Vulnerability Name
Classifications
Severity
Bash Command Injection Vulnerability (Shellshock Bug)
PCI v3.2-6.5.1, CAPEC-88, CWE-78, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-31, OWASP 2013-A1, OWASP 2017-A9, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C
Critical
Blind Command Injection
PCI v3.2-6.5.1, CAPEC-88, CWE-78, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-31, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
Critical
Blind SQL Injection
PCI v3.2-6.5.1, CAPEC-66, CWE-89, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-19, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Critical
Boolean Based SQL Injection
PCI v3.2-6.5.1, CAPEC-66, CWE-89, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-19, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Code Evaluation (Apache Struts)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/RL:O
Critical
Code Evaluation (Apache Struts S02-53)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Code Evaluation (Apache Struts) S2-016
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/RL:O
Critical
Code Evaluation (Apache Struts) S2-045
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/RL:O
Critical
Code Evaluation (Apache Struts) S2-046
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/RL:O
Critical
Code Evaluation (ASP)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Critical
Code Evaluation (Node.js)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Critical
Code Evaluation (Perl)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Critical
Code Evaluation (PHP)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Critical
Code Evaluation (PHP) – IAST
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Critical
Code Evaluation (Python)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Critical
Code Evaluation (RoR)
PCI v3.2-6.5.1, CAPEC-356, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-23, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Critical
Code Evaluation (RoR – JSON)
PCI v3.2-6.5.1, CAPEC-356, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-23, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Critical
Code Evaluation (Ruby)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Critical
Code Evaluation via Local File Inclusion (PHP)
PCI v3.2-6.5.1, CAPEC-251, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-33, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Code Execution via File Upload
PCI v3.2-6.5.1, CAPEC-210, CWE-94, HIPAA-164.306(a), ISO27001-A.14.2.5, WASC-42, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Code Execution via Local File Inclusion
PCI v3.2-6.5.1, CAPEC-170, CWE-94, HIPAA-164.306(a), ISO27001-A.14.2.5, WASC-33, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Code Execution via SSTI
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Code Execution via SSTI (ASP.NET Razor)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Code Execution via SSTI (Java FreeMarker)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Code Execution via SSTI (Java Pebble)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Code Execution via SSTI (Java Velocity)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Code Execution via SSTI (JinJava)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Code Execution via SSTI (Node.js Dot)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Code Execution via SSTI (Node.js EJS)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Code Execution via SSTI (Node.js Marko)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Code Execution via SSTI (Node.js Nunjucks)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Code Execution via SSTI (Node.js Pug (Jade))
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Code Execution via SSTI (PHP Smarty)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Code Execution via SSTI (PHP Twig)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Code Execution via SSTI (Python Jinja)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Code Execution via SSTI (Python Mako)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Code Execution via SSTI (Python Tornado)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Code Execution via SSTI (Ruby ERB)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Code Execution via SSTI (Ruby Slim)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Code Execution via WebDAV
PCI v3.2-6.5.8, CAPEC-17, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-17, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Command Injection
PCI v3.2-6.5.1, CAPEC-88, CWE-78, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-31, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Command Injection (IAST)
PCI v3.2-6.5.1, CAPEC-88, CWE-78, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-31, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Drupal Core – Remote Code Execution (CVE-2019-6340)
PCI v3.2-6.5.1, CAPEC-242, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Critical
Mail Header Injection (IAST)
PCI v3.2-6.5.1, CAPEC-66, CWE-20, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-19, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Critical
Malware Identified
CWE-506, AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Critical
OpenSSL Heartbleed
PCI v3.2-6.5.2, CAPEC-216, CWE-119, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A9, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C
Critical
Oracle WebLogic Remote Code Execution (CVE-2020-14882)
PCI v3.2-6.5.1, CAPEC-242, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Critical
Out of Band Code Evaluation (Apache Struts 2)
PCI v3.2-6.5.1, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O
Critical
Out of Band Code Evaluation (Apache Struts 2) S2-053
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Out of Band Code Evaluation (ASP)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Out of Band Code Evaluation (Log4j)
PCI v3.2-6.5.1, CAPEC-23, CWE-502, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Out of Band Code Evaluation (Node.js)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Out of Band Code Evaluation (Perl)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Out of Band Code Evaluation (PHP)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Out of Band Code Evaluation (Python)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Out of Band Code Evaluation (RoR)
PCI v3.2-6.5.1, CAPEC-356, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-23, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/RL:O
Critical
Out of Band Code Evaluation (RoR – JSON)
PCI v3.2-6.5.1, CAPEC-356, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-23, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Critical
Out of Band Code Evaluation (Ruby)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Out of Band Code Execution via SSTI
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Out of Band Code Execution via SSTI (Java FreeMarker)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Out of Band Code Execution via SSTI (Java Velocity)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Out of Band Code Execution via SSTI (Node.js Dot)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Out of Band Code Execution via SSTI (Node.js EJS)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Out of Band Code Execution via SSTI (Node.js Marko)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Out of Band Code Execution via SSTI (Node.js Nunjucks)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Out of Band Code Execution via SSTI (Node.js Pug (Jade))
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Out of Band Code Execution via SSTI (PHP Smarty)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Out of Band Code Execution via SSTI (PHP Twig)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Out of Band Code Execution via SSTI (Python Jinja)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Out of Band Code Execution via SSTI (Python Mako)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Out of Band Code Execution via SSTI (Python Tornado)
PCI v3.2-6.5.1, CAPEC-23, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Out of Band Command Injection
PCI v3.2-6.5.1, CAPEC-88, CWE-78, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-31, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Out of Band Remote File Inclusion
PCI v3.2-6.5.1, CAPEC-193, CWE-98, HIPAA-164.306(a), ISO27001-A.14.2.5, WASC-5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Out of Band SQL Injection
PCI v3.2-6.5.1, CAPEC-66, CWE-89, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-19, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
PossibleBlindMongoDB [deprecated]
PCI v3.2-6.5.1, CAPEC-66, CWE-89, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-19, OWASP 2013-A1
Critical
Remote Code Execution and DoS in HTTP.sys (IIS)
PCI v3.2-6.5.1, CAPEC-340, CWE-20, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-7, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:W/RC:C
Critical
Remote Code Execution (Spring4Shell)
PCI v3.2-6.5.1, CAPEC-242, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Critical
Remote File Inclusion
PCI v3.2-6.5.1, CAPEC-193, CWE-98, HIPAA-164.306(a), ISO27001-A.14.2.5, WASC-5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
Critical
Server-Side Request Forgery (Oracle Cloud)
CWE-918, ISO27001-A.14.2.5, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Critical
Server-Side Request Forgery (Packet Cloud)
CWE-918, ISO27001-A.14.2.5, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Critical
Server-Side Request Forgery (trace.axd)
PCI v3.2-6.5.6, CAPEC-347, CWE-918, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C
Critical
Server-Side Template Injection
PCI v3.2-6.5.1, CWE-74, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Server-Side Template Injection (ASP.NET Razor)
PCI v3.2-6.5.1, CWE-74, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Server-Side Template Injection (Java FreeMarker)
PCI v3.2-6.5.1, CWE-74, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Server-Side Template Injection (Java Pebble)
PCI v3.2-6.5.1, CWE-74, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Server-Side Template Injection (Java Velocity)
PCI v3.2-6.5.1, CWE-74, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Server-Side Template Injection (JinJava)
PCI v3.2-6.5.1, CWE-74, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Server-Side Template Injection (Node.js Dot)
PCI v3.2-6.5.1, CWE-74, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Server-Side Template Injection (Node.js EJS)
PCI v3.2-6.5.1, CWE-74, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Critical
Server-Side Template Injection (Ruby ERB)
PCI v3.2-6.5.1, CWE-74, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
SQL Injection
