Complimentary 90-day, on-prem license available for entities involved in Covid19 response.

Search Vulnerability


Vulnerability Name Classifications Severity
Bash Command Injection Vulnerability (Shellshock Bug) PCI v3.2-, CAPEC-88, CWE-78, HIPAA-78, ISO27001-A.14.2.5, WASC-31, OWASP 2013-A1, OWASP 2017-A9 Critical
Blind Command Injection PCI v3.2-, CAPEC-88, CWE-78, HIPAA-78, ISO27001-A.14.2.5, WASC-31, OWASP 2013-A1, OWASP 2017-A1 Critical
Blind SQL Injection PCI v3.2-, CAPEC-66, CWE-89, HIPAA-89, ISO27001-A.14.2.5, WASC-19, OWASP 2013-A1, OWASP 2017-A1 Critical
Boolean Based SQL Injection PCI v3.2-, CAPEC-66, CWE-89, HIPAA-89, ISO27001-A.14.2.5, WASC-19, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (Apache Struts S02-53) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (Apache Struts) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (Apache Struts) S2-016 PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (Apache Struts) S2-045 PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (Apache Struts) S2-046 PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (ASP) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (Node.js) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (Perl) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (PHP) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (Python) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (RoR - JSON) PCI v3.2-, CAPEC-356, CWE-94, HIPAA-94, ISO27001-A.14.2.5, WASC-23, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (RoR) PCI v3.2-, CAPEC-356, CWE-94, HIPAA-94, ISO27001-A.14.2.5, WASC-23, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (Ruby) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation via Local File Inclusion (PHP) PCI v3.2-, CAPEC-251, CWE-94, HIPAA-94, ISO27001-A.14.2.5, WASC-33, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via File Upload PCI v3.2-, CAPEC-210, CWE-94, HIPAA-94, ISO27001-A.14.2.5, WASC-42, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via Local File Inclusion PCI v3.2-, CAPEC-170, CWE-94, HIPAA-94, ISO27001-A.14.2.5, WASC-33, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (Java FreeMarker) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (Java Velocity) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js Dot) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js EJS) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js Marko) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js Nunjucks) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js Pug (Jade)) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (PHP Smarty) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (PHP Twig) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (Python Jinja) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (Python Mako) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (Python Tornado) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (Ruby ERB) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (Ruby Slim) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via WebDAV PCI v3.2-, CAPEC-17, CWE-94, HIPAA-94, ISO27001-A.14.2.5, WASC-17, OWASP 2017-A6 Critical
Command Injection PCI v3.2-, CAPEC-88, CWE-78, HIPAA-78, ISO27001-A.14.2.5, WASC-31, OWASP 2013-A1, OWASP 2017-A1 Critical
Drupal Core - Remote Code Execution (CVE-2019-6340) PCI v3.2-, CAPEC-242, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Malware Identified CWE-506 Critical
OpenSSL Heartbleed PCI v3.2-, CAPEC-216, CWE-119, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A9 Critical
Out of Band Code Evaluation (Apache Struts 2) PCI v3.2-, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Evaluation (Apache Struts 2) S2-053 PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Evaluation (ASP) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Evaluation (Perl) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Evaluation (PHP) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Evaluation (Python) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Evaluation (RoR - JSON) PCI v3.2-, CAPEC-356, CWE-94, HIPAA-94, ISO27001-A.14.2.5, WASC-23, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Evaluation (RoR) PCI v3.2-, CAPEC-356, CWE-94, HIPAA-94, ISO27001-A.14.2.5, WASC-23, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Evaluation (Ruby) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Java FreeMarker) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Java Velocity) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js Dot) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js EJS) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js Marko) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js Nunjucks) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js Pug (Jade)) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (PHP Smarty) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (PHP Twig) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Python Jinja) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Python Mako) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Python Tornado) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Command Injection PCI v3.2-, CAPEC-88, CWE-78, HIPAA-78, ISO27001-A.14.2.5, WASC-31, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Remote File Inclusion PCI v3.2-, CAPEC-193, CWE-98, HIPAA-98, ISO27001-A.14.2.5, WASC-5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band SQL Injection PCI v3.2-, CAPEC-66, CWE-89, HIPAA-89, ISO27001-A.14.2.5, WASC-19, OWASP 2013-A1, OWASP 2017-A1 Critical
Remote Code Execution and DoS in HTTP.sys (IIS) PCI v3.2-, CAPEC-340, CWE-20, HIPAA-20, ISO27001-A.14.2.5, WASC-7, OWASP 2013-A1, OWASP 2017-A1 Critical
Remote File Inclusion PCI v3.2-, CAPEC-193, CWE-98, HIPAA-98, ISO27001-A.14.2.5, WASC-5, OWASP 2013-A1, OWASP 2017-A1 Critical
Server-Side Request Forgery (Oracle Cloud) CWE-918, ISO27001-A.14.2.5, OWASP 2013-A5, OWASP 2017-A6 Critical
Server-Side Request Forgery (Packet Cloud) CWE-918, ISO27001-A.14.2.5, OWASP 2013-A5, OWASP 2017-A6 Critical
Server-Side Request Forgery (trace.axd) PCI v3.2-, CAPEC-347, CWE-918, HIPAA-918, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Critical
Server-Side Template Injection PCI v3.2-, CWE-74, HIPAA-74, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Server-Side Template Injection (Java FreeMarker) PCI v3.2-, CWE-74, HIPAA-74, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Server-Side Template Injection (Java Velocity) PCI v3.2-, CWE-74, HIPAA-74, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Server-Side Template Injection (Node.js Dot) PCI v3.2-, CWE-74, HIPAA-74, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Server-Side Template Injection (Node.js EJS) PCI v3.2-, CWE-74, HIPAA-74, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Server-Side Template Injection (Ruby ERB) PCI v3.2-, CWE-74, HIPAA-74, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
SQL Injection PCI v3.2-, CAPEC-66, CWE-89, HIPAA-89, ISO27001-A.14.2.5, WASC-19, OWASP 2013-A1, OWASP 2017-A1 Critical
Web Backdoor Detected PCI v3.2-, CAPEC-443, CWE-507, HIPAA-507, ISO27001-A.12.2.1, OWASP 2017-A10 Critical
Web Cache Deception PCI v3.2-, CAPEC-CAPEC, ISO27001-A.14.1.3, WASC-6, OWASP 2013-A5, OWASP 2017-A6 Critical
