control panels	High	Source
Apache Tomcat Manager Login Panel - Detect	Identify web-based control panels	Info	Source
Apache Tomcat Remote Command Execution	Identify critical remote vulnerabilities	High	Source
Aperio eSlideManager - Panel	Identify web-based control panels	Info	Source
Apigee Login Panel - Detect	Identify web-based control panels	Info	Source
Apollo Default Credentials	Identify default logins in web-based control panels	High	Source
Application Management Panel - Detect	Identify web-based control panels	Info	Source
Appsmith User Login - Panel Detect	Identify web-based control panels	Info	Source
Appspace Login Panel - Detect	Identify web-based control panels	Info	Source
Appsuite Login Panel - Detect	Identify web-based control panels	Info	Source
Appwrite Login Panel - Detect	Identify web-based control panels	Info	Source
Aptus Login - Panel Detect	Identify web-based control panels	Info	Source
Aqua Enterprise - Panel Detect	Identify web-based control panels	Info	Source
ArangoDB Web Interface - Detect	Identify web-based control panels	Info	Source
ArcGIS REST Services Directory - Detect	Identify web-based control panels	Info	Source
ArcServe Panel - Detect	Identify web-based control panels	Info	Source
Archibus Web Central Login - Panel Detect	Identify web-based control panels	Info	Source
Argo CD Login Panel	Identify web-based control panels	Info	Source
Argo CD Unauthenticated Access to sensitive setting	Identify critical remote vulnerabilities	Medium	Source
Aria2 WebUI - Path traversal	Identify critical remote vulnerabilities	High	Source
Artica Pandora FMS 7.44 - Remote Code Execution	Identify critical remote vulnerabilities	High	Source
Aruba Instant - Default Login	Identify default logins in web-based control panels	High	Source
Atlantis Panel - Detect	Identify web-based control panels	Info	Source
Atlassian Bamboo Login Panel - Detect	Identify web-based control panels	Info	Source
Atlassian Bitbucket - Remote Command Injection	Identify critical remote vulnerabilities	High	Source
Atlassian Confluence - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Atom.CMS 2.0 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
AudioCodes 310HD, 320HD, 420HD, 430HD & 440HD Default Credentials	Identify default logins in web-based control panels	High	Source
AudioCodes Device Manager Express - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
AudioCodes Login - Panel Detect	Identify web-based control panels	Info	Source
Audiobookshelf Login Panel - Detect	Identify web-based control panels	Info	Source
Authelia Panel - Detect	Identify web-based control panels	Info	Source
Authentik Panel - Detect	Identify web-based control panels	Info	Source
AutoSet Page - Detect	Identify web-based control panels	Info	Source
Automation By Autonami < 3.3.0 - SQL Injection	Identify critical remote vulnerabilities	High	Source
Automatisch Panel - Detect	Identify web-based control panels	Info	Source
AvantFAX Login Panel	Identify web-based control panels	Info	Source
Avatier Password Management Panel	Identify web-based control panels	Info	Source
Aviatrix Cloud Controller Panel	Identify web-based control panels	Info	Source
Avigilon Login Panel - Detect	Identify web-based control panels	Info	Source
Avtech AVN801 Network Camera Admin Panel - Detect	Identify web-based control panels	Info	Source
Axel WebServer - Panel Detect	Identify web-based control panels	Info	Source
Axigen Web Admin Detection	Identify web-based control panels	Info	Source
Axigen WebMail PanelDetection	Identify web-based control panels	Info	Source
Axway API Manager Panel - Detect	Identify web-based control panels	Info	Source
Axway SecureTransport Login Panel - Detect	Identify web-based control panels	Info	Source
Axway SecureTransport Web Client Panel - Detect	Identify web-based control panels	Info	Source
Axxon Next Client Login - Detect	Identify web-based control panels	Info	Source
Azkaban Web Client	Identify web-based control panels	Info	Source
Azkaban Web Client Default Credentials	Identify default logins in web-based control panels	High	Source
BEdita Login Panel - Detect	Identify web-based control panels	Info	Source
BMC Control-M MFT Login Panel - Detect	Identify web-based control panels	Info	Source
BMC Discovery Login Panel - Detect	Identify web-based control panels	Info	Source
BMC Remedy SSO Login Panel - Detect	Identify web-based control panels	Info	Source
Barco ClickShare Default Credentials	Identify default logins in web-based control panels	High	Source
Barracuda Message Archiver - Exposed Panel	Identify web-based control panels	Info	Source
Batflat CMS Default Credentials	Identify default logins in web-based control panels	High	Source
Bazarr < 1.4.3 - Arbitrary File Read	Identify critical remote vulnerabilities	High	Source
Beego Admin Dashboard Panel- Detect	Identify web-based control panels	Medium	Source
Beszel Login Panel - Detect	Identify web-based control panels	Info	Source
BeyondTrust Login Panel - Detect	Identify web-based control panels	Info	Source
BeyondTrust Privileged Remote Access - Panel	Identify web-based control panels	Info	Source
BeyondTrust Remote Support Panel - Detect	Identify web-based control panels	Info	Source
BigAnt Admin Login Panel - Detect	Identify web-based control panels	Info	Source
BigAnt Default Credentials	Identify default logins in web-based control panels	Critical	Source
BigAnt Server 5.6.06 - Improper Access Control	Identify critical remote vulnerabilities	Medium	Source
BioTime Web Login Panel - Detect	Identify web-based control panels	Info	Source
Bitdefender GravityZone Panel - Detect	Identify web-based control panels	Info	Source
Bitrix Component - Cross-Site Scripting	Identify critical remote vulnerabilities	High	Source
Bitrix Login Panel	Identify web-based control panels	Info	Source
Bitwarden Web Vault Login Panel - Detect	Identify web-based control panels	Info	Source
Black Duck Login Panel - Detect	Identify web-based control panels	Info	Source
Blue Iris Login Panel - Detect	Identify web-based control panels	Info	Source
Blue Yonder Panel - Detect	Identify web-based control panels	Info	Source
Bluemind Panel - Detect	Identify web-based control panels	Info	Source
Bonita Default Credentials	Identify default logins in web-based control panels	High	Source
Bonita Portal Login - Detect	Identify web-based control panels	Info	Source
Bonobo Git Server Login Panel - Detect	Identify web-based control panels	Info	Source
BookStack Login Panel - Detect	Identify web-based control panels	Info	Source
Brother MFC-L9570CDW - Information Disclosure	Identify critical remote vulnerabilities	Medium	Source
Buddy Panel - Detect	Identify web-based control panels	Info	Source
Buildbot Panel - Detect	Identify web-based control panels	Info	Source
Busybox Repository Browser - Detect	Identify web-based control panels	Info	Source
Bylancer Quicklancer 2.4 G - SQL Injection	Identify critical remote vulnerabilities	High	Source
Bynder Login Panel - Detect	Identify web-based control panels	Info	Source
CAIMORE Gateway Default Credentials	Identify default logins in web-based control panels	High	Source
CAS Login Panel - Detect	Identify web-based control panels	Info	Source
CData API Server < 23.4.8844 - Path Traversal	Identify critical remote vulnerabilities	Critical	Source
CData Arc < 23.4.8839 - Path Traversal	Identify critical remote vulnerabilities	High	Source
CData Connect < 23.4.8846 - Path Traversal	Identify critical remote vulnerabilities	Critical	Source
CData Sync < 23.4.8843 - Path Traversal	Identify critical remote vulnerabilities	High	Source
CERIO-DT Interface - Command Execution	Identify critical remote vulnerabilities	Critical	Source
CGIT - Detect	Identify web-based control panels	Info	Source
CISCO Expressway Login Panel - Detect	Identify web-based control panels	Info	Source
CRMEB v.5.2.2 - SQL Injection	Identify critical remote vulnerabilities	High	Source
Cachet <=2.3.18 - SQL Injection	Identify critical remote vulnerabilities	High	Source
Cacti 1.2.24 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Cacti Login Panel - Detect	Identify web-based control panels	Info	Source
Calibre <= 7.14.0 Arbitrary File Read	Identify critical remote vulnerabilities	High	Source
Calibre <= 7.14.0 Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Camaleon CMS Default Credentials	Identify default logins in web-based control panels	High	Source
Camaleon CMS Login - Panel	Identify web-based control panels	Info	Source
Camunda Default Credentials	Identify default logins in web-based control panels	High	Source
Canon R-ADV C3325 Default Credentials	Identify default logins in web-based control panels	High	Source
Canon iR-ADV C3325 Panel - Detect	Identify web-based control panels	Info	Source
Canopy 5.7GHz Access Point Default Credentials	Identify default logins in web-based control panels	High	Source
Caprover Default Credentials	Identify default logins in web-based control panels	High	Source
Car Rental Management System 1.0 - Local File Inclusion	Identify critical remote vulnerabilities	Critical	Source
Car Rental Management System 1.0 - SQL Injection	Identify critical remote vulnerabilities	High	Source
CasaOS < 0.4.4 - Authentication Bypass via Internal IP	Identify critical remote vulnerabilities	Critical	Source
CasaOS < 0.4.4 - Authentication Bypass via Random JWT Token	Identify critical remote vulnerabilities	Critical	Source
CasaOS Login Panel - Detect	Identify web-based control panels	Info	Source
Casdoor 1.13.0 - Unauthenticated SQL Injection	Identify critical remote vulnerabilities	High	Source
Casdoor Login Panel - Detect	Identify web-based control panels	Info	Source
CaseManager Login Panel - Detect	Identify web-based control panels	Info	Source
Cassia Bluetooth Gateway Panel - Detect	Identify web-based control panels	Info	Source
Caton Network Manager System Login Panel - Detect	Identify web-based control panels	Info	Source
CentOS Web Panel - OS Command Injection	Identify critical remote vulnerabilities	Critical	Source
CentOS Web Panel - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
CentreStack Login Panel - Detect	Identify web-based control panels	Info	Source
Centreon Login Panel - Detect	Identify web-based control panels	Info	Source
Changedetection.io <= 0.47.4 - Path Traversal	Identify critical remote vulnerabilities	Medium	Source
Changedetection.io Panel - Detect	Identify web-based control panels	Info	Source
Changjietong Remote Communication GNRemote.dll - SQL Injection	Identify critical remote vulnerabilities	High	Source
Check Point Quantum Gateway - Information Disclosure	Identify critical remote vulnerabilities	High	Source
CheckPoint SSL Network Extender Login Panel - Detect	Identify web-based control panels	Info	Source
Checkmarx Login Panel - Detect	Identify web-based control panels	Info	Source
Checkmk Login Panel - Detect	Identify web-based control panels	Info	Source
Chemotargets Clarity Vista Login Panel - Detect	Identify web-based control panels	Info	Source
ChirpStack Default Credentials	Identify default logins in web-based control panels	High	Source
ChirpStack LoRaWAN Detection	Identify web-based control panels	Info	Source
Chronos Panel - Detect	Identify web-based control panels	Info	Source
Ciphertrust - Default Login	Identify default logins in web-based control panels	High	Source
Cisco ACE 4710 Device Manager Login Panel - Detect	Identify web-based control panels	Info	Source
Cisco ASA/FTD Software - Cross-Site Scripting	Identify critical remote vulnerabilities	Medium	Source
Cisco Edge 340 Panel - Detect	Identify web-based control panels	Info	Source
Cisco IOS XE Web UI - Command Injection	Identify critical remote vulnerabilities	Critical	Source
Cisco ISE Admin Login Panel - Detect	Identify web-based control panels	Info	Source
Cisco Identity Services Engine Admin Login Panel - Detect	Identify web-based control panels	Info	Source
Cisco Prime Infrastructure Panel - Detect	Identify web-based control panels	Info	Source
Cisco Secure CN Login Panel - Detect	Identify web-based control panels	Info	Source
Cisco ServiceGrid Login Panel - Detect	Identify web-based control panels	Info	Source
Cisco Smart Software Manager On-Prem Panel - Detect	Identify web-based control panels	Info	Source
Cisco Systems Login Panel - Detect	Identify web-based control panels	Info	Source
Cisco TelePresence Login Panel - Detect	Identify web-based control panels	Info	Source
Cisco UCS Manager KVM Login Panel - Detect	Identify web-based control panels	Info	Source
Cisco Unity Connection Panel - Detect	Identify web-based control panels	Info	Source
Cisco Web UI Login - Detect	Identify web-based control panels	Info	Source
Cisco vManage Login Panel - Detect	Identify web-based control panels	Info	Source
Citrix ADC Gateway Login Panel - Detect	Identify web-based control panels	Info	Source
Citrix Bleed - Leaking Session Tokens	Identify critical remote vulnerabilities	Critical	Source
Citrix VPN Panel - Detect	Identify web-based control panels	Info	Source
Claris FileMaker WebDirect Panel - Detect	Identify web-based control panels	Info	Source
CleanWeb Login Panel - Detect	Identify web-based control panels	Info	Source
Clear-Com Core Configuration Manager Panel - Detect	Identify web-based control panels	Info	Source
ClearPass Policy Manager Login Panel - Detect	Identify web-based control panels	Info	Source
Cleo Harmony < 5.8.0.21 - Arbitrary File Read	Identify critical remote vulnerabilities	High	Source
Cloud OA System - SQL Injection	Identify critical remote vulnerabilities	High	Source
CloudPanel Login - Detect	Identify web-based control panels	Info	Source
Cloudera Hue Default Credentials	Identify default logins in web-based control panels	High	Source
Cloudlog Panel - Detect	Identify web-based control panels	Info	Source
Cloudphysician RADAR Login Panel - Detect	Identify web-based control panels	Info	Source
Cluster Control CMON API - Directory Traversal	Identify critical remote vulnerabilities	High	Source
Cnzxsoft System - Default Login	Identify default logins in web-based control panels	High	Source
Cobbler - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Cobbler <3.3.0 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Cobbler WebGUI Login Panel - Detect	Identify web-based control panels	Info	Source
Cockpit CMS 0.6.1 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Cockpit Project Login Panel - Detect	Identify web-based control panels	Info	Source
Code-Server Login Panel - Detect	Identify web-based control panels	Info	Source
CodeChecker <= 6.24.1 - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Cofense Vision Login Panel - Detect	Identify web-based control panels	Info	Source
ColdFusion Administrator Login Panel - Detect	Identify web-based control panels	Info	Source
Coming Soon & Maintenance < 4.1.7 - Unauthenticated Post/Page Access	Identify critical remote vulnerabilities	Medium	Source
Compalex Panel - Detect	Identify web-based control panels	Medium	Source
CompleteView Panel - Detect	Identify web-based control panels	Info	Source
Concourse CI Login Panel - Detect	Identify web-based control panels	Info	Source
Concrete5 Install Panel	Identify web-based control panels	Critical	Source
Concrete5 Login Panel - Detect	Identify web-based control panels	Info	Source
ConnectWise Control Remote Support Software Panel - Detect	Identify web-based control panels	Info	Source
ConnectWise ScreenConnect 23.9.7 - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Contao Login Panel - Detect	Identify web-based control panels	Info	Source
Content Central Login Panel - Detect	Identify web-based control panels	Info	Source
Contest Gallery < 13.1.0.6 - SQL injection	Identify critical remote vulnerabilities	Critical	Source
Control Web Panel Login Panel - Detect	Identify web-based control panels	Info	Source
CopyParty v1.8.6 - Cross Site Scripting	Identify critical remote vulnerabilities	Medium	Source
Copyparty <= 1.8.2 - Directory Traversal	Identify critical remote vulnerabilities	High	Source
Copyparty <=1.18.6 - Cross-Site Scripting	Identify critical remote vulnerabilities	Medium	Source
Cortex XSOAR Login Panel - Detect	Identify web-based control panels	Info	Source
CouchDB - Detect	Identify web-based control panels	Info	Source
CouchDB Default Credentials	Identify default logins in web-based control panels	High	Source
Cox Business Dominion Gateway Login Panel - Detect	Identify web-based control panels	Info	Source
Craft CMS - Remote Code Execution via Template Path Manipulation	Identify critical remote vulnerabilities	Critical	Source
Craft CMS <=v3.7.31 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Craft CMS Admin Login Panel - Detect	Identify web-based control panels	Info	Source
CraftCMS < 4.4.15 - Unauthenticated Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
CrafterCMS Engine - Cross-Site Scripting	Identify critical remote vulnerabilities	High	Source
CrafterCMS Login Panel - Detect	Identify web-based control panels	Info	Source
Creatio Login Panel - Detect	Identify web-based control panels	Info	Source
Crontab UI - Dashboard Exposure	Identify web-based control panels	High	Source
CrushFTP - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
CrushFTP Anonymous Login	Identify default logins in web-based control panels	High	Source
CrushFTP Default Credentials	Identify default logins in web-based control panels	High	Source
CrushFTP VFS - Sandbox Escape LFR	Identify critical remote vulnerabilities	Critical	Source
CrushFTP WebInterface Panel - Detect	Identify web-based control panels	Info	Source
Crypto <= 2.15 - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Cryptobox Panel - Detect	Identify web-based control panels	Info	Source
Cryptocurrency Widgets Pack < 2.0 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
CudaTel Login Panel - Detect	Identify web-based control panels	Info	Source
Cvent Login Panel - Detect	Identify web-based control panels	Info	Source
Cyber Chef Panel - Detect	Identify web-based control panels	Info	Source
CyberPanel - Command Injection	Identify critical remote vulnerabilities	Critical	Source
CyberPower - Missing Authentication	Identify critical remote vulnerabilities	Critical	Source
CyberPower - SQL Injection	Identify critical remote vulnerabilities	High	Source
CyberPower - SQL Injection	Identify critical remote vulnerabilities	High	Source
CyberPower < v2.8.3 - SQL Injection	Identify critical remote vulnerabilities	High	Source
CyberPower < v2.8.3 - SQL Injection	Identify critical remote vulnerabilities	High	Source
Cyberoam SSL VPN Panel - Detect	Identify web-based control panels	Info	Source
