Search Vulnerability


Vulnerability Name Classifications Severity
Bash Command Injection Vulnerability (Shellshock Bug) PCI v3.2-6.5.1; CAPEC-88; CWE-78; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-31; OWASP 2013-A1; OWASP 2017-A9 Critical
Blind Command Injection PCI v3.2-6.5.1; CAPEC-88; CWE-78; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-31; OWASP 2013-A1; OWASP 2017-A1 Critical
Blind SQL Injection PCI v3.2-6.5.1; CAPEC-66; CWE-89; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-19; OWASP 2013-A1; OWASP 2017-A1 Critical
Boolean Based SQL Injection PCI v3.2-6.5.1; CAPEC-66; CWE-89; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-19; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Apache Struts S02-53) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Apache Struts) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Apache Struts) S2-016 PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Apache Struts) S2-045 PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Apache Struts) S2-046 PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (ASP) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Node.js) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Perl) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (PHP) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (PHP) - IAST PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Python) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (RoR - JSON) PCI v3.2-6.5.1; CAPEC-356; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-23; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (RoR) PCI v3.2-6.5.1; CAPEC-356; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-23; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Ruby) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation via Local File Inclusion (PHP) PCI v3.2-6.5.1; CAPEC-251; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-33; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via File Upload PCI v3.2-6.5.1; CAPEC-210; CWE-94; HIPAA-164.306(a); ISO27001-A.14.2.5; WASC-42; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via Local File Inclusion PCI v3.2-6.5.1; CAPEC-170; CWE-94; HIPAA-164.306(a); ISO27001-A.14.2.5; WASC-33; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (ASP.NET Razor) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Java FreeMarker) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Java Pebble) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Java Velocity) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (JinJava) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js Dot) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js EJS) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js Marko) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js Nunjucks) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js Pug (Jade)) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (PHP Smarty) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (PHP Twig) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Python Jinja) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Python Mako) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Python Tornado) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Ruby ERB) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Ruby Slim) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via WebDAV PCI v3.2-6.5.8; CAPEC-17; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-17; OWASP 2017-A6 Critical
Command Injection PCI v3.2-6.5.1; CAPEC-88; CWE-78; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-31; OWASP 2013-A1; OWASP 2017-A1 Critical
Command Injection (IAST) PCI v3.2-6.5.1; CAPEC-88; CWE-78; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-31; OWASP 2013-A1; OWASP 2017-A1 Critical
Drupal Core - Remote Code Execution (CVE-2019-6340) PCI v3.2-6.5.1; CAPEC-242; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Malware Identified CWE-506 Critical
OpenSSL Heartbleed PCI v3.2-6.5.2; CAPEC-216; CWE-119; ISO27001-A.14.2.5; OWASP 2013-A6; OWASP 2017-A9 Critical
Oracle WebLogic Remote Code Execution (CVE-2020-14882) PCI v3.2-6.5.1; CAPEC-242; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (Apache Struts 2) PCI v3.2-6.5.1; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (Apache Struts 2) S2-053 PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (ASP) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (Perl) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (PHP) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (Python) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (RoR - JSON) PCI v3.2-6.5.1; CAPEC-356; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-23; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (RoR) PCI v3.2-6.5.1; CAPEC-356; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-23; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (Ruby) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Java FreeMarker) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Java Velocity) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js Dot) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js EJS) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js Marko) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js Nunjucks) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js Pug (Jade)) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (PHP Smarty) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (PHP Twig) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Python Jinja) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Python Mako) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Python Tornado) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Command Injection PCI v3.2-6.5.1; CAPEC-88; CWE-78; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-31; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Remote File Inclusion PCI v3.2-6.5.1; CAPEC-193; CWE-98; HIPAA-164.306(a); ISO27001-A.14.2.5; WASC-5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band SQL Injection PCI v3.2-6.5.1; CAPEC-66; CWE-89; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-19; OWASP 2013-A1; OWASP 2017-A1 Critical
Remote Code Execution and DoS in HTTP.sys (IIS) PCI v3.2-6.5.1; CAPEC-340; CWE-20; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-7; OWASP 2013-A1; OWASP 2017-A1 Critical
Remote File Inclusion PCI v3.2-6.5.1; CAPEC-193; CWE-98; HIPAA-164.306(a); ISO27001-A.14.2.5; WASC-5; OWASP 2013-A1; OWASP 2017-A1 Critical
Server-Side Request Forgery (Oracle Cloud) CWE-918; ISO27001-A.14.2.5; OWASP 2013-A5; OWASP 2017-A6 Critical
Server-Side Request Forgery (Packet Cloud) CWE-918; ISO27001-A.14.2.5; OWASP 2013-A5; OWASP 2017-A6 Critical
Server-Side Request Forgery (trace.axd) PCI v3.2-6.5.6; CAPEC-347; CWE-918; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Critical
Server-Side Template Injection PCI v3.2-6.5.1; CWE-74; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Server-Side Template Injection (ASP.NET Razor) PCI v3.2-6.5.1; CWE-74; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Server-Side Template Injection (Java FreeMarker) PCI v3.2-6.5.1; CWE-74; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Server-Side Template Injection (Java Pebble) PCI v3.2-6.5.1; CWE-74; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Server-Side Template Injection (Java Velocity) PCI v3.2-6.5.1; CWE-74; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Server-Side Template Injection (JinJava) PCI v3.2-6.5.1; CWE-74; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Server-Side Template Injection (Node.js Dot) PCI v3.2-6.5.1; CWE-74; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Server-Side Template Injection (Node.js EJS) PCI v3.2-6.5.1; CWE-74; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Server-Side Template Injection (Ruby ERB) PCI v3.2-6.5.1; CWE-74; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
SQL Injection (IAST) PCI v3.2-6.5.1; CAPEC-66; CWE-89; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-19; OWASP 2013-A1; OWASP 2017-A1 Critical
Web Backdoor Detected PCI v3.2-6.5.6; CAPEC-443; CWE-507; HIPAA-164.308(a); ISO27001-A.12.2.1; OWASP 2017-A10 Critical
Web Cache Deception PCI v3.2-2.2.3; CAPEC-CAPEC; ISO27001-A.14.1.3; WASC-6; OWASP 2013-A5; OWASP 2017-A6 Critical
Arbitrary File Creation Detected CWE-20; OWASP 2017-A5 High
Arbitrary File Deletion Detected CWE-20; OWASP 2017-A5 High
ASP.NET Tracing Is Enabled CWE-16, 11; OWASP 2013-A5; OWASP 2017-A6 High
Backup Source Code Detected PCI v3.2-6.5.8; CAPEC-87; CWE-530; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-34; OWASP 2013-A7; OWASP 2017-A5 High
Basic Authorization over HTTP PCI v3.2-6.5.4; CAPEC-65; CWE-319; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 High
Blind Cross-site Scripting PCI v3.2-6.5.7; CAPEC-19; CWE-79; HIPAA-164.308(a); ISO27001-A.14.2.5; WASC-8; OWASP 2013-A3; OWASP 2017-A7 High