PCI v3.2-6.5.1, CAPEC-66, CWE-89, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-19, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
SQL Injection (IAST)
PCI v3.2-6.5.1, CAPEC-66, CWE-89, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-19, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Text4Shell Remote Code Execution – (CVE-2022-42889)
PCI v3.2-6.5.1, CAPEC-242, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, OWASP 2013-A03, OWASP 2017-A01, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Critical
Web Backdoor Detected
PCI v3.2-6.5.6, CAPEC-443, CWE-507, HIPAA-164.308(a), ISO27001-A.12.2.1, OWASP 2017-A10, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Critical
Web Cache Deception
PCI v3.2-2.2.3, CAPEC-CAPEC, ISO27001-A.14.1.3, WASC-6, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Critical
Arbitrary File Creation Detected
CWE-20, OWASP 2017-A5
High
Arbitrary File Deletion Detected
CWE-20, OWASP 2017-A5
High
ASP.NET Tracing Is Enabled
CWE-11, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
High
Backup Source Code Detected
PCI v3.2-6.5.8, CAPEC-87, CWE-530, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-34, OWASP 2013-A7, OWASP 2017-A5, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
High
Basic Authorization over HTTP
PCI v3.2-6.5.4, CAPEC-65, CWE-319, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
High
Blind Cross-site Scripting
PCI v3.2-6.5.7, CAPEC-19, CWE-79, HIPAA-164.308(a), ISO27001-A.14.2.5, WASC-8, OWASP 2013-A3, OWASP 2017-A7, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
High
Blind MongoDB Injection
PCI v3.2-6.5.1, CWE-943, HIPAA-164.306(a), 164.308(a), OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
High
Certificate is Signed Using a Weak Signature Algorithm
PCI v3.2-6.5.4, CAPEC-459, ISO27001-A.10, WASC-4, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
High
Cross-site Scripting
PCI v3.2-6.5.7, CAPEC-19, CWE-79, HIPAA-164.308(a), ISO27001-A.14.2.5, WASC-8, OWASP 2013-A3, OWASP 2017-A7, CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
High
Cross-site Scripting (DOM based)
PCI v3.2-6.5.7, CAPEC-19, CWE-79, HIPAA-164.308(a), ISO27001-A.14.2.5, WASC-8, OWASP 2013-A3, OWASP 2017-A7, CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
High
Cross-site Scripting via File Upload
PCI v3.2-6.5.7, CAPEC-19, CWE-79, HIPAA-164.308(a), ISO27001-A.14.2.5, WASC-8, OWASP 2013-A3, OWASP 2017-A7, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
High
Cross-site Scripting via Remote File Inclusion
PCI v3.2-6.5.7, CAPEC-19, CWE-79, HIPAA-164.308(a), ISO27001-A.14.2.5, WASC-8, OWASP 2013-A3, OWASP 2017-A7, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
High
Database User Has Admin Privileges
PCI v3.2-6.5.6, CWE-267, ISO27001-A.9.2.2, WASC-14, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
High
Elmah.axd / Errorlog.axd Detected
PCI v3.2-6.5.6, CAPEC-347, CWE-16, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-15, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C
High
Error-Based MongoDB Injection
PCI v3.2-6.5.1, CWE-943, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
High
Expression Language Injection
PCI v3.2-6.5.1, CWE-20, HIPAA-164.308(a), ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
High
F5 Big-IP Local File Inclusion (CVE-2020-5902)
PCI v3.2-6.5.8, CAPEC-252, CWE-22, HIPAA-164.306(a), ISO27001-A.14.2.5, WASC-33, OWASP 2013-A4, OWASP 2017-A5, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
High
Insecure Transportation Security Protocol Supported (SSLv2)
PCI v3.2-6.5.4, CAPEC-217, CWE-326, HIPAA-164.306, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C
High
JWT Forgery via Chaining Jku Parameter with Open Redirect
CWE-347, OWASP 2017-A2, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
High
JWT Forgery via Path Traversal
CWE-22, OWASP 2017-A1, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
High
JWT Forgery via SQL Injection
CWE-89, OWASP 2017-A1, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
High
JWT Forgery via unvalidated jku parameter
CWE-22, OWASP 2017-A1, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
High
JWT Signature Bypass via None Algorithm
CWE-347, OWASP 2017-A2, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
High
JWT Signature is not Verified
CWE-347, OWASP 2017-A2, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
High
Local File Inclusion
PCI v3.2-6.5.8, CAPEC-252, CWE-22, HIPAA-164.306(a), ISO27001-A.14.2.5, WASC-33, OWASP 2013-A4, OWASP 2017-A5, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
High
Local File Inclusion (IAST)
PCI v3.2-6.5.8, CAPEC-252, CWE-22, HIPAA-164.306(a), ISO27001-A.14.2.5, WASC-33, OWASP 2013-A4, OWASP 2017-A5, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
High
Oracle WebLogic Authentication Bypass (CVE-2020-14883)
CWE-288, OWASP 2013-A2, OWASP 2017-A2, CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
High
Out of Band XML External Entity Injection
PCI v3.2-6.5.1, CAPEC-376, CWE-611, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-43, OWASP 2013-A1, OWASP 2017-A4, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:H
High
Out-of-date Version (Microsoft SQL Server)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
High
Out-of-date Version (MySQL)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
High
Out-of-date Version (Oracle)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
High
Out-of-date Version (PostgreSQL)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
High
Password Transmitted over HTTP
PCI v3.2-6.5.4, CAPEC-65, CWE-319, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
High
ROBOT Attack Detected (Strong Oracle)
PCI v3.2-6.5.4, CAPEC-217, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:W/RC:C
High
ROBOT Attack Detected (Weak Oracle)
PCI v3.2-6.5.4, CAPEC-217, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:W/RC:C
High
Ruby on Rails File Content Disclosure (CVE-2019-5418)
PCI v3.2-6.5.8, CAPEC-252, CWE-98, HIPAA-164.306(a), ISO27001-A.14.2.5, WASC-33, OWASP 2013-A4, OWASP 2017-A5, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
High
Server-Side Request Forgery (Apache Server Status)
CWE-918, ISO27001-A.14.2.5, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
High
Server-Side Request Forgery (AWS)
CWE-918, ISO27001-A.14.2.5, OWASP 2017-A5, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
High
Server-Side Request Forgery (elmah)
PCI v3.2-6.5.6, CAPEC-347, CWE-918, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C
High
Server-Side Request Forgery (elmah MVC)
PCI v3.2-6.5.6, CAPEC-347, CWE-918, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C
High
Server-Side Request Forgery (MySQL)
CWE-918, ISO27001-A.14.2.5, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
High
Server-Side Request Forgery (SSH)
CWE-918, ISO27001-A.14.2.5, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
High
Session Cookie Not Marked as Secure
PCI v3.2-6.5.10, CAPEC-102, CWE-614, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
High
Stored Cross-site Scripting
PCI v3.2-6.5.7, CAPEC-19, CWE-79, HIPAA-164.308(a), ISO27001-A.14.2.5, WASC-8, OWASP 2013-A3, OWASP 2017-A7, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
High
SVN Detected
CAPEC-118, CWE-527, ISO27001-A.9.4.1, WASC-13, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
High
Trace.axd Detected
PCI v3.2-6.5.6, CAPEC-347, CWE-16, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-15, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C
High
Unrestricted File Upload
PCI v3.2-6.5.1, CWE-434, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
High
Weak Basic Authentication Credentials
PCI v3.2-6.5.10, CAPEC-16, CWE-521, ISO27001-A.9.4.3, WASC-15, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
High
Weak Secret is Used to Sign JWT
CWE-347, OWASP 2017-A2, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
High
WebDAV Directory Has Write Permissions
PCI v3.2-6.5.8, CWE-732, ISO27001-A.9.4.1, WASC-17, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:H/RL:O/RC:C
High
XML External Entity Injection
PCI v3.2-6.5.1, CAPEC-376, CWE-611, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-43, OWASP 2013-A1, OWASP 2017-A4, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H
High
Active Mixed Content over HTTPS
CWE-319, ISO27001-A.14.1.3, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Medium
Anonymous Ciphers Supported
PCI v3.2-6.5.4, CAPEC-117, CWE-311, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
Medium
Apache Server-Info Detected
CAPEC-347, CWE-16, ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Medium
Apache Server-Status Detected
CAPEC-347, CWE-16, ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Medium
ASP.NET Cookieless Authentication Is Enabled
CWE-16, OWASP 2013-A5, OWASP 2017-A6
Medium
ASP.NET Cookieless Session State Is Enabled
CWE-16, OWASP 2013-A5, OWASP 2017-A6
Medium
ASP.NET CustomErrors Is Disabled
CWE-16, OWASP 2013-A6, OWASP 2017-A3
Medium
ASP.NET: Failure To Require SSL For Authentication Cookies
CWE-16, OWASP 2017-A6
Medium
ASP.NET Login Credentials Stored In Plain Text
CWE-312, OWASP 2013-A6, OWASP 2017-A3
Medium
ASP.NET ValidateRequest Is Globally Disabled
CWE-16, OWASP 2013-A5, OWASP 2017-A6
Medium
Axis Development Mode Enabled in WEB-INF/server-config.wsdd
CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
Axis system configuration listing enabled in WEB-INF/server-config.wsdd
CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
Base Tag Hijacking
PCI v3.2-6.5.7, CAPEC-19, CWE-20, HIPAA-164.308(a), ISO27001-A.14.2.5, WASC-8, OWASP 2013-A3, OWASP 2017-A7, CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Medium
BREACH Attack Detected
CWE-310, OWASP 2013-A9, OWASP 2017-A9, CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Medium
Critical Form Send to HTTP
PCI v3.2-6.5.4, CAPEC-65, CWE-319, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Medium
Critical Form Served over HTTP
PCI v3.2-6.5.4, CAPEC-65, CWE-319, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Medium
Custom Error Pages Are Not Configured in WEB-INF/web.xml
CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
CVS Detected
CAPEC-118, CWE-527, ISO27001-A.9.4.5, WASC-13, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Medium
Expired SSL Certificate
CWE-295, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Medium
Express Development Mode Is Enabled
CWE-200, ISO27001-A.9.4.1, WASC-14, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Medium
Express express-session Weak Secret Key Detected
CWE-200, WASC-14, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
Frame Injection
PCI v3.2-6.5.1, CWE-601, HIPAA-164.308(a), ISO27001-A.14.2.5, WASC-38, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
Medium
GIT Detected
CAPEC-118, CWE-527, ISO27001-A.9.4.5, WASC-13, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Medium
HTTP Header Injection