Backup Source Code Detected PCI v3.2-, CAPEC-87, CWE-530, HIPAA-530, ISO27001-A.18.1.3, WASC-34, OWASP 2013-A7, OWASP 2017-A5 High
Basic Authorization over HTTP PCI v3.2-, CAPEC-65, CWE-319, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3 High
Blind Cross-site Scripting PCI v3.2-, CAPEC-19, CWE-79, HIPAA-79, ISO27001-A.14.2.5, WASC-8, OWASP 2013-A3, OWASP 2017-A7 High
Certificate is Signed Using a Weak Signature Algorithm PCI v3.2-, CAPEC-459, ISO27001-A.10, WASC-4, OWASP 2013-A6, OWASP 2017-A3 High
Cross-site Scripting PCI v3.2-, CAPEC-19, CWE-79, HIPAA-79, ISO27001-A.14.2.5, WASC-8, OWASP 2013-A3, OWASP 2017-A7 High
Cross-site Scripting (DOM based) PCI v3.2-, CAPEC-19, CWE-79, HIPAA-79, ISO27001-A.14.2.5, WASC-8, OWASP 2013-A3, OWASP 2017-A7 High
Cross-site Scripting via Remote File Inclusion PCI v3.2-, CAPEC-19, CWE-79, HIPAA-79, ISO27001-A.14.2.5, WASC-8, OWASP 2013-A3, OWASP 2017-A7 High
Database User Has Admin Privileges PCI v3.2-, CWE-267, ISO27001-A.9.2.2, WASC-14, OWASP 2013-A5, OWASP 2017-A6 High
Elmah.axd / Errorlog.axd Detected PCI v3.2-, CAPEC-347, CWE-16, HIPAA-16, ISO27001-A.18.1.3, WASC-15, OWASP 2013-A5, OWASP 2017-A6 High
Expression Language Injection PCI v3.2-, CWE-20, HIPAA-20, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 High
Insecure Transportation Security Protocol Supported (SSLv2) PCI v3.2-, CAPEC-217, CWE-326, HIPAA-326, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3 High
Local File Inclusion PCI v3.2-, CAPEC-252, CWE-22, HIPAA-22, ISO27001-A.14.2.5, WASC-33, OWASP 2013-A4, OWASP 2017-A5 High
Out of Band XML External Entity Injection PCI v3.2-, CAPEC-376, CWE-611, HIPAA-611, ISO27001-A.14.2.5, WASC-43, OWASP 2013-A1, OWASP 2017-A4 High
Out-of-date Version (Microsoft SQL Server) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9 High
Out-of-date Version (MySQL) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9 High
Out-of-date Version (Oracle) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9 High
Out-of-date Version (PostgreSQL) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9 High
Password Transmitted over HTTP PCI v3.2-, CAPEC-65, CWE-319, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3 High
ROBOT Attack Detected (Strong Oracle) PCI v3.2-, CAPEC-217, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3 High
ROBOT Attack Detected (Weak Oracle) PCI v3.2-, CAPEC-217, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3 High
Ruby on Rails File Content Disclosure (CVE-2019-5418) PCI v3.2-, CAPEC-252, CWE-98, HIPAA-98, ISO27001-A.14.2.5, WASC-33, OWASP 2013-A4, OWASP 2017-A5 High
Server-Side Request Forgery (Apache Server Status) CWE-918, ISO27001-A.14.2.5, OWASP 2013-A5, OWASP 2017-A6 High
Server-Side Request Forgery (AWS) CWE-918, ISO27001-A.14.2.5, OWASP 2017-A5 High
Server-Side Request Forgery (elmah MVC) PCI v3.2-, CAPEC-347, CWE-918, HIPAA-918, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 High
Server-Side Request Forgery (elmah) PCI v3.2-, CAPEC-347, CWE-918, HIPAA-918, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 High
Server-Side Request Forgery (MySQL) CWE-918, ISO27001-A.14.2.5, OWASP 2013-A5, OWASP 2017-A6 High
Server-Side Request Forgery (SSH) CWE-918, ISO27001-A.14.2.5, OWASP 2013-A5, OWASP 2017-A6 High
Session Cookie Not Marked as Secure PCI v3.2-, CAPEC-102, CWE-614, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A6, OWASP 2017-A3 High
Stored Cross-site Scripting PCI v3.2-, CAPEC-19, CWE-79, HIPAA-79, ISO27001-A.14.2.5, WASC-8, OWASP 2013-A3, OWASP 2017-A7 High
SVN Detected CAPEC-118, CWE-527, ISO27001-A.9.4.1, WASC-13, OWASP 2013-A5, OWASP 2017-A6 High
Trace.axd Detected PCI v3.2-, CAPEC-347, CWE-16, HIPAA-16, ISO27001-A.18.1.3, WASC-15, OWASP 2013-A5, OWASP 2017-A6 High
Unrestricted File Upload PCI v3.2-, CWE-434, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 High
Weak Basic Authentication Credentials PCI v3.2-, CAPEC-16, CWE-521, ISO27001-A.9.4.3, WASC-15, OWASP 2013-A6, OWASP 2017-A3 High
WebDAV Directory Has Write Permissions PCI v3.2-, CWE-732, ISO27001-A.9.4.1, WASC-17, OWASP 2017-A6 High
XML External Entity Injection PCI v3.2-, CAPEC-376, CWE-611, HIPAA-611, ISO27001-A.14.2.5, WASC-43, OWASP 2013-A1, OWASP 2017-A4 High
Active Mixed Content over HTTPS CWE-319, ISO27001-A.14.1.3, OWASP 2013-A6, OWASP 2017-A3 Medium
Anonymous Ciphers Supported PCI v3.2-, CAPEC-117, CWE-311, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3 Medium
Apache Server-Info Detected CAPEC-347, CWE-16, ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Medium
Apache Server-Status Detected CAPEC-347, CWE-16, ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Medium
Base Tag Hijacking PCI v3.2-, CAPEC-19, CWE-20, HIPAA-20, ISO27001-A.14.2.5, WASC-8, OWASP 2013-A3, OWASP 2017-A7 Medium
BREACH Attack Detected CWE-310, OWASP 2013-A9, OWASP 2017-A9 Medium
Critical Form Send to HTTP PCI v3.2-, CAPEC-65, CWE-319, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3 Medium
Critical Form Served over HTTP PCI v3.2-, CAPEC-65, CWE-319, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3 Medium
CVS Detected CAPEC-118, CWE-527, ISO27001-A.9.4.5, WASC-13, OWASP 2013-A5, OWASP 2017-A6 Medium
Frame Injection PCI v3.2-, CWE-601, HIPAA-601, ISO27001-A.14.2.5, WASC-38, OWASP 2013-A1, OWASP 2017-A1 Medium
GIT Detected CAPEC-118, CWE-527, ISO27001-A.9.4.5, WASC-13, OWASP 2013-A5, OWASP 2017-A6 Medium
HTTP Header Injection PCI v3.2-, CAPEC-105, CWE-93, HIPAA-93, ISO27001-A.14.2.5, WASC-24, OWASP 2013-A1, OWASP 2017-A1 Medium
HTTP Parameter Pollution CWE-88, OWASP 2013-A1, OWASP 2017-A1 Medium
HTTP Strict Transport Security (HSTS) Errors and Warnings CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Medium
HTTP Strict Transport Security (HSTS) Policy Not Enabled CAPEC-217, CWE-523, ISO27001-A.14.1.2, WASC-4, OWASP 2013-A6, OWASP 2017-A3 Medium
Insecure HTTP Usage ISO27001-A.14.1.3, WASC-4, OWASP 2013-A5, OWASP 2017-A3 Medium
Insecure Transportation Security Protocol Supported (SSLv3) PCI v3.2-, CAPEC-217, CWE-326, HIPAA-326, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3 Medium
Invalid SSL Certificate PCI v3.2-, CAPEC-459, CWE-295, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3 Medium
Microsoft Access Database File Detected PCI v3.2-, CWE-284, ISO27001-A.18.1.3, WASC-2, OWASP 2013-A7, OWASP 2017-A3 Medium
Open Policy Crossdomain.xml Detected CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Medium
Open Redirection CWE-601, ISO27001-A.14.2.5, WASC-38, OWASP 2013-A10 Medium
Open Redirection (DOM based) CWE-601, ISO27001-A.14.2.5, WASC-38, OWASP 2013-A10 Medium
Open Silverlight Client Access Policy CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Medium
Password Transmitted over Query String PCI v3.2-, CWE-598, ISO27001-A.14.2.5, WASC-13, OWASP 2013-A6, OWASP 2017-A3 Medium
RSA Private Key Detected CAPEC-118, CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP 2013-A6, OWASP 2017-A3 Medium
Server-Side Request Forgery CWE-918, ISO27001-A.14.2.5, WASC-20, OWASP 2013-A1, OWASP 2017-A1 Medium
Server-Side Request Forgery (Time Based) CWE-918, ISO27001-A.14.2.5, WASC-20, OWASP 2013-A1, OWASP 2017-A1 Medium
Source Code Disclosure (ASP.NET) CAPEC-118, CWE-540, HIPAA-540, ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A3 Medium