Cyberpanel Login Panel - Detect	Identify web-based control panels	Info	Source
D-LINK DNS-320L,DNS-320LW and DNS-327L - Information Disclosure	Identify critical remote vulnerabilities	Medium	Source
D-Link AC Centralized Management System Default Credentials	Identify default logins in web-based control panels	High	Source
D-Link Central WiFi Manager CWM(100) - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
D-Link D-View 8 v2.0.1.28 - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
D-Link DAR-8000-10 - Command Injection	Identify critical remote vulnerabilities	Medium	Source
D-Link DIR-605 - Information Disclosure	Identify critical remote vulnerabilities	High	Source
D-Link DIR-615 - Unauthorized Access	Identify critical remote vulnerabilities	Critical	Source
D-Link DIR-816L - Improper Access Control	Identify critical remote vulnerabilities	High	Source
D-Link DIR-859 - Information Disclosure	Identify critical remote vulnerabilities	Critical	Source
D-Link DNS-320 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
D-Link NAS - Command Injection via Group Parameter	Identify critical remote vulnerabilities	High	Source
D-Link NAS - Command Injection via Name Parameter	Identify critical remote vulnerabilities	High	Source
D-Link NAS `sc_mgr.cgi` - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
DATAGERRY - Improper Access Control	Identify critical remote vulnerabilities	Medium	Source
DATAGERRY - REST API Auth Bypass	Identify critical remote vulnerabilities	Critical	Source
DELL iDRAC9 - Default Login	Identify default logins in web-based control panels	High	Source
DPLUS Dashboard Panel - Detect	Identify web-based control panels	Info	Source
DQS Superadmin Login Panel - Detect	Identify web-based control panels	Info	Source
DVWA - Default Login	Identify default logins in web-based control panels	Critical	Source
Dahua Web Service Panel - Detect	Identify web-based control panels	Info	Source
Danswer - Insecure Direct Object Reference	Identify critical remote vulnerabilities	Medium	Source
Dapr Dashboard 0.1.0-0.10.0 - Improper Access Control	Identify critical remote vulnerabilities	High	Source
Darktrace Threat Visualizer Login Panel - Detect	Identify web-based control panels	Info	Source
Dashy Panel - Detect	Identify web-based control panels	Info	Source
DataEase <= 2.4.1 - Sensitive Information Exposure	Identify critical remote vulnerabilities	Medium	Source
DataEase v2.10.2 - JWT Signature Verification Bypass	Identify critical remote vulnerabilities	Critical	Source
DataHub Metadata Default Credentials	Identify default logins in web-based control panels	High	Source
DataTaker DT80 dEX 1.50.012 - Information Disclosure	Identify critical remote vulnerabilities	Critical	Source
Datadog Login Panel - Detect	Identify web-based control panels	Info	Source
Dataease - Login Panel	Identify web-based control panels	Info	Source
Dataease Default Credentials	Identify default logins in web-based control panels	High	Source
Datagerry Default Credentials	Identify default logins in web-based control panels	High	Source
Datagerry Panel - Detect	Identify web-based control panels	Info	Source
Dataiku Default Credentials	Identify default logins in web-based control panels	High	Source
Dataiku Panel - Detect	Identify web-based control panels	Info	Source
Davantis Video Analytics Panel - Detect	Identify web-based control panels	Info	Source
DaybydayCRM Login Panel - Detect	Identify web-based control panels	Info	Source
DbGate Web Client Management - Panel Detect	Identify web-based control panels	Info	Source
Debug Endpoint pprof - Exposure Detection	Identify critical remote vulnerabilities	High	Source
Dede CMS - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
DedeCMS 5.7 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
DedeCMS 5.7.87 - Directory Traversal	Identify critical remote vulnerabilities	Medium	Source
DedeCMS 5.7SP2 - Cross-Site Request Forgery/Remote Code Execution	Identify critical remote vulnerabilities	High	Source
DefectDojo Login Panel - Detect	Identify web-based control panels	Info	Source
Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)	Identify critical remote vulnerabilities	Medium	Source
Dell BMC Panel - Detect	Identify web-based control panels	Info	Source
Dell IDRAC Panel - Detect	Identify web-based control panels	Info	Source
Dell OpenManage Switch Administrator Login Panel - Detect	Identify web-based control panels	Info	Source
Dell iDRAC6/7/8 - Default Login	Identify default logins in web-based control panels	High	Source
Delta Controls Admin Login Panel - Detect	Identify web-based control panels	Info	Source
Deluge - Default Login	Identify default logins in web-based control panels	High	Source
Deluge WebUI Login Panel - Detect	Identify web-based control panels	Info	Source
Dependency-Track Login - Panel	Identify web-based control panels	Info	Source
Dericam Login Panel - Detect	Identify web-based control panels	Info	Source
Desktop Portal VMware Horizon DaaS Trade Platform	Identify web-based control panels	Info	Source
DevDojo Voyager - Default login	Identify default logins in web-based control panels	High	Source
DevDojo Voyager <=1.8.0 - Arbitrary File Read	Identify critical remote vulnerabilities	Medium	Source
Devika - Local File Inclusion	Identify critical remote vulnerabilities	High	Source
Devika v1 - Path Traversal	Identify critical remote vulnerabilities	Critical	Source
Dex Authentication - Panel	Identify web-based control panels	Info	Source
Dialogic XMS Admin Console - Default Login	Identify default logins in web-based control panels	High	Source
Dialogic XMS Admin Console - Detect	Identify web-based control panels	Info	Source
Diced Zipline - Detect	Identify web-based control panels	Info	Source
Digital Watchdog - Default Login	Identify default logins in web-based control panels	High	Source
Digital Watchdog - Detect	Identify web-based control panels	Info	Source
Digital Watchdog DW Spectrum Server 4.2.0.32842 - Information Disclosure	Identify critical remote vulnerabilities	High	Source
DirectAdmin Login Panel - Detect	Identify web-based control panels	Info	Source
Directum Login Panel - Detect	Identify web-based control panels	Info	Source
Discuz Panel - Detection	Identify web-based control panels	Info	Source
Docassemble - Local File Inclusion	Identify critical remote vulnerabilities	High	Source
Docebo eLearning Login Panel - Detect	Identify web-based control panels	Info	Source
Dockge Panel - Detect	Identify web-based control panels	Info	Source
DocuWare - Detect	Identify web-based control panels	Info	Source
Docusaurus Gists Plugin < 4.0.0 - GitHub Personal Access Token Exposure	Identify critical remote vulnerabilities	High	Source
Dokuwiki Login Panel - Detect	Identify web-based control panels	Info	Source
Dolibarr Login Panel - Detect	Identify web-based control panels	Info	Source
Dolibarr Unauthenticated Contacts Database Theft	Identify critical remote vulnerabilities	High	Source
Doris Panel - Detect	Identify web-based control panels	Info	Source
Dotclear Admin Login Panel - Detect	Identify web-based control panels	Info	Source
Dradis Professional Edition Login Panel - Detect	Identify web-based control panels	Info	Source
DragonFly Login - Panel	Identify web-based control panels	Info	Source
Dragonfly - Default Login	Identify default logins in web-based control panels	High	Source
Draytek VigorConnect 1.6.0-B - Local File Inclusion	Identify critical remote vulnerabilities	High	Source
Draytek VigorConnect 6.0-B3 - Local File Inclusion	Identify critical remote vulnerabilities	High	Source
Drone CI Login Panel - Detect	Identify web-based control panels	Info	Source
Duomi CMS - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Dynatrace Login Panel - Detect	Identify web-based control panels	Info	Source
DzzOffice Installation Panel - Detect	Identify web-based control panels	High	Source
DzzOffice Login Panel - Detect	Identify web-based control panels	Info	Source
E-mobile Panel - Detect	Identify web-based control panels	Info	Source
EMQX Login Panel - Detect	Identify web-based control panels	Info	Source
EOS HTTP Browser	Identify web-based control panels	Medium	Source
ESPHome Login Panel - Detect	Identify web-based control panels	Info	Source
ESXi System Login Panel - Detect	Identify web-based control panels	Info	Source
ETQ Reliance - Reflected XSS via SQLConverterServlet	Identify critical remote vulnerabilities	Medium	Source
EVSE Web Interface Panel - Detection	Identify web-based control panels	Info	Source
EVlink City < R8 V3.4.0.1 - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
EVlink Local Controller - Detection	Identify web-based control panels	Info	Source
EWM Manager Login Panel - Detect	Identify web-based control panels	Info	Source
Eagle For Apache Kakfa Login - Detect	Identify web-based control panels	Info	Source
EasyCVR video management - Users Information Exposure	Identify critical remote vulnerabilities	High	Source
EasyJOB Login Panel - Detect	Identify web-based control panels	Info	Source
EasyReport - Default Login	Identify default logins in web-based control panels	High	Source
EasyVista Login Panel - Detect	Identify web-based control panels	Info	Source
Eclipse BIRT Panel - Detect	Identify web-based control panels	Info	Source
Edito CMS - Sensitive Data Leak	Identify critical remote vulnerabilities	High	Source
EfroTech Timetrax v8.3 - Sql Injection	Identify critical remote vulnerabilities	High	Source
Eko Charger Management Console Login Panel - Detect	Identify web-based control panels	Info	Source
Eko Software Update Panel - Detect	Identify web-based control panels	Info	Source
Ektron CMS Login Panel - Detect	Identify web-based control panels	Info	Source
ElasticSearch - Default Login	Identify default logins in web-based control panels	High	Source
ElasticSearch - Remote Code Execution	Identify critical remote vulnerabilities	High	Source
ElasticSearch v1.1.1/1.2 RCE	Identify critical remote vulnerabilities	Medium	Source
Elber ESE DVB-S/S2 - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Electrolink FM/DAB/TV Transmitter - Credentials Disclosure	Identify critical remote vulnerabilities	High	Source
Elemiz Network Manager Login Panel - Detect	Identify web-based control panels	Info	Source
Elestio Memos <= v0.24.0 - Server-Side Request Forgery	Identify critical remote vulnerabilities	Critical	Source
Email Subscribers by Icegram Express <= 5.7.20 - Unauthenticated SQL Injection via Hash	Identify critical remote vulnerabilities	Critical	Source
Emby Login Panel - Detect	Identify web-based control panels	Info	Source
Emerson Network Power IntelliSlot Web Card Panel - Detect	Identify web-based control panels	Info	Source
Emqx - Default Login	Identify default logins in web-based control panels	High	Source
Enablix Panel - Detect	Identify web-based control panels	Info	Source
Endpoint Protector Login Panel - Detect	Identify web-based control panels	Info	Source
EnjoyRMIS - SQL Injection	Identify critical remote vulnerabilities	High	Source
Episerver Login Panel	Identify web-based control panels	Info	Source
Error Log Viewer By WP Guru <= 1.0.1.3 - Missing Authorization to Arbitrary File Read	Identify critical remote vulnerabilities	High	Source
Esafenet CDG NetSecConfigAjax - Sql Injection	Identify critical remote vulnerabilities	High	Source
Esafenet CDG NoticeAjax - Sql Injection	Identify critical remote vulnerabilities	High	Source
Eset Protect Login Panel - Detect	Identify web-based control panels	Info	Source
Espec Web Controller - Panel	Identify web-based control panels	Info	Source
Essential Blocks < 4.4.3 - Local File Inclusion	Identify critical remote vulnerabilities	Critical	Source
EuroTel ETL3100 - Default Login	Identify default logins in web-based control panels	High	Source
EventON (Free < 2.2.8, Premium < 4.5.5) - Information Disclosure	Identify critical remote vulnerabilities	Medium	Source
EventON <= 2.1 - Missing Authorization	Identify critical remote vulnerabilities	Medium	Source
EventON Lite < 2.1.2 - Arbitrary File Download	Identify critical remote vulnerabilities	Medium	Source
Eventum Login Panel - Detect	Identify web-based control panels	Info	Source
Evertz SDVN 3080ipx-10G - Unauthenticated Arbitrary Command Injection	Identify critical remote vulnerabilities	Critical	Source
ExaGrid Manager Login Panel - Detect	Identify web-based control panels	Info	Source
Exchange Server - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Exolis Engage Panel - Detect	Identify web-based control panels	Info	Source
Extensive VC Addons for WPBakery page builder < 1.9.1 - Unauthenticated RCE	Identify critical remote vulnerabilities	High	Source
Extreme NetConfig UI Panel - Detect	Identify web-based control panels	Info	Source
EyouCms v1.6.3 - Information Disclosure	Identify critical remote vulnerabilities	Medium	Source
F-Secure Policy Manager Server Login Panel - Detect	Identify web-based control panels	Info	Source
F-logic DataCube3 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
F5 Admin Interface - Detect	Identify web-based control panels	Info	Source
F5 BIG-IP TMUI - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
F5 BIG-IP iControl - REST Auth Bypass RCE	Identify critical remote vulnerabilities	Critical	Source
F5 BIG-IP iControl REST Panel - Detect	Identify web-based control panels	Info	Source
F5 iControl REST - Remote Command Execution	Identify critical remote vulnerabilities	Critical	Source
FASTPANEL Login Panel - Detect	Identify web-based control panels	Info	Source
FOG Project < 1.5.10.34 - Remote Command Execution	Identify critical remote vulnerabilities	Critical	Source
FOSSBilling Panel - Detect	Identify web-based control panels	Info	Source
FREEDOM Administration - Default Login	Identify critical remote vulnerabilities	Critical	Source
FUEL CMS 1.4.1 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Falcosidekick UI Login Panel - Detect	Identify web-based control panels	Info	Source
Faraday Login Panel - Detect	Identify web-based control panels	Info	Source
FastAdmin < V1.3.4.20220530 - Path Traversal	Identify critical remote vulnerabilities	Medium	Source
Fastify Swagger-UI - Information Disclosure	Identify critical remote vulnerabilities	Medium	Source
Feiyuxing Enterprise-Level Management System - Default Login	Identify default logins in web-based control panels	High	Source
Femtocell Access Point Panel - Detect	Identify web-based control panels	Info	Source
File Browser Login Panel - Detect	Identify web-based control panels	Info	Source
FileCatalyst File Transfer Solution - Detect	Identify web-based control panels	Info	Source
FileGator Panel - Detect	Identify web-based control panels	Info	Source
FileMage Gateway - Directory Traversal	Identify critical remote vulnerabilities	High	Source
Filegator - Default Login	Identify default logins in web-based control panels	High	Source
Financial Transaction Manager Login Panel - Detect	Identify web-based control panels	Info	Source
Fireware XTM Login Panel - Detect	Identify web-based control panels	Info	Source
Flahscookie Superadmin Login Panel - Detect	Identify web-based control panels	Info	Source
Flatpress < 1.3 - Path Traversal	Identify critical remote vulnerabilities	Critical	Source
FleetCart 4.1.1 - Information Disclosure	Identify critical remote vulnerabilities	Medium	Source
FlightPath Login Panel - Detect	Identify web-based control panels	Info	Source
Flowise 1.6.5 - Authentication Bypass	Identify critical remote vulnerabilities	High	Source
Flowise <= 1.8.2 Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
FlureeDB Admin Console Login Panel - Detect	Identify web-based control panels	Info	Source
FootPrints Service Core Login Panel - Detect	Identify web-based control panels	Info	Source
Forcepoint Appliance	Identify web-based control panels	Info	Source
ForgeRock OpenAM <7.0 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
FortiADC Login Panel - Detect	Identify web-based control panels	Info	Source
FortiAP Login Panel - Detect	Identify web-based control panels	Info	Source
FortiAuthenticator - Detect	Identify web-based control panels	Info	Source
FortiClient Endpoint Management Server Panel - Detect	Identify web-based control panels	Info	Source
FortiOS Admin Login Panel - Detect	Identify web-based control panels	Info	Source
FortiRecorder Panel - Detect	Identify web-based control panels	Info	Source
FortiWLM - Directory Traversal	Identify critical remote vulnerabilities	Critical	Source
Fortinet FortiDDoS Panel	Identify web-based control panels	Info	Source
Fortinet FortiMail Login Panel - Detect	Identify web-based control panels	Info	Source
Fortinet FortiNAC Login Panel - Detect	Identify web-based control panels	Info	Source
Fortinet FortiOS - Credentials Disclosure	Identify critical remote vulnerabilities	Critical	Source
Fortinet FortiOS Management Interface Panel - Detect	Identify web-based control panels	Info	Source
Fortinet FortiTester Login Panel - Detect	Identify web-based control panels	Info	Source
Fortinet FortiWLM Login Panel - Detect	Identify web-based control panels	Info	Source
Fortinet FortiWeb - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Fortinet FortiWeb Login Panel - Detect	Identify web-based control panels	Info	Source
Fortinet Login Panel - Detect	Identify web-based control panels	Info	Source
Fortra GoAnywhere MFT - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
FoxCMS v.1.2.5 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Frappe Helpdesk Login Panel - Detect	Identify web-based control panels	Info	Source
Frappe Panel - Detect	Identify web-based control panels	Info	Source
Free5gc 3.2.1 - Information Disclosure	Identify critical remote vulnerabilities	High	Source
FreeIPA Identity Management Login Panel - Detect	Identify web-based control panels	Info	Source
FreePBX Admin Panel - Detect	Identify web-based control panels	Info	Source
Freshrss Panel - Detect	Identify web-based control panels	Info	Source
Friendica Panel - Detect	Identify web-based control panels	Info	Source
Froxlor Server Management Login Panel - Detect	Identify web-based control panels	Info	Source
Fuel CMS 1.4.7 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Fuel CMS Login Panel - Detect	Identify web-based control panels	Info	Source
Fuji Xerox Printer Panel - Detect	Identify web-based control panels	Info	Source
Fujian Kelixin Communication - Command Injection	Identify critical remote vulnerabilities	Medium	Source
Fumasoft Cloud - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Fumeng - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
FusionAuth Admin Panel - Detect	Identify web-based control panels	Info	Source