PCI v3.2-6.5.1, CAPEC-105, CWE-93, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-24, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Medium
HTTP Header Injection (IAST)
PCI v3.2-6.5.1, CAPEC-105, CWE-93, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-24, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Medium
HTTP Parameter Pollution [deprecated]
CWE-88, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Medium
HTTP Strict Transport Security (HSTS) Errors and Warnings
CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A5, OWASP 2017-A6
Medium
HTTP Strict Transport Security (HSTS) Policy Not Enabled
CAPEC-217, CWE-523, ISO27001-A.14.1.2, WASC-4, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
Medium
Insecure HTTP Usage
ISO27001-A.14.1.3, WASC-4, OWASP 2013-A5, OWASP 2017-A3, CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Medium
Insecure Transportation Security Protocol Supported (SSLv3)
PCI v3.2-6.5.4, CAPEC-217, CWE-326, HIPAA-164.306, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C
Medium
Invalid SSL Certificate
PCI v3.2-6.5.4, CAPEC-459, CWE-295, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Medium
Java Verb Tampering Via Misconfigured Security Constraint
CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
Microsoft Access Database File Detected
PCI v3.2-6.5.8, CWE-284, ISO27001-A.18.1.3, WASC-2, OWASP 2013-A7, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Medium
Node.js Web Application does not handle uncaughtException
CWE-248, WASC-14, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
Node.js Web Application does not handle unhandledRejection
CWE-248, WASC-14, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
Open Policy Crossdomain.xml Detected
CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C
Medium
Open Redirection
CWE-601, ISO27001-A.14.2.5, WASC-38, OWASP 2013-A10, CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Medium
Open Redirection (DOM based)
CWE-601, ISO27001-A.14.2.5, WASC-38, OWASP 2013-A10, CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N
Medium
Open Silverlight Client Access Policy
CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C
Medium
Overly Long Session Timeout
CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
Password Transmitted over Query String
PCI v3.2-6.5.4, CWE-598, ISO27001-A.14.2.5, WASC-13, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Medium
PHP enable_dl Is Enabled
CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Medium
PHP magic_quotes_gpc Is Disabled [deprecated]
CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Medium
PHP register_globals Is Enabled
CWE-473, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
PHP session.use_only_cookies Is Disabled
CWE-598, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Medium
PHP session.use_trans_sid Is Enabled
CWE-598, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Medium
Revoked SSL Certificate
CWE-295, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Medium
RSA Private Key Detected
CAPEC-118, CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Medium
Server-Side Request Forgery
CWE-918, ISO27001-A.14.2.5, WASC-20, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Medium
Server-Side Request Forgery (Time Based)
CWE-918, ISO27001-A.14.2.5, WASC-20, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Medium
Source Code Disclosure (ASP.NET)
CAPEC-118, CWE-540, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Medium
Source Code Disclosure (ColdFusion)
CAPEC-118, CWE-540, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Medium
Source Code Disclosure (Generic)
CAPEC-118, CWE-540, HIPAA-164.306(a), 164.308(a), ISO27001-A.9.4.5, WASC-13, OWASP 2013-A5, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Medium
Source Code Disclosure (Java)
CAPEC-118, CWE-540, HIPAA-164.306(a), 164.308(a), ISO27001-A.9.4.5, WASC-13, OWASP 2013-A5, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Medium
Source Code Disclosure (Java Servlet)
CAPEC-118, CWE-540, HIPAA-164.306(a), 164.308(a), ISO27001-A.9.4.5, WASC-13, OWASP 2013-A5, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Medium
Source Code Disclosure (JSP)
CAPEC-118, CWE-540, HIPAA-164.306(a), 164.308(a), ISO27001-A.9.4.5, WASC-13, OWASP 2013-A5, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Medium
Source Code Disclosure (Perl)
CAPEC-118, CWE-540, HIPAA-164.306(a), 164.308(a), ISO27001-A.9.4.5, WASC-13, OWASP 2013-A5, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Medium
Source Code Disclosure (PHP)
CAPEC-118, CWE-540, HIPAA-164.306(a), 164.308(a), ISO27001-A.9.4.5, WASC-13, OWASP 2013-A5, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Medium
Source Code Disclosure (Python)
CAPEC-118, CWE-540, HIPAA-164.306(a), 164.308(a), ISO27001-A.9.4.5, WASC-13, OWASP 2013-A5, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Medium
Source Code Disclosure (Ruby)
CAPEC-118, CWE-540, HIPAA-164.306(a), 164.308(a), ISO27001-A.9.4.5, WASC-13, OWASP 2013-A5, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Medium
Source Code Disclosure (Tomcat)
CAPEC-118, CWE-540, HIPAA-164.306(a), 164.308(a), ISO27001-A.9.4.5, WASC-13, OWASP 2013-A5, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Medium
Spring Boot Misconfiguration: Actuator endpoint security disabled
CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
Spring Boot Misconfiguration: Admin MBean enabled
CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
Spring Boot Misconfiguration: All Spring Boot Actuator endpoints are web exposed
CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
Spring Boot Misconfiguration: Datasource credentials stored in the properties file
CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
Spring Boot Misconfiguration: Developer tools enabled on production
CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
Spring Boot Misconfiguration: H2 console enabled
CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
Spring Boot Misconfiguration: MongoDB credentials stored in the properties file
CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
Spring Boot Misconfiguration: Overly long session timeout
CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
Spring Boot Misconfiguration: Spring Boot Actuator shutdown endpoint is web exposed
CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
Spring Boot Misconfiguration: Unsafe value for session tracking
CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
Spring Misconfiguration: HTML Escaping disabled
CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
SQLite Database File Found
PCI v3.2-6.5.8, CWE-284, ISO27001-A.18.1.3, WASC-2, OWASP 2013-A7, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Medium
SSL Certificate Is About To Expire
CWE-295, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Medium
SSL Certificate Name Hostname Mismatch
CWE-295, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Medium
SSL Untrusted Root Certificate
CWE-295, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Medium
SSL/TLS Not Implemented
PCI v3.2-6.5.4, CAPEC-217, CWE-311, HIPAA-164.306, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C
Medium
Stack Trace Disclosure (ColdFusion)
PCI v3.2-6.5.5, CAPEC-214, CWE-248, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Medium
Stack Trace Disclosure (Django)
PCI v3.2-6.5.5, CAPEC-214, CWE-248, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Medium
Stack Trace Disclosure (Java)
PCI v3.2-6.5.5, CAPEC-214, CWE-248, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Medium
Stack Trace Disclosure (Laravel)
PCI v3.2-6.5.5, CAPEC-214, CWE-248, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Medium
Stack Trace Disclosure (Python)
PCI v3.2-6.5.5, CAPEC-214, CWE-248, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Medium
Stack Trace Disclosure (RoR)
PCI v3.2-6.5.5, CAPEC-214, CWE-248, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Medium
Stack Trace Disclosure (Ruby-Sinatra Framework)
PCI v3.2-6.5.5, CAPEC-214, CWE-248, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Medium
Struts 2 Config Browser plugin enabled
CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
Struts 2 Development Mode Enabled
CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
Sublime SFTP Config File Detected
CWE-16, ISO27001-A.18.1.3, WASC-15, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Medium
Unicode Transformation (Best-Fit Mapping)
CWE-20, CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Medium
Unsafe value for session tracking in WEB-INF/web.xml
CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
ViewState MAC Disabled
CWE-16, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-15, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
Weak Ciphers Enabled
PCI v3.2-6.5.4, CAPEC-217, CWE-327, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Medium
WordPress Setup Configuration File
PCI v3.2-6.5.8, CAPEC-212, CWE-665, HIPAA-164.312(a)(1), ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/CR:H/IR:H/AR:H/MAV:N/MPR:N/MUI:N/MS:U/MC:N/MI:N/MA:N
Medium
ZSH History File Detected
PCI v3.2-6.5.8, CWE-284, ISO27001-A.18.1.3, WASC-2, OWASP 2013-A7, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Medium
Apache Multiple Choices Enabled
CWE-16, ISO27001-A.9.4.1, WASC-14, OWASP 2013-A5, OWASP 2017-A6
Low
Apache MultiViews Enabled
CWE-16, ISO27001-A.9.4.1, WASC-14, OWASP 2013-A5, OWASP 2017-A6
Low
ASP.NET ViewStateUserKey Is Not Set
CWE-16, OWASP 2013-A5, OWASP 2017-A6
Low
Autocomplete is Enabled
CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A5, OWASP 2017-A6
Low
Backup File Disclosure
PCI v3.2-6.5.8, CAPEC-87, CWE-530, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-34, OWASP 2013-A7, OWASP 2017-A5
Low
Cookie Not Marked as HttpOnly
CAPEC-107, CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6
Low
Cookie Not Marked as Secure
PCI v3.2-6.5.10, CAPEC-102, CWE-614, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Low
Cookie Values Used in Anti-CSRF Token
CWE-352, HIPAA-164.306(a), ISO27001-A.14.1.2, OWASP 2013-A5, OWASP 2017-A6
Low
Cross-site Request Forgery
PCI v3.2-6.5.9, CAPEC-62, CWE-352, HIPAA-164.306(a), ISO27001-A.14.2.5, WASC-9, OWASP 2013-A8, OWASP 2017-A5
Low
Cross-site Request Forgery in Login Form
PCI v3.2-6.5.9, CAPEC-62, CWE-352, HIPAA-164.306(a), ISO27001-A.14.2.5, WASC-9, OWASP 2013-A8, OWASP 2017-A5
Low
Database Error Message Disclosure
PCI v3.2-6.5.5, CAPEC-118, CWE-210, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Database Name Disclosure (Microsoft SQL Server)
PCI v3.2-6.5.5, CAPEC-118, CWE-201, HIPAA-164.306(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Database Name Disclosure (MySQL)
PCI v3.2-6.5.5, CAPEC-118, CWE-201, HIPAA-164.306(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Django Debug Mode Enabled
PCI v3.2-6.5.5, CAPEC-214, CWE-16, ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6
Low
.DS_Store File Found