Source Code Disclosure (ColdFusion) CAPEC-118, CWE-540, HIPAA-540, ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A3 Medium
Source Code Disclosure (Generic) CAPEC-118, CWE-540, HIPAA-540, ISO27001-A.9.4.5, WASC-13, OWASP 2013-A5, OWASP 2017-A3 Medium
Source Code Disclosure (Java Servlet) CAPEC-118, CWE-540, HIPAA-540, ISO27001-A.9.4.5, WASC-13, OWASP 2013-A5, OWASP 2017-A3 Medium
Source Code Disclosure (Java) CAPEC-118, CWE-540, HIPAA-540, ISO27001-A.9.4.5, WASC-13, OWASP 2013-A5, OWASP 2017-A3 Medium
Source Code Disclosure (JSP) CAPEC-118, CWE-540, HIPAA-540, ISO27001-A.9.4.5, WASC-13, OWASP 2013-A5, OWASP 2017-A3 Medium
Source Code Disclosure (Perl) CAPEC-118, CWE-540, HIPAA-540, ISO27001-A.9.4.5, WASC-13, OWASP 2013-A5, OWASP 2017-A3 Medium
Source Code Disclosure (PHP) CAPEC-118, CWE-540, HIPAA-540, ISO27001-A.9.4.5, WASC-13, OWASP 2013-A5, OWASP 2017-A3 Medium
Source Code Disclosure (Python) CAPEC-118, CWE-540, HIPAA-540, ISO27001-A.9.4.5, WASC-13, OWASP 2013-A5, OWASP 2017-A3 Medium
Source Code Disclosure (Ruby) CAPEC-118, CWE-540, HIPAA-540, ISO27001-A.9.4.5, WASC-13, OWASP 2013-A5, OWASP 2017-A3 Medium
Source Code Disclosure (Tomcat) CAPEC-118, CWE-540, HIPAA-540, ISO27001-A.9.4.5, WASC-13, OWASP 2013-A5, OWASP 2017-A3 Medium
SQLite Database File Found PCI v3.2-, CWE-284, ISO27001-A.18.1.3, WASC-2, OWASP 2013-A7, OWASP 2017-A3 Medium
SSL/TLS Not Implemented PCI v3.2-, CAPEC-217, CWE-311, HIPAA-311, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3 Medium
Stack Trace Disclosure (ColdFusion) PCI v3.2-, CAPEC-214, CWE-248, HIPAA-248, ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Medium
Stack Trace Disclosure (Django) PCI v3.2-, CAPEC-214, CWE-248, HIPAA-248, ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Medium
Stack Trace Disclosure (Java) PCI v3.2-, CAPEC-214, CWE-248, HIPAA-248, ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Medium
Stack Trace Disclosure (Laravel) PCI v3.2-, CAPEC-214, CWE-248, HIPAA-248, ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Medium
Stack Trace Disclosure (Python) PCI v3.2-, CAPEC-214, CWE-248, HIPAA-248, ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Medium
Stack Trace Disclosure (RoR) PCI v3.2-, CAPEC-214, CWE-248, HIPAA-248, ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Medium
Stack Trace Disclosure (Ruby-Sinatra Framework) PCI v3.2-, CAPEC-214, CWE-248, HIPAA-248, ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Medium
Sublime SFTP Config File Detected CWE-16, ISO27001-A.18.1.3, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Medium
Unicode Transformation (Best-Fit Mapping) CWE-20 Medium
ViewState MAC Disabled CWE-16, HIPAA-16, ISO27001-A.14.2.5, WASC-15, OWASP 2017-A6 Medium
Weak Ciphers Enabled PCI v3.2-, CAPEC-217, CWE-327, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3 Medium
WordPress Setup Configuration File PCI v3.2-, CAPEC-212, CWE-665, HIPAA-665, ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Medium
.DS_Store File Found PCI v3.2-, CWE-284, ISO27001-A.18.1.3, WASC-2, OWASP 2013-A7, OWASP 2017-A5 Low
Apache Multiple Choices Enabled CWE-16, ISO27001-A.9.4.1, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Low
Apache MultiViews Enabled CWE-16, ISO27001-A.9.4.1, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Low
Autocomplete is Enabled CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Low
Backup File Disclosure PCI v3.2-, CAPEC-87, CWE-530, HIPAA-530, ISO27001-A.18.1.3, WASC-34, OWASP 2013-A7, OWASP 2017-A5 Low
Cookie Not Marked as HttpOnly CAPEC-107, CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Low
Cookie Not Marked as Secure PCI v3.2-, CAPEC-102, CWE-614, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A6, OWASP 2017-A3 Low
Cookie Values Used in Anti-CSRF Token CWE-352, HIPAA-352, ISO27001-A.14.1.2, OWASP 2013-A5, OWASP 2017-A6 Low
Cross-site Request Forgery PCI v3.2-, CAPEC-62, CWE-352, HIPAA-352, ISO27001-A.14.2.5, WASC-9, OWASP 2013-A8, OWASP 2017-A5 Low
Cross-site Request Forgery in Login Form PCI v3.2-, CAPEC-62, CWE-352, HIPAA-352, ISO27001-A.14.2.5, WASC-9, OWASP 2013-A8, OWASP 2017-A5 Low
Database Error Message Disclosure PCI v3.2-, CAPEC-118, CWE-210, HIPAA-210, ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 Low
Database Name Disclosure (Microsoft SQL Server) PCI v3.2-, CAPEC-118, CWE-201, HIPAA-201, ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 Low
Database Name Disclosure (MySQL) PCI v3.2-, CAPEC-118, CWE-201, HIPAA-201, ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 Low
Django Debug Mode Enabled PCI v3.2-, CAPEC-214, CWE-16, ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Low
Exception Report Disclosure (Tomcat) PCI v3.2-, CAPEC-214, CWE-248, HIPAA-248, ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Low
Form Hijacking CWE-20, ISO27001-A.14.2.5, WASC-20, OWASP 2013-A1, OWASP 2017-A1 Low
Information Disclosure (Microsoft Office) PCI v3.2-, CAPEC-118, CWE-200, ISO27001-A.18.1.3, WASC-13 Low
Information Disclosure (phpinfo()) CAPEC-346, CWE-213, ISO27001-A.18.1.3, WASC-13, OWASP 2013-A6, OWASP 2017-A3 Low
Insecure Frame (External) CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2017-A6 Low
Insecure JSONP Endpoint CWE-20, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A1 Low
Insecure Reflected Content CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A1 Low
Insecure Transportation Security Protocol Supported (TLS 1.0) PCI v3.2-, CAPEC-217, CWE-326, HIPAA-326, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3 Low
Internal IP Address Disclosure CWE-200, ISO27001-A.18.1.4, OWASP 2013-A6, OWASP 2017-A3 Low
Internal Server Error CWE-550, ISO27001-A.14.1.2, WASC-13 Low
Laravel Debug Mode Enabled PCI v3.2-, CAPEC-214, CWE-16, ISO27001-A.14.1.2, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Low
Laravel Environment Configuration File Detected CWE-16, ISO27001-A.9.4.1, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Low
Microsoft IIS Log File Detected PCI v3.2-, CAPEC-87, CWE-425, HIPAA-425, ISO27001-A.18.1.3, WASC-34, OWASP 2013-A7, OWASP 2017-A5 Low
Microsoft Outlook Personal Folders File (.pst) Found PCI v3.2-, CWE-284, ISO27001-A.18.1.3, WASC-2, OWASP 2013-A7, OWASP 2017-A5 Low
Misconfigured Access-Control-Allow-Origin Header CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Low
Misconfigured Frame CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2017-A6 Low
Misconfigured X-Frame-Options Header CAPEC-103, CWE-693, ISO27001-A.14.2.5, OWASP 2013-A5, OWASP 2017-A6 Low
Missing Content-Type Header CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Low
Missing X-Frame-Options Header CAPEC-103, CWE-693, ISO27001-A.14.2.5, OWASP 2013-A5, OWASP 2017-A6 Low
Multiple Declarations in X-Frame-Options Header CAPEC-103, CWE-693, ISO27001-A.14.2.5, OWASP 2013-A5, OWASP 2017-A6 Low
Open Redirection in POST method CWE-601, ISO27001-A.14.2.5, WASC-38, OWASP 2013-A10, OWASP 2017-A5 Low
Passive Mixed Content over HTTPS CWE-319, ISO27001-A.14.1.3, OWASP 2013-A6, OWASP 2017-A3 Low
Passive Web Backdoor Detected PCI v3.2-, CWE-507, HIPAA-507, ISO27001-A.12.2.1, OWASP 2017-A10 Low
Phishing by Navigating Browser Tabs CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Low
Programming Error Message PCI v3.2-, CAPEC-118, CWE-210, HIPAA-210, ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 Low