GL.iNET SSID Key Disclosure	Identify critical remote vulnerabilities	High	Source
GLPI 9.2/<9.5.6 - Information Disclosure	Identify critical remote vulnerabilities	Medium	Source
GLPI < 10.0.17 - Pre-Auth SQL Injection	Identify critical remote vulnerabilities	High	Source
GLPI <=10.0.2 - Remote Command Execution	Identify critical remote vulnerabilities	Critical	Source
GLPI Panel - Detect	Identify web-based control panels	Info	Source
GNU Mailman Panel - Detect	Identify web-based control panels	Info	Source
GXD5 Pacs Connexion Login Panel - Detect	Identify web-based control panels	Info	Source
GYRA Master Admin Login Panel - Detect	Identify web-based control panels	Info	Source
Gargoyle Router Management Utility Admin Login Panel - Detect	Identify web-based control panels	Info	Source
GenieACS => 1.2.8 - OS Command Injection	Identify critical remote vulnerabilities	Critical	Source
GeoServer - Missing Authorization on REST API Index	Identify critical remote vulnerabilities	Medium	Source
GeoServer Login Panel - Detect	Identify web-based control panels	Info	Source
Geoserver Admin - Default Login	Identify default logins in web-based control panels	High	Source
Gibbon v25.0.0 - Local File Inclusion	Identify critical remote vulnerabilities	Critical	Source
Gira HomeServer 4 Login Panel - Detect	Identify web-based control panels	Info	Source
GitHub Enterprise - Encrypted SAML	Identify web-based control panels	Info	Source
GitLab CE/EE - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
GitLab GraphQL API User Enumeration	Identify critical remote vulnerabilities	Medium	Source
GitLab Instance Explore - Detect	Identify web-based control panels	Info	Source
Gitblit - Default Login	Identify default logins in web-based control panels	High	Source
Gitblit Login Panel - Detect	Identify web-based control panels	Info	Source
Gitea 1.4.0 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Gitea Login Panel - Detect	Identify web-based control panels	Info	Source
Github Enterprise Login Panel - Detect	Identify web-based control panels	Info	Source
Gitlab CE/EE 13.4 - 13.6.2 - Information Disclosure	Identify critical remote vulnerabilities	Medium	Source
Gitlab Default Login	Identify default logins in web-based control panels	High	Source
Gitlab Login Panel - Detect	Identify web-based control panels	Info	Source
Gitlab SAML - Detection	Identify web-based control panels	Info	Source
Gladinet CentreStack < 16.4.10315.56368 Use of Hard-coded Key Leads to Unauthenticated RCE	Identify critical remote vulnerabilities	Critical	Source
Glowroot - Panel	Identify web-based control panels	Info	Source
GoAnywhere Managed File Transfer Login Panel - Detect	Identify web-based control panels	Info	Source
GoCD Login Panel - Detect	Identify web-based control panels	Info	Source
Gogs (Go Git Service) - SQL Injection	Identify critical remote vulnerabilities	High	Source
Gogs (Go Git Service) 0.11.66 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Gogs Login Panel - Detect	Identify web-based control panels	Info	Source
Google Earth Enterprise - Default Login	Identify default logins in web-based control panels	High	Source
Gophish Login Panel - Detect	Identify web-based control panels	Info	Source
Gotify Login Panel - Detect	Identify web-based control panels	Info	Source
Gradle Develocity Build Cache Node Login Panel - Detect	Identify web-based control panels	Info	Source
Gradle Enterprise Build Cache Node Login Panel - Detect	Identify web-based control panels	Info	Source
Grafana & Zabbix Integration - Credentials Disclosure	Identify critical remote vulnerabilities	Critical	Source
Grafana - Default Login	Identify default logins in web-based control panels	High	Source
Grafana - Exposes DingDing API Keys	Identify critical remote vulnerabilities	Medium	Source
Grafana Login Panel - Detect	Identify web-based control panels	Info	Source
Grafana Snapshot - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Graphite Browser Login Panel - Detect	Identify web-based control panels	Info	Source
Graylog Login Panel - Detect	Identify web-based control panels	Info	Source
Greenbone Security Assistant Panel - Detect	Identify web-based control panels	Info	Source
Group-IB Managed XDR Login Panel - Detect	Identify web-based control panels	Info	Source
Gryphon Panel - Detect	Identify web-based control panels	Info	Source
Gurock TestRail Application files.md5 Exposure	Identify critical remote vulnerabilities	High	Source
H2 Console Web Login Panel - Detect	Identify web-based control panels	Info	Source
H2O ImportFiles - Local File Inclusion	Identify critical remote vulnerabilities	High	Source
H3C ER8300G2-X - Password Disclosure	Identify critical remote vulnerabilities	Critical	Source
H3c IMC - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
HAL Management Console Panel	Identify web-based control panels	Info	Source
HCL BigFix Login Panel - Detect	Identify web-based control panels	Info	Source
HP 1820-8G Switch J9979A - Default Login	Identify default logins in web-based control panels	High	Source
HP Service Manager Login Panel - Detect	Identify web-based control panels	Info	Source
HP Virtual Connect Manager Login Panel - Detect	Identify web-based control panels	Info	Source
HTTP File Server <2.3c - Remote Command Execution	Identify critical remote vulnerabilities	Critical	Source
HTTPBin Login Panel - Detect	Identify web-based control panels	Info	Source
HYPERPLANNING Login Panel - Detect	Identify web-based control panels	Info	Source
Haivision Gateway Login Panel - Detect	Identify web-based control panels	Info	Source
Haivision Media Platform Login Panel - Detect	Identify web-based control panels	Info	Source
Hangfire Dashboard Panel - Detect	Identify web-based control panels	Info	Source
Harbor Login Panel - Detect	Identify web-based control panels	Info	Source
HashiCorp Consul Web UI Login Panel - Detect	Identify web-based control panels	Info	Source
Hashicorp Consul Agent - Detect	Identify web-based control panels	Info	Source
Hestia Control Panel Login - Detect	Identify web-based control panels	Info	Source
Hide My WP Ghost < 5.2.02 - Hidden Login Page Disclosure	Identify critical remote vulnerabilities	High	Source
HighMail Admin Login Panel - Detect	Identify web-based control panels	Info	Source
Hikvision - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Hikvision IP ping.php - Command Execution	Identify critical remote vulnerabilities	Medium	Source
HiveManager Login Panel - Detect	Identify web-based control panels	Info	Source
Home Assistant Panel	Identify web-based control panels	Info	Source
Home Assistant Supervisor - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Homebridge Panel - Detect	Identify web-based control panels	Info	Source
Homematic Panel - Detect	Identify web-based control panels	Info	Source
Homer Panel - Detect	Identify web-based control panels	Info	Source
Honeywell Excel Web Control Login Panel - Detect	Identify web-based control panels	Info	Source
Honeywell PM43 Printers - Command Injection	Identify critical remote vulnerabilities	Critical	Source
Hookbot Rat Panel - Detect	Identify web-based control panels	Info	Source
Horde Login Panel - Detect	Identify web-based control panels	Info	Source
Horde Webmail Login Panel - Detect	Identify web-based control panels	Info	Source
Hospital Management System 1.0 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Hospital Management System 1.0 - SQL Injection	Identify critical remote vulnerabilities	High	Source
Hospital Management System 1.0 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Hospital Management System Login Panel - Detect	Identify web-based control panels	Info	Source
Hotel Booking Lite < 4.8.5 - Arbitrary File Download & Deletion	Identify critical remote vulnerabilities	Critical	Source
Hoteldruid v3.0.5 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
HuangDou UTCMS V9 - OS Command Injection	Identify critical remote vulnerabilities	High	Source
Huawei HG532e - Default Credential	Identify default logins in web-based control panels	High	Source
Huawei HG532e Router Panel - Detect	Identify web-based control panels	Info	Source
Huawei HoloSens SDC - Panel	Identify web-based control panels	Info	Source
Huginn Login Panel - Detect	Identify web-based control panels	Info	Source
Huly Login Panel - Detect	Identify web-based control panels	Info	Source
Hybris - Default Login	Identify default logins in web-based control panels	High	Source
Hybris Administration Console Login Panel - Detect	Identify web-based control panels	Info	Source
Hybris Management Console Login Panel - Detect	Identify web-based control panels	Info	Source
Hydra Router Dashboard - Detect	Identify web-based control panels	Info	Source
HyperDX Panel - Detect	Identify web-based control panels	Info	Source
HyperTest Common Dashboard - Detect	Identify web-based control panels	Info	Source
Hytec Inter HWL-2511-SS - Remote Command Execution	Identify critical remote vulnerabilities	Critical	Source
IBM Advanced System Management Panel - Detect	Identify web-based control panels	Info	Source
IBM Decision Center Business Console - Default Login	Identify default logins in web-based control panels	High	Source
IBM Decision Center Enterprise Console - Default Login	Identify default logins in web-based control panels	High	Source
IBM Decision Center Enterprise Console - Panel Detection	Identify web-based control panels	Info	Source
IBM Decision Server Console - Default Login	Identify default logins in web-based control panels	High	Source
IBM Decision Server Console Panel - Detect	Identify web-based control panels	Info	Source
IBM Maximo Login Panel - Detect	Identify web-based control panels	Info	Source
IBM OpenAdmin Tool - Panel	Identify web-based control panels	Info	Source
IBM Operational Decision Manager Panel - Detect	Identify web-based control panels	Info	Source
IBM Power HMC - Default Login	Identify default logins in web-based control panels	High	Source
IBM Security Access Manager Login Panel - Detect	Identify web-based control panels	Info	Source
IBM Security Verify Access Login - Panel	Identify web-based control panels	Info	Source
IBM Service Assistant Login Panel - Detect	Identify web-based control panels	Info	Source
IBM WebSphere Application Server Community Edition Admin Login Panel - Detect	Identify web-based control panels	Info	Source
IBM WebSphere Portal Login Panel - Detect	Identify web-based control panels	Info	Source
IBM iNotes Login Panel - Detect	Identify web-based control panels	Info	Source
ICC PRO Login Panel - Detect	Identify web-based control panels	Info	Source
ICE HRM Login - Detect	Identify web-based control panels	Info	Source
ICT Protege WX Login Panel - Detect	Identify web-based control panels	Info	Source
IDEMIA BIOMetrics - Default Login	Identify default logins in web-based control panels	Medium	Source
ILIAS Login Panel - Detect	Identify web-based control panels	Info	Source
INTELBRAS TELEFONE IP TIP200 60.61.75.22 - Local File Inclusion	Identify critical remote vulnerabilities	High	Source
IPS Community Suite - Unauthenticated SQL Injection	Identify critical remote vulnerabilities	Critical	Source
IPdiva Mediation Login Panel - Detect	Identify web-based control panels	Info	Source
IRISNext Login Panel - Detect	Identify web-based control panels	Info	Source
ISPConfig Admin Panel - Default Login	Identify default logins in web-based control panels	High	Source
ISPConfig Hosting Control Panel - Default Login	Identify default logins in web-based control panels	High	Source
IceWarp Email Client - Cross Site Scripting	Identify critical remote vulnerabilities	Medium	Source
IceWarp Login Panel - Detect	Identify web-based control panels	Info	Source
IceWarp WebClient - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
IceWarp Webmail Server v10.2.1 - Cross Site Scripting	Identify critical remote vulnerabilities	Medium	Source
Icinga Web 2 Login Panel - Detect	Identify web-based control panels	Info	Source
IdeaCMS <= 1.7 - SQL Injection	Identify critical remote vulnerabilities	Medium	Source
Ilch CMS Admin Login Panel - Detect	Identify web-based control panels	Info	Source
Immich Panel - Detect	Identify web-based control panels	Info	Source
ImpressCMS < 1.4.3 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
ImpressCMS <1.4.3 - Incorrect Authorization	Identify critical remote vulnerabilities	Medium	Source
InfluxDB <1.7.6 - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
InfluxDB Admin Interface Panel - Detect	Identify web-based control panels	Info	Source
Infoblox NIOS Login Panel - Detect	Identify web-based control panels	Info	Source
Inspur Clusterengine 4 - Default Admin Login	Identify default logins in web-based control panels	High	Source
Inspur Clusterengine V4 SYSshell - Remote Command Execution	Identify critical remote vulnerabilities	Critical	Source
InstaWP Connect < 0.1.0.86 - Local PHP File Inclusion	Identify critical remote vulnerabilities	Critical	Source
Integrated Management Module - Default Login	Identify default logins in web-based control panels	High	Source
Intel Active Management - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Intelbras NPLUG 1.0.0.14 - Authentication Bypass	Identify critical remote vulnerabilities	High	Source
Intelbras Router Login Panel - Detect	Identify web-based control panels	Info	Source
Intelbras Router Panel - Detect	Identify web-based control panels	Info	Source
Intelbras Switch - Information Disclosure	Identify critical remote vulnerabilities	High	Source
Intelbras WRN 150 - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Intellian Aptus Web Login Panel - Detect	Identify web-based control panels	Info	Source
Internet Multi Server Control Panel - Detect	Identify web-based control panels	Info	Source
Invision Community <=5.0.6 Unauthenticated RCE via Template Injection	Identify critical remote vulnerabilities	Critical	Source
Issabel Login Panel - Detect	Identify web-based control panels	Info	Source
Issabel PBX 4.0.0-6 - Directory Listing	Identify critical remote vulnerabilities	High	Source
Ivanti Cloud Services Appliance - Path Traversal	Identify critical remote vulnerabilities	Critical	Source
Ivanti Connect Secure Panel - Detect	Identify web-based control panels	Info	Source
Ivanti EPM Cloud Services Appliance Code Injection	Identify critical remote vulnerabilities	Critical	Source
Ivanti Endpoint Manager Mobile (EPMM) - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Ivanti ICS - Authentication Bypass	Identify critical remote vulnerabilities	High	Source
Ivanti Incapptic Connect Panel - Detect	Identify web-based control panels	Info	Source
Ivanti Traffic Manager Panel - Detect	Identify web-based control panels	Info	Source
Ivanti(R) Cloud Services Appliance - Panel	Identify web-based control panels	Info	Source
JBoss SOA Platform Login Panel - Detect	Identify web-based control panels	Info	Source
JBoss WS JUDDI Console Panel - Detect	Identify web-based control panels	Info	Source
JBoss jBPM Administration Console - Default Login	Identify default logins in web-based control panels	High	Source
JBoss jBPM Administration Console Login Panel - Detect	Identify web-based control panels	Info	Source
JEHC-BPM - Remote Code Execute	Identify critical remote vulnerabilities	Critical	Source
JFinalCMS v5.0.0 - Directory Traversal	Identify critical remote vulnerabilities	Medium	Source
JFrog Login Panel - Detect	Identify web-based control panels	Info	Source
Jalios JCMS Login Panel - Detect	Identify web-based control panels	Info	Source
Jamf MDM Login Panel - Detect	Identify web-based control panels	Info	Source
Jamf Pro Login Panel - Detect	Identify web-based control panels	Info	Source
Jamf Pro Setup Assistant Panel - Detect	Identify web-based control panels	Info	Source
Jedox Web Login Panel - Detect	Identify web-based control panels	Info	Source
JeePlus CMS - SQL Injection	Identify critical remote vulnerabilities	High	Source
Jeecg Boot <= 2.4.5 - Information Disclosure	Identify critical remote vulnerabilities	High	Source
Jeecg Boot <= 2.4.5 - Sensitive Information Disclosure	Identify critical remote vulnerabilities	High	Source
Jeecg P3 Biz Chat - Local File Inclusion	Identify critical remote vulnerabilities	High	Source
Jeecg-Boot v3.5.1 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Jeecg-boot 3.5.0 qurestSql - SQL Injection	Identify critical remote vulnerabilities	Medium	Source
JeecgBoot 3.5.0 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
JeecgBoot v3.7.1 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Jeedom - Default Login	Identify default logins in web-based control panels	High	Source
Jeedom Login Panel - Detect	Identify web-based control panels	Info	Source
Jellyfin Console - Default Login	Identify default logins in web-based control panels	High	Source
Jellyseerr Login Panel - Detect	Identify web-based control panels	Info	Source
Jenkins - Remote Command Injection	Identify critical remote vulnerabilities	Critical	Source
Jenkins API Panel - Detect	Identify web-based control panels	Info	Source
Jenkins Default Login	Identify default logins in web-based control panels	High	Source
Jenkins Login Detected	Identify web-based control panels	Info	Source
JetBrains TeamCity > 2023.11.3 - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Jinhe OA - SQL Injection	Identify critical remote vulnerabilities	High	Source
Joget Panel - Detect	Identify web-based control panels	Info	Source
Joomla HTTP Header Unauthenticated - Remote Code Execution	Identify critical remote vulnerabilities	High	Source
Joomla! <3.7.1 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Joomla! Core SQL Injection	Identify critical remote vulnerabilities	High	Source
Joomla! Panel	Identify web-based control panels	Info	Source
Joomla! Webservice - Password Disclosure	Identify critical remote vulnerabilities	Medium	Source
JoomlaUX JUX Real Estate 3.4.0 - Reflected XSS	Identify critical remote vulnerabilities	Medium	Source
Joplin Server Login - Panel	Identify web-based control panels	Info	Source
Jorani 1.0.0 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Jorani Login Panel - Detect	Identify web-based control panels	Info	Source
Journyx - XML External Entities Injection (XXE)	Identify critical remote vulnerabilities	High	Source
Journyx 11.5.4 - Reflected Cross Site Scripting	Identify critical remote vulnerabilities	Medium	Source
JshERP Boot Panel - Detect	Identify web-based control panels	Info	Source
JumpServer > 3.6.4 - Information Disclosure	Identify critical remote vulnerabilities	High	Source
JumpServer Login Panel - Detect	Identify web-based control panels	Info	Source
