Vulnerability Name
Classifications
Severity
ViewState MAC Disabled
CWE-16, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-15, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Medium
WordPress Setup Configuration File
PCI v3.2-6.5.8, CAPEC-212, CWE-665, HIPAA-164.312(a)(1), ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/CR:H/IR:H/AR:H/MAV:N/MPR:N/MUI:N/MS:U/MC:N/MI:N/MA:N
Medium
ASP.NET ViewStateUserKey Is Not Set
CWE-16, OWASP 2013-A5, OWASP 2017-A6
Low
Apache MultiViews Enabled
CWE-16, ISO27001-A.9.4.1, WASC-14, OWASP 2013-A5, OWASP 2017-A6
Low
Apache Multiple Choices Enabled
CWE-16, ISO27001-A.9.4.1, WASC-14, OWASP 2013-A5, OWASP 2017-A6
Low
Autocomplete is Enabled
CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A5, OWASP 2017-A6
Low
Cookie Not Marked as HttpOnly
CAPEC-107, CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6
Low
Cookie Values Used in Anti-CSRF Token
CWE-352, HIPAA-164.306(a), ISO27001-A.14.1.2, OWASP 2013-A5, OWASP 2017-A6
Low
Database Error Message Disclosure
PCI v3.2-6.5.5, CAPEC-118, CWE-210, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Database Name Disclosure (Microsoft SQL Server)
PCI v3.2-6.5.5, CAPEC-118, CWE-201, HIPAA-164.306(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Database Name Disclosure (MySQL)
PCI v3.2-6.5.5, CAPEC-118, CWE-201, HIPAA-164.306(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Django Debug Mode Enabled
PCI v3.2-6.5.5, CAPEC-214, CWE-16, ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6
Low