Programming Error Message (Ruby) PCI v3.2-, CAPEC-118, CWE-210, HIPAA-210, ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6 Low
Reflected File Download PCI v3.2-, CAPEC-375, CWE-840, ISO27001-A.14.2.5, WASC-42, OWASP 2013-A1, OWASP 2017-A1 Low
RoR Database Configuration File Detected CWE-16, ISO27001-A.9.4.1, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Low
RoR Development Mode Enabled PCI v3.2-, CAPEC-214, CWE-16, ISO27001-A.14.1.1, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Low
Social Security Number Disclosure PCI v3.2-, CAPEC-118, CWE-213, ISO27001-A.18.1.3, WASC-13, OWASP 2013-A6, OWASP 2017-A3 Low
Stack Trace Disclosure (Apache MyFaces) PCI v3.2-, CAPEC-214, CWE-248, HIPAA-248, ISO27001-A.9.2.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Low
Stack Trace Disclosure (ASP.NET) PCI v3.2-, CAPEC-214, CWE-248, HIPAA-248, ISO27001-A.9.2.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Low
Stack Trace Disclosure (CakePHP Framework) PCI v3.2-, CAPEC-214, CWE-248, HIPAA-248, ISO27001-A.9.2.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Low
Stack Trace Disclosure (CherryPy) PCI v3.2-, CAPEC-214, CWE-248, HIPAA-248, ISO27001-A.9.2.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Low
Stack Trace Disclosure (Grails) PCI v3.2-, CAPEC-214, CWE-248, HIPAA-248, ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Low
Struts2 Development Mode Enabled PCI v3.2-, CAPEC-214, CWE-16, ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Low
Subresource Integrity (SRI) Hash Invalid CWE-16, ISO27001-A.14.2.5, WASC-15 Low
TRACE/TRACK Method Detected CAPEC-107, CWE-16, ISO27001-A.14.1.2, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Low
Unexpected Redirect Response Body (Two Responses) CWE-698, ISO27001-A.14.2.5, WASC-25 Low
User Controllable Cookie CWE-20, ISO27001-A.14.2.5, WASC-20 Low
Username Disclosure (Microsoft SQL Server) PCI v3.2-, CAPEC-118, CWE-201, HIPAA-201, ISO27001-A.18.1.4, WASC-13, OWASP 2013-A5, OWASP 2017-A3 Low
Username Disclosure (MySQL) PCI v3.2-, CAPEC-118, CWE-201, HIPAA-201, ISO27001-A.18.1.4, WASC-13, OWASP 2013-A5, OWASP 2017-A3 Low
Version Disclosure (Apache Coyote) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (Apache Module) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (Apache) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (ASP.NET MVC) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (ASP.NET) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (CakePHP Framework) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (Cherokee) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (CherryPy) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (Django) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (Frontpage) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (GlassFish) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (Hiawatha) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (Java Servlet) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (Java) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (JBoss) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (Lighttpd) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (mod_ssl) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (Mongrel Web Server) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (Nginx) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (NuSOAP) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (OpenSSL) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (Oracle) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (Perl) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (PHP) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (Python) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (RoR) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (Ruby) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (RubyGems) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (SharePoint) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (Tomcat) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (WebLogic) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
Version Disclosure (WEBrick) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Low
ViewState is not Encrypted CWE-16, HIPAA-16, ISO27001-A.14.2.5, WASC-15, OWASP 2017-A6 Low
Windows Short Filename PCI v3.2-, CAPEC-87, CWE-538, HIPAA-538, ISO27001-A.8.2.3, WASC-34, OWASP 2013-A7, OWASP 2017-A6 Low
Windows Username Disclosure PCI v3.2-, CAPEC-118, CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP 2013-A6, OWASP 2017-A3 Low
WP Engine Configuration File Detected CWE-16, ISO27001-A.9.4.1, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Low
Content Security Policy (CSP) Not Implemented CWE-16, ISO27001-A.14.2.5, WASC-15 Best Practice
Expect-CT Not Enabled CWE-16, ISO27001-A.14.1.2, WASC-15 Best Practice
Insecure Transportation Security Protocol Supported (TLS 1.1) PCI v3.2-, CAPEC-217, CWE-326, HIPAA-326, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3 Best Practice
Missing X-XSS-Protection Header CWE-16, HIPAA-16, ISO27001-A.14.2.5, WASC-15 Best Practice
Referrer-Policy Not Implemented CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3 Best Practice
SameSite Cookie Not Implemented CWE-16, ISO27001-A.14.2.5, WASC-15 Best Practice
Subresource Integrity (SRI) Not Implemented CWE-16, ISO27001-A.14.2.5, WASC-15 Best Practice
.htaccess File Detected CWE-16, OWASP 2013-A5, OWASP 2017-A6 Information
aah Go Server Identified CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
AbanteCart Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Adminer Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C6 Information
Administration Page Detected PCI v3.2-, CAPEC-87, CWE-425, HIPAA-425, ISO27001-A.9.4.1, WASC-34, OWASP PC-C6, OWASP 2013-A7, OWASP 2017-A5 Information
Ampache Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
An Unsafe Content Security Policy (CSP) Directive in Use CWE-16, ISO27001-A.14.2.5, WASC-15 Information
Apache Web Server Identified CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Apple’s App-Site Association (AASA) Detected ISO27001-A.18.1.3, OWASP PC-C7 Information
ASP.NET Debugging Enabled CWE-16, ISO27001-A.9.4.1, WASC-14, OWASP PC-C7, OWASP 2013-A5, OWASP 2017-A6 Information
ASP.NET Identified CWE-200, ISO27001-A.8.1.1, WASC-13, OWASP PC-C7 Information
ATutor Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Authorization Required ISO27001-A.9.4.1 Information
Autocomplete Enabled (Password Field) CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
AWStats Detected CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45, OWASP PC-C6 Information
Axway Secure Transport Detected Information
b2evolution Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Basic Authorization Required ISO27001-A.9.4.1 Information
Caddy Web Server Identified CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
CakePHP Framework Identified CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