Juniper J-Web - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Juniper J-Web Panel - Detect	Identify web-based control panels	Info	Source
Jupyter Notebook - Remote Command Execution	Identify critical remote vulnerabilities	High	Source
Jupyter Notebook Login Panel - Detect	Identify web-based control panels	Info	Source
Jupyterhub - Default Login	Identify default logins in web-based control panels	High	Source
KLog Server - Default Login	Identify default logins in web-based control panels	High	Source
Kanboard - Default Login	Identify default logins in web-based control panels	High	Source
Kanboard Login Panel - Detect	Identify web-based control panels	Info	Source
Kasm Login Panel - Detect	Identify web-based control panels	Info	Source
Kavita Login Panel - Detect	Identify web-based control panels	Info	Source
Kentico - Installer Privilege Escalation	Identify critical remote vulnerabilities	Critical	Source
Kerio Connect Login Panel - Detect	Identify web-based control panels	Info	Source
Kerio Controle Panel - Detect	Identify web-based control panels	Info	Source
Kettle - Default Login	Identify default logins in web-based control panels	Medium	Source
Kettle Panel - Detect	Identify web-based control panels	Info	Source
KeyCloak - Information Exposure	Identify critical remote vulnerabilities	Medium	Source
Keycloak Admin Login Panel - Detect	Identify web-based control panels	Info	Source
Kiali - Detect	Identify web-based control panels	Info	Source
Kibana Login Panel - Detect	Identify web-based control panels	Info	Source
Kibana Timelion - Arbitrary Code Execution	Identify critical remote vulnerabilities	Critical	Source
Kiteworks PCN Panel - Detect	Identify web-based control panels	Info	Source
KiviCare Clinic & Patient Management System (EHR) <= 3.6.4 - SQL Injection	Identify critical remote vulnerabilities	High	Source
Kiwi TCMS Information Disclosure	Identify critical remote vulnerabilities	High	Source
Kiwi TCMS Login Panel - Detect	Identify web-based control panels	Info	Source
Koel Panel - Detect	Identify web-based control panels	Info	Source
Kopano WebApp Login Panel - Detect	Identify web-based control panels	Info	Source
Kraken Cluster Monitoring Dashboard - Detect	Identify web-based control panels	Info	Source
KubeOperator Foreground `kubeconfig` - File Download	Identify critical remote vulnerabilities	High	Source
KubePi <= v1.6.4 LoginLogsSearch - Unauthorized Access	Identify critical remote vulnerabilities	High	Source
KubeView <=0.1.31 - Information Disclosure	Identify critical remote vulnerabilities	Critical	Source
KubeView Dashboard - Detect	Identify web-based control panels	Info	Source
Kubernetes Enterprise Manager Panel - Detect	Identify web-based control panels	Info	Source
Kubernetes Local Cluster Web View Panel- Detect	Identify web-based control panels	Medium	Source
Kubio AI Page Builder <= 2.5.1 - Local File Inclusion	Identify critical remote vulnerabilities	Critical	Source
Kyocera TASKalfa printer - Path Traversal	Identify critical remote vulnerabilities	Medium	Source
LDAP Account Manager Login Panel - Detect	Identify web-based control panels	Info	Source
LaRecipe < 2.8.1 Remote Code Execution via SSTI	Identify critical remote vulnerabilities	Critical	Source
LabKey Server Login Panel - Detect	Identify web-based control panels	Info	Source
Label Studio - Login Panel	Identify web-based control panels	Info	Source
Lancom Router Login Panel - Detect	Identify web-based control panels	Info	Source
Langflow AI - Unauthenticated Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Lansweeper Login Panel - Detect	Identify web-based control panels	Info	Source
Lansweeper Unauthenticated SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Laravel Backpack Admin Login Panel - Detect	Identify web-based control panels	Info	Source
LearnDash LMS < 4.10.2 - Sensitive Information Exposure	Identify critical remote vulnerabilities	Medium	Source
LearnDash LMS < 4.10.2 - Sensitive Information Exposure via assignments	Identify critical remote vulnerabilities	Medium	Source
LearnDash LMS < 4.10.3 - Sensitive Information Exposure	Identify critical remote vulnerabilities	Medium	Source
LearnPress < 4.2.7.1 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
LearnPress < 4.2.7.1 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
LearnPress <= 4.2.5.7 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
LearnPress Plugin < 4.2.0 - Unauthenticated Time-Based Blind SQLi	Identify critical remote vulnerabilities	Critical	Source
Lenovo Fan Power Controller Login Panel - Detect	Identify web-based control panels	Info	Source
Leostream Default Login	Identify default logins in web-based control panels	High	Source
Leostream Login Panel - Detect	Identify web-based control panels	Info	Source
LibreNMS Login Panel - Detect	Identify web-based control panels	Info	Source
LibrePhotos Panel - Detect	Identify web-based control panels	Info	Source
LibreSpeed Panel - Detect	Identify web-based control panels	Info	Source
Liferay Login Panel - Detect	Identify web-based control panels	Info	Source
Liferay Portal Unauthenticated < 7.2.1 CE GA2 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Lightdash version <= 0.510.3 Arbitrary File Read	Identify critical remote vulnerabilities	High	Source
Lin CMS Spring Boot - Default JWT Token	Identify critical remote vulnerabilities	High	Source
LinShare Login Panel - Detect	Identify web-based control panels	Info	Source
Linear eMerge E3-Series - Information Disclosure	Identify critical remote vulnerabilities	High	Source
Linkerd Panel - Detect	Identify web-based control panels	Info	Source
Linksys Smart Wi-Fi Login Panel - Detect	Identify web-based control panels	Info	Source
ListSERV Maestro <= 9.0-8 RCE	Identify critical remote vulnerabilities	Medium	Source
Live Helper Chat Admin Login Panel - Detect	Identify web-based control panels	Info	Source
LiveZilla Login Panel - Detect	Identify web-based control panels	Info	Source
LocalAI - Partial Local File Read	Identify critical remote vulnerabilities	Medium	Source
LockSelf Login Panel - Detect	Identify web-based control panels	Info	Source
Locklizard Web Viewer Login Panel - Detect	Identify web-based control panels	Info	Source
Login as User or Customer < 3.3 - Privilege Escalation	Identify critical remote vulnerabilities	Critical	Source
Logitech Harmony Pro Installer Portal Login Panel - Detect	Identify web-based control panels	Info	Source
Lomnido Panel - Detect	Identify web-based control panels	Info	Source
Looker Login Panel - Detect	Identify web-based control panels	Info	Source
Loxone Intercom Video Panel - Detect	Identify web-based control panels	Info	Source
Loxone WebInterface Panel - Detect	Identify web-based control panels	Info	Source
Loytec PLC - Default Login	Identify default logins in web-based control panels	High	Source
Lucee - Default Login	Identify default logins in web-based control panels	High	Source
Lucee - Unset Credentials	Identify critical remote vulnerabilities	High	Source
Lucee < 6.0.1.59 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Lucee Web and Lucee Server Admin Login Panel - Detect	Identify web-based control panels	Info	Source
M-Bus Converter Web Interface - Detect	Identify web-based control panels	Info	Source
M-Files Web Login Panel - Detect	Identify web-based control panels	Info	Source
MAG Dashboard Login Panel - Detect	Identify web-based control panels	Info	Source
MCMS 5.2.4 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
MCMS 5.2.5 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
MISP Threat Intelligence Sharing Platform Panel - Detect	Identify web-based control panels	Info	Source
MLFlow < 2.8.1 - Sensitive Information Disclosure	Identify critical remote vulnerabilities	High	Source
MLflow Absolute Path Traversal	Identify critical remote vulnerabilities	Critical	Source
MOFI4500-4GXeLTE-V2 Default Login	Identify default logins in web-based control panels	High	Source
MPFTVC Admin Login Panel - Detect	Identify web-based control panels	Info	Source
MSNSwitch Firmware MNT.2408 - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
MSPControl Login Panel - Detect	Identify web-based control panels	Info	Source
MStore API < 3.9.8 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
MStore API <= 3.9.2 - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
MachForm Admin Panel - Detect	Identify web-based control panels	Info	Source
Maestro LISTSERV - Detect	Identify web-based control panels	Info	Source
Maestro LuCI Login Panel - Detect	Identify web-based control panels	Info	Source
Mage AI - Insecure Default Authentication Setup	Identify critical remote vulnerabilities	Medium	Source
Magnolia CMS Default Login - Detect	Identify default logins in web-based control panels	High	Source
Magnolia CMS Login Panel - Detect	Identify web-based control panels	Info	Source
MagnusBilling - Default Login	Identify default logins in web-based control panels	High	Source
MagnusBilling - Login Panel	Identify web-based control panels	Info	Source
MailEnable Mail Service < v10 - Cross-Site Scripting	Identify critical remote vulnerabilities	Critical	Source
MailHog Panel - Detect	Identify web-based control panels	Info	Source
MailWatch Login Panel - Detect	Identify web-based control panels	Info	Source
MajorDoMo thumb.php - OS Command Injection	Identify critical remote vulnerabilities	Critical	Source
Maltrail Panel - Detect	Identify web-based control panels	Info	Source
Malwared (Build Your Own Botnet) - Detect	Identify web-based control panels	Info	Source
Malwared BYOB - Unauthenticated Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
ManageEngine Applications Manager - Default Login	Identify default logins in web-based control panels	High	Source
ManageEngine ServiceDesk 9.3.9328 - Arbitrary File Retrieval	Identify critical remote vulnerabilities	High	Source
MantisBT <=2.30 - Arbitrary Password Reset/Admin Access	Identify critical remote vulnerabilities	High	Source
MantisBT Default Admin Login	Identify default logins in web-based control panels	High	Source
MantisBT Login Panel - Detect	Identify web-based control panels	Info	Source
MapSVG < 6.2.20 - Unauthenticated SQLi	Identify critical remote vulnerabilities	Critical	Source
MasterSAM Star Gate v11 - Local File Inclusion	Identify critical remote vulnerabilities	Medium	Source
MasterStudy LMS WordPress Plugin <= 3.2.5 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Matomo Panel - Detect	Identify web-based control panels	Info	Source
Mattermost Login - Panel	Identify web-based control panels	Info	Source
MeTube Instance Detected	Identify web-based control panels	Info	Source
Meduza Stealer Panel - Detect	Identify web-based control panels	Info	Source
Memos Panel - Detect	Identify web-based control panels	Info	Source
MeshCentral Login Panel - Detect	Identify web-based control panels	Info	Source
Metabase - Local File Inclusion	Identify critical remote vulnerabilities	Critical	Source
Metabase < 0.46.6.1 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Metabase Login Panel - Detect	Identify web-based control panels	Info	Source
Metasploit Panel - Detect	Identify web-based control panels	Info	Source
Metasploit Setup and Configuration Page - Detect	Identify web-based control panels	Info	Source
MeterSphere Login Panel - Detect	Identify web-based control panels	Info	Source
Metersphere - Arbitrary File Read	Identify critical remote vulnerabilities	High	Source
Micro Focus Application Lifecycle Management - Panel	Identify web-based control panels	Info	Source
Micro Focus Filr Login Panel - Detect	Identify web-based control panels	Info	Source
Micro Focus Vibe Login Panel - Detect	Identify web-based control panels	Info	Source
Microsoft Exchange Admin Center Login Panel - Detect	Identify web-based control panels	Info	Source
Microsoft Exchange Web Service - Detect	Identify web-based control panels	Info	Source
Microweber <1.1.20 - Information Disclosure	Identify critical remote vulnerabilities	High	Source
MikroTik Router OS Login Panel - Detect	Identify web-based control panels	Info	Source
MikroTik RouterOS Admin Login Panel - Detect	Identify web-based control panels	Info	Source
Milesight Routers - Information Disclosure	Identify critical remote vulnerabilities	High	Source
MinIO Browser Login Panel - Detect	Identify web-based control panels	Info	Source
MinIO Cluster Deployment - Information Disclosure	Identify critical remote vulnerabilities	High	Source
MinIO Console Login Panel - Detect	Identify web-based control panels	Info	Source
Mingsoft MCMS - SQL Injection	Identify critical remote vulnerabilities	Medium	Source
Mingsoft MCMS 5.2.1 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Mingsoft MCMS v5.2.7 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Minio Default Login	Identify default logins in web-based control panels	High	Source
Mirantis Kubernetes Engine Panel - Detect	Identify web-based control panels	Info	Source
Mitel Login Panel - Detect	Identify web-based control panels	Info	Source
Mitel MiCollab - Arbitrary File Read	Identify critical remote vulnerabilities	Low	Source
Mitel MiCollab - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Mitel MiCollab Login Panel - Detect	Identify web-based control panels	Info	Source
Mobile Management Platform Panel - Detect	Identify web-based control panels	Info	Source
MobileIron Core - Remote Unauthenticated API Access	Identify critical remote vulnerabilities	Critical	Source
MobileIron Sentry Panel - Detect	Identify web-based control panels	Info	Source
Mobotix - Default Login	Identify default logins in web-based control panels	High	Source
Modoboa < 2.1.0 - Improper Authorization	Identify critical remote vulnerabilities	Critical	Source
Modoboa Login Panel - Detect	Identify web-based control panels	Info	Source
Molgenis - Default Login	Identify default logins in web-based control panels	High	Source
MongoDB Ops Manager Login Panel - Detect	Identify web-based control panels	Info	Source
Monitorr Panel - Detect	Identify web-based control panels	Info	Source
Monstra Admin Panel - Detect	Identify web-based control panels	Info	Source
Moodle Workplace Login Panel - Detect	Identify web-based control panels	Info	Source
Movable Type Pro Login Panel - Detect	Identify web-based control panels	Info	Source
Multiple Shipping Address Woocommerce < 2.0 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
MyBB Installation Panel - Detect	Identify web-based control panels	High	Source
MyBB Login Panel - Detect	Identify web-based control panels	Info	Source
MyQ Print Server Panel - Detect	Identify web-based control panels	Info	Source
MyStrom Panel - Detect	Identify web-based control panels	Info	Source
Mystic Stealer Panel - Detect	Identify web-based control panels	Info	Source
N-central Login Panel - Detect	Identify web-based control panels	Info	Source
NAKIVO Backup and Replication Solution - Unauthenticated Arbitrary File Read	Identify critical remote vulnerabilities	High	Source
NConf Login Panel - Detect	Identify web-based control panels	Info	Source
NI Web-based Configuration & Monitoring - Panel	Identify web-based control panels	Info	Source
NP Data Cache Panel - Detect	Identify web-based control panels	Info	Source
NPS - Authentication Bypass	Identify critical remote vulnerabilities	High	Source
NPort Web Console Login Panel - Detect	Identify web-based control panels	Info	Source
NS-ASG Application Security Gateway 6.3 - Sql Injection	Identify critical remote vulnerabilities	Medium	Source
NSQ Admin Panel - Detect	Identify web-based control panels	Medium	Source
NUUO NVRmini - Remote Command Execution	Identify critical remote vulnerabilities	Critical	Source
NZBGet Login Panel - Detect	Identify web-based control panels	Info	Source
Nacos - Information Disclosure	Identify critical remote vulnerabilities	High	Source
NagVis Login Panel - Detect	Identify web-based control panels	Info	Source
Nagios Default Login	Identify default logins in web-based control panels	High	Source
Nagios Log Server - Detect	Identify web-based control panels	Info	Source
Nagios Login Panel - Detect	Identify web-based control panels	Info	Source
Nagios XI Default Admin Login - Detect	Identify default logins in web-based control panels	Critical	Source
Nagios XI Login Panel - Detect	Identify web-based control panels	Info	Source
NagiosXI <= 5.4.12 - SQL injection	Identify critical remote vulnerabilities	High	Source
NagiosXI <= 5.4.12 `commandline.php` SQL injection	Identify critical remote vulnerabilities	High	Source
NagiosXI <= 5.4.12 logbook.php SQL injection	Identify critical remote vulnerabilities	High	Source
NagiosXI <= 5.4.12 menuaccess.php - SQL injection	Identify critical remote vulnerabilities	High	Source
Navicat On-Prem Server Panel - Detect	Identify web-based control panels	Info	Source
Navidrome <=0.54.5 - Authentication Bypass in Subsonic API	Identify critical remote vulnerabilities	Medium	Source
Ncast busiFacade - Remote Command Execution	Identify critical remote vulnerabilities	Medium	Source
Neo4j Browser - Detect	Identify web-based control panels	Info	Source
Neobox Web Server Login Panel - Detect	Identify web-based control panels	Info	Source
NetAlert X - Arbitrary File Read	Identify critical remote vulnerabilities	Critical	Source
NetMRI < 7.6.1 - Authentication Bypass via Hardcoded Credentials	Identify critical remote vulnerabilities	Medium	Source
NetMRI Unauthenticated SQL Injection via skipjackUsername	Identify critical remote vulnerabilities	Critical	Source
NetMizer LogManagement System Data - Directory Exposure	Identify critical remote vulnerabilities	High	Source
NetMizer LogManagement System cmd.php - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
NetSUS Server Default Login	Identify default logins in web-based control panels	High	Source
NetSUS Server Login Panel - Detect	Identify web-based control panels	Info	Source
NetScaler Console - Panel	Identify web-based control panels	Info	Source
NetScaler Console - Sensitive Information Disclosure	Identify critical remote vulnerabilities	High	Source
Netdata Dashboard Panel - Detect	Identify web-based control panels	Info	Source
Netdata Panel - Detect	Identify web-based control panels	Info	Source
Netdisco Admin - Default Login	Identify default logins in web-based control panels	Critical	Source
Netentsec NS-ICG - Default Login	Identify default logins in web-based control panels	High	Source
Netflix Conductor UI Panel - Detect	Identify web-based control panels	Info	Source
Netflow Analyzer - Default Login	Identify default logins in web-based control panels	High	Source
