Vulnerability Name
Classifications
Severity
phpinfo() Output Detected
CAPEC-346, CWE-213, ISO27001-A.18.1.3, WASC-13, OWASP 2013-A6, OWASP 2017-A3
Low
Insecure Transportation Security Protocol Supported (TLS 1.1)
PCI v3.2-6.5.4, CAPEC-217, CWE-326, HIPAA-164.306, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3
Best Practice
Referrer-Policy Not Implemented
CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3
Best Practice
Content Security Policy (CSP) Contains Out of Scope report-uri Domain
ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3
Information
Content Security Policy (CSP) report-uri Uses HTTP
ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3
Information
Credit Card Disclosure
PCI v3.2-6.5.3, CAPEC-118, CWE-213, ISO27001-A.18.1.4, WASC-13, OWASP 2013-A6, OWASP 2017-A3
Information
Database Connection String Detected
CWE-16, HIPAA-164.306(a), ISO27001-A.18.1.3, WASC-15, OWASP 2013-A5, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Information
Insecure Usage of Version 1 GUID
CWE-328, OWASP 2013-A9, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:N
Information
Intermediate Certificate is Signed Using a Weak Signature Algorithm
CAPEC-459, ISO27001-A.10, WASC-4, OWASP 2013-A6, OWASP 2017-A3
Information