Vulnerability Name
Classifications
Severity
Backup File Disclosure
PCI v3.2-6.5.8, CAPEC-87, CWE-530, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-34, OWASP 2013-A7, OWASP 2017-A5
Low
Cookie Not Marked as Secure
PCI v3.2-6.5.10, CAPEC-102, CWE-614, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Low
Cross-site Request Forgery
PCI v3.2-6.5.9, CAPEC-62, CWE-352, HIPAA-164.306(a), ISO27001-A.14.2.5, WASC-9, OWASP 2013-A8, OWASP 2017-A5
Low
Form Hijacking
CWE-20, ISO27001-A.14.2.5, WASC-20, OWASP 2013-A1, OWASP 2017-A1
Low
Programming Error Message
PCI v3.2-6.5.5, CAPEC-118, CWE-210, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (IIS)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Java)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (JSP)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Kong)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Perl)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (PHP)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (RoR)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Ruby)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Version Disclosure (Zope)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Windows Short Filename
PCI v3.2-6.5.8, CAPEC-87, CWE-538, HIPAA-164.306(a), 164.308(a), ISO27001-A.8.2.3, WASC-34, OWASP 2013-A7, OWASP 2017-A6
Low
Invicti

Provably accurate, fast & easy-to-use Web Application Security Scanner

Get a demo