PCI v3.2-6.5.8, CWE-284, ISO27001-A.18.1.3, WASC-2, OWASP 2013-A7, OWASP 2017-A5
Low
Exception Report Disclosure (Tomcat)
PCI v3.2-6.5.5, CAPEC-214, CWE-248, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6
Low
Form Hijacking
CWE-20, ISO27001-A.14.2.5, WASC-20, OWASP 2013-A1, OWASP 2017-A1
Low
Information Disclosure (Microsoft Office)
PCI v3.2-6.5.5, CAPEC-118, CWE-200, ISO27001-A.18.1.3, WASC-13
Low
phpinfo() Output Detected
CAPEC-346, CWE-213, ISO27001-A.18.1.3, WASC-13, OWASP 2013-A6, OWASP 2017-A3
Low
Insecure Frame (External)
CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2017-A6
Low
Insecure JSONP Endpoint
CWE-20, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A1
Low
Insecure Reflected Content
CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A1
Low
Insecure Transportation Security Protocol Supported (TLS 1.0)
PCI v3.2-6.5.4, CAPEC-217, CWE-326, HIPAA-164.306, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3
Low
Internal IP Address Disclosure
CWE-200, ISO27001-A.18.1.4, OWASP 2013-A6, OWASP 2017-A3
Low
Internal Server Error
CWE-550, ISO27001-A.14.1.2, WASC-13
Low
Laravel Debug Mode Enabled
PCI v3.2-6.5.5, CAPEC-214, CWE-16, ISO27001-A.14.1.2, WASC-14, OWASP 2013-A5, OWASP 2017-A6
Low
Laravel Environment Configuration File Detected
CWE-16, ISO27001-A.9.4.1, WASC-15, OWASP 2013-A5, OWASP 2017-A6
Low
Microsoft IIS Log File Detected
PCI v3.2-6.5.8, CAPEC-87, CWE-425, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-34, OWASP 2013-A7, OWASP 2017-A5
Low
Microsoft Outlook Personal Folders File (.pst) Found
PCI v3.2-6.5.8, CWE-284, ISO27001-A.18.1.3, WASC-2, OWASP 2013-A7, OWASP 2017-A5
Low
Misconfigured Access-Control-Allow-Origin Header
CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A5, OWASP 2017-A6
Low
Misconfigured Frame
CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2017-A6
Low
Misconfigured X-Frame-Options Header
CAPEC-103, CWE-693, ISO27001-A.14.2.5, OWASP 2013-A5, OWASP 2017-A6
Low
Missing Content-Type Header
CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A5, OWASP 2017-A6
Low
Missing X-Frame-Options Header
CAPEC-103, CWE-693, ISO27001-A.14.2.5, OWASP 2013-A5, OWASP 2017-A6
Low
Multiple Declarations in X-Frame-Options Header
CAPEC-103, CWE-693, ISO27001-A.14.2.5, OWASP 2013-A5, OWASP 2017-A6
Low
Open Redirection in POST method
CWE-601, ISO27001-A.14.2.5, WASC-38, OWASP 2013-A10, OWASP 2017-A5
Low
Out-of-date Component ({applicationName})
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Passive Mixed Content over HTTPS
CWE-319, ISO27001-A.14.1.3, OWASP 2013-A6, OWASP 2017-A3
Low
Passive Web Backdoor Detected
PCI v3.2-6.5.6, CWE-507, HIPAA-164.308(a), ISO27001-A.12.2.1, OWASP 2017-A10
Low
Phishing by Navigating Browser Tabs
CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A5, OWASP 2017-A6
Low
PHP allow_url_fopen Is Enabled
CWE-16, OWASP 2013-A5, OWASP 2017-A6
Low
PHP allow_url_include Is Enabled
CWE-16, OWASP 2013-A5, OWASP 2017-A6
Low
PHP display_errors Is Enabled
CWE-211, OWASP 2013-A5, OWASP 2017-A6
Low
PHP open_basedir Is Not Configured
CWE-16, OWASP 2013-A5, OWASP 2017-A6
Low
Programming Error Message
PCI v3.2-6.5.5, CAPEC-118, CWE-210, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Programming Error Message (Ruby)
PCI v3.2-6.5.5, CAPEC-118, CWE-210, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Reflected File Download
PCI v3.2-6.5.1, CAPEC-375, CWE-840, ISO27001-A.14.2.5, WASC-42, OWASP 2013-A1, OWASP 2017-A1
Low
RoR Database Configuration File Detected
CWE-16, ISO27001-A.9.4.1, WASC-15, OWASP 2013-A5, OWASP 2017-A6
Low
RoR Development Mode Enabled
PCI v3.2-6.5.5, CAPEC-214, CWE-16, ISO27001-A.14.1.1, WASC-14, OWASP 2013-A5, OWASP 2017-A6
Low
Social Security Number Disclosure
PCI v3.2-6.5.3, CAPEC-118, CWE-213, ISO27001-A.18.1.3, WASC-13, OWASP 2013-A6, OWASP 2017-A3
Low
Stack Trace Disclosure (Apache MyFaces)
PCI v3.2-6.5.5, CAPEC-214, CWE-248, HIPAA-164.306(a), 164.308(a), ISO27001-A.9.2.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6
Low
Stack Trace Disclosure (ASP.NET)
PCI v3.2-6.5.5, CAPEC-214, CWE-248, HIPAA-164.306(a), 164.308(a), ISO27001-A.9.2.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6
Low
Stack Trace Disclosure (CakePHP Framework)
PCI v3.2-6.5.5, CAPEC-214, CWE-248, HIPAA-164.306(a), 164.308(a), ISO27001-A.9.2.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6
Low
Stack Trace Disclosure (CherryPy)
PCI v3.2-6.5.5, CAPEC-214, CWE-248, HIPAA-164.306(a), 164.308(a), ISO27001-A.9.2.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6
Low
Stack Trace Disclosure (Grails)
PCI v3.2-6.5.5, CAPEC-214, CWE-248, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6
Low
Struts2 Development Mode Enabled
PCI v3.2-6.5.5, CAPEC-214, CWE-16, ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6
Low
Subresource Integrity (SRI) Hash Invalid
CWE-16, ISO27001-A.14.2.5, WASC-15
Low
TRACE/TRACK Method Detected
CAPEC-107, CWE-16, ISO27001-A.14.1.2, WASC-14, OWASP 2013-A5, OWASP 2017-A6
Low
Unexpected Redirect Response Body (Two Responses)
CWE-698, ISO27001-A.14.2.5, WASC-25
Low
User Controllable Cookie
CWE-20, ISO27001-A.14.2.5, WASC-20
Low
Username Disclosure (Microsoft SQL Server)
PCI v3.2-6.5.5, CAPEC-118, CWE-201, HIPAA-164.306(a), ISO27001-A.18.1.4, WASC-13, OWASP 2013-A5, OWASP 2017-A3
Low
Username Disclosure (MySQL)
PCI v3.2-6.5.5, CAPEC-118, CWE-201, HIPAA-164.306(a), ISO27001-A.18.1.4, WASC-13, OWASP 2013-A5, OWASP 2017-A3
Low
Version Disclosure (Apache)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Apache Coyote)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Apache Module)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Apache Traffic Server)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Artifactory DevOps Solution)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (ASP.NET)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (ASP.NET MVC)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Atlassian Confluence)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Atlassian Jira)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Atlassian Proxy)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Axway SecureTransport Server)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (CakePHP Framework)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Cherokee)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (CherryPy)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Cowboy HTTP Server)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Daiquiri)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Django)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (FrontPage)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (GlassFish)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Grafana)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Gunicorn Python WSGI HTTP Server)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Hiawatha)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (IBM HTTP Server)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (IBM Rational Team Concert (RTC))
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (IBM Security Access Manager (WebSEAL))
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (IIS)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Java)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Java Servlet)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (JBoss)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Jenkins)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Jetty)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Jolokia)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (JSP)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Kong)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Liferay Digital Experience Platform)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Liferay Portal)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Lighttpd)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (mod_ssl)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Mongrel Web Server)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Next.js React Framework)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Nexus Repository OSS)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Nginx)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (NuSOAP)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (OpenResty)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (OpenSSL)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Oracle)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Perl)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (PHP)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (phpMyAdmin)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Phusion Passenger)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Plone CMS)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Python)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Python WSGIserver)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Resin Application Server)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Restlet Framework)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (RoR)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Ruby)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (RubyGems)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (SharePoint)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Squid)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Sugar CRM)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Taleo Web Server)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Telerik Web UI)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Tomcat)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Tornado)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Trac Software Project Management Tool)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Tracy Debugging Tool)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (TwistedWeb HTTP Server)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Undertow Web Server)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (W3 Total Cache)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (WebLogic)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (WEBrick)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Werkzeug Python WSGI Library)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Zope)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
ViewState is not Encrypted
CWE-16, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-15, OWASP 2017-A6
Low
Windows Short Filename
PCI v3.2-6.5.8, CAPEC-87, CWE-538, HIPAA-164.306(a), 164.308(a), ISO27001-A.8.2.3, WASC-34, OWASP 2013-A7, OWASP 2017-A6
Low
Windows Username Disclosure
PCI v3.2-6.5.5, CAPEC-118, CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP 2013-A6, OWASP 2017-A3
Low
WP Engine Configuration File Detected
CWE-16, ISO27001-A.9.4.1, WASC-15, OWASP 2013-A5, OWASP 2017-A6
Low
Content Security Policy (CSP) Not Implemented