Netflow Analyzer Login - Panel	Identify web-based control panels	Info	Source
Netgear DGN2200 - Improper Authentication	Identify critical remote vulnerabilities	High	Source
Netgear WNR614 - Improper Authentication	Identify critical remote vulnerabilities	High	Source
Netgear-WN604 downloadFile.php - Information Disclosure	Identify critical remote vulnerabilities	Medium	Source
Netmaker - Hardcoded DNS Secret Key	Identify critical remote vulnerabilities	High	Source
Netris Dashboard Panel - Detect	Identify web-based control panels	Info	Source
Netsparker Login Panel - Detect	Identify web-based control panels	Info	Source
Network Technologies Inc ENVIROMUX - Default Login	Identify default logins in web-based control panels	High	Source
Next Terminal - Default Login	Identify default logins in web-based control panels	High	Source
Next.js Cache Poisoning	Identify critical remote vulnerabilities	High	Source
NextGEN Gallery <= 3.59 - Missing Authorization to Unauthenticated Information Disclosure	Identify critical remote vulnerabilities	Medium	Source
Nextcloud Server - Detection	Identify web-based control panels	Info	Source
NextcloudPi Login - Panel	Identify web-based control panels	Info	Source
Nexus Default Login	Identify default logins in web-based control panels	High	Source
Nexus Login Panel - Detect	Identify web-based control panels	Info	Source
Nginx Admin Manager Login Panel - Detect	Identify web-based control panels	Info	Source
Nginx Proxy Manager - Default Login	Identify default logins in web-based control panels	High	Source
Nginx Proxy Manager Login Panel - Detect	Identify web-based control panels	Info	Source
Nginx UI Panel - Detect	Identify web-based control panels	Info	Source
Ninja Tables <4.1.9 - Unauthenticated Arbitrary File Read	Identify critical remote vulnerabilities	High	Source
NoEscape Login Panel - Detect	Identify web-based control panels	Info	Source
NocoBase - Default Login	Identify default logins in web-based control panels	High	Source
NocoDB Panel - Detect	Identify web-based control panels	Info	Source
NocoDB version <= 0.106.1 - Arbitrary File Read	Identify critical remote vulnerabilities	High	Source
Node-Red - Default Login	Identify default logins in web-based control panels	Critical	Source
NodeBB XML-RPC Request xmlrpc.php - XML Injection	Identify critical remote vulnerabilities	Critical	Source
Nodogsplash - Directory Traversal	Identify critical remote vulnerabilities	High	Source
Nordex Control Wind Farm Portal Login Panel - Detect	Identify web-based control panels	Info	Source
Normhost Backup Server Manager Panel - Detect	Identify web-based control panels	Info	Source
Nortek Linear eMerge E3-Series <0.32-08f - Remote Command Injection	Identify critical remote vulnerabilities	Critical	Source
Nortek Linear eMerge Panel - Detect	Identify web-based control panels	Info	Source
NotificationX <= 2.8.2 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Nozomi Guardian Login Panel - Detect	Identify web-based control panels	Info	Source
Nsfocus - Arbitrary User Login	Identify critical remote vulnerabilities	High	Source
Nuxeo Platform Login Panel - Detect	Identify web-based control panels	Info	Source
O2 Router Setup Panel - Detect	Identify web-based control panels	Info	Source
O2OA - Default Login	Identify default logins in web-based control panels	High	Source
OCS Inventory Login Panel - Detect	Identify web-based control panels	Info	Source
OKIOK S-Filer Portal Login Panel - Detect	Identify web-based control panels	Info	Source
OLT Web Management Interface Login Panel - Detect	Identify web-based control panels	Info	Source
OLYMPIC Banking System Login Panel - Detect	Identify web-based control panels	Info	Source
OPNsense Panel - Detect	Identify web-based control panels	Info	Source
OSASI Login - Panel	Identify web-based control panels	Info	Source
OSASI PLC - Default Login	Identify default logins in web-based control panels	High	Source
OSNEXUS QuantaStor Manager Panel - Detect	Identify web-based control panels	Info	Source
OTOBO Login Panel - Detect	Identify web-based control panels	Info	Source
OcoMon Login Panel - Detect	Identify web-based control panels	Info	Source
OctoberCMS - Default Admin Discovery	Identify default logins in web-based control panels	High	Source
Odoo - Database Manager Discovery	Identify web-based control panels	Low	Source
Odoo - Panel Detect	Identify web-based control panels	Info	Source
Odoo OpenERP Database Selector Panel - Detect	Identify web-based control panels	Info	Source
Office Web Apps Server Panel - Detect	Identify web-based control panels	Info	Source
OfficeKeeper Admin Login Panel - Detect	Identify web-based control panels	Info	Source
Okta Login Panel - Detect	Identify web-based control panels	Info	Source
Omnia MPX Node Login Panel - Detect	Identify web-based control panels	Info	Source
OneDev Panel - Detect	Identify web-based control panels	Info	Source
OneDev.io < 11.0.9 - Arbitrary File Read	Identify critical remote vulnerabilities	High	Source
Open Game Panel Login Panel - Detect	Identify web-based control panels	Info	Source
Open Virtualization Userportal & Webadmin Panel Detection	Identify web-based control panels	Info	Source
Open Web Analytics Login - Detect	Identify web-based control panels	Info	Source
OpenAM Login Panel - Detect	Identify web-based control panels	Info	Source
OpenBullet 2 - Panel	Identify web-based control panels	Info	Source
OpenCATS - Default Login	Identify default logins in web-based control panels	High	Source
OpenCATS Login Panel - Detect	Identify web-based control panels	Info	Source
OpenCMS 14 & 15 - Cross Site Scripting	Identify critical remote vulnerabilities	Medium	Source
OpenCart Core 4.0.2.3 'search' - SQL Injection	Identify critical remote vulnerabilities	High	Source
OpenCart Login Panel - Detect	Identify web-based control panels	Info	Source
OpenEMR - Default Admin Discovery	Identify default logins in web-based control panels	High	Source
OpenEMR Product Registration Panel - Detect	Identify web-based control panels	Info	Source
OpenEdge Login Panel - Detect	Identify web-based control panels	Info	Source
OpenMediaVault - Default Login	Identify default logins in web-based control panels	High	Source
OpenObserve Login Panel - Detect	Identify web-based control panels	Info	Source
OpenSIS 7.3 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
OpenSIS Login Panel - Detect	Identify web-based control panels	Info	Source
OpenSearch Dashboard Panel - Detect	Identify web-based control panels	Info	Source
OpenSign Login Panel - Detect	Identify web-based control panels	Info	Source
OpenText Content Server Login Panel - Detect	Identify web-based control panels	Info	Source
OpenVPN Admin Login Panel - Detect	Identify web-based control panels	Info	Source
OpenVPN Connect Panel - Detect	Identify web-based control panels	Info	Source
OpenVPN Server Router Management Panel - Detect	Identify web-based control panels	Info	Source
OpenVZ Web Panel Login Panel - Detect	Identify web-based control panels	Info	Source
OpenVas Login Panel - Detect	Identify web-based control panels	Info	Source
OpenX/Revive Adserver Login Panel - Detect	Identify web-based control panels	Info	Source
Openfire Admin Console Login Panel - Detect	Identify web-based control panels	Info	Source
Openfire Administration Console - Authentication Bypass	Identify critical remote vulnerabilities	High	Source
Opentwrt Login / Configuration Interface	Identify web-based control panels	Info	Source
Opentwrt luCI - Admin Login Page	Identify web-based control panels	Info	Source
Openweb UI Panel - Detect	Identify web-based control panels	Info	Source
Opinio Login Panel - Detect	Identify web-based control panels	Info	Source
Oracle Access Management Login Panel - Detect	Identify web-based control panels	Info	Source
Oracle Access Manager - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Oracle Application Server Panel - Detect	Identify web-based control panels	Info	Source
Oracle Business Intelligence Default Login	Identify default logins in web-based control panels	High	Source
Oracle Business Intelligence Login Panel - Detect	Identify web-based control panels	Info	Source
Oracle Commerce Business Control Center Login Panel - Detect	Identify web-based control panels	Info	Source
Oracle E-Business Suite <=12.2 - Authentication Bypass	Identify critical remote vulnerabilities	High	Source
Oracle E-Business Suite Login Panel - Detect	Identify web-based control panels	Info	Source
Oracle Forms & Reports RCE (CVE-2012-3152 & CVE-2012-3153)	Identify critical remote vulnerabilities	Medium	Source
Oracle Fusion - Directory Traversal/Local File Inclusion	Identify critical remote vulnerabilities	High	Source
Oracle Fusion Middleware WebLogic Server Administration Console - Remote Code Execution	Identify critical remote vulnerabilities	High	Source
Oracle Integrated Lights Out Manager Login Panel - Detect	Identify web-based control panels	Info	Source
Oracle Opera Login - Detect	Identify web-based control panels	Info	Source
Oracle PeopleSoft - Default Login	Identify default logins in web-based control panels	High	Source
Oracle PeopleSoft Enterprise Login Panel - Detect	Identify web-based control panels	Info	Source
Oracle PeopleSoft Login Panel - Detect	Identify web-based control panels	Info	Source
Oracle Peoplesoft - Unauthenticated File Read	Identify critical remote vulnerabilities	High	Source
Oracle Retail Xstore Suite - Pre-authenticated Path Traversal	Identify critical remote vulnerabilities	High	Source
Oracle WebLogic Login Panel - Detect	Identify web-based control panels	Info	Source
Oracle WebLogic Server - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Oracle WebLogic UDDI Explorer Panel - Detect	Identify web-based control panels	Info	Source
Orchid Core VMS Panel - Detect	Identify web-based control panels	Info	Source
OurMGMT3 Admin Login Panel - Detect	Identify web-based control panels	Info	Source
OutSystems Service Center Login Panel - Detect	Identify web-based control panels	Info	Source
OwnCloud - Phpinfo Configuration	Identify critical remote vulnerabilities	Critical	Source
PAHTool Login Panel - Detect	Identify web-based control panels	Info	Source
PAN-OS Management Interface - Path Confusion to Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
PAN-OS Management Panel - Detect	Identify web-based control panels	Info	Source
PAN-OS Management Web Interface - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
PDF Generator Addon for Elementor Page Builder <= 1.7.5 - Arbitrary File Download	Identify critical remote vulnerabilities	High	Source
PDI Intellifuel - Device Page	Identify web-based control panels	Low	Source
PHP CGI - Argument Injection	Identify critical remote vulnerabilities	Critical	Source
PHP CGI v5.3.12/5.4.2 Remote Code Execution	Identify critical remote vulnerabilities	High	Source
PHP LDAP Admin Panel - Detect	Identify web-based control panels	Info	Source
PHPIPAM	Identify critical remote vulnerabilities	Medium	Source
PHPJabbers Food Delivery Script - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
PHPJabbers Food Delivery Script v3.0 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
PHPJabbers Shuttle Booking Software 1.0 - Cross Site Scripting	Identify critical remote vulnerabilities	Medium	Source
PHPJabbers Taxi Booking 2.0 - Cross Site Scripting	Identify critical remote vulnerabilities	Medium	Source
PHPMailer Panel - Detect	Identify web-based control panels	Info	Source
PRONOTE Login Panel - Detect	Identify web-based control panels	Info	Source
PRTG Network Monitor - Hardcoded Credentials	Identify default logins in web-based control panels	High	Source
Pair Drop Panel - Detect	Identify web-based control panels	Info	Source
Palo Alto Expedition - Admin Account Takeover	Identify critical remote vulnerabilities	Critical	Source
Palo Alto Expedition - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Palo Alto Expedition Project Login - Detect	Identify web-based control panels	Info	Source
Palo Alto Network PAN-OS - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Palo Alto Networks PAN-OS Default Login	Identify default logins in web-based control panels	High	Source
Pandora FMS Mobile Console Login Panel - Detect	Identify web-based control panels	Info	Source
PaperCut < 22.1.3 - Path Traversal	Identify critical remote vulnerabilities	Critical	Source
PaperCut NG Unauthenticated XMLRPC Functionality	Identify critical remote vulnerabilities	Medium	Source
Parallels H-Sphere Login Panel - Detect	Identify web-based control panels	Info	Source
Parse Dashboard Login Panel - Detect	Identify web-based control panels	Info	Source
Passbolt Login Panel	Identify web-based control panels	Info	Source
Payroll Management System Web Login Panel - Detect	Identify web-based control panels	Info	Source
Pega Infinity Login Panel - Detect	Identify web-based control panels	Info	Source
Pentaho Default Login	Identify default logins in web-based control panels	High	Source
Persis Panel - Detect	Identify web-based control panels	Info	Source
Personal Weather Station Dashboard 12 - Directory Traversal	Identify critical remote vulnerabilities	Medium	Source
Phabricator Login Panel - Detect	Identify web-based control panels	Info	Source
Phoenix Contact CHARX SEC-3XXX AC Charging Controller - Exposed Panel	Identify web-based control panels	Info	Source
Phoenix Contact CHARX SEC-3XXX AC Charging Controller - Exposed REST APIs	Identify critical remote vulnerabilities	Info	Source
Phoenix Contact CHARX SEC-3XXX AC Charging Controller < 1.7.3 - Multiple Vulnerabilities	Identify critical remote vulnerabilities	Critical	Source
Phoronix Test Suite Panel - Detect	Identify web-based control panels	Info	Source
Photo Gallery by 10Web < 1.6.0 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
PhotoPrism Panel - Detect	Identify web-based control panels	Info	Source
PhpMyAdmin - Unauthenticated Access	Identify critical remote vulnerabilities	High	Source
PhpMyAdmin Scripts - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Pichome 2.1.0 - Arbitrary File Read	Identify critical remote vulnerabilities	Medium	Source
Pichome Login Panel - Detect	Identify web-based control panels	Info	Source
Piwigo Login Panel - Detect	Identify web-based control panels	Info	Source
Planet eStream Login Panel - Detect	Identify web-based control panels	Info	Source
Plausible Panel - Detect	Identify web-based control panels	Info	Source
Plesk Login Panel - Detect	Identify web-based control panels	Info	Source
Plesk Obsidian Login Panel - Detect	Identify web-based control panels	Info	Source
PocketBase Panel - Detect	Identify web-based control panels	Info	Source
Polarion Siemens Login - Panel	Identify web-based control panels	Info	Source
Popup-Maker < 1.8.12 - Broken Authentication	Identify critical remote vulnerabilities	Critical	Source
Portainer - Init Deploy Discovery	Identify critical remote vulnerabilities	Medium	Source
Portainer Login Panel - Detect	Identify web-based control panels	Info	Source
PostHog Login Panel - Detect	Identify web-based control panels	Info	Source
Poste.io Admin Panel - Detect	Identify web-based control panels	Info	Source
PowerChute Network Shutdown Panel - Detect	Identify web-based control panels	Info	Source
PowerCom Network Manager	Identify web-based control panels	Info	Source
PowerJob - Default Login	Identify default logins in web-based control panels	High	Source
PowerJob <=4.3.2 - Unauthenticated Access	Identify critical remote vulnerabilities	Medium	Source
PowerJob Login Panel - Detect	Identify web-based control panels	Info	Source
PowerShell Universal - Default Login	Identify default logins in web-based control panels	High	Source
Powertek Firmware <3.30.30 - Authorization Bypass	Identify critical remote vulnerabilities	Critical	Source
PrestaShop Theme Volty CMS Blog - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
PrestaShop `tshirtecommerce` Module - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
PrestaShop fieldpopupnewsletter Module - Cross Site Scripting	Identify critical remote vulnerabilities	Medium	Source
PrestaShop productsalert - SQL Injection	Identify critical remote vulnerabilities	High	Source
PrestaShop xipblog - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Prime Mover < 1.9.3 - Sensitive Data Exposure	Identify critical remote vulnerabilities	High	Source
Prison Management System - SQL Injection Authentication Bypass	Identify critical remote vulnerabilities	High	Source
Pritunl - Panel	Identify web-based control panels	Info	Source
PrivateGPT - Detect	Identify web-based control panels	Info	Source
ProcessWire Login - Panel Detect	Identify web-based control panels	Info	Source
Procore Login - Panel	Identify web-based control panels	Info	Source
Progress Kemp LoadMaster - Command Injection	Identify critical remote vulnerabilities	Critical	Source
Progress Kemp LoadMaster Panel - Detect	Identify web-based control panels	Info	Source
Project Insight Login Panel - Detect	Identify web-based control panels	Info	Source
ProjectSend Login Panel - Detect	Identify web-based control panels	Info	Source
Proofpoint Protection Server Panel - Detect	Identify web-based control panels	Info	Source
Proxmox Virtual Environment Login Panel - Detect	Identify web-based control panels	Info	Source
Pterodactyl Panel - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Pterodactyl game server - Panel	Identify web-based control panels	Info	Source
Pulsar Admin Console Panel - Detect	Identify web-based control panels	Info	Source
Pulsar Admin UI Panel - Detect	Identify web-based control panels	Info	Source
Pulsar360 Admin Panel - Detect	Identify web-based control panels	Info	Source
Pulse Connect Secure SSL VPN Arbitrary File Read	Identify critical remote vulnerabilities	Critical	Source
Puppetboard Panel - Detect	Identify web-based control panels	Info	Source
Pure Storage Login Panel - Detect	Identify web-based control panels	Info	Source
PyLoad Default Login	Identify default logins in web-based control panels	High	Source
PyLoad Login - Panel	Identify web-based control panels	Info	Source
QNAP Photo Station Panel - Detect	Identify web-based control panels	Info	Source
QNAP QTS Photo Station External Reference - Local File Inclusion	Identify critical remote vulnerabilities	Critical	Source
QNAP QTS and Photo Station 6.0.3 - Remote Command Execution	Identify critical remote vulnerabilities	Critical	Source
QNAP Turbo NAS Login Panel - Detect	Identify web-based control panels	Info	Source
Qlik Sense Enterprise - HTTP Request Smuggling	Identify critical remote vulnerabilities	Critical	Source