Certificate is Signed Using a Weak Signature Algorithm PCI v3.2-6.5.4; CAPEC-459; ISO27001-A.10; WASC-4; OWASP 2013-A6; OWASP 2017-A3 High
Cross-site Scripting PCI v3.2-6.5.7; CAPEC-19; CWE-79; HIPAA-164.308(a); ISO27001-A.14.2.5; WASC-8; OWASP 2013-A3; OWASP 2017-A7 High
Cross-site Scripting (DOM based) PCI v3.2-6.5.7; CAPEC-19; CWE-79; HIPAA-164.308(a); ISO27001-A.14.2.5; WASC-8; OWASP 2013-A3; OWASP 2017-A7 High
Cross-site Scripting via Remote File Inclusion PCI v3.2-6.5.7; CAPEC-19; CWE-79; HIPAA-164.308(a); ISO27001-A.14.2.5; WASC-8; OWASP 2013-A3; OWASP 2017-A7 High
Database User Has Admin Privileges PCI v3.2-6.5.6; CWE-267; ISO27001-A.9.2.2; WASC-14; OWASP 2013-A5; OWASP 2017-A6 High
Elmah.axd / Errorlog.axd Detected PCI v3.2-6.5.6; CAPEC-347; CWE-16; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-15; OWASP 2013-A5; OWASP 2017-A6 High
Expression Language Injection PCI v3.2-6.5.1; CWE-20; HIPAA-164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 High
F5 Big-IP Local File Inclusion (CVE-2020-5902) PCI v3.2-6.5.8; CAPEC-252; CWE-22; HIPAA-164.306(a); ISO27001-A.14.2.5; WASC-33; OWASP 2013-A4; OWASP 2017-A5 High
Insecure Transportation Security Protocol Supported (SSLv2) PCI v3.2-6.5.4; CAPEC-217; CWE-326; HIPAA-164.306; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 High
JWT Forgery via Chaining Jku Parameter with Open Redirect CWE-347; OWASP 2017-A2 High
JWT Forgery via Path Traversal CWE-22; OWASP 2017-A1 High
JWT Forgery via SQL Injection CWE-89; OWASP 2017-A1 High
JWT Forgery via unvalidated jku parameter CWE-22; OWASP 2017-A1 High
JWT Signature Bypass via None Algorithm CWE-347; OWASP 2017-A2 High
JWT Signature is not Verified CWE-347; OWASP 2017-A2 High
Local File Inclusion PCI v3.2-6.5.8; CAPEC-252; CWE-22; HIPAA-164.306(a); ISO27001-A.14.2.5; WASC-33; OWASP 2013-A4; OWASP 2017-A5 High
Local File Inclusion (IAST) PCI v3.2-6.5.8; CAPEC-252; CWE-22; HIPAA-164.306(a); ISO27001-A.14.2.5; WASC-33; OWASP 2013-A4; OWASP 2017-A5 High
Oracle WebLogic Authentication Bypass (CVE-2020-14883) CWE-288; OWASP 2013-A2; OWASP 2017-A2 High
Out of Band XML External Entity Injection PCI v3.2-6.5.1; CAPEC-376; CWE-611; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-43; OWASP 2013-A1; OWASP 2017-A4 High
Out-of-date Version (Microsoft SQL Server) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP 2013-A9; OWASP 2017-A9 High
Out-of-date Version (MySQL) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP 2013-A9; OWASP 2017-A9 High
Out-of-date Version (Oracle) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP 2013-A9; OWASP 2017-A9 High
Out-of-date Version (PostgreSQL) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP 2013-A9; OWASP 2017-A9 High
Password Transmitted over HTTP PCI v3.2-6.5.4; CAPEC-65; CWE-319; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 High
ROBOT Attack Detected (Strong Oracle) PCI v3.2-6.5.4; CAPEC-217; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 High
ROBOT Attack Detected (Weak Oracle) PCI v3.2-6.5.4; CAPEC-217; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 High
Ruby on Rails File Content Disclosure (CVE-2019-5418) PCI v3.2-6.5.8; CAPEC-252; CWE-98; HIPAA-164.306(a); ISO27001-A.14.2.5; WASC-33; OWASP 2013-A4; OWASP 2017-A5 High
Server-Side Request Forgery (Apache Server Status) CWE-918; ISO27001-A.14.2.5; OWASP 2013-A5; OWASP 2017-A6 High
Server-Side Request Forgery (AWS) CWE-918; ISO27001-A.14.2.5; OWASP 2017-A5 High
Server-Side Request Forgery (elmah MVC) PCI v3.2-6.5.6; CAPEC-347; CWE-918; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 High
Server-Side Request Forgery (elmah) PCI v3.2-6.5.6; CAPEC-347; CWE-918; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 High
Server-Side Request Forgery (MySQL) CWE-918; ISO27001-A.14.2.5; OWASP 2013-A5; OWASP 2017-A6 High
Server-Side Request Forgery (SSH) CWE-918; ISO27001-A.14.2.5; OWASP 2013-A5; OWASP 2017-A6 High
Session Cookie Not Marked as Secure PCI v3.2-6.5.10; CAPEC-102; CWE-614; ISO27001-A.14.1.2; WASC-15; OWASP 2013-A6; OWASP 2017-A3 High
SVN Detected CAPEC-118; CWE-527; ISO27001-A.9.4.1; WASC-13; OWASP 2013-A5; OWASP 2017-A6 High
Trace.axd Detected PCI v3.2-6.5.6; CAPEC-347; CWE-16; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-15; OWASP 2013-A5; OWASP 2017-A6 High
Unrestricted File Upload PCI v3.2-6.5.1; CWE-434; ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 High
Weak Basic Authentication Credentials PCI v3.2-6.5.10; CAPEC-16; CWE-521; ISO27001-A.9.4.3; WASC-15; OWASP 2013-A6; OWASP 2017-A3 High
Weak Secret is Used to Sign JWT CWE-347; OWASP 2017-A2 High
WebDAV Directory Has Write Permissions PCI v3.2-6.5.8; CWE-732; ISO27001-A.9.4.1; WASC-17; OWASP 2017-A6 High
XML External Entity Injection PCI v3.2-6.5.1; CAPEC-376; CWE-611; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-43; OWASP 2013-A1; OWASP 2017-A4 High
Active Mixed Content over HTTPS CWE-319; ISO27001-A.14.1.3; OWASP 2013-A6; OWASP 2017-A3 Medium
Anonymous Ciphers Supported PCI v3.2-6.5.4; CAPEC-117; CWE-311; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 Medium
Apache Server-Info Detected CAPEC-347; CWE-16; ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Medium
Apache Server-Status Detected CAPEC-347; CWE-16; ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Medium
ASP.NET Cookieless Authentication Is Enabled CWE-16; OWASP 2013-A5; OWASP 2017-A6 Medium
ASP.NET Cookieless Session State Is Enabled CWE-16; OWASP 2013-A5; OWASP 2017-A6 Medium
ASP.NET CustomErrors Is Disabled CWE-16; OWASP 2013-A6; OWASP 2017-A3 Medium
ASP.NET Login Credentials Stored In Plain Text CWE-312; OWASP 2013-A6; OWASP 2017-A3 Medium
ASP.NET ValidateRequest Is Globally Disabled CWE-16; OWASP 2013-A5; OWASP 2017-A6 Medium
ASP.NET: Failure To Require SSL For Authentication Cookies CWE-16; OWASP 2017-A6 Medium
Base Tag Hijacking PCI v3.2-6.5.7; CAPEC-19; CWE-20; HIPAA-164.308(a); ISO27001-A.14.2.5; WASC-8; OWASP 2013-A3; OWASP 2017-A7 Medium
BREACH Attack Detected CWE-310; OWASP 2013-A9; OWASP 2017-A9 Medium
Critical Form Send to HTTP PCI v3.2-6.5.4; CAPEC-65; CWE-319; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 Medium
Critical Form Served over HTTP PCI v3.2-6.5.4; CAPEC-65; CWE-319; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 Medium
CVS Detected CAPEC-118; CWE-527; ISO27001-A.9.4.5; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Medium
Expired SSL Certificate CWE-295; OWASP 2017-A3 Medium
Frame Injection PCI v3.2-6.5.1; CWE-601; HIPAA-164.308(a); ISO27001-A.14.2.5; WASC-38; OWASP 2013-A1; OWASP 2017-A1 Medium
GIT Detected CAPEC-118; CWE-527; ISO27001-A.9.4.5; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Medium
HTTP Header Injection PCI v3.2-6.5.1; CAPEC-105; CWE-93; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-24; OWASP 2013-A1; OWASP 2017-A1 Medium
HTTP Header Injection (IAST) PCI v3.2-6.5.1; CAPEC-105; CWE-93; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-24; OWASP 2013-A1; OWASP 2017-A1 Medium
HTTP Strict Transport Security (HSTS) Errors and Warnings CWE-16; ISO27001-A.14.1.2; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Medium
HTTP Strict Transport Security (HSTS) Policy Not Enabled CAPEC-217; CWE-523; ISO27001-A.14.1.2; WASC-4; OWASP 2013-A6; OWASP 2017-A3 Medium
Insecure HTTP Usage ISO27001-A.14.1.3; WASC-4; OWASP 2013-A5; OWASP 2017-A3 Medium
Insecure Transportation Security Protocol Supported (SSLv3) PCI v3.2-6.5.4; CAPEC-217; CWE-326; HIPAA-164.306; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 Medium
Invalid SSL Certificate PCI v3.2-6.5.4; CAPEC-459; CWE-295; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 Medium
Microsoft Access Database File Detected PCI v3.2-6.5.8; CWE-284; ISO27001-A.18.1.3; WASC-2; OWASP 2013-A7; OWASP 2017-A3 Medium
Open Policy Crossdomain.xml Detected CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Medium
Open Redirection CWE-601; ISO27001-A.14.2.5; WASC-38; OWASP 2013-A10 Medium
Open Redirection (DOM based) CWE-601; ISO27001-A.14.2.5; WASC-38; OWASP 2013-A10 Medium
Open Silverlight Client Access Policy CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Medium
Password Transmitted over Query String PCI v3.2-6.5.4; CWE-598; ISO27001-A.14.2.5; WASC-13; OWASP 2013-A6; OWASP 2017-A3 Medium
PHP enable_dl Is Enabled CWE-16; OWASP 2013-A5; OWASP 2017-A6 Medium
PHP register_globals Is Enabled CWE-473; OWASP 2013-A5; OWASP 2017-A6 Medium
PHP session.use_only_cookies Is Disabled CWE-598; OWASP 2013-A5; OWASP 2017-A6 Medium
PHP session.use_trans_sid Is Enabled CWE-598; OWASP 2013-A5; OWASP 2017-A6 Medium
Revoked SSL Certificate CWE-295; OWASP 2017-A3 Medium
RSA Private Key Detected CAPEC-118; CWE-200; ISO27001-A.18.1.3; WASC-13; OWASP 2013-A6; OWASP 2017-A3 Medium
Server-Side Request Forgery CWE-918; ISO27001-A.14.2.5; WASC-20; OWASP 2013-A1; OWASP 2017-A1 Medium
Server-Side Request Forgery (Time Based) CWE-918; ISO27001-A.14.2.5; WASC-20; OWASP 2013-A1; OWASP 2017-A1 Medium
Source Code Disclosure (ASP.NET) CAPEC-118; CWE-540; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Medium