CWE-16, ISO27001-A.14.2.5, WASC-15
Best Practice
Expect-CT Not Enabled [deprecated]
CWE-16, ISO27001-A.14.1.2, WASC-15
Best Practice
Insecure Transportation Security Protocol Supported (TLS 1.1)
PCI v3.2-6.5.4, CAPEC-217, CWE-326, HIPAA-164.306, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3
Best Practice
Missing X-XSS-Protection Header
CWE-16, HIPAA-164.308(a), ISO27001-A.14.2.5, WASC-15
Best Practice
Referrer-Policy Not Implemented
CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3
Best Practice
SameSite Cookie Not Implemented
CWE-16, ISO27001-A.14.2.5, WASC-15
Best Practice
SameSite None Cookie Not Marked as Secure
CWE-16, ISO27001-A.14.2.5, WASC-15
Best Practice
Subresource Integrity (SRI) Not Implemented
CWE-16, ISO27001-A.14.2.5, WASC-15
Best Practice
aah Go Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
AbanteCart Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Adminer Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Administration Page Detected
PCI v3.2-6.5.8, CAPEC-87, CWE-425, HIPAA-164.306(a), 164.308(a), ISO27001-A.9.4.1, WASC-34, OWASP 2013-A7, OWASP 2017-A5, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Information
Ampache Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
An Unsafe Content Security Policy (CSP) Directive in Use
CWE-16, ISO27001-A.14.2.5, WASC-15
Information
Apache Coyote Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Apache Module Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Apache Traffic Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Apache Web Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Apple’s App-Site Association (AASA) Detected
ISO27001-A.18.1.3
Information
Artifactory DevOps Solution Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
ASP.NET Debugging Enabled
CWE-16, ISO27001-A.9.4.1, WASC-14, OWASP 2013-A5, OWASP 2017-A6
Information
ASP.NET Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
ASP.NET MVC Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Atlassian Confluence Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Atlassian Jira Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Atlassian Proxy Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
ATutor Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Authorization Required
ISO27001-A.9.4.1
Information
Autocomplete Enabled (Password Field)
CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Information
AWStats Detected
CAPEC-224, CWE-205, ISO27001-A.14.2.5, WASC-45, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Information
Axway Secure Transport Detected [deprecated]
CWE-205, ISO27001-A.14.2.5, OWASP 2017-A6
Information
Axway SecureTransport Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
b2evolution Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Basic Authorization Required
ISO27001-A.9.4.1
Information
BitNinja Captcha Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Bomgar Remote Support Software Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Caddy Web Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
CakePHP Framework Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
CDN Detected (Airee)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
CDN Detected (Akamai)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
CDN Detected (Arvan Cloud)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
CDN Detected (Azure CDN)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
CDN Detected (CDN77)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
CDN Detected (Fastly)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
CDN Detected (Fireblade)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
CDN Detected (Google Cloud CDN)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
CDN Detected (Incapsula)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
CDN Detected (Instart) [deprecated]
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
CDN Detected (KeyCDN)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
CDN Detected (MaxCDN)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
CDN Detected (Netlify)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
CDN Detected (PowerCDN)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
CDN Detected (Qrator)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
CDN Detected (Sucuri)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
CDN Detected (West263)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
Chamilo Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Cherokee Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
CherryPy Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Claroline Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
ClipBucket Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Collabtive Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Concrete5 Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Configuration File Detected
PCI v3.2-6.5.8, CAPEC-87, CWE-425, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-34, OWASP 2013-A7, OWASP 2017-A5, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Information
contao Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Content Security Policy (CSP) Contains Out of Scope report-uri Domain
ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3
Information
Content Security Policy (CSP) Keywords Not Used Within Single Quotes
CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6
Information
Content Security Policy (CSP) Nonce Value Not Used Within Single Quotes
CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6
Information
Content Security Policy (CSP) Nonce Without Matching Script Block
CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6
Information
Content Security Policy (CSP) report-uri Uses HTTP
ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3
Information
Content-Security-Policy-Report-Only Cannot Be Declared Between META Tags
CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6
Information
Content-Security-Policy-Report-Only Cannot Be Declared Without report-uri Directive
CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6
Information
Coppermine Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Cowboy HTTP Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Craft CMS Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Credit Card Disclosure
PCI v3.2-6.5.3, CAPEC-118, CWE-213, ISO27001-A.18.1.4, WASC-13, OWASP 2013-A6, OWASP 2017-A3
Information
Cross-site Referrer Leakage through usage of unsafe-url in Referrer-Policy
CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6
Information
Cross-site Referrer Leakage through usage of no-referrer-when-downgrade in Referrer-Policy
CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6
Information
Cross-site Referrer Leakage through usage of origin-when-cross-origin in Referrer-Policy
CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6
Information
Cross-site Referrer Leakage through usage of strict-origin in Referrer-Policy
CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6
Information
Cross-site Referrer Leakage through usage of strict-origin-when-cross-origin in Referrer-Policy
CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6
Information
Cross-site Referrer Leakage through usage of the origin keyword in Referrer-Policy
CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6
Information
Crossdomain.xml Detected
ISO27001-A.12.5.1
Information
CrushFTP Server Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
CubeCart Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Daiquiri Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
data: Used in a Content Security Policy (CSP) Directive
ISO27001-A.14.2.5
Information
Database Connection String Detected
CWE-16, HIPAA-164.306(a), ISO27001-A.18.1.3, WASC-15, OWASP 2013-A5, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Information
Database Detected (HsqlDb)
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N
Information
Database Detected (Microsoft Access)
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Information
Database Detected (Microsoft SQL Server)
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
Information
Database Detected (MongoDB)
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
Information
Database Detected (MySQL)
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
Information
Database Detected (Oracle)
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N
Information
Database Detected (PostgreSQL)
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
Information
DataDome Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
DbNinja Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Default Page Detected (Apache)
CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Default Page Detected (CakePHP Framework)
CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Default Page Detected (IIS 10.0)
CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Default Page Detected (IIS 6)
CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Default Page Detected (IIS 7)
CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Default Page Detected (IIS 7.5)
CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Default Page Detected (IIS 7.X)
CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Default Page Detected (IIS 8)
CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Default Page Detected (IIS 8.5)
CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Default Page Detected (Tomcat)
CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
default-src Used in Content Security Policy (CSP)
ISO27001-A.14.2.5
Information
Denial of Service (MySQL)
CWE-400, ISO27001-A.14.1.2, WASC-10, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Information
Deprecated Header Instruction Used to Implement Content Security Policy (CSP)
CWE-16, ISO27001-A.14.2.5, WASC-15
Information
Digest Authorization Required
ISO27001-A.9.4.1
Information
Directory Listing (Apache)
CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Directory Listing (ASP.NET Server)
CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Directory Listing (IIS)
CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Directory Listing (Lighttpd)
CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Directory Listing (LiteSpeed)
CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Directory Listing (Nginx)
CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Directory Listing (Tomcat)
CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Directory Listing (WebDAV)
CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Information
Disabled X-XSS-Protection Header
CWE-693, ISO27001-A.14.1.2, WASC-15
Information
Django Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
DokuWiki Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Dolibarr Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Dolphin Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