CDN Detected (Airee) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Akamai) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Arvan Cloud) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Azure CDN) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (CDN77) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Fastly) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Fireblade) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Google Cloud CDN) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Incapsula) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Instart) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (KeyCDN) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (MaxCDN) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Netlify) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (PowerCDN) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Qrator) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Sucuri) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (West263) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
Chamilo Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Claroline Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
ClipBucket Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Collabtive Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Concrete5 Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Configuration File Detected PCI v3.2-, CAPEC-87, CWE-425, HIPAA-425, ISO27001-A.18.1.3, WASC-34, OWASP 2013-A7, OWASP 2017-A5 Information
contao Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Content Security Policy (CSP) Contains Out of Scope report-uri Domain ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3 Information
Content Security Policy (CSP) Keywords Not Used Within Single Quotes CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Content Security Policy (CSP) Nonce Value Not Used Within Single Quotes CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Content Security Policy (CSP) Nonce Without Matching Script Block CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Content Security Policy (CSP) report-uri Uses HTTP ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3 Information
Content-Security-Policy-Report-Only Cannot Be Declared Between META Tags CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Content-Security-Policy-Report-Only Cannot Be Declared Without report-uri Directive CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Coppermine Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Credit Card Disclosure PCI v3.2-, CAPEC-118, CWE-213, ISO27001-A.18.1.4, WASC-13, OWASP PC-C7, OWASP 2013-A6, OWASP 2017-A3 Information
Crossdomain.xml Detected ISO27001-A.12.5.1, OWASP PC-C6 Information
Cross-site Referrer Leakage through Permissive Referrer-Policy CWE-200, ISO27001-A.14.2.5, OWASP PC-C9, OWASP 2013-A6, OWASP 2017-A6 Information
Cross-site Referrer Leakage through Referrer-Policy CWE-200, ISO27001-A.14.2.5, OWASP PC-C9, OWASP 2013-A6, OWASP 2017-A6 Information
Cross-site Referrer Leakage through Referrer-Policy CWE-200, ISO27001-A.14.1.2, OWASP PC-C9, OWASP 2013-A6, OWASP 2017-A6 Information
CubeCart Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
data: Used in a Content Security Policy (CSP) Directive ISO27001-A.14.2.5 Information
Database Connection String Detected CWE-16, HIPAA-16, ISO27001-A.18.1.3, WASC-15, OWASP PC-C7, OWASP 2013-A5, OWASP 2017-A3 Information
Database Detected (Microsoft Access) CWE-200, ISO27001-A.18.1.3, WASC-13 Information
Database Detected (Microsoft SQL Server) CWE-200, ISO27001-A.8.1.1, WASC-13 Information
Database Detected (MySQL) CWE-200, ISO27001-A.8.1.1, WASC-13 Information
Database Detected (Oracle) CWE-200, ISO27001-A.8.1.1, WASC-13 Information
Database Detected (PostgreSQL) CWE-200, ISO27001-A.8.1.1, WASC-13 Information
DbNinja Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C6 Information
Default Page Detected (Apache) CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Default Page Detected (CakePHP Framework) CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Default Page Detected (IIS 10.0) CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Default Page Detected (IIS 6) CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Default Page Detected (IIS 7) CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Default Page Detected (IIS 7.5) CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Default Page Detected (IIS 7.X) CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Default Page Detected (IIS 8) CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Default Page Detected (IIS 8.5) CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Default Page Detected (Tomcat) CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
default-src Used in Content Security Policy (CSP) ISO27001-A.14.2.5, OWASP PC-C9 Information
Denial of Service (MySQL) CWE-400, ISO27001-A.14.1.2, WASC-10, OWASP PC-C9 Information
Deprecated Header Instruction Used to Implement Content Security Policy (CSP) CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP PC-C9 Information
Digest Authorization Required ISO27001-A.9.4.1 Information
Directory Listing (Apache) CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP PC-C6, OWASP 2013-A5, OWASP 2017-A6 Information
Directory Listing (ASP.NET Server) CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP PC-C6, OWASP 2013-A5, OWASP 2017-A6 Information
Directory Listing (IIS) CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP PC-C6, OWASP 2013-A5, OWASP 2017-A6 Information
Directory Listing (Lighttpd) CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP PC-C6, OWASP 2013-A5, OWASP 2017-A6 Information
Directory Listing (LiteSpeed) CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP PC-C6, OWASP 2013-A5, OWASP 2017-A6 Information
Directory Listing (Nginx) CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP PC-C6, OWASP 2013-A5, OWASP 2017-A6 Information
Directory Listing (Tomcat) CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP PC-C6, OWASP 2013-A5, OWASP 2017-A6 Information
Directory Listing (WebDAV) CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP PC-C6, OWASP 2013-A5, OWASP 2017-A6 Information
Disabled X-XSS-Protection Header CWE-693, ISO27001-A.14.1.2, WASC-15, OWASP PC-C9 Information
DokuWiki Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Dolibarr Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Dolphin Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
DotClear Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Drupal Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
e107 Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Elgg Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Email Address Disclosure CAPEC-118, CWE-200, ISO27001-A.9.4.1, WASC-13, OWASP PC-C7 Information
EspoCRM Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Expect-CT Header via HTTP CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP PC-C10 Information
Expect-CT in Report Only Mode ISO27001-A.14.1.2, OWASP PC-C9 Information
Expect-CT Security Header Errors and Warnings CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP PC-C10 Information
ExpressJS Identified CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Family Connections Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
File Upload Functionality Detected ISO27001-A.8.1.1, OWASP PC-C4 Information
FluxBB Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Forbidden Resource ISO27001-A.8.1.1, OWASP PC-C8 Information