Source Code Disclosure (ColdFusion) CAPEC-118; CWE-540; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Medium
Source Code Disclosure (Generic) CAPEC-118; CWE-540; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.4.5; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Medium
Source Code Disclosure (Java Servlet) CAPEC-118; CWE-540; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.4.5; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Medium
Source Code Disclosure (Java) CAPEC-118; CWE-540; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.4.5; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Medium
Source Code Disclosure (JSP) CAPEC-118; CWE-540; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.4.5; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Medium
Source Code Disclosure (Perl) CAPEC-118; CWE-540; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.4.5; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Medium
Source Code Disclosure (PHP) CAPEC-118; CWE-540; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.4.5; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Medium
Source Code Disclosure (Python) CAPEC-118; CWE-540; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.4.5; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Medium
Source Code Disclosure (Ruby) CAPEC-118; CWE-540; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.4.5; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Medium
Source Code Disclosure (Tomcat) CAPEC-118; CWE-540; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.4.5; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Medium
SQLite Database File Found PCI v3.2-6.5.8; CWE-284; ISO27001-A.18.1.3; WASC-2; OWASP 2013-A7; OWASP 2017-A3 Medium
SSL Certificate Is About To Expire CWE-295; OWASP 2017-A3 Medium
SSL Certificate Name Hostname Mismatch CWE-295; OWASP 2017-A3 Medium
SSL Untrusted Root Certificate CWE-295; OWASP 2017-A3 Medium
SSL/TLS Not Implemented PCI v3.2-6.5.4; CAPEC-217; CWE-311; HIPAA-164.306; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 Medium
Stack Trace Disclosure (ColdFusion) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Medium
Stack Trace Disclosure (Django) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Medium
Stack Trace Disclosure (Java) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Medium
Stack Trace Disclosure (Laravel) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Medium
Stack Trace Disclosure (Python) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Medium
Stack Trace Disclosure (RoR) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Medium
Stack Trace Disclosure (Ruby-Sinatra Framework) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Medium
Sublime SFTP Config File Detected CWE-16; ISO27001-A.18.1.3; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Medium
Unicode Transformation (Best-Fit Mapping) CWE-20 Medium
ViewState MAC Disabled CWE-16; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-15; OWASP 2017-A6 Medium
Weak Ciphers Enabled PCI v3.2-6.5.4; CAPEC-217; CWE-327; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 Medium
WordPress Setup Configuration File PCI v3.2-6.5.8; CAPEC-212; CWE-665; HIPAA-164.312(a)(1); ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Medium
ZSH History File Detected PCI v3.2-6.5.8; CWE-284; ISO27001-A.18.1.3; WASC-2; OWASP 2013-A7; OWASP 2017-A3 Medium
.DS_Store File Found PCI v3.2-6.5.8; CWE-284; ISO27001-A.18.1.3; WASC-2; OWASP 2013-A7; OWASP 2017-A5 Low
Apache Multiple Choices Enabled CWE-16; ISO27001-A.9.4.1; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
Apache MultiViews Enabled CWE-16; ISO27001-A.9.4.1; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
ASP.NET ViewStateUserKey Is Not Set CWE-16; OWASP 2013-A5; OWASP 2017-A6 Low
Autocomplete is Enabled CWE-16; ISO27001-A.14.1.2; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Low
Backup File Disclosure PCI v3.2-6.5.8; CAPEC-87; CWE-530; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-34; OWASP 2013-A7; OWASP 2017-A5 Low
Cookie Not Marked as HttpOnly CAPEC-107; CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Low
Cookie Not Marked as Secure PCI v3.2-6.5.10; CAPEC-102; CWE-614; ISO27001-A.14.1.2; WASC-15; OWASP 2013-A6; OWASP 2017-A3 Low
Cookie Values Used in Anti-CSRF Token CWE-352; HIPAA-164.306(a); ISO27001-A.14.1.2; OWASP 2013-A5; OWASP 2017-A6 Low
Cross-site Request Forgery PCI v3.2-6.5.9; CAPEC-62; CWE-352; HIPAA-164.306(a); ISO27001-A.14.2.5; WASC-9; OWASP 2013-A8; OWASP 2017-A5 Low
Cross-site Request Forgery in Login Form PCI v3.2-6.5.9; CAPEC-62; CWE-352; HIPAA-164.306(a); ISO27001-A.14.2.5; WASC-9; OWASP 2013-A8; OWASP 2017-A5 Low
Database Error Message Disclosure PCI v3.2-6.5.5; CAPEC-118; CWE-210; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Database Name Disclosure (Microsoft SQL Server) PCI v3.2-6.5.5; CAPEC-118; CWE-201; HIPAA-164.306(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Database Name Disclosure (MySQL) PCI v3.2-6.5.5; CAPEC-118; CWE-201; HIPAA-164.306(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Django Debug Mode Enabled PCI v3.2-6.5.5; CAPEC-214; CWE-16; ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
Exception Report Disclosure (Tomcat) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
Form Hijacking CWE-20; ISO27001-A.14.2.5; WASC-20; OWASP 2013-A1; OWASP 2017-A1 Low
Information Disclosure (Microsoft Office) PCI v3.2-6.5.5; CAPEC-118; CWE-200; ISO27001-A.18.1.3; WASC-13 Low
Insecure Frame (External) CWE-16; ISO27001-A.14.1.2; WASC-15; OWASP 2017-A6 Low
Insecure JSONP Endpoint CWE-20; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A1 Low
Insecure Reflected Content CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A1 Low
Insecure Transportation Security Protocol Supported (TLS 1.0) PCI v3.2-6.5.4; CAPEC-217; CWE-326; HIPAA-164.306; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 Low
Internal IP Address Disclosure CWE-200; ISO27001-A.18.1.4; OWASP 2013-A6; OWASP 2017-A3 Low
Internal Server Error CWE-550; ISO27001-A.14.1.2; WASC-13 Low
Laravel Debug Mode Enabled PCI v3.2-6.5.5; CAPEC-214; CWE-16; ISO27001-A.14.1.2; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
Laravel Environment Configuration File Detected CWE-16; ISO27001-A.9.4.1; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Low
Microsoft IIS Log File Detected PCI v3.2-6.5.8; CAPEC-87; CWE-425; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-34; OWASP 2013-A7; OWASP 2017-A5 Low
Microsoft Outlook Personal Folders File (.pst) Found PCI v3.2-6.5.8; CWE-284; ISO27001-A.18.1.3; WASC-2; OWASP 2013-A7; OWASP 2017-A5 Low
Misconfigured Access-Control-Allow-Origin Header CWE-16; ISO27001-A.14.1.2; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Low
Misconfigured Frame CWE-16; ISO27001-A.14.1.2; WASC-15; OWASP 2017-A6 Low
Misconfigured X-Frame-Options Header CAPEC-103; CWE-693; ISO27001-A.14.2.5; OWASP 2013-A5; OWASP 2017-A6 Low
Missing Content-Type Header CWE-16; ISO27001-A.14.1.2; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Low
Missing X-Frame-Options Header CAPEC-103; CWE-693; ISO27001-A.14.2.5; OWASP 2013-A5; OWASP 2017-A6 Low
Multiple Declarations in X-Frame-Options Header CAPEC-103; CWE-693; ISO27001-A.14.2.5; OWASP 2013-A5; OWASP 2017-A6 Low
Open Redirection in POST method CWE-601; ISO27001-A.14.2.5; WASC-38; OWASP 2013-A10; OWASP 2017-A5 Low
Passive Mixed Content over HTTPS CWE-319; ISO27001-A.14.1.3; OWASP 2013-A6; OWASP 2017-A3 Low
Passive Web Backdoor Detected PCI v3.2-6.5.6; CWE-507; HIPAA-164.308(a); ISO27001-A.12.2.1; OWASP 2017-A10 Low
Phishing by Navigating Browser Tabs CWE-16; ISO27001-A.14.1.2; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Low
PHP allow_url_fopen Is Enabled CWE-16; OWASP 2013-A5; OWASP 2017-A6 Low
PHP allow_url_include Is Enabled CWE-16; OWASP 2013-A5; OWASP 2017-A6 Low
PHP display_errors Is Enabled CWE-211; OWASP 2013-A5; OWASP 2017-A6 Low
PHP open_basedir Is Not Configured CWE-16; OWASP 2013-A5; OWASP 2017-A6 Low
phpinfo() Output Detected CAPEC-346; CWE-213; ISO27001-A.18.1.3; WASC-13; OWASP 2013-A6; OWASP 2017-A3 Low
Programming Error Message PCI v3.2-6.5.5; CAPEC-118; CWE-210; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Programming Error Message (Ruby) PCI v3.2-3.2 6.5.5; CAPEC-118; CWE-210; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Reflected File Download PCI v3.2-6.5.1; CAPEC-375; CWE-840; ISO27001-A.14.2.5; WASC-42; OWASP 2013-A1; OWASP 2017-A1 Low
RoR Database Configuration File Detected CWE-16; ISO27001-A.9.4.1; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Low
RoR Development Mode Enabled PCI v3.2-6.5.5; CAPEC-214; CWE-16; ISO27001-A.14.1.1; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
Social Security Number Disclosure PCI v3.2-6.5.3; CAPEC-118; CWE-213; ISO27001-A.18.1.3; WASC-13; OWASP 2013-A6; OWASP 2017-A3 Low
Stack Trace Disclosure (Apache MyFaces) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.2.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