DotClear Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Drupal Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
e107 Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Elgg Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Email Address Disclosure
CAPEC-118, CWE-200, ISO27001-A.9.4.1, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Information
EspoCRM Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Expect-CT Header via HTTP [deprecated]
CWE-16, ISO27001-A.14.1.2, WASC-15
Information
Expect-CT in Report Only Mode [deprecated]
ISO27001-A.14.1.2
Information
Expect-CT Security Header Errors and Warnings [deprecated]
CWE-16, ISO27001-A.14.1.2, WASC-15
Information
ExpressJS Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Family Connections Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
File Upload Functionality Detected
ISO27001-A.8.1.1
Information
FluxBB Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Forbidden Resource
ISO27001-A.8.1.1
Information
Form Tools Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Front Accounting Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
FrontPage Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Generic Email Address Disclosure
CAPEC-118, CWE-200, ISO27001-A.18.1.4, WASC-13
Information
GibbonEdu Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
GlassFish Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Grafana Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
GraphQL Endpoint Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
GraphQL Library Detected (Apollo)
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
GraphQL Library Detected (Ariadne)
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
GraphQL Library Detected (Dgraph)
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
GraphQL Library Detected (Directus)
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
GraphQL Library Detected (GqlGen)
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
GraphQL Library Detected (Graphene)
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
GraphQL Library Detected (GraphQL API for WordPress)
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
GraphQL Library Detected (Graphql-Go)
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
GraphQL Library Detected (graphql-java)
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
GraphQL Library Detected (graphql-php)
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
GraphQL Library Detected (Hasura)
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
GraphQL Library Detected (Juniper)
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
GraphQL Library Detected (Ruby-graphql)
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
GraphQL Library Detected (Sangria)
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
GraphQL Library Detected (Tartiflette)
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
GraphQL Library Detected (WPGraphQL)
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Gunicorn Python WSGI HTTP Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Hesk Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Hiawatha Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
.htaccess File Detected
CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Information
HTTP Strict Transport Security (HSTS) Max-Age Value Too Low
CWE-16, ISO27001-A.14.1.2, WASC-15
Information
HTTP Strict Transport Security (HSTS) via HTTP
CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2017-A6
Information
HubSpot Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
IBM Business Process Manager (BPM) Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
IBM HTTP Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
IBM Rational Team Concert (RTC) Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
IBM Security Access Manager (WebSEAL) Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
IIS Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
I’m a Teapot
ISO27001-None
Information
Incorrect Content Security Policy (CSP) Implementation
CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6
Information
Insecure Protocol Detected in Content Security Policy (CSP)
CWE-319, ISO27001-A.14.2.5
Information
Installation File Detected
PCI v3.2-6.5.8, CAPEC-87, CWE-425, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-34, OWASP 2013-A7, OWASP 2017-A5
Information
Intermediate Certificate is Signed Using a Weak Signature Algorithm
CAPEC-459, ISO27001-A.10, WASC-4, OWASP 2013-A6, OWASP 2017-A3
Information
Internal Path Disclosure (*nix)
CAPEC-118, CWE-200, HIPAA-164.306(a), 164.308(a), ISO27001-A.9.4.1, WASC-13, OWASP 2017-A6
Information
Internal Path Disclosure (Windows)
CAPEC-118, CWE-200, HIPAA-164.306(a), 164.308(a), ISO27001-A.8.1.1, WASC-13
Information
Invalid Content Security Policy (CSP) Directive Identified in meta Elements
CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6
Information
Java Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Java Servlet Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
JBoss Application Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
JBoss Core Services Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
JBoss Enterprise Application Platform Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Jenkins Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Jetty Web Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Jolokia Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Joomla Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
JSP Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Kestrel Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Kong Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Liferay Digital Experience Platform Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Liferay Portal Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Lighthouse Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Lighttpd Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
LimeSurvey Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
LiteSpeed Web Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Log File Detected
PCI v3.2-6.5.8, CAPEC-87, CWE-425, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-34, OWASP 2013-A7, OWASP 2017-A5
Information
Login Page Identified
Information
Magento Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Mashery Proxy Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
MediaWiki Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Mibew Messenger Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Mint Detected
CAPEC-224, CWE-205, ISO27001-A.14.2.5, WASC-45, OWASP 2017-A6
Information
Missing object-src in CSP Declaration
CWE-16, ISO27001-A.14.2.5, WASC-15
Information
MODX Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Mongrel Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Moodle Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Movable Type Detected [deprecated]
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Multiple Content Security Policy (CSP) Implementation Detected
CWE-16, ISO27001-A.14.2.5, WASC-15
Information
MyBB Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Next.js React Framework Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Nexus Repository OSS Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Nginx Web Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
No Script Block Detected with the Hash Value Declared in Content Security Policy (CSP)
ISO27001-A.14.2.5, OWASP 2013-A5, OWASP 2017-A6
Information
Nonce Usage Detected in Content Security Policy (CSP) Directive
ISO27001-A.14.2.5
Information
NTLM Authorization Required
ISO27001-A.9.4.1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Information
NuSOAP Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Omeka Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
OpenCart Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
OpenResty Web Platform Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
OpenSearch.xml Detected
CWE-200, ISO27001-A.18.1.3
Information
OpenSSL Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
OpenVPN Access Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
OPTIONS Method Enabled
CAPEC-107, CWE-16, ISO27001-A.14.1.2, WASC-14, OWASP 2013-A5, OWASP 2017-A6
Information
Oracle Application Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Oracle HTTP Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
osClass Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
osCommerce Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
osTicket Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Out-of-date (ASP.NET MVC)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date (FrontPage)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date (Mongrel)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date (Oracle Application Server)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date (Phusion Passenger)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date (SharePoint)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date (Taleo Web Server)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (AbanteCart)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Ampache)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (AngularJS)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Apache)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Apache Coyote)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Apache Traffic Server)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Artifactory DevOps Solution)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (ASP.NET SignalR)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Atlassian Confluence)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Atlassian Jira)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Atlassian Proxy)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (ATutor)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (axios)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Axway SecureTransport Server)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (b2evolution)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Backbone.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (bluebird)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Bootbox.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Bootstrap)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Bootstrap 3 Date/Time Picker)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Bootstrap Toggle)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (CakePHP Framework)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Chamilo)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Chart.