Information Severity Web Vulnerability & Security Checks

Select Category

Search Vulnerability

Vulnerability Name

Classifications

Severity

Collabtive Detected

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6

Information

Concrete5 Detected

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6

Information

Configuration File Detected

PCI v3.2-6.5.8, CAPEC-87, CWE-425, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-34, OWASP 2013-A7, OWASP 2017-A5, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Information

contao Detected

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6

Information

Content Security Policy (CSP) Contains Out of Scope report-uri Domain

ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3

Information

Content Security Policy (CSP) Keywords Not Used Within Single Quotes

CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6

Information

Content Security Policy (CSP) Nonce Value Not Used Within Single Quotes

CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6

Information

Content Security Policy (CSP) Nonce Without Matching Script Block

CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6

Information

Content Security Policy (CSP) report-uri Uses HTTP

ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3

Information

Content-Security-Policy-Report-Only Cannot Be Declared Between META Tags

CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6

Information

Content-Security-Policy-Report-Only Cannot Be Declared Without report-uri Directive

CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6

Information

Coppermine Detected

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6

Information

Cowboy HTTP Server Identified

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

Information

Craft CMS Identified

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

Information

Credit Card Disclosure

PCI v3.2-6.5.3, CAPEC-118, CWE-213, ISO27001-A.18.1.4, WASC-13, OWASP 2013-A6, OWASP 2017-A3

Information

Cross-site Referrer Leakage through usage of unsafe-url in Referrer-Policy

CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6

Information

Cross-site Referrer Leakage through usage of no-referrer-when-downgrade in Referrer-Policy

CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6

Information

Cross-site Referrer Leakage through usage of origin-when-cross-origin in Referrer-Policy

CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6

Information

Cross-site Referrer Leakage through usage of strict-origin in Referrer-Policy

CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6

Information

Cross-site Referrer Leakage through usage of strict-origin-when-cross-origin in Referrer-Policy

CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6

Information

Cross-site Referrer Leakage through usage of the origin keyword in Referrer-Policy

CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6

Information

Crossdomain.xml Detected

ISO27001-A.12.5.1

Information

CrushFTP Server Detected

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6

Information

CubeCart Detected

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6

Information

D3Js Identified

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6

Information

Daiquiri Detected

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6

Information

data: Used in a Content Security Policy (CSP) Directive

ISO27001-A.14.2.5

Information

Database Connection String Detected

CWE-16, HIPAA-164.306(a), ISO27001-A.18.1.3, WASC-15, OWASP 2013-A5, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Information

Database Detected (HSQLDB)

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N

Information

Database Detected (Microsoft Access)

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Information

Database Detected (Microsoft SQL Server)

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N

Information

Database Detected (MongoDB)

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N

Information

Database Detected (MySQL)

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N

Information

Database Detected (Oracle)

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N

Information

Database Detected (PostgreSQL)

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N

Information

Database Detected (SQLite)

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N

Information

DataDome Identified

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

Information

DataTables Identified

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6

Information

DbNinja Detected

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6

Information

Default Page Detected (Apache)

CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

Information

Default Page Detected (CakePHP Framework)

CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

Information

Default Page Detected (IIS 10.0)

CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

Information

Default Page Detected (IIS 6)

CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

Information

Default Page Detected (IIS 7)

CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

Information

Default Page Detected (IIS 7.5)

CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

Information

Default Page Detected (IIS 7.X)

CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

Information

Default Page Detected (IIS 8)

CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

Information

Default Page Detected (IIS 8.5)

CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

Information

Default Page Detected (Tomcat)

CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

Information

default-src Used in Content Security Policy (CSP)

ISO27001-A.14.2.5

Information

Denial of Service (MySQL)

CWE-400, ISO27001-A.14.1.2, WASC-10, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Information

Deprecated Header Instruction Used to Implement Content Security Policy (CSP)

CWE-16, ISO27001-A.14.2.5, WASC-15

Information

Digest Authorization Required

ISO27001-A.9.4.1

Information

Directory Listing (Apache)

CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

Information

Directory Listing (ASP.NET Server)

CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

Information

Directory Listing (IIS)

CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

Information

Directory Listing (Lighttpd)

CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

Information

Directory Listing (LiteSpeed)

CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

Information

Directory Listing (Nginx)

CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

Information

Directory Listing (Tomcat)

CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

Information

Directory Listing (WebDAV)

CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Information

Django Identified

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C

Information

DokuWiki Detected

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6

Information

Dolibarr Detected

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6

Information

Dolphin Detected

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6

Information

DomPurify Identified

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6

Information

DotClear Detected

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6

Information

dotCMS Identified

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6

Information

Drupal Detected

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6

Information

Dwr Identified

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6

Information

e107 Detected

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6

Information

EasyXdm Identified

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6

Information

EfJs Identified

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6

Information

Elgg Detected

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6

Information

Email Address Disclosure

CAPEC-118, CWE-200, ISO27001-A.9.4.1, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

Information

Build your resistance to threats. And save hundreds of hours each month.

Get a demo See how it works

Web Application Vulnerabilities Index

Select Category

Search Vulnerability

Build your resistance to threats. And save hundreds of hours each month.