Stack Trace Disclosure (ASP.NET) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.2.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
Stack Trace Disclosure (CakePHP Framework) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.2.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
Stack Trace Disclosure (CherryPy) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.2.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
Stack Trace Disclosure (Grails) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
Struts2 Development Mode Enabled PCI v3.2-6.5.5; CAPEC-214; CWE-16; ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
Subresource Integrity (SRI) Hash Invalid CWE-16; ISO27001-A.14.2.5; WASC-15 Low
TRACE/TRACK Method Detected CAPEC-107; CWE-16; ISO27001-A.14.1.2; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
Unexpected Redirect Response Body (Two Responses) CWE-698; ISO27001-A.14.2.5; WASC-25 Low
User Controllable Cookie CWE-20; ISO27001-A.14.2.5; WASC-20 Low
Username Disclosure (Microsoft SQL Server) PCI v3.2-6.5.5; CAPEC-118; CWE-201; HIPAA-164.306(a); ISO27001-A.18.1.4; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Low
Username Disclosure (MySQL) PCI v3.2-6.5.5; CAPEC-118; CWE-201; HIPAA-164.306(a); ISO27001-A.18.1.4; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Low
Version Disclosure (Apache Coyote) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Apache Module) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Apache Traffic Server) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Apache) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Artifactory DevOps Solution) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (ASP.NET MVC) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (ASP.NET) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Atlassian Proxy) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Axway SecureTransport Server) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (CakePHP Framework) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Cherokee) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (CherryPy) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Cowboy HTTP Server) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Daiquiri) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Django) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (FrontPage) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (GlassFish) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Grafana) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Gunicorn Python WSGI HTTP Server) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Hiawatha) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (IBM HTTP Server) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (IBM Rational Team Concert (RTC)) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (IBM Security Access Manager (WebSEAL)) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (IIS) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Java Servlet) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Java) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (JBoss) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Jenkins) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Jetty) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Jolokia) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (JSP) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Kong) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Liferay Digital Experience Platform) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Liferay Portal) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Lighttpd) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (mod_ssl) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Mongrel Web Server) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Next.js React Framework) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Nexus Repository OSS) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Nginx) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (NuSOAP) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (OpenResty) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (OpenSSL) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Oracle) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Perl) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (PHP) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Phusion Passenger) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Plone CMS) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Python WSGIserver) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Python) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Resin Application Server) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Restlet Framework) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (RoR) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Ruby) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (RubyGems) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (SharePoint) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Squid) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Sugar CRM) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Taleo Web Server) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Telerik Web UI) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Tomcat) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Tornado) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Trac Software Project Management Tool) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Tracy Debugging Tool) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (TwistedWeb HTTP Server) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Undertow Web Server) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (W3 Total Cache) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (WebLogic) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (WEBrick) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Werkzeug Python WSGI Library) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Zope) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
ViewState is not Encrypted CWE-16; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-15; OWASP 2017-A6 Low
Windows Short Filename PCI v3.2-6.5.8; CAPEC-87; CWE-538; HIPAA-164.306(a), 164.308(a); ISO27001-A.8.2.3; WASC-34; OWASP 2013-A7; OWASP 2017-A6 Low
Windows Username Disclosure PCI v3.2-6.5.5; CAPEC-118; CWE-200; ISO27001-A.18.1.3; WASC-13; OWASP 2013-A6; OWASP 2017-A3 Low
WP Engine Configuration File Detected CWE-16; ISO27001-A.9.4.1; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Low
Content Security Policy (CSP) Not Implemented CWE-16; ISO27001-A.14.2.5; WASC-15 Best Practice
Expect-CT Not Enabled CWE-16; ISO27001-A.14.1.2; WASC-15 Best Practice
Insecure Transportation Security Protocol Supported (TLS 1.1) PCI v3.2-6.5.4; CAPEC-217; CWE-326; HIPAA-164.306; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 Best Practice
Missing X-XSS-Protection Header CWE-16; HIPAA-164.308(a); ISO27001-A.14.2.5; WASC-15 Best Practice
Referrer-Policy Not Implemented CWE-200; ISO27001-A.14.2.5; OWASP 2013-A6; OWASP 2017-A3 Best Practice
SameSite Cookie Not Implemented CWE-16; ISO27001-A.14.2.5; WASC-15 Best Practice
SameSite None Cookie Not Marked as Secure CWE-16; ISO27001-A.14.2.5; WASC-15 Best Practice
Subresource Integrity (SRI) Not Implemented CWE-16; ISO27001-A.14.2.5; WASC-15 Best Practice
.htaccess File Detected CWE-16; OWASP 2013-A5; OWASP 2017-A6 Information
aah Go Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
AbanteCart Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Adminer Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C6; OWASP 2017-A6 Information
Administration Page Detected PCI v3.2-6.5.8; CAPEC-87; CWE-425; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.4.1; WASC-34; OWASP PC-C6; OWASP 2013-A7; OWASP 2017-A5 Information
Ampache Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
An Unsafe Content Security Policy (CSP) Directive in Use CWE-16; ISO27001-A.14.2.5; WASC-15 Information
Apache Coyote Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Apache Module Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Apache Traffic Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Apache Web Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Apple’s App-Site Association (AASA) Detected ISO27001-A.18.1.3; OWASP PC-C7 Information
Artifactory DevOps Solution Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
ASP.NET Debugging Enabled CWE-16; ISO27001-A.9.4.1; WASC-14; OWASP PC-C7; OWASP 2013-A5; OWASP 2017-A6 Information
ASP.NET Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
ASP.NET MVC Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Atlassian Proxy Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
ATutor Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Authorization Required ISO27001-A.9.4.1 Information