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Cherokee)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (CherryPy)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (CKEditor)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Claroline)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (ClipBucket)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Collabtive)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Concerte5)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (contao)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Coppermine)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Cowboy HTTP Server)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (CubeCart)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (D3.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Daiquiri)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (DataTables)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Django)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (DokuWiki)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Dolibarr)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Dolphin)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (DOMPurify)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (DotClear)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Drupal)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (DWR)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (e107)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (easyXDM)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (ef.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Elgg)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Ember.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (EspoCRM)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Ext JS)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Fabric.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Family Connections)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (FancyBox)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Fingerprintjs2)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Flickity)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (FluxBB)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (FooTable)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Form Tools)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Foundation)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Front Accounting)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Fuel UX)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (GibbonEdu)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (GlassFish)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Google Charts)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Grafana)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (GSAP)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Gunicorn Python WSGI HTTP Server)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Hammer.JS)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Handlebars.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Hesk)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Hiawatha)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Highcharts)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (HTML5 Shiv)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (IBM HTTP Server)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (IBM Rational Team Concert (RTC))
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (IBM Security Access Manager (WebSEAL))
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (IIS)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (ImagePicker)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Inferno)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Intro.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Ion.RangeSlider)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Java)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (JavaScript Cookie)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (JBoss)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Jenkins)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Jetty Web Server)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Jolokia)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Joomla)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (jPlayer)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (jQuery)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (jQuery Mask)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (jQuery Migrate)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (jQuery Mobile)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (jQuery UI Autocomplete)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (jQuery UI Dialog)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (jQuery UI Tooltip)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (jQuery Validation)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (JSP)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (jsTree)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Knockout)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Knockout Mapping)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Kong)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Lazy.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Leaflet)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Liferay Digital Experience Platform)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Liferay Portal)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Lightbox)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Lighttpd)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (LimeSurvey)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (List.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Lodash)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Magento)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, WASC-13, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Marionette.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (MathJax)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Math.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (MediaWiki)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Mibew Messenger)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Mithril)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Modernizr)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (MODX)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Moment.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Moodle)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Movable Type) [deprecated]
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (mustache.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (MyBB)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Next.js React Framework)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Nexus Repository OSS)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Nginx)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, WASC-13, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (NuSOAP)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, WASC-13, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Omeka)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (OpenCart)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (OpenResty)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (OpenSSL)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (osClass)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (osCommerce)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (osTicket)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (ownCloud)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (pdf.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Perl)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (pH7CMS)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Phaser)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Phorum) [deprecated]
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (PHP)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Php Address Book)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (phpBB)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (PhpFusion)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (phpList)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (PhpMyFAQ)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Piwigo)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Pixi.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Plone CMS)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Plupload)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (PmWiki)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Podcast Generator)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Polymer)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (PrestaShop)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (prettyPhoto)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (ProjectSend)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Prototype JS)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Python)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Python WSGIserver)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (qdPM)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Question2Answer)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Ramda)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (React)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (RequireJS)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Resin Application Server)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Respond.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Restlet Framework)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Reveal.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Revive Adserver)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Rickshaw)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Riot.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (RoR)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Roundcube)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Ruby)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (RubyGems)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Rukovoditel)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (ScrollReveal)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Select2)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Semantic UI)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (SeoPanel)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Serendipity)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (slick)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Snap.svg)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Sortable)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Squid)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (SugarCRM)
CWE-1035, 937, ISO27001-A.18.1.3, WASC-13
Information