Qlik Sense Enterprise - Path Traversal	Identify critical remote vulnerabilities	High	Source
Qlik Sense Server Panel - Detect	Identify web-based control panels	Info	Source
QlikView AccessPoint Login Panel - Detect	Identify web-based control panels	Info	Source
QloApps 1.6.0 - SQL Injection	Identify critical remote vulnerabilities	High	Source
QmailAdmin Login Panel - Detect	Identify web-based control panels	Info	Source
Qualitor ITSM - Detect	Identify web-based control panels	Info	Source
Quest Modem Configuration Login - Panel	Identify web-based control panels	Info	Source
Quick.CMS v6.7 - SQL Injection	Identify critical remote vulnerabilities	High	Source
Quilium Panel - Detect	Identify web-based control panels	Info	Source
RCDevs WebADM Panel - Detect	Identify web-based control panels	Info	Source
RD Web Access Panel - Detect	Identify web-based control panels	Info	Source
RDWeb RemoteApp and Desktop Connections - Web Access	Identify web-based control panels	Info	Source
RG-UAC Ruijie - Password Hashes Leak	Identify critical remote vulnerabilities	High	Source
RStudio Sign In Panel - Detect	Identify web-based control panels	Info	Source
RWS WorldServer - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
RabbitMQ Default Login	Identify default logins in web-based control panels	High	Source
Racksnet Login Panel - Detect	Identify web-based control panels	Info	Source
RaidenMAILD Mail Server v.4.9.4 - Path Traversal	Identify critical remote vulnerabilities	High	Source
Rainloop WebMail - Default Admin Login	Identify default logins in web-based control panels	High	Source
Rancher Dashboard Panel - Detect	Identify web-based control panels	Info	Source
Rancher Default Login	Identify default logins in web-based control panels	High	Source
Rancher Login Panel - Detect	Identify web-based control panels	Info	Source
Rapid7 Nexpose VM Security Console - Detect	Identify web-based control panels	Info	Source
RaspAP 2.8.7 - Unauthenticated Command Injection	Identify critical remote vulnerabilities	Critical	Source
RaspberryMatic Login Panel - Detect	Identify web-based control panels	Info	Source
Ray API - Local File Inclusion	Identify critical remote vulnerabilities	High	Source
Ray Static File - Local File Inclusion	Identify critical remote vulnerabilities	High	Source
ReCrystallize Server - Authentication Bypass	Identify critical remote vulnerabilities	High	Source
Really Simple Security < 9.1.2 - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Red Hat JBoss Enterprise Application Platform - Sensitive Information Disclosure	Identify critical remote vulnerabilities	Medium	Source
Red Hat Satellite Panel - Detect	Identify web-based control panels	Info	Source
Redash Login Panel - Detect	Identify web-based control panels	Info	Source
Redash Setup Configuration - Default Secrets Disclosure	Identify critical remote vulnerabilities	High	Source
Redis Enterprise - Detect	Identify web-based control panels	Info	Source
Redmine Login Panel - Detect	Identify web-based control panels	Info	Source
Regify Login Panel - Detect	Identify web-based control panels	Info	Source
Registrations for the Events Calendar < 2.7.6 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
RemKon Device Manager Login Panel - Detect	Identify web-based control panels	Info	Source
Remedy Axis Login Panel - Detect	Identify web-based control panels	Info	Source
Reolink E1 Zoom Camera <=3.0.0.716 - Information Disclosure	Identify critical remote vulnerabilities	High	Source
Reolink E1 Zoom Camera <=3.0.0.716 - Private Key Disclosure	Identify critical remote vulnerabilities	Medium	Source
Reolink Panel - Detect	Identify web-based control panels	Info	Source
Repetier Server - Directory Traversal	Identify critical remote vulnerabilities	High	Source
Repetier Server Panel - Detect	Identify web-based control panels	Info	Source
Reportico Administration Page - Detect	Identify web-based control panels	Info	Source
Reposilite >= 3.3.0, < 3.5.12 - Arbitrary File Read	Identify critical remote vulnerabilities	High	Source
Reposilite Login Panel - Detect	Identify web-based control panels	Info	Source
Reprise License Manager 14.2 - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Reprise License Manager 14.2 - Information Disclosure	Identify critical remote vulnerabilities	Medium	Source
Request Tracker - Panel	Identify web-based control panels	Info	Source
Residential Gateway Login Panel - Detect	Identify web-based control panels	Info	Source
Retool Login Panel - Detect	Identify web-based control panels	Info	Source
RevPi Webstatus <= v2.4.5 - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Revive Adserver 4.2 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Ricoh Web Image Monitor - Detect	Identify web-based control panels	Info	Source
Ricoh Web Image Monitor - Reflected XSS	Identify critical remote vulnerabilities	Medium	Source
Riello Netman 204 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Riello UPS NetMan 204 Network Card - Default Login	Identify default logins in web-based control panels	High	Source
Riello UPS NetMan 204 Panel - Detect	Identify web-based control panels	Info	Source
Rocket.Chat <=3.13 - NoSQL Injection	Identify critical remote vulnerabilities	Critical	Source
RocketChat Login Panel - Detect	Identify web-based control panels	Info	Source
Rockmongo Default Login	Identify default logins in web-based control panels	High	Source
Roxy File Manager - Panel Detect	Identify web-based control panels	Info	Source
Roxy-WI - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Roxy-WI < 6.1.1.0 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Ruckus Wireless - Default Login	Identify default logins in web-based control panels	Critical	Source
Ruckus Wireless Admin Login Panel - Detect	Identify web-based control panels	Info	Source
Ruckus Wireless Unleashed Login Panel - Detect	Identify web-based control panels	Info	Source
Ruijie NBR Series Routers - Default Login	Identify default logins in web-based control panels	High	Source
Ruijie RG-EG - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Ruijie RG-EW1200G Router Background - Login Bypass	Identify critical remote vulnerabilities	High	Source
Ruijie RG-NBS2009G-P - Improper Authentication	Identify critical remote vulnerabilities	Critical	Source
Ruijie RG-UAC Login Panel - Detect	Identify web-based control panels	Info	Source
Rundeck - Default Login	Identify default logins in web-based control panels	High	Source
Rundeck Login Panel - Detect	Identify web-based control panels	Info	Source
Rustici Content Controller Panel - Detect	Identify web-based control panels	Info	Source
SAP Analytics Cloud Panel - Detect	Identify web-based control panels	Info	Source
SAP Memory Pipes (MPI) Desynchronization	Identify critical remote vulnerabilities	Critical	Source
SAP NetWeaver - Backdoor Detection	Identify critical remote vulnerabilities	Critical	Source
SAP NetWeaver Application Server Java 7.5 - Local File Inclusion	Identify critical remote vulnerabilities	High	Source
SAP NetWeaver Composition Environment Tools - Detect	Identify web-based control panels	Info	Source
SAP SuccessFactors Login Panel - Detect	Identify web-based control panels	Info	Source
SAS Login Panel - Detect	Identify web-based control panels	Info	Source
SAUTER moduWeb Vision Panel - Detect	Identify web-based control panels	Info	Source
SEH utnserver Pro/ProMAX/INU-100 20.1.22 - Cross-Site Scripting	Identify critical remote vulnerabilities	High	Source
SGP Login Panel - Detect	Identify web-based control panels	Info	Source
SHOUTcast Server Panel - Detect	Identify web-based control panels	Info	Source
SOPlanning - Default Login	Identify default logins in web-based control panels	High	Source
SOUND4 IMPACT/FIRST/PULSE/Eco <= 2.x - Authentication Bypass	Identify critical remote vulnerabilities	High	Source
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (PHPTail) Unauthenticated File Disclosure	Identify critical remote vulnerabilities	Medium	Source
SPIP - Remote Command Execution	Identify critical remote vulnerabilities	Critical	Source
SQL Buddy Login Panel - Detect	Identify web-based control panels	Info	Source
SQL Monitor - Discovery	Identify web-based control panels	Info	Source
SSH PrivX Login Panel - Detect	Identify web-based control panels	Info	Source
STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion	Identify critical remote vulnerabilities	High	Source
STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion	Identify critical remote vulnerabilities	High	Source
SUNGROW Logger1000 Panel - Detect	Identify web-based control panels	Info	Source
SUSE Manager Server - Panel	Identify web-based control panels	Info	Source
SafeNet Authentication Login Panel - Detect	Identify web-based control panels	Info	Source
Sage X3 Login Panel - Detect	Identify web-based control panels	Info	Source
Saia PCD Web Server Panel - Detect	Identify web-based control panels	Info	Source
SaltStack Config Panel - Detect	Identify web-based control panels	Info	Source
Samsung Printer - Default Login	Identify default logins in web-based control panels	High	Source
Sante PACS Server.exe - Path Traversal Information Disclosure	Identify critical remote vulnerabilities	High	Source
Satellian Intellian Aptus Web <= 1.24 - Remote Command Execution	Identify critical remote vulnerabilities	Critical	Source
Satis Composer Repository - Detect	Identify web-based control panels	Info	Source
Sato - Default Login	Identify default logins in web-based control panels	High	Source
SawtoothSoftware Lighthouse Studio < 9.16.14 - Pre-Auth Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Scribble Diffusion Panel - Detect	Identify web-based control panels	Info	Source
ScriptCase Panel Detect	Identify web-based control panels	Info	Source
ScriptCase Production Environment Login	Identify web-based control panels	Info	Source
Seafile Panel - Detect	Identify web-based control panels	Info	Source
Seagate NAS Login - Detect	Identify web-based control panels	Info	Source
Seagate NAS OS 4.3.15.1 - Server Information Disclosure	Identify critical remote vulnerabilities	High	Source
SecurEnvoy Login Panel - Detect	Identify web-based control panels	Info	Source
SecurEnvoy Two Factor Authentication - LDAP Injection	Identify critical remote vulnerabilities	High	Source
Secure Login Service Login Panel - Detect	Identify web-based control panels	Info	Source
SecurePoint UTM 12.x Session ID Leak	Identify critical remote vulnerabilities	High	Source
Securepoint UTM - Leaking Remote Memory Contents	Identify critical remote vulnerabilities	Medium	Source
Security Onion Panel - Detect	Identify web-based control panels	Info	Source
SecuritySpy Camera Panel - Detect	Identify web-based control panels	Info	Source
SeedDMS - Default Login	Identify default logins in web-based control panels	High	Source
SeedDMS Login Panel - Detect	Identify web-based control panels	Info	Source
Seeyon OA A6 setextno.jsp - SQL Injection	Identify critical remote vulnerabilities	High	Source
Selenium Grid Panel - Detect	Identify web-based control panels	Info	Source
SelfCheck System Manager - Panel	Identify web-based control panels	Info	Source
Sensei LMS < 4.24.2 - Email Template Leak	Identify critical remote vulnerabilities	Medium	Source
Sensu by Sumo Logic Login Panel - Detect	Identify web-based control panels	Info	Source
SentinelOne Management Console Login Panel - Detect	Identify web-based control panels	Info	Source
Sentry Login Panel	Identify web-based control panels	Info	Source
SequoiaDB Login Panel - Detect	Identify web-based control panels	Info	Source
Server Backup Manager SE Panel - Detect	Identify web-based control panels	Info	Source
ServiceNow - Incomplete Input Validation	Identify critical remote vulnerabilities	Critical	Source
ServiceNow Login Panel - Detect	Identify web-based control panels	Info	Source
ServiceNow UI Macros - Template Injection	Identify critical remote vulnerabilities	Critical	Source
SevOne NMS Network Manager	Identify web-based control panels	Info	Source
ShardingSphere ElasticJob UI Panel	Identify web-based control panels	Info	Source
Sharefile Login - Panel	Identify web-based control panels	Info	Source
Shell In A Box - Detect	Identify web-based control panels	Info	Source
Shield Security WP Plugin <= 18.5.9 - Local File Inclusion	Identify critical remote vulnerabilities	Critical	Source
Shiziyu CMS Api Controller - SQL Injection	Identify critical remote vulnerabilities	High	Source
ShokoServer System - Local File Inclusion (LFI)	Identify critical remote vulnerabilities	High	Source
ShortPixel Adaptive Images < 3.6.3 - Cross Site Scripting	Identify critical remote vulnerabilities	Medium	Source
Sidekiq < 7.0.8 - Cross-Site Scripting	Identify critical remote vulnerabilities	Critical	Source
Sidekiq Dashboard Panel - Detect	Identify web-based control panels	Medium	Source
Siemens SIMATIC HMI Miniweb - Default Login	Identify default logins in web-based control panels	High	Source
Signet Explorer Dashboard - Detect	Identify web-based control panels	Info	Source
SimpleHelp <= 5.5.7 - Unauthenticated Path Traversal	Identify critical remote vulnerabilities	High	Source
Sitecore - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Sitecore Experience Platform <= 10.4 - Arbitrary File Read	Identify critical remote vulnerabilities	High	Source
Sitecore Login Panel - Detect	Identify web-based control panels	Info	Source
Skeepers Login Panel - Detect	Identify web-based control panels	Info	Source
Smart s200 Management Platform v.S200 - SQL Injection	Identify critical remote vulnerabilities	High	Source
SmartPing Dashboard Panel - Detect	Identify web-based control panels	Info	Source
SmartSearchWP < 2.4.6 - OpenAI Key Disclosure	Identify critical remote vulnerabilities	Medium	Source
SoftEther VPN Admin Console - Default Login	Identify default logins in web-based control panels	High	Source
SoftEther VPN Panel - Detect	Identify web-based control panels	Info	Source
SolarView 6.00 - Remote Command Execution	Identify critical remote vulnerabilities	Critical	Source
SolarView Compact 6.00 - OS Command Injection	Identify critical remote vulnerabilities	Critical	Source
SolarView Compact 6.00 - OS Command Injection	Identify critical remote vulnerabilities	Critical	Source
SolarView Compact <= 6.00 - Local File Inclusion	Identify critical remote vulnerabilities	Critical	Source
SolarView Compact Panel - Detect	Identify web-based control panels	Info	Source
SolarWinds ARM (Access Rights Manager) - Detect	Identify web-based control panels	Info	Source
SolarWinds Orion - Default Login	Identify default logins in web-based control panels	High	Source
SolarWinds Security Event Manager - Unauthenticated RCE	Identify critical remote vulnerabilities	High	Source
SolarWinds Serv-U - Directory Traversal	Identify critical remote vulnerabilities	High	Source
SolarWinds Web Help Desk - Hardcoded Credential	Identify critical remote vulnerabilities	Critical	Source
Solara <1.35.1 - Local File Inclusion	Identify critical remote vulnerabilities	High	Source
Somansa DLP Login Panel - Detect	Identify web-based control panels	Info	Source
SonarQube - Default Login	Identify default logins in web-based control panels	High	Source
Sonatype Nexus Repository Manager <3.15.0 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Sonatype Nexus Repository Manager 3 - Local File Inclusion	Identify critical remote vulnerabilities	High	Source
Sonatype Nexus Repository Manager 3 - Remote Code Execution	Identify critical remote vulnerabilities	High	Source
SonicOS SSLVPN Authentication Bypass Vulnerability	Identify critical remote vulnerabilities	Critical	Source
SonicWall Analyzer Login Panel - Detect	Identify web-based control panels	Info	Source
SonicWall Appliance Management Console Login Panel - Detect	Identify web-based control panels	Info	Source
SonicWall Network Security Login - Detect	Identify web-based control panels	Info	Source
SonicWall SMA1000 LFI	Identify critical remote vulnerabilities	High	Source
Sonicwall - Pre-Authentication Arbitrary File Read	Identify critical remote vulnerabilities	Critical	Source
Sophos Firewall <=18.5 MR3 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Sophos Firewall Login Panel - Detect	Identify web-based control panels	Info	Source
Sophos Mobile Panel - Detect	Identify web-based control panels	Info	Source
Sophos Web Appliance	Identify web-based control panels	Info	Source
Sound4 IMPACT/FIRST/PULSE/Eco <=2.x - Authentication Bypass	Identify critical remote vulnerabilities	High	Source
SpaceLogic C-Bus Home Panel - Detect	Identify web-based control panels	Info	Source
Speedtest Panel - Detection	Identify web-based control panels	Info	Source
SphinxOnline Panel - Detect	Identify web-based control panels	Info	Source
Splunk - Default Login	Identify default logins in web-based control panels	High	Source
Splunk Enterprise - Local File Inclusion	Identify critical remote vulnerabilities	High	Source
Splunk Enterprise Login Panel - Detect	Identify web-based control panels	Info	Source
Splunk SOAR Login Panel - Detect	Identify web-based control panels	Info	Source
SpotWeb Login Panel - Detect	Identify web-based control panels	Info	Source
Spotweb <= 1.5.1 - Cross Site Scripting (Reflected)	Identify critical remote vulnerabilities	Medium	Source
SqWebMail Login Panel - Detect	Identify web-based control panels	Info	Source
Squidex Headless CMS Panel - Detect	Identify web-based control panels	Info	Source
SquirrelMail Login Panel - Detect	Identify web-based control panels	Info	Source
Stackposts Social Marketing Tool v1.0 - SQL Injection	Identify critical remote vulnerabilities	High	Source
Star Micronics Network Utility Panel - Detect	Identify web-based control panels	Info	Source
Stash < 0.26.0 - SQL Injection	Identify critical remote vulnerabilities	Medium	Source
SteVe Login Panel - Detect	Identify web-based control panels	Info	Source
SteVe OCPP server - Default Login	Identify default logins in web-based control panels	Info	Source
Stirling PDF Panel - Detect	Identify web-based control panels	Info	Source
Stock Ticker <= 3.23.2 - Cross-Site Scripting	Identify critical remote vulnerabilities	High	Source
Storybook Panel - Detect	Identify web-based control panels	Info	Source
Strapi Login Panel - Detect	Identify web-based control panels	Info	Source
Strider CD Panel - Detect	Identify web-based control panels	Info	Source
Structurizr - Default Login	Identify default logins in web-based control panels	High	Source
Structurizr Panel - Detect	Identify web-based control panels	Info	Source
SugarCRM Login Panel - Detect	Identify web-based control panels	Info	Source