Autocomplete Enabled (Password Field) CWE-16; ISO27001-A.14.1.2; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Information
AWStats Detected CAPEC-224; CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-45; OWASP PC-C6; OWASP 2017-A6 Information
Axway SecureTransport Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
b2evolution Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Basic Authorization Required ISO27001-A.9.4.1 Information
BitNinja Captcha Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Bomgar Remote Support Software Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Caddy Web Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
CakePHP Framework Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
CDN Detected (Airee) CAPEC-224; CWE-200; ISO27001-A.18.1.3; WASC-45 Information
CDN Detected (Akamai) CAPEC-224; CWE-200; ISO27001-A.18.1.3; WASC-45 Information
CDN Detected (Arvan Cloud) CAPEC-224; CWE-200; ISO27001-A.18.1.3; WASC-45 Information
CDN Detected (Azure CDN) CAPEC-224; CWE-200; ISO27001-A.18.1.3; WASC-45 Information
CDN Detected (CDN77) CAPEC-224; CWE-200; ISO27001-A.18.1.3; WASC-45 Information
CDN Detected (Fastly) CAPEC-224; CWE-200; ISO27001-A.18.1.3; WASC-45 Information
CDN Detected (Fireblade) CAPEC-224; CWE-200; ISO27001-A.18.1.3; WASC-45 Information
CDN Detected (Google Cloud CDN) CAPEC-224; CWE-200; ISO27001-A.18.1.3; WASC-45 Information
CDN Detected (Incapsula) CAPEC-224; CWE-200; ISO27001-A.18.1.3; WASC-45 Information
CDN Detected (Instart) CAPEC-224; CWE-200; ISO27001-A.18.1.3; WASC-45 Information
CDN Detected (KeyCDN) CAPEC-224; CWE-200; ISO27001-A.18.1.3; WASC-45 Information
CDN Detected (MaxCDN) CAPEC-224; CWE-200; ISO27001-A.18.1.3; WASC-45 Information
CDN Detected (Netlify) CAPEC-224; CWE-200; ISO27001-A.18.1.3; WASC-45 Information
CDN Detected (PowerCDN) CAPEC-224; CWE-200; ISO27001-A.18.1.3; WASC-45 Information
CDN Detected (Qrator) CAPEC-224; CWE-200; ISO27001-A.18.1.3; WASC-45 Information
CDN Detected (Sucuri) CAPEC-224; CWE-200; ISO27001-A.18.1.3; WASC-45 Information
CDN Detected (West263) CAPEC-224; CWE-200; ISO27001-A.18.1.3; WASC-45 Information
Chamilo Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Cherokee Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
CherryPy Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Claroline Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
ClipBucket Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Collabtive Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Concrete5 Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Configuration File Detected PCI v3.2-6.5.8; CAPEC-87; CWE-425; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-34; OWASP 2013-A7; OWASP 2017-A5 Information
contao Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Content Security Policy (CSP) Contains Out of Scope report-uri Domain ISO27001-A.14.2.5; OWASP 2013-A6; OWASP 2017-A3 Information
Content Security Policy (CSP) Keywords Not Used Within Single Quotes CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Information
Content Security Policy (CSP) Nonce Value Not Used Within Single Quotes CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Information
Content Security Policy (CSP) Nonce Without Matching Script Block CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Information
Content Security Policy (CSP) report-uri Uses HTTP ISO27001-A.14.2.5; OWASP 2013-A6; OWASP 2017-A3 Information
Content-Security-Policy-Report-Only Cannot Be Declared Between META Tags CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Information
Content-Security-Policy-Report-Only Cannot Be Declared Without report-uri Directive CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Information
Coppermine Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Cowboy HTTP Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Craft CMS Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Credit Card Disclosure PCI v3.2-6.5.3; CAPEC-118; CWE-213; ISO27001-A.18.1.4; WASC-13; OWASP PC-C7; OWASP 2013-A6; OWASP 2017-A3 Information
Crossdomain.xml Detected ISO27001-A.12.5.1; OWASP PC-C6 Information
Cross-site Referrer Leakage through usage of no-referrer-when-downgrade in Referrer-Policy CWE-200; ISO27001-A.14.2.5; OWASP PC-C9; OWASP 2013-A6; OWASP 2017-A6 Information
Cross-site Referrer Leakage through usage of strict-origin in Referrer-Policy CWE-200; ISO27001-A.14.1.2; OWASP PC-C9; OWASP 2013-A6; OWASP 2017-A6 Information
Cross-site Referrer Leakage through usage of strict-origin-when-cross-origin in Referrer-Policy CWE-200; ISO27001-A.14.1.2; OWASP PC-C9; OWASP 2013-A6; OWASP 2017-A6 Information
Cross-site Referrer Leakage through usage of the origin keyword in Referrer-Policy CWE-200; ISO27001-A.14.1.2; OWASP PC-C9; OWASP 2013-A6; OWASP 2017-A6 Information
Cross-site Referrer Leakage through usage of unsafe-url in Referrer-Policy CWE-200; ISO27001-A.14.2.5; OWASP PC-C9; OWASP 2013-A6; OWASP 2017-A6 Information
CrushFTP Server Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
CubeCart Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Daiquiri Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
data: Used in a Content Security Policy (CSP) Directive ISO27001-A.14.2.5 Information
Database Connection String Detected CWE-16; HIPAA-164.306(a); ISO27001-A.18.1.3; WASC-15; OWASP PC-C7; OWASP 2013-A5; OWASP 2017-A3 Information
Database Detected (Microsoft Access) CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP 2017-A6 Information
Database Detected (Microsoft SQL Server) CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP 2017-A6 Information
Database Detected (MySQL) CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP 2017-A6 Information
Database Detected (Oracle) CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP 2017-A6 Information
Database Detected (PostgreSQL) CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP 2017-A6 Information
DataDome Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
DbNinja Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C6; OWASP 2017-A6 Information
Default Page Detected (Apache) CWE-200; ISO27001-A.18.1.3; WASC-13; OWASP PC-C7 Information
Default Page Detected (CakePHP Framework) CWE-200; ISO27001-A.18.1.3; WASC-13; OWASP PC-C7 Information
Default Page Detected (IIS 10.0) CWE-200; ISO27001-A.18.1.3; WASC-13; OWASP PC-C7 Information
Default Page Detected (IIS 6) CWE-200; ISO27001-A.18.1.3; WASC-13; OWASP PC-C7 Information
Default Page Detected (IIS 7) CWE-200; ISO27001-A.18.1.3; WASC-13; OWASP PC-C7 Information
Default Page Detected (IIS 7.5) CWE-200; ISO27001-A.18.1.3; WASC-13; OWASP PC-C7 Information
Default Page Detected (IIS 7.X) CWE-200; ISO27001-A.18.1.3; WASC-13; OWASP PC-C7 Information
Default Page Detected (IIS 8) CWE-200; ISO27001-A.18.1.3; WASC-13; OWASP PC-C7 Information
Default Page Detected (IIS 8.5) CWE-200; ISO27001-A.18.1.3; WASC-13; OWASP PC-C7 Information
Default Page Detected (Tomcat) CWE-200; ISO27001-A.18.1.3; WASC-13; OWASP PC-C7 Information
default-src Used in Content Security Policy (CSP) ISO27001-A.14.2.5; OWASP PC-C9 Information
Denial of Service (MySQL) CWE-400; ISO27001-A.14.1.2; WASC-10; OWASP PC-C9 Information
Deprecated Header Instruction Used to Implement Content Security Policy (CSP) CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP PC-C9 Information
Digest Authorization Required ISO27001-A.9.4.1 Information
Directory Listing (Apache) CAPEC-127; CWE-548; ISO27001-A.9.4.1; WASC-16; OWASP PC-C6; OWASP 2013-A5; OWASP 2017-A6 Information
Directory Listing (ASP.NET Server) CAPEC-127; CWE-548; ISO27001-A.9.4.1; WASC-16; OWASP PC-C6; OWASP 2013-A5; OWASP 2017-A6 Information
Directory Listing (IIS) CAPEC-127; CWE-548; ISO27001-A.9.4.1; WASC-16; OWASP PC-C6; OWASP 2013-A5; OWASP 2017-A6 Information
Directory Listing (Lighttpd) CAPEC-127; CWE-548; ISO27001-A.9.4.1; WASC-16; OWASP PC-C6; OWASP 2013-A5; OWASP 2017-A6 Information
Directory Listing (LiteSpeed) CAPEC-127; CWE-548; ISO27001-A.9.4.1; WASC-16; OWASP PC-C6; OWASP 2013-A5; OWASP 2017-A6 Information
Directory Listing (Nginx) CAPEC-127; CWE-548; ISO27001-A.9.4.1; WASC-16; OWASP PC-C6; OWASP 2013-A5; OWASP 2017-A6 Information
Directory Listing (Tomcat) CAPEC-127; CWE-548; ISO27001-A.9.4.1; WASC-16; OWASP PC-C6; OWASP 2013-A5; OWASP 2017-A6 Information
Directory Listing (WebDAV) CAPEC-127; CWE-548; ISO27001-A.9.4.1; WASC-16; OWASP PC-C6; OWASP 2013-A5; OWASP 2017-A6 Information
Disabled X-XSS-Protection Header CWE-693; ISO27001-A.14.1.2; WASC-15; OWASP PC-C9 Information
Django Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
DokuWiki Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Dolibarr Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Dolphin Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
DotClear Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Drupal Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
e107 Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Elgg Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Email Address Disclosure CAPEC-118; CWE-200; ISO27001-A.9.4.1; WASC-13; OWASP PC-C7 Information