Form Tools Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Front Accounting Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Generic Email Address Disclosure CAPEC-118, CWE-200, ISO27001-A.18.1.4, WASC-13, OWASP PC-C7 Information
GibbonEdu Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Hesk Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
HTTP Strict Transport Security (HSTS) Max-Age Value Too Low CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP PC-C1 Information
HTTP Strict Transport Security (HSTS) via HTTP CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP PC-C10, OWASP 2017-A6 Information
Incorrect Content Security Policy (CSP) Implementation CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Insecure Protocol Detected in Content Security Policy (CSP) CWE-319, ISO27001-A.14.2.5 Information
Installation File Detected PCI v3.2-, CAPEC-87, CWE-425, HIPAA-425, ISO27001-A.18.1.3, WASC-34, OWASP 2013-A7, OWASP 2017-A5 Information
Intermediate Certificate is Signed Using a Weak Signature Algorithm CAPEC-459, ISO27001-A.10, WASC-4, OWASP 2013-A6, OWASP 2017-A3 Information
Internal Path Disclosure (*nix) CAPEC-118, CWE-200, HIPAA-200, ISO27001-A.9.4.1, WASC-13, OWASP PC-C7, OWASP 2017-A6 Information
Internal Path Disclosure (Windows) CAPEC-118, CWE-200, HIPAA-200, ISO27001-A.8.1.1, WASC-13, OWASP PC-C7 Information
Invalid Content Security Policy (CSP) Directive Identified in meta Elements CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
JBoss Application Server Identified CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Joomla Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
LimeSurvey Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Log File Detected PCI v3.2-, CAPEC-87, CWE-425, HIPAA-425, ISO27001-A.18.1.3, WASC-34, OWASP PC-C6, OWASP 2013-A7, OWASP 2017-A5 Information
Login Page Identified OWASP PC-C6 Information
MediaWiki Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Mibew Messenger Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Mint Detected CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45, OWASP PC-C7 Information
Missing object-src in CSP Declaration CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP PC-C9 Information
MODX Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Moodle Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Movable Type Detected CWE-200, ISO27001-A.18.1.3, WASC-13 Information
Multiple Content Security Policy (CSP) Implementation Detected CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP PC-C9 Information
MyBB Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Nginx Web Server Identified CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
No Script Block Detected with the Hash Value Declared in Content Security Policy (CSP) ISO27001-A.14.2.5, OWASP 2013-A5, OWASP 2017-A6 Information
Nonce Usage Detected in Content Security Policy (CSP) Directive ISO27001-A.14.2.5, OWASP PC-C9 Information
NTLM Authorization Required ISO27001-A.9.4.1, OWASP PC-C6 Information
Omeka Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
OpenCart Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
OpenSearch.xml Detected CWE-200, ISO27001-A.18.1.3, OWASP PC-C7 Information
OPTIONS Method Enabled CAPEC-107, CWE-16, ISO27001-A.14.1.2, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Information
osClass Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
osCommerce Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
osTicket Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Out-of-date Version (AbanteCart) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Ampache) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (AngularJS) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Apache) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (ASP.NET SignalR) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (ATutor) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (axios) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (b2evolution) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Backbone.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (bluebird) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Bootbox.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Bootstrap 3 Date/Time Picker) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Bootstrap Toggle) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Bootstrap) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (CakePHP Framework) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Chamilo) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Chart.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Cherokee) PCI v3.2-, CAPEC-310, HIPAA-, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (CherryPy) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (CKEditor) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Claroline) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (ClipBucket) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Collabtive) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Concerte5) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (contao) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Coppermine) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (CubeCart) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (D3.js) PCI v3.2-, CAPEC-310, HIPAA-, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (DataTables) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Django) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (DokuWiki) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Dolibarr) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Dolphin) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (DOMPurify) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (DotClear) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Drupal) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (DWR) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (e107) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (easyXDM) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (ef.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Elgg) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Ember.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (EspoCRM) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Ext JS) PCI v3.2-, CAPEC-310, HIPAA-, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Fabric.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Family Connections) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (FancyBox) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Fingerprintjs2) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Flickity) PCI v3.2-, CAPEC-310, HIPAA-, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (FluxBB) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (FooTable) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Form Tools) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Foundation) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Front Accounting) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Fuel UX) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (GibbonEdu) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (GlassFish) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Google Charts) PCI v3.2-, CAPEC-310, HIPAA-, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (GSAP) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Hammer.JS) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Handlebars.