SuiteCRM - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Sunbird DCIM - Detect	Identify web-based control panels	Info	Source
SuperAdmin Login Panel - Detect	Identify web-based control panels	Info	Source
SuperWebmailer 7.21.0.01526 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Supermicro BMC Login Panel - Detect	Identify web-based control panels	Info	Source
Supermicro IPMI - Default Login	Identify default logins in web-based control panels	High	Source
Supershell - Default Login	Identify default logins in web-based control panels	High	Source
Supertokens Login Panel - Detect	Identify web-based control panels	Info	Source
Suprema BioStar 2 Panel - Detect	Identify web-based control panels	Info	Source
Swift Performance Lite < 2.3.7.2 - Local PHP File Inclusion	Identify critical remote vulnerabilities	High	Source
Syfadis Xperience Login Panel - Detect	Identify web-based control panels	Info	Source
Symantec Data Loss Prevention Login Panel - Detect	Identify web-based control panels	Info	Source
Symantec Encryption Server Login Panel - Detect	Identify web-based control panels	Info	Source
Symantec Endpoint Protection Manager Login Panel - Detect	Identify web-based control panels	Info	Source
Symantec PGP Global Directory Panel - Detect	Identify web-based control panels	Info	Source
Symfony Profiler - Remote Access via Injected Arguments	Identify critical remote vulnerabilities	High	Source
Symmetricom SyncServer Panel - Detect	Identify web-based control panels	Info	Source
Symmetricom SyncServer Unauthenticated - Remote Command Execution	Identify critical remote vulnerabilities	Critical	Source
Synacor Zimbra Collaboration <8.7.11p10 - XML External Entity Injection	Identify critical remote vulnerabilities	Critical	Source
Synapse Mobility Login Panel - Detect	Identify web-based control panels	Info	Source
SyncThru Web Service Panel - Detect	Identify web-based control panels	Info	Source
Synopsys Coverity Panel	Identify web-based control panels	Info	Source
SysAid Login Panel - Detect	Identify web-based control panels	Info	Source
T-Up OpenFrame	Identify web-based control panels	Info	Source
TIBCO JasperReports Library - Directory Traversal	Identify critical remote vulnerabilities	Medium	Source
TIBCO Jaspersoft Login Panel - Detect	Identify web-based control panels	Info	Source
TIBCO Managed File Transfer - Panel	Identify web-based control panels	Info	Source
TOTOLINK A3700R - Command Injection	Identify critical remote vulnerabilities	Critical	Source
TOTOLINK CP450 v4.1.0cu.747_B20191224 - Hard-Coded Password Vulnerability	Identify critical remote vulnerabilities	Critical	Source
TOTOLINK CX-A3002RU - Remote Code Execution	Identify critical remote vulnerabilities	Medium	Source
TOTOLINK EX1200T 4.1.2cu.5215 - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
TOTOLINK EX1800T TOTOLINK EX1800T - Command Injection	Identify critical remote vulnerabilities	Critical	Source
TOTOLINK N150RT - Password Exposure	Identify critical remote vulnerabilities	High	Source
TOTOLink Router - Remote Command Execution	Identify critical remote vulnerabilities	Critical	Source
TP-LINK - Local File Inclusion	Identify critical remote vulnerabilities	High	Source
TP-LINK WR840N v6 up to 0.9.1 4.16 - Improper Authentication	Identify critical remote vulnerabilities	Critical	Source
TP-Link Archer AX21 (AX1800) - Unauthenticated Command Injection	Identify critical remote vulnerabilities	High	Source
TP-Link Archer C20 - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
TP-Link Wireless N Router WR940N - Default Login	Identify default logins in web-based control panels	High	Source
TRENDnet TEW-827DRU Login Panel - Detect	Identify web-based control panels	Info	Source
Tabby Panel - Detect	Identify web-based control panels	Info	Source
Tableau Services Manager Login Panel - Detect	Identify web-based control panels	Info	Source
Tactical RMM Login Panel - Detect	Identify web-based control panels	Info	Source
Tailon Panel - Detect	Identify web-based control panels	Unknown	Source
TamronOS IPTV/VOD - Remote Command Execution	Identify critical remote vulnerabilities	Critical	Source
Tautulli Panel - Detect	Identify web-based control panels	Info	Source
Tautulli Panel - Unauthenticated Access	Identify web-based control panels	Medium	Source
TeamCity < 2023.11.4 - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
TeamCity Login Panel - Detect	Identify web-based control panels	Info	Source
TeamForge Panel - Detection	Identify web-based control panels	Info	Source
TeamPass 2.1.27.36 - Improper Authentication	Identify critical remote vulnerabilities	High	Source
TeamPass Panel - Detect	Identify web-based control panels	Info	Source
Tekton Dashboard Panel - Detect	Identify web-based control panels	Info	Source
Teleport Login Panel - Detect	Identify web-based control panels	Info	Source
Telerik Report Server Login Panel - Detect	Identify web-based control panels	Info	Source
Telesquare TLR-2005KSH - Remote Command Execution	Identify critical remote vulnerabilities	High	Source
Telesquare TLR-2005KSH Login Panel - Detect	Identify web-based control panels	Info	Source
TemboSocial Admin Panel - Detect	Identify web-based control panels	Info	Source
Temenos Transact Login Panel - Detect	Identify web-based control panels	Info	Source
Tenable Nessus Panel - Detect	Identify web-based control panels	Info	Source
Tenda 11N - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Tenda 11n Wireless Router - Admin Panel	Identify web-based control panels	Info	Source
Tenda Web Master Login Panel - Detect	Identify web-based control panels	Info	Source
Tendat Router Credential - Exposure	Identify critical remote vulnerabilities	High	Source
Tenemos T24 Login Panel - Detect	Identify web-based control panels	Info	Source
Teradek Cube Administrative Console - Panel	Identify web-based control panels	Info	Source
TerraMaster TOS < 4.2.30 Server Information Disclosure	Identify critical remote vulnerabilities	High	Source
Terraform Enterprise Panel - Detect	Identify web-based control panels	Info	Source
ThemeGrill Demo Importer < 1.6.2 - Database Reset	Identify critical remote vulnerabilities	Critical	Source
Themes Coder Ecommerce <= 1.3.4 - SQL Injection	Identify critical remote vulnerabilities	High	Source
ThinVNC - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Thinfinity VirtualUI Panel - Detect	Identify web-based control panels	Info	Source
Thinfinity VirtualUI User Enumeration	Identify critical remote vulnerabilities	Medium	Source
ThinkPHP 5.0.24 - Information Disclosure	Identify critical remote vulnerabilities	High	Source
Thruk Login Panel - Detect	Identify web-based control panels	Info	Source
Tigase XMPP Server - Exposure	Identify web-based control panels	Info	Source
Tiki Wiki CMS GroupWare - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Tiki Wiki CMS Groupware Login Panel - Detect	Identify web-based control panels	Info	Source
TileServer API - Cross Site Scripting	Identify critical remote vulnerabilities	Medium	Source
Time Clock <= 1.2.2 & Time Clock Pro <= 1.1.4 - Remote Code Execution	Identify critical remote vulnerabilities	High	Source
TimeKeeper - Default Login	Identify default logins in web-based control panels	High	Source
Tiny File Manager - Default Login	Identify default logins in web-based control panels	High	Source
Tiny File Manager Panel - Detect	Identify web-based control panels	Info	Source
Tiny RSS Panel - Detect	Identify web-based control panels	Info	Source
Tixeo Login Panel - Detect	Identify web-based control panels	Info	Source
Tomcat Exposed - Detect	Identify web-based control panels	Info	Source
Tongda OA 11.7 - Authentication Bypass	Identify critical remote vulnerabilities	High	Source
ToolJet - Default Login	Identify default logins in web-based control panels	High	Source
ToolJet Login Panel - Detect	Identify web-based control panels	Info	Source
Tools4Ever Self-Service Reset Password Manager - Panel	Identify web-based control panels	Info	Source
Topsec TopAppLB - Authentication Bypass	Identify critical remote vulnerabilities	High	Source
Toshiba TopAccess - Default Login	Identify default logins in web-based control panels	High	Source
Toshiba TopAccess Panel - Detect	Identify web-based control panels	Info	Source
Totemomail Login Panel - Detect	Identify web-based control panels	Info	Source
Traccar Panel - Detect	Identify web-based control panels	Info	Source
Traefik Dashboard Panel - Detect	Identify web-based control panels	Info	Source
Traggo Server - Local File Inclusion	Identify critical remote vulnerabilities	High	Source
Trassir WebView - Default Login	Identify default logins in web-based control panels	High	Source
Trend Micro Apex One Login Panel - Detect	Identify web-based control panels	Info	Source
TrueNAS Panel - Detect	Identify web-based control panels	Info	Source
Tufin SecureTrack Login Panel - Detect	Identify web-based control panels	Info	Source
TurboMeeting - Boolean-based SQL Injection	Identify critical remote vulnerabilities	Critical	Source
TurnKey LAMP Panel - Detect	Identify web-based control panels	Info	Source
TurnKey OpenVPN Panel - Detect	Identify web-based control panels	Info	Source
Tutor LMS <= 2.7.6 - SQL Injection	Identify critical remote vulnerabilities	High	Source
UFIDA U8 CRM cfillbacksetting.php - SQL Injection	Identify critical remote vulnerabilities	High	Source
UFIDA U8 CRM fillbacksetting.php - SQL Injection	Identify critical remote vulnerabilities	High	Source
UNA CMS <= 14.0.0-RC4 - PHP Object Injection	Identify critical remote vulnerabilities	Critical	Source
UPS Adapter CS141 SNMP Module Default Credentials	Identify default logins in web-based control panels	Medium	Source
Ubigeo de Peru < 3.6.4 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
UiPath Orchestrator Login Panel - Detect	Identify web-based control panels	Info	Source
Umami Panel - Detect	Identify web-based control panels	Info	Source
Umbraco Login Panel - Detect	Identify web-based control panels	Info	Source
Unauthenticated Remote Code Execution – Bricks <= 1.9.6	Identify critical remote vulnerabilities	Critical	Source
UniFi Network Login Panel - Detect	Identify web-based control panels	Info	Source
Unibox Panel - Detect	Identify web-based control panels	Info	Source
Unity Plastic SCM Login Panel - Detect	Identify web-based control panels	Info	Source
Universal Media Server v13.2.1 - Cross Site Scripting	Identify critical remote vulnerabilities	Medium	Source
Unleash Panel - Detect	Identify web-based control panels	Info	Source
Untangle Administrator Login Panel - Detect	Identify web-based control panels	Info	Source
Uptime Kuma - Panel	Identify web-based control panels	Info	Source
UrBackup Panel - Detect	Identify web-based control panels	Info	Source
User Control Panel - Detect	Identify web-based control panels	Info	Source
User Management/Registration & Login v3.0 - SQL Injection	Identify critical remote vulnerabilities	High	Source
User Meta WP Plugin < 3.1 - Sensitive Information Exposure	Identify critical remote vulnerabilities	Medium	Source
Usermin 2.100 - Username Enumeration	Identify critical remote vulnerabilities	Medium	Source
Usermin Panel - Detect	Identify web-based control panels	Info	Source
V2924 Admin Login Panel - Detect	Identify web-based control panels	Info	Source
VICIdial - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
VMware Aria Operations Login - Detect	Identify web-based control panels	Info	Source
VMware Carbon Black EDR Panel - Detect	Identify web-based control panels	Info	Source
VMware Cloud Director Availability Login Panel - Detect	Identify web-based control panels	Info	Source
VMware Cloud Director Login Panel - Detect	Identify web-based control panels	Info	Source
VMware FTP Server Login Panel - Detect	Identify web-based control panels	Info	Source
VMware HCX Login Panel - Detect	Identify web-based control panels	Info	Source
VMware NSX Login Panel - Detect	Identify web-based control panels	Info	Source
VMware Workspace ONE Access - Server-Side Template Injection	Identify critical remote vulnerabilities	Critical	Source
VMware Workspace ONE UEM Airwatch Login Panel - Detect	Identify web-based control panels	Info	Source
VMware Workspace ONE UEM Airwatch Self-Service Portal - Detect	Identify web-based control panels	Info	Source
VMware vCenter Converter Panel - Detect	Identify web-based control panels	Info	Source
VMware vCloud Director Panel - Detect	Identify web-based control panels	Info	Source
Vanna - SQL injection	Identify critical remote vulnerabilities	Critical	Source
Vault Login Panel - Detect	Identify web-based control panels	Info	Source
Vaultwarden Login Panel - Detect	Identify web-based control panels	Info	Source
VectorAdmin Panel - Detect	Identify web-based control panels	Info	Source
Veeam Backup Enterprise Manager Login - Detect	Identify web-based control panels	Info	Source
Veeam Backup for Google Cloud Platform Panel - Detect	Identify web-based control panels	Info	Source
Veeam Backup for Microsoft Azure Panel - Detect	Identify web-based control panels	Info	Source
Veeam Login Panel - Detect	Identify web-based control panels	Info	Source
Veracore Login - Detect	Identify web-based control panels	Info	Source
Veritas NetBackup OpsCenter Analytics Login - Detect	Identify web-based control panels	Info	Source
Veriz0wn OSINT - Detect	Identify web-based control panels	Info	Source
Verizon Router Panel - Detect	Identify web-based control panels	Info	Source
Versa Concerto API Path Based - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Versa Concerto Actuator Endpoint - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Versa Director Login Panel - Detect	Identify web-based control panels	Info	Source
Versa FlexVNF - Default Login	Identify default logins in web-based control panels	High	Source
Versa FlexVNF Panel - Detect	Identify web-based control panels	Info	Source
VertaAI ModelDB - Path Traversal	Identify critical remote vulnerabilities	High	Source
Vertex Tax Installer Panel - Detect	Identify web-based control panels	Info	Source
Vidyo Admin Login Panel - Detect	Identify web-based control panels	Info	Source
Viessmann Vitogate 300 - Hardcoded Password	Identify critical remote vulnerabilities	Medium	Source
Viessmann Vitogate 300 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Vinchin Backup & Recovery Panel - Detect	Identify web-based control panels	Info	Source
Virtua Software Cobranca <12R - Blind SQL Injection	Identify critical remote vulnerabilities	High	Source
Virtua Software Panel - Detect	Identify web-based control panels	Info	Source
Vite - Arbitrary File Read	Identify critical remote vulnerabilities	Medium	Source
Vite Development Server - Path Traversal	Identify critical remote vulnerabilities	Medium	Source
VoIPmonitor Login Panel - Detect	Identify web-based control panels	Info	Source
Vodafone Vox UI Login Panel - Detect	Identify web-based control panels	Info	Source
Void Aural Rec Monitor 9.0.0.1 - SQL Injection	Identify critical remote vulnerabilities	High	Source
VoipMonitor - Pre-Auth SQL Injection	Identify critical remote vulnerabilities	Critical	Source
VoipMonitor <24.61 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Vue PACS - Panel	Identify web-based control panels	Info	Source
WAGO - Remote Command Execution	Identify critical remote vulnerabilities	Critical	Source
WAGO Web-based Management - Default Login	Identify default logins in web-based control panels	High	Source
WAVLINK - Access Control	Identify critical remote vulnerabilities	High	Source
WAVLINK AC1200 - Information Disclosure	Identify critical remote vulnerabilities	High	Source
WAVLINK Quantum D4G (WL-WN531G3) - Information Disclosure	Identify critical remote vulnerabilities	High	Source
WAVLINK WN530H4 M30H4.V5030.190403 - Information Disclosure	Identify critical remote vulnerabilities	High	Source
WAVLINK WN530H4 live_api.cgi - Command Injection	Identify critical remote vulnerabilities	Critical	Source
WAVLINK WN530HG4 - Improper Access Control	Identify critical remote vulnerabilities	Critical	Source
WAVLINK WN530HG4 - Improper Access Control	Identify critical remote vulnerabilities	High	Source
WAVLINK WN530HG4 - Improper Access Control	Identify critical remote vulnerabilities	Medium	Source
WAVLINK WN533A8 - Improper Access Control	Identify critical remote vulnerabilities	High	Source
WAVLINK WN535 G3 - Improper Access Control	Identify critical remote vulnerabilities	High	Source
WAVLINK WN535 G3 - Information Disclosure	Identify critical remote vulnerabilities	High	Source
WAVLINK WN535 G3 - Information Disclosure	Identify critical remote vulnerabilities	High	Source
WAVLINK WN579 X3 M79X3.V5030.180719 - Information Disclosure	Identify critical remote vulnerabilities	High	Source
WCFM WooCommerce Multivendor Marketplace < 3.4.12 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
WD My Cloud Panel - Detect	Identify web-based control panels	Info	Source
WP Fastest Cache 1.2.2 - SQL Injection	Identify critical remote vulnerabilities	High	Source
WP Hotel Booking < 1.10.4 - PHP Object Injection	Identify critical remote vulnerabilities	Critical	Source
WP Popup Builder Popup Forms and Marketing Lead Generation <= 1.3.5 - Arbitrary Shortcode Execution	Identify critical remote vulnerabilities	High	Source
WP Query Console <= 1.0 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
WP Umbrella Update Backup Restore & Monitoring <= 2.17.0 - Local File Inclusion	Identify critical remote vulnerabilities	Critical	Source
WP User <= 7.0 - Unauthenticated SQLi	Identify critical remote vulnerabilities	Critical	Source
WP Visitor Statistics (Real Time Traffic) < 6.9 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
WP-Recall – Plugin <= 16.26.10 - Unauthenticated SQL Injection	Identify critical remote vulnerabilities	High	Source
WPMobile.App <= 11.56 - Open Redirect	Identify critical remote vulnerabilities	High	Source
WPS Hide Login <= 1.9.15.2 - Login Page Disclosure	Identify critical remote vulnerabilities	Medium	Source
WS-FTP Ad Hoc Transfer Panel - Detect	Identify web-based control panels	Info	Source
WSO2 Management Console - Default Login	Identify default logins in web-based control panels	High	Source
WSO2 Management Console Login Panel - Detect	Identify web-based control panels	Info	Source
WS_FTP Server Web Transfer - Panel Detect	Identify web-based control panels	Info	Source
WWBN AVideo 11.6 - Cross-Site Scripting	Identify critical remote vulnerabilities	Critical	Source
Wagtail Login - Detect	Identify web-based control panels	Info	Source
Wallix Access Manager Panel - Detect	Identify web-based control panels	Info	Source