EspoCRM Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Expect-CT Header via HTTP CWE-16; ISO27001-A.14.1.2; WASC-15; OWASP PC-C10 Information
Expect-CT in Report Only Mode ISO27001-A.14.1.2; OWASP PC-C9 Information
Expect-CT Security Header Errors and Warnings CWE-16; ISO27001-A.14.1.2; WASC-15; OWASP PC-C10 Information
ExpressJS Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Family Connections Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
File Upload Functionality Detected ISO27001-A.8.1.1; OWASP PC-C4 Information
FluxBB Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Forbidden Resource ISO27001-A.8.1.1; OWASP PC-C8 Information
Form Tools Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Front Accounting Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
FrontPage Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Generic Email Address Disclosure CAPEC-118; CWE-200; ISO27001-A.18.1.4; WASC-13; OWASP PC-C7 Information
GibbonEdu Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
GlassFish Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Grafana Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Gunicorn Python WSGI HTTP Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Hesk Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Hiawatha Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
HTTP Strict Transport Security (HSTS) Max-Age Value Too Low CWE-16; ISO27001-A.14.1.2; WASC-15; OWASP PC-C1 Information
HTTP Strict Transport Security (HSTS) via HTTP CWE-16; ISO27001-A.14.1.2; WASC-15; OWASP PC-C10; OWASP 2017-A6 Information
HubSpot Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
IBM HTTP Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
IBM Rational Team Concert (RTC) Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
IBM Security Access Manager (WebSEAL) Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
IIS Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Incorrect Content Security Policy (CSP) Implementation CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Information
Insecure Protocol Detected in Content Security Policy (CSP) CWE-319; ISO27001-A.14.2.5 Information
Installation File Detected PCI v3.2-6.5.8; CAPEC-87; CWE-425; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-34; OWASP 2013-A7; OWASP 2017-A5 Information
Intermediate Certificate is Signed Using a Weak Signature Algorithm CAPEC-459; ISO27001-A.10; WASC-4; OWASP 2013-A6; OWASP 2017-A3 Information
Internal Path Disclosure (*nix) CAPEC-118; CWE-200; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.4.1; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Internal Path Disclosure (Windows) CAPEC-118; CWE-200; HIPAA-164.306(a), 164.308(a); ISO27001-A.8.1.1; WASC-13; OWASP PC-C7 Information
Invalid Content Security Policy (CSP) Directive Identified in meta Elements CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Information
Java Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Java Servlet Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
JBoss Application Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
JBoss Core Services Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
JBoss Enterprise Application Platform Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Jenkins Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Jetty Web Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Jolokia Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Joomla Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
JSP Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Kestrel Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Kong Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Liferay Digital Experience Platform Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Liferay Portal Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Lighthouse Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Lighttpd Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
LimeSurvey Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
LiteSpeed Web Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Log File Detected PCI v3.2-6.5.8; CAPEC-87; CWE-425; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-34; OWASP PC-C6; OWASP 2013-A7; OWASP 2017-A5 Information
Login Page Identified OWASP PC-C6 Information
Magento Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Mashery Proxy Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
MediaWiki Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Mibew Messenger Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Mint Detected CAPEC-224; CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-45; OWASP PC-C7; OWASP 2017-A6 Information
Missing object-src in CSP Declaration CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP PC-C9 Information
MODX Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Mongrel Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Moodle Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Movable Type Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP 2017-A6 Information
Multiple Content Security Policy (CSP) Implementation Detected CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP PC-C9 Information
MyBB Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Next.js React Framework Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Nexus Repository OSS Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Nginx Web Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
No Script Block Detected with the Hash Value Declared in Content Security Policy (CSP) ISO27001-A.14.2.5; OWASP 2013-A5; OWASP 2017-A6 Information
Nonce Usage Detected in Content Security Policy (CSP) Directive ISO27001-A.14.2.5; OWASP PC-C9 Information
NTLM Authorization Required ISO27001-A.9.4.1; OWASP PC-C6 Information
NuSOAP Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Omeka Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
OpenCart Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
OpenResty Web Platform Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
OpenSearch.xml Detected CWE-200; ISO27001-A.18.1.3; OWASP PC-C7 Information
OpenSSL Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
OpenVPN Access Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
OPTIONS Method Enabled CAPEC-107; CWE-16; ISO27001-A.14.1.2; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Information
Oracle Application Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Oracle HTTP Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
osClass Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
osCommerce Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
osTicket Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Out-of-date (Phusion Passenger) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date (Taleo Web Server) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (AbanteCart) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Ampache) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (AngularJS) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Apache Coyote) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Apache Traffic Server) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Apache) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Artifactory DevOps Solution) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (ASP.NET SignalR) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Atlassian Proxy) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (ATutor) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (axios) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Axway SecureTransport Server) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (b2evolution) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Backbone.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (bluebird) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Bootbox.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Bootstrap 3 Date/Time Picker) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Bootstrap Toggle) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Bootstrap) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (CakePHP Framework) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Chamilo) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Chart.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Cherokee) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (CherryPy) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (CKEditor) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Claroline) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (ClipBucket) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Collabtive) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Concerte5) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (contao) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Coppermine) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Cowboy HTTP Server) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (CubeCart) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (D3.