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Hesk) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Hiawatha) PCI v3.2-, CAPEC-310, HIPAA-, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Highcharts) PCI v3.2-, CAPEC-310, HIPAA-, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (HTML5 Shiv) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (IIS) PCI v3.2-, CAPEC-310, HIPAA-, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (ImagePicker) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Inferno) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Intro.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Ion.RangeSlider) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Java) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (JavaScript Cookie) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (JBoss) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Joomla) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (jPlayer) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (jQuery Mask) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (jQuery Migrate) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (jQuery Mobile) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (jQuery UI Autocomplete) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (jQuery UI Dialog) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (jQuery UI Tooltip) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (jQuery Validation) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (jQuery) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (jsTree) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Knockout Mapping) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Knockout) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Lazy.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Leaflet) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Lightbox) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Lighttpd) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (LimeSurvey) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (List.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Lodash) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Marionette.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Math.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (MathJax) PCI v3.2-, CAPEC-310, HIPAA-, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (MediaWiki) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Mibew Messenger) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Mithril) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Modernizr) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (MODX) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Moment.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Moodle) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Movable Type) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (mustache.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (MyBB) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Nginx) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, WASC-13, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (NuSOAP) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, WASC-13, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Omeka) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (OpenCart) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (OpenSSL) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (osClass) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (osCommerce) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (osTicket) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (ownCloud) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (pdf.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Perl) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (pH7CMS) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Phaser) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Phorum) PCI v3.2-, CAPEC-310, HIPAA-, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Php Address Book) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (PHP) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (phpBB) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (PhpFusion) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (phpList) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (PhpMyFAQ) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Piwigo) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Pixi.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Plupload) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (PmWiki) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Podcast Generator) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Polymer) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (PrestaShop) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (prettyPhoto) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (ProjectSend) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Prototype JS) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Python) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (qdPM) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Question2Answer) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Ramda) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (React) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (RequireJS) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Respond.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Reveal.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Revive Adserver) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Rickshaw) PCI v3.2-, CAPEC-310, HIPAA-, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Riot.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (RoR) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Roundcube) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Ruby) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (RubyGems) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Rukovoditel) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (ScrollReveal) PCI v3.2-, CAPEC-310, HIPAA-, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Select2) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Semantic UI) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (SeoPanel) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Serendipity) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (slick) PCI v3.2-, CAPEC-310, HIPAA-, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Snap.svg) PCI v3.2-, CAPEC-310, HIPAA-, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Sortable) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (SweetAlert2) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (TCExam) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Telerik Web UI) PCI v3.2-, CAPEC-310, HIPAA-, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Three.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Tomcat) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (typeahead.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Underscore.