WampServer Panel - Detect	Identify web-based control panels	Info	Source
Watcher Panel - Detect	Identify web-based control panels	Info	Source
Watershed Login Panel - Detect	Identify web-based control panels	Info	Source
Wavlink - Improper Access Control	Identify critical remote vulnerabilities	High	Source
Wavlink WL-WN530HG4 M30HG4.V5030.201217 - Information Disclosure	Identify critical remote vulnerabilities	High	Source
Wavlink WL-WN533A8 M33A8.V5030.190716 - Information Disclosure	Identify critical remote vulnerabilities	High	Source
Wavlink WN535K2/WN535K3 - OS Command Injection	Identify critical remote vulnerabilities	High	Source
Wazuh - Default Login	Identify default logins in web-based control panels	High	Source
Wazuh Login Panel	Identify web-based control panels	Info	Source
WeChat agentinfo - Information Exposure	Identify critical remote vulnerabilities	High	Source
WeGIA - Directory Traversal	Identify critical remote vulnerabilities	Critical	Source
Web File Manager Login Panel - Detect	Identify web-based control panels	Info	Source
Web Transfer Client Login Panel - Detect	Identify web-based control panels	Info	Source
Web Viewer for Samsung DVR - Detect	Identify web-based control panels	Info	Source
WebIQ 2.15.9 - Directory Traversal	Identify critical remote vulnerabilities	High	Source
WebMethod Integration Server - Default Login	Identify default logins in web-based control panels	High	Source
WebPageTest Login Panel - Detect	Identify web-based control panels	Info	Source
WebShell4 Login Panel - Detect	Identify web-based control panels	Info	Source
WebTitan Cloud Panel - Detect	Identify web-based control panels	Info	Source
WebcomCo - Panel	Identify web-based control panels	Info	Source
Webmin - Default Login	Identify default logins in web-based control panels	High	Source
Webmin < 1.920 - Authenticated Remote Code Execution	Identify critical remote vulnerabilities	High	Source
Webmin <= 1.920 - Unauthenticated Remote Command Execution	Identify critical remote vulnerabilities	Critical	Source
Webmin Admin Login Panel - Detect	Identify web-based control panels	Info	Source
Webmodule Login Panel - Detect	Identify web-based control panels	Info	Source
Webroot Login Panel - Detect	Identify web-based control panels	Info	Source
Webuzo Admin Login Panel - Detect	Identify web-based control panels	Info	Source
WeiPHP 5.0 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Weiphp Panel - Detect	Identify web-based control panels	Info	Source
Western Digital MyCloud NAS - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Whatsup Gold Login Panel - Detect	Identify web-based control panels	Info	Source
Wifisky - Default Login	Identify default logins in web-based control panels	High	Source
Wildfly - Default Login	Identify default logins in web-based control panels	High	Source
Wildix Collaboration Panel - Detect	Identify web-based control panels	Info	Source
Windows Admin Center Panel - Detection	Identify web-based control panels	Info	Source
Wing FTP Server <= 7.4.3 - Path Disclosure via Overlong UID Cookie	Identify critical remote vulnerabilities	Medium	Source
Wing FTP Server <= 7.4.3 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Wiren Board WebUI Panel - Detect	Identify web-based control panels	Medium	Source
Woodwing Studio Server Panel - Detect	Identify web-based control panels	Info	Source
WordPress Core - Post Author Email Disclosure	Identify critical remote vulnerabilities	Medium	Source
WordPress Download Manager - File Password Exposure	Identify critical remote vulnerabilities	High	Source
WordPress Download Manager < 3.3.07 - Unauthenticated Data Exposure	Identify critical remote vulnerabilities	Medium	Source
WordPress Epsilon Framework Themes <=2.4.8 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
WordPress File Upload <= 4.24.11 - Arbitrary File Read	Identify critical remote vulnerabilities	Critical	Source
WordPress Gift Voucher <4.1.8 - Blind SQL Injection	Identify critical remote vulnerabilities	Critical	Source
WordPress Grow by Tradedoubler Plugin < 2.0.22 - Unauthenticated Local File Inclusion	Identify critical remote vulnerabilities	Critical	Source
WordPress HTML5 Video Player - SQL Injection	Identify critical remote vulnerabilities	High	Source
WordPress Job Portal < 2.0.6 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
WordPress My Calendar <3.4.22 - SQL Injection	Identify critical remote vulnerabilities	High	Source
WordPress Paid Memberships Pro <2.6.7 - Blind SQL Injection	Identify critical remote vulnerabilities	Critical	Source
WordPress Paid Memberships Pro <2.9.8 - Blind SQL Injection	Identify critical remote vulnerabilities	Critical	Source
WordPress Plugin WP Statistics <= 13.1.5 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
WordPress Plugin WP Statistics <= 13.1.5 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
WordPress Plugin WP Statistics <= 13.1.5 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
WordPress Statistics <13.0.8 - Blind SQL Injection	Identify critical remote vulnerabilities	High	Source
WordPress Ultimate Member 2.1.3 - 2.8.2 – SQL Injection	Identify critical remote vulnerabilities	Critical	Source
WordPress Visitor Statistics <=5.7 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
WordPress WP-Advanced-Search <= 3.3.9 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Wordpress Gift Cards <= 4.3.1 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Wordpress Polls Widget < 1.5.3 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Worpress Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Wowza Streaming Engine Manager Panel - Detect	Identify web-based control panels	Info	Source
WpStickyBar <= 2.1.0 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Wuzhicms 4.1.0 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
X-UI - Default Login	Identify default logins in web-based control panels	High	Source
XDS-AMR Status Login Panel - Detect	Identify web-based control panels	Info	Source
XNAT - Default Login	Identify default logins in web-based control panels	High	Source
XNAT Login Panel - Detect	Identify web-based control panels	Info	Source
XVR Login Panel - Detect	Identify web-based control panels	Info	Source
XWiki - Cross-Site Scripting	Identify critical remote vulnerabilities	Critical	Source
XWiki < 12.10.11, 13.4.4 & 13.9-rc-1 - Information Disclosure	Identify critical remote vulnerabilities	Medium	Source
XWiki < 14.10.14 - Cross-Site Scripting	Identify critical remote vulnerabilities	Critical	Source
XWiki < 14.10.5 - Cross-Site Scripting	Identify critical remote vulnerabilities	Critical	Source
XWiki < 4.10.15 - Email Disclosure	Identify critical remote vulnerabilities	Medium	Source
XWiki < 4.10.15 - Information Disclosure	Identify critical remote vulnerabilities	High	Source
XWiki < 4.10.15 - Sensitive Information Disclosure	Identify critical remote vulnerabilities	High	Source
XWiki < 4.10.20 - Remote code execution	Identify critical remote vulnerabilities	Critical	Source
XWiki >= 2.5-milestone-2 - Cross-Site Scripting	Identify critical remote vulnerabilities	Critical	Source
XWiki >= 3.4-milestone-1 - Cross-Site Scripting	Identify critical remote vulnerabilities	Critical	Source
XWiki >= 6.0-rc-1 - Cross-Site Scripting	Identify critical remote vulnerabilities	Critical	Source
XWiki >= 6.2-milestone-1 - Cross-Site Scripting	Identify critical remote vulnerabilities	Critical	Source
XWiki Platform - Cross-Site Scripting	Identify critical remote vulnerabilities	Medium	Source
XWiki Platform - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
XWiki Platform - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
XWiki Platform - Unauthorized Document History Access	Identify critical remote vulnerabilities	Medium	Source
XXL-JOB - Default Login	Identify default logins in web-based control panels	High	Source
XXLJOB Admin Login Panel - Detect	Identify web-based control panels	Info	Source
Xeams Admin Console Login Panel - Detect	Identify web-based control panels	Info	Source
Xfinity Panel - Detect	Identify web-based control panels	Info	Source
Xiaomi Wireless Router Admin Panel - Detect	Identify web-based control panels	Info	Source
Xibo CMS Login Panel - Detect	Identify web-based control panels	Info	Source
XploitSPY - Default Login	Identify default logins in web-based control panels	High	Source
YARPP <= 5.30.10 - Missing Authorization	Identify critical remote vulnerabilities	Medium	Source
Yacht - Default Login	Identify default logins in web-based control panels	High	Source
Yellowfin Information Collaboration - Detect	Identify web-based control panels	Info	Source
YesWiki <2022-07-07 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Yeswiki < 4.5.2 - Unauthenticated Path Traversal	Identify critical remote vulnerabilities	High	Source
Yopass Panel - Detect	Identify web-based control panels	Info	Source
Youzify < 1.2.0 - Unauthenticated SQLi	Identify critical remote vulnerabilities	Critical	Source
YunoHost Admin Panel - Detect	Identify web-based control panels	Info	Source
YzmCMS Login Panel - Detect	Identify web-based control panels	Info	Source
Z-BlogPHP Admin Login Panel - Detect	Identify web-based control panels	Info	Source
Z-BlogPHP Panel - Detect	Identify web-based control panels	Info	Source
ZKTeco BioTime v8.5.5 - Path Traversal	Identify critical remote vulnerabilities	High	Source
ZOHO ManageEngine ADAudit/ADManager Panel - Detect	Identify web-based control panels	Info	Source
ZOHO ManageEngine ADSelfService Plus - Detect	Identify web-based control panels	Info	Source
ZOHO ManageEngine APEX IT Help-Desk Panel - Detect	Identify web-based control panels	Info	Source
ZOHO ManageEngine Analytics Plus Panel - Detect	Identify web-based control panels	Info	Source
ZOHO ManageEngine AssetExplorer Panel - Detect	Identify web-based control panels	Info	Source
ZOHO ManageEngine Desktop Panel - Detect	Identify web-based control panels	Info	Source
ZOHO ManageEngine Exchange Reporter Plus Panel - Detect	Identify web-based control panels	Info	Source
ZOHO ManageEngine OpManager Panel - Detect	Identify web-based control panels	Info	Source
ZOHO ManageEngine ServiceDesk Panel - Detect	Identify web-based control panels	Info	Source
ZOHO ManageEngine SupportCenter Panel - Detect	Identify web-based control panels	Info	Source
ZTE Panel - Detect	Identify web-based control panels	Info	Source
ZTE ZXHN-F660T/F660A - Default Credentials	Identify critical remote vulnerabilities	High	Source
Zabbix - Default Login	Identify default logins in web-based control panels	High	Source
Zabbix - SAML SSO Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Zabbix - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
Zabbix <=4.4 - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Zabbix Login Panel - Detect	Identify web-based control panels	Info	Source
Zabbix Setup Configuration Authentication Bypass	Identify critical remote vulnerabilities	Low	Source
Zammad Helpdesk Panel - Detect	Identify web-based control panels	Info	Source
Zebra Printer - Default Login	Identify default logins in web-based control panels	High	Source
ZenML Dashboard Panel - Detect	Identify web-based control panels	Info	Source
ZeroShell <= 1.0beta11 Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
ZeroShell Panel - Detect	Identify web-based control panels	Info	Source
Zeroshell 3.9.0 - Remote Command Execution	Identify critical remote vulnerabilities	Critical	Source
Zeroshell 3.9.3 - Command Injection	Identify critical remote vulnerabilities	Critical	Source
Zimbra Collaboration (ZCS) - Cross Site Scripting	Identify critical remote vulnerabilities	Medium	Source
Zimbra Collaboration Suite 8.8.15/9.0 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Zimbra Collaboration Suite Login Panel - Detect	Identify web-based control panels	Info	Source
Zimbra Panel - Detect	Identify web-based control panels	Info	Source
Zipkin Login Panel - Detect	Identify web-based control panels	Info	Source
Zitadel - User Registration Bypass	Identify critical remote vulnerabilities	High	Source
Zoho ManageEngine - Internal Hostname Disclosure	Identify critical remote vulnerabilities	Medium	Source
Zoho ManageEngine - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Zoho ManageEngine Desktop Central - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
Zoho ManageEngine Network Configuration Manager Panel - Detect	Identify web-based control panels	Info	Source
Zoho ManageEngine OpManager - SQL Injection	Identify critical remote vulnerabilities	High	Source
Zoho ManageEngine ServiceDesk Plus - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
ZoneMinder - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
ZoneMinder Login Panel - Detect	Identify web-based control panels	Info	Source
Zoraxy Login Panel - Detect	Identify web-based control panels	Info	Source
Zuul Panel - Detect	Identify web-based control panels	Info	Source
ZyXel Router Login Panel - Detect	Identify web-based control panels	Info	Source
ZyXel USG - Hardcoded Credentials	Identify critical remote vulnerabilities	Critical	Source
Zyxel - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
Zyxel Firewall Panel - Detect	Identify web-based control panels	Info	Source
Zyxel VMG1312-B10D - Login Detection	Identify web-based control panels	Info	Source
Zyxel VSG1432-B101 - Login Detection	Identify web-based control panels	Info	Source
airCube Dashboard Login Panel - Detect	Identify web-based control panels	Info	Source
airCube Login - Detect	Identify web-based control panels	Info	Source
bloofoxCMS Default Credentials	Identify default logins in web-based control panels	High	Source
cPanel API Codes Panel - Detect	Identify web-based control panels	Info	Source
coreBOS Panel - Detect	Identify web-based control panels	Info	Source
dbt Docs Panel - Detect	Identify web-based control panels	Info	Source
dotAdmin Login Panel- Detect	Identify web-based control panels	Info	Source
draw.io Flowchart Maker Panel - Detect	Identify web-based control panels	Info	Source
eArcu Panel - Detect	Identify web-based control panels	Info	Source
eMerge E3 1.00-06 - Remote Code Execution	Identify critical remote vulnerabilities	Critical	Source
eMessage Login Panel - Detect	Identify web-based control panels	Info	Source
eZ Publish Login Panel - Detect	Identify web-based control panels	Info	Source
iClock Automatic Data Master Server Admin Panel - Detect	Identify web-based control panels	Info	Source
iSAMS Panel - Detect	Identify web-based control panels	Info	Source
iSpy 7.2.2.0 - Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
iTop - User Enumeration via REST Endpoint	Identify critical remote vulnerabilities	High	Source
iTop Hub Connector - Information Disclosure	Identify critical remote vulnerabilities	Medium	Source
iXBus Login Panel - Detect	Identify web-based control panels	Info	Source
ipTIME A2004 - Unauthorized Access	Identify critical remote vulnerabilities	Medium	Source
ipTIME A2004 - Unauthorized Access	Identify critical remote vulnerabilities	Medium	Source
kkFileView Panel - Detect	Identify web-based control panels	Info	Source
macOS Server Panel - Detect	Identify web-based control panels	Info	Source
mantisbt - Anonymous Login	Identify default logins in web-based control panels	Medium	Source
modoboa 2.0.4 - Admin TakeOver	Identify critical remote vulnerabilities	Critical	Source
myLittleAdmin Login Panel - Detect	Identify web-based control panels	Info	Source
myLittleBackup Panel - Detect	Identify web-based control panels	Info	Source
n8n Panel - Detect	Identify web-based control panels	Info	Source
ngSurvey Login Panel - Detect	Identify web-based control panels	Info	Source
nginxWebUI ≤ 3.5.0 - Remote Command Execution	Identify critical remote vulnerabilities	Critical	Source
nginxWebUI ≤ 3.5.0 runCmd - Remote Command Execution	Identify critical remote vulnerabilities	Critical	Source
noVNC Login Panel - Detect	Identify web-based control panels	Info	Source
openSIS Classic v9.1 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
openSIS v9.0 - Path Traversal	Identify critical remote vulnerabilities	High	Source
osTicket Installer Panel - Detect	Identify web-based control panels	Critical	Source
osTicket Login Panel - Detect	Identify web-based control panels	Info	Source
ownCloud Server - Detection	Identify web-based control panels	Info	Source
pCOWeb - Default-Login	Identify default logins in web-based control panels	High	Source
pCOWeb Panel - Detect	Identify web-based control panels	Info	Source
pREST < 1.5.4 - SQL Injection Via Authentication Bypass	Identify critical remote vulnerabilities	Critical	Source
pfSense Login Panel - Detect	Identify web-based control panels	Info	Source
phpCollab Login Panel - Detect	Identify web-based control panels	Info	Source
phpMiniAdmin Login Panel - Detect	Identify web-based control panels	Info	Source
phpMyAdmin - Default Login	Identify default logins in web-based control panels	High	Source
phpMyAdmin Panel - Detect	Identify web-based control panels	Info	Source
phpPgAdmin Login Panel - Detect	Identify web-based control panels	Info	Source
pyLoad Flask Config - Access Control	Identify critical remote vulnerabilities	High	Source
qBittorrent Web UI Panel - Detect	Identify web-based control panels	Info	Source
qdPM 9.2 - Directory Traversal	Identify critical remote vulnerabilities	High	Source
qdPM Login Panel	Identify web-based control panels	Info	Source
rConfig - Default Login	Identify default logins in web-based control panels	High	Source
rConfig 3.9 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
rConfig 3.9.4 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
rConfig 3.9.4 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
rConfig 3.9.4 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
rConfig <=3.9.4 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
tshirtecommerce PrestaShop Module - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
txAdmin Panel - Detect	Identify web-based control panels	Info	Source
vBulletin 5.0.0-5.5.4 - Remote Command Execution	Identify critical remote vulnerabilities	Critical	Source
vBulletin 5.5.4 - 5.6.2- Remote Command Execution	Identify critical remote vulnerabilities	Critical	Source
vBulletin <= 4.2.3 - SQL Injection	Identify critical remote vulnerabilities	Critical	Source
vBulletin SQL Injection	Identify critical remote vulnerabilities	Critical	Source
vRealize Hyperic Login Panel - Detect	Identify web-based control panels	Info	Source
vRealize Log Insight - Panel Detect	Identify web-based control panels	Info	Source
zhttpd - Local File Inclusion	Identify critical remote vulnerabilities	High	Source