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Daiquiri) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (DataTables) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Django) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (DokuWiki) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Dolibarr) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Dolphin) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (DOMPurify) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (DotClear) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Drupal) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (DWR) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (e107) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (easyXDM) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (ef.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Elgg) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Ember.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (EspoCRM) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Ext JS) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Fabric.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Family Connections) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (FancyBox) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Fingerprintjs2) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Flickity) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (FluxBB) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (FooTable) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Form Tools) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Foundation) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Front Accounting) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Fuel UX) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (GibbonEdu) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (GlassFish) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Google Charts) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Grafana) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (GSAP) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Gunicorn Python WSGI HTTP Server) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Hammer.JS) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Handlebars.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Hesk) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Hiawatha) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Highcharts) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (HTML5 Shiv) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (IBM HTTP Server) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (IBM Rational Team Concert (RTC)) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (IBM Security Access Manager (WebSEAL)) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (IIS) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (ImagePicker) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Inferno) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Intro.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Ion.RangeSlider) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Java) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (JavaScript Cookie) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (JBoss) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Jenkins) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Jetty Web Server) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Jolokia) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Joomla) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (jPlayer) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (jQuery Mask) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (jQuery Migrate) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (jQuery Mobile) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (jQuery UI Autocomplete) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (jQuery UI Dialog) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (jQuery UI Tooltip) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (jQuery Validation) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (jQuery) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (JSP) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (jsTree) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Knockout Mapping) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Knockout) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Kong) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Lazy.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Leaflet) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Liferay Digital Experience Platform) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Liferay Portal) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Lightbox) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Lighttpd) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (LimeSurvey) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (List.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Lodash) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Magento) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; WASC-13; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Marionette.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Math.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (MathJax) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (MediaWiki) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Mibew Messenger) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Mithril) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Modernizr) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (MODX) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Moment.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Moodle) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Movable Type) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (mustache.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (MyBB) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Next.js React Framework) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Nexus Repository OSS) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Nginx) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; WASC-13; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (NuSOAP) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; WASC-13; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Omeka) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (OpenCart) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (OpenResty) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (OpenSSL) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (osClass) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (osCommerce) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (osTicket) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (ownCloud) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (pdf.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Perl) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (pH7CMS) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Phaser) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Phorum) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Php Address Book) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (PHP) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (phpBB) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (PhpFusion) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (phpList) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (PhpMyFAQ) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Piwigo) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Pixi.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Plone CMS) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Plupload) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (PmWiki) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Podcast Generator) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Polymer) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (PrestaShop) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (prettyPhoto) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (ProjectSend) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Prototype JS) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Python WSGIserver) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Python) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (qdPM) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Question2Answer) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Ramda) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (React) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (RequireJS) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Resin Application Server) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Respond.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Restlet Framework) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Reveal.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Revive Adserver) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Rickshaw) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Riot.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (RoR) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Roundcube) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Ruby) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (RubyGems) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Rukovoditel) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (ScrollReveal) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Select2) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Semantic UI) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (SeoPanel) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Serendipity) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (slick) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Snap.svg) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Sortable) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Squid) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (SugarCRM) CWE-937, 1035; ISO27001-A.18.1.3; WASC-13 Information
