Vulnerability Name
Classifications
Severity
Server-Side Request Forgery (trace.axd)
PCI v3.2-6.5.6, CAPEC-347, CWE-918, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C
Critical
Elmah.axd / Errorlog.axd Detected
PCI v3.2-6.5.6, CAPEC-347, CWE-16, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-15, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C
High
Server-Side Request Forgery (elmah MVC)
PCI v3.2-6.5.6, CAPEC-347, CWE-918, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C
High
Server-Side Request Forgery (elmah)
PCI v3.2-6.5.6, CAPEC-347, CWE-918, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C
High
Trace.axd Detected
PCI v3.2-6.5.6, CAPEC-347, CWE-16, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-15, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C
High
Apache Server-Info Detected
CAPEC-347, CWE-16, ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Medium
Apache Server-Status Detected
CAPEC-347, CWE-16, ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Medium
JavaMelody Interface Detected
CAPEC-347, CWE-16, ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6
Medium