Out-of-date Version (SweetAlert2)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (TCExam)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Telerik Web UI)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Three.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Tomcat)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Tornado Web Server)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Trac Software Project Management Tool)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Tracy Debugging Tool)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (TwistedWeb HTTP Server)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (typeahead.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Typo3)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, WASC-13, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Underscore.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Undertow Web Server)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Vanilla Forums)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Video.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Vtiger) [deprecated]
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Vue.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (W3 Total Cache)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (webERP)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (WeBid)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (WebLogic)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Werkzeug Python WSGI Library)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (WordPress)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (XOOPS)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (XRegExp)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (YetiForce CRM)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (YOURLS)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (YUI)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Zen Cart)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (ZenPhoto)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Zepto.js)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Zikula)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Zope)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Out-of-date Version (Zurmo) [deprecated]
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
ownCloud Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Pardot Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Perl Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
pH7CMS Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Phorum Detected [deprecated]
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Php Address Book Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
PHP Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
phpBB Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
PhpFusion Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
phpList Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
phpLiteAdmin Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
phpMoAdmin Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
phpMyAdmin Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
PhpMyFAQ Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Phusion Passenger Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Piwigo Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Piwik Detected
CAPEC-224, CWE-205, ISO27001-A.14.2.5, WASC-45, OWASP 2017-A6
Information
Play Web Framework Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Plesk (Linux) Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Plesk (Windows) Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Plone CMS Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
PmWiki Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Podcast Generator Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
PrestaShop Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Private Burp Collaborator Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
ProjectSend Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Python Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Python WSGIserver Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
qdPM Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Question2Answer Detected
CWE-205, ISO27001-A.14.2.5, OWASP 2017-A6
Information
Readme/Help File Detected
PCI v3.2-6.5.8, CAPEC-87, CWE-425, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-34, OWASP 2013-A7, OWASP 2017-A5
Information
Referrer-Policy Needs Proper Fallback
CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6
Information
Resin Application Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Restlet Framework Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Reverse Proxy Detected (Apache Traffic Server)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
Reverse Proxy Detected (Citrix Netscaler)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
Reverse Proxy Detected (Envoy)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
Reverse Proxy Detected (F5 BIG-IP)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
Reverse Proxy Detected (HAProxy)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
Reverse Proxy Detected (Skipper)
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45
Information
Revive Adserver Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Robots.txt Detected
ISO27001-A.18.1.3
Information
Roundcube Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Ruby on Rails Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
RubyGems Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Rukovoditel Detected
CWE-205, ISO27001-A.14.2.5, OWASP 2017-A6
Information
Scheme URI Detected in Content Security Policy (CSP) Directive
ISO27001-A.14.2.5
Information
Security.txt Detected
ISO27001-A.18.1.3
Information
SeoPanel Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Serendipity Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
SharePoint Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Shell Script Detected
CWE-200, ISO27001-A.8.1.1, WASC-13
Information
Shopify Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Silverlight Client Access Policy Detected
ISO27001-None
Information
Sitemap Detected
ISO27001-A.18.1.3
Information
SonicWall SSL-VPN Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
SQL File Detected
PCI v3.2-6.5.8, CAPEC-87, CWE-425, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-34, OWASP 2013-A7, OWASP 2017-A5, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Information
Squarespace Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Squid Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Static Nonce Identified in Content Security Policy (CSP)
CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6
Information
Sugar CRM Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
swagger.json Detected
ISO27001-A.8.1.1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Tableau Server Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Taleo Web Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
TCExam Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Telerik Web UI Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Test File Detected
PCI v3.2-6.5.8, CAPEC-87, CWE-425, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-34, OWASP 2013-A7, OWASP 2017-A5
Information
Tomcat Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Tornado Web Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Trac Software Project Management Tool Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Tracy Debugging Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Travis CI Configuration File Detected
CWE-16, ISO27001-A.9.4.1, WASC-15, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
TS Web Access Identified
PCI v3.2-6.5.8, CAPEC-87, CWE-425, HIPAA-164.306(a), 164.308(a), ISO27001-A.9.4.1, WASC-34, OWASP 2013-A7, OWASP 2017-A5, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Information
TwistedWeb HTTP Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Typo3 Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
UNC Server and Share Disclosure
CWE-16, ISO27001-A.18.1.3, WASC-15, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Information
Undertow Web Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Unexpected Redirect Response Body (Too Large)
CWE-698, ISO27001-A.14.2.5, WASC-40
Information
Unknown Option Used In Referrer-Policy
CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6
Information
Unsupported Hash Detected in Content Security Policy (CSP)
CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6
Information
Vanilla Forums Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Varnish HTTP Cache Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Vegur Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Vtiger Detected [deprecated]
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
W3 Total Cache Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Weak Nonce Detected in Content Security Policy (CSP) Declaration
CWE-330, ISO27001-A.14.2.5, WASC-16, OWASP 2013-A5, OWASP 2017-A6
Information
Web Application Firewall Detected
ISO27001-A.18.1.3
Information
Webalizer Detected
CAPEC-224, CWE-205, ISO27001-A.14.2.5, WASC-45, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Information
Web.config File Detected
CAPEC-87, CWE-425, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-34, OWASP 2013-A7, OWASP 2017-A5, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
WebDAV Enabled
CWE-16, ISO27001-A.9.4.4, WASC-15, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C
Information
webERP Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
WeBid Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
WebLogic Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Werkzeug Python WSGI Library Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Whoops Error Handler Framework Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Wildcard Detected in Domain Portion of Content Security Policy (CSP) Directive
ISO27001-A.14.2.5
Information
Wildcard Detected in Port Portion of Content Security Policy (CSP) Directive
ISO27001-A.14.2.5
Information
Wildcard Detected in Scheme Portion of Content Security Policy (CSP) Directive
ISO27001-A.14.2.5
Information
WildFly Application Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Windows Azure Web Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
WordPress Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
WS_FTP Log File Detected
CAPEC-118, CWE-538, ISO27001-A.9.4.1, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Information
XOOPS Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
YetiForce CRM Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
YOURLS Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Zen Cart Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
ZenPhoto Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Zikula Detected
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information
Zope Web Server Identified
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Information
Zurmo Detected [deprecated]
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6
Information