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Vanilla Forums) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Video.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Vtiger) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Vue.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (webERP) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (WeBid) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (WebLogic) PCI v3.2-, CAPEC-310, HIPAA-, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (WordPress) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (XOOPS) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (XRegExp) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (YetiForce CRM) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (YOURLS) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (YUI) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Zen Cart) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (ZenPhoto) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Zepto.js) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Zikula) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
Out-of-date Version (Zurmo) PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 Information
ownCloud Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
pH7CMS Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Phorum Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Php Address Book Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
phpBB Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
PhpFusion Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
phpList Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
phpLiteAdmin Detected CWE-538, ISO27001-A.18.1.3, WASC-13, OWASP PC-C6 Information
phpMoAdmin Detected CWE-538, ISO27001-A.18.1.3, WASC-13, OWASP PC-C6 Information
phpMyAdmin Detected CWE-538, ISO27001-A.18.1.3, WASC-13, OWASP PC-C6 Information
PhpMyFAQ Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Piwigo Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Piwik Detected CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45, OWASP PC-C7 Information
PmWiki Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Podcast Generator Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
PrestaShop Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
ProjectSend Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
qdPM Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Question2Answer Detected ISO27001-A.18.1.3, OWASP PC-C7 Information
Readme/Help File Detected PCI v3.2-, CAPEC-87, CWE-425, HIPAA-425, ISO27001-A.18.1.3, WASC-34, OWASP PC-C7, OWASP 2013-A7, OWASP 2017-A5 Information
Referrer-Policy Needs Proper Fallback CWE-200, ISO27001-A.14.2.5, OWASP PC-C9, OWASP 2013-A6, OWASP 2017-A6 Information
Reverse Proxy Detected (Apache Traffic Server) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
Reverse Proxy Detected (Citrix Netscaler) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
Reverse Proxy Detected (Envoy) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
Reverse Proxy Detected (F5 BIG-IP) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
Reverse Proxy Detected (HAProxy) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
Reverse Proxy Detected (Skipper) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
Revive Adserver Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Robots.txt Detected ISO27001-A.18.1.3, OWASP PC-C7 Information
Roundcube Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Rukovoditel Detected ISO27001-A.18.1.3, OWASP PC-C7 Information
Scheme URI Detected in Content Security Policy (CSP) Directive ISO27001-A.14.2.5 Information
Security.txt Detected ISO27001-A.18.1.3, OWASP PC-C7 Information
SeoPanel Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Serendipity Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Shell Script Detected CWE-200, ISO27001-A.8.1.1, WASC-13, OWASP PC-C6 Information
Silverlight Client Access Policy Detected ISO27001-None, OWASP PC-C6 Information
Sitemap Detected ISO27001-A.18.1.3, OWASP PC-C7 Information
SQL File Detected PCI v3.2-, CAPEC-87, CWE-425, HIPAA-425, ISO27001-A.18.1.3, WASC-34, OWASP PC-C7, OWASP 2013-A7, OWASP 2017-A5 Information
Static Nonce Identified in Content Security Policy (CSP) CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
swagger.json Detected ISO27001-A.8.1.1, OWASP PC-C7 Information
TCExam Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Test File Detected PCI v3.2-, CAPEC-87, CWE-425, HIPAA-425, ISO27001-A.18.1.3, WASC-34, OWASP PC-C7, OWASP 2013-A7, OWASP 2017-A5 Information
Travis CI Configuration File Detected CWE-16, ISO27001-A.9.4.1, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
TS Web Access Identified PCI v3.2-, CAPEC-87, CWE-425, HIPAA-425, ISO27001-A.9.4.1, WASC-34, OWASP PC-C6, OWASP 2013-A7, OWASP 2017-A5 Information
UNC Server and Share Disclosure CWE-16, ISO27001-A.18.1.3, WASC-15, OWASP PC-C7, OWASP 2013-A5, OWASP 2017-A6 Information
Unexpected Redirect Response Body (Too Large) CWE-698, ISO27001-A.14.2.5, WASC-40, OWASP PC-C6 Information
Unknown Option Used In Referrer-Policy CWE-200, ISO27001-A.14.2.5, OWASP PC-C9, OWASP 2013-A6, OWASP 2017-A6 Information
Unsupported Hash Detected in Content Security Policy (CSP) CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Vanilla Forums Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Version Disclosure (IIS) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP PC-C7, OWASP 2013-A5, OWASP 2017-A6 Information
Version Disclosure (Telerik Web UI) CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 Information
Vtiger Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Weak Nonce Detected in Content Security Policy (CSP) Declaration CWE-330, ISO27001-A.14.2.5, WASC-16, OWASP 2013-A5, OWASP 2017-A6 Information
Web Application Firewall Detected ISO27001-A.18.1.3, OWASP PC-C7 Information
Web.config File Detected CAPEC-87, CWE-425, HIPAA-425, ISO27001-A.18.1.3, WASC-34, OWASP PC-C6, OWASP 2013-A7, OWASP 2017-A5 Information
Webalizer Detected CAPEC-224, CWE-538, ISO27001-A.18.1.3, WASC-45, OWASP PC-C6 Information
WebDAV Enabled CWE-16, ISO27001-A.9.4.4, WASC-15, OWASP PC-C6 Information
webERP Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
WeBid Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Wildcard Detected in Domain Portion of Content Security Policy (CSP) Directive ISO27001-A.14.2.5 Information
Wildcard Detected in Port Portion of Content Security Policy (CSP) Directive ISO27001-A.14.2.5 Information
Wildcard Detected in Scheme Portion of Content Security Policy (CSP) Directive ISO27001-A.14.2.5 Information
WordPress Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
WS_FTP Log File Detected CAPEC-118, CWE-538, ISO27001-A.9.4.1, WASC-13, OWASP PC-C6 Information
XOOPS Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
YetiForce CRM Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
YOURLS Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Zen Cart Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
ZenPhoto Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Zikula Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Zurmo Detected CWE-200, ISO27001-A.18.1.3, WASC-13, OWASP PC-C7 Information
Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO