#######################################################################
# File Source: https://cirt.net
# (c) 2001 Chris Sullo, All Rights Reserved.
# This file may only be distributed and used with the full Nikto package.
# This file may not be used with any software product without written permission from
# Chris Sullo (csullo@gmail.com)
#
# Note:
# By submitting updates to this file you are transferring any and all copyright
# interest in the data to Chris Sullo so it can modified, incorporated into this product
# relicensed or reused.
#######################################################################
# Notes:
# These can be regular expressions, but will be eval'd case insensitive.
# Since these are run after every page retrieved, we should try to keep these as fast 
# regular expressions as possible, and limited to only critical findings.
#######################################################################
"nikto_id","references","matchstring","message"
"750500","CWE-548","[iI]ndex [oO]f \/","Directory indexing found."
"750501","","Warning(?:<\/b>)?:\s+(?:include|require)(?:_once)?\(","PHP include error may indicate local or remote file inclusion is possible."
"750502","","failed to open stream: No such file or directory in (?:<b>)?(?:[a-zA-Z]:\\|\/)","PHP include error reveals the full path to the web root."
"750503","","mysql_p?connect\(","Potential PHP MySQL database connection string found."
"750504","","pgp_p?connect\(","Potential PHP PostgreSQL database connection string found."
"750505","","sqlite_p?open\(","Potential PHP SQLite database connection string found."
"750506","","mssql_p?connect\(","Potential PHP MSSQL database connection string found."
"750507","","Call to undefined function.*\(\) in \/","PHP error reveals file system path."
"750508","CVE-2006-5272","FrameworkLog.xsl\"\\?>.*<version>(?:[0-2]|3\.(?:[0-5]|6\.0\.(?:[0-4]|5(?:[0-3]|4[0-5]))))","McAfee Common Management Agent 3.6.0.546 and below contain multiple overflows."
"750509","","However, we found documents with names similar to the one you requested","The mod_speling module can reveal otherwise 'hidden' files in directories."
"750510","","makes use of the Zend Scripting Language","Output from the phpinfo() function was found."
"750511","","SQLSTATE\[","A database error may reveal internal details about the running database."
"750512","","jetty-dir.css\" REL=\"stylesheet\" TYPE=\"text/css\"\/><TITLE>Directory: \/","Directory indexing found (Jetty)."
"750513","","404-server!!","This string is associated with the 'meuhy.php' backdoor file uploader/downloader."
"750514","","Brazilians Defacers","This string is associated with pages tagged by HackerBrasilll group."
"750515","","HackerBrasilll","This string is associated with pages tagged by HackerBrasilll group."
"750516","","plain HTTP to an SSL","You appear to be scanning an HTTPS site with HTTP. This won't work as you expect.."
"750517","","plain HTTP request was sent to HTTPS","You appear to be scanning an HTTPS site with HTTP. This won't work as you expect."
"750518","","password e-?mailed","Possible cleartext emailing of stored password."
"750519","","[Tt]omcat\s[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}","The detailed Tomcat version is disclosed in error pages."