Out-of-date Version (SweetAlert2) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (TCExam) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Telerik Web UI) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Three.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Tomcat) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Tornado Web Server) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Trac Software Project Management Tool) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Tracy Debugging Tool) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (TwistedWeb HTTP Server) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (typeahead.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Typo3) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; WASC-13; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Underscore.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Undertow Web Server) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Vanilla Forums) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Video.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Vue.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (W3 Total Cache) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (webERP) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (WeBid) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (WebLogic) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Werkzeug Python WSGI Library) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (WordPress) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (XOOPS) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (XRegExp) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (YetiForce CRM) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (YOURLS) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (YUI) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Zen Cart) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (ZenPhoto) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Zepto.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Zikula) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Zope) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
ownCloud Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Pardot Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Perl Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
pH7CMS Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Phorum Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Php Address Book Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
PHP Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
phpBB Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
PhpFusion Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
phpList Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
phpLiteAdmin Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C6; OWASP 2017-A6 Information
phpMoAdmin Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C6; OWASP 2017-A6 Information
phpMyAdmin Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C6; OWASP 2017-A6 Information
PhpMyFAQ Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Phusion Passenger Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Piwigo Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Piwik Detected CAPEC-224; CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-45; OWASP PC-C7; OWASP 2017-A6 Information
Play Web Framework Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Plesk (Linux) Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Plesk (Windows) Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Plone CMS Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
PmWiki Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Podcast Generator Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
PrestaShop Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Private Burp Collaborator Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
ProjectSend Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Python Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Python WSGIserver Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
qdPM Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Question2Answer Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; OWASP PC-C7; OWASP 2017-A6 Information
Readme/Help File Detected PCI v3.2-6.5.8; CAPEC-87; CWE-425; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-34; OWASP PC-C7; OWASP 2013-A7; OWASP 2017-A5 Information
Referrer-Policy Needs Proper Fallback CWE-200; ISO27001-A.14.2.5; OWASP PC-C9; OWASP 2013-A6; OWASP 2017-A6 Information
Resin Application Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Restlet Framework Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Reverse Proxy Detected (Apache Traffic Server) CAPEC-224; CWE-200; ISO27001-A.18.1.3; WASC-45 Information
Reverse Proxy Detected (Citrix Netscaler) CAPEC-224; CWE-200; ISO27001-A.18.1.3; WASC-45 Information
Reverse Proxy Detected (Envoy) CAPEC-224; CWE-200; ISO27001-A.18.1.3; WASC-45 Information
Reverse Proxy Detected (F5 BIG-IP) CAPEC-224; CWE-200; ISO27001-A.18.1.3; WASC-45 Information
Reverse Proxy Detected (HAProxy) CAPEC-224; CWE-200; ISO27001-A.18.1.3; WASC-45 Information
Reverse Proxy Detected (Skipper) CAPEC-224; CWE-200; ISO27001-A.18.1.3; WASC-45 Information
Revive Adserver Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Robots.txt Detected ISO27001-A.18.1.3; OWASP PC-C7 Information
Roundcube Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Ruby on Rails Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
RubyGems Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Rukovoditel Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; OWASP PC-C7; OWASP 2017-A6 Information
Scheme URI Detected in Content Security Policy (CSP) Directive ISO27001-A.14.2.5 Information
Security.txt Detected ISO27001-A.18.1.3; OWASP PC-C7 Information
SeoPanel Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Serendipity Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
SharePoint Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Shell Script Detected CWE-200; ISO27001-A.8.1.1; WASC-13; OWASP PC-C6 Information
Silverlight Client Access Policy Detected ISO27001-None; OWASP PC-C6 Information
Sitemap Detected ISO27001-A.18.1.3; OWASP PC-C7 Information
SonicWall SSL-VPN Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
SQL File Detected PCI v3.2-6.5.8; CAPEC-87; CWE-425; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-34; OWASP PC-C7; OWASP 2013-A7; OWASP 2017-A5 Information
Squarespace Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Squid Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Static Nonce Identified in Content Security Policy (CSP) CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Information
Sugar CRM Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
swagger.json Detected ISO27001-A.8.1.1; OWASP PC-C7 Information
Tableau Server Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Taleo Web Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
TCExam Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Telerik Web UI Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Test File Detected PCI v3.2-6.5.8; CAPEC-87; CWE-425; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-34; OWASP PC-C7; OWASP 2013-A7; OWASP 2017-A5 Information
Tomcat Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Tornado Web Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Trac Software Project Management Tool Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Tracy Debugging Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Travis CI Configuration File Detected CWE-16; ISO27001-A.9.4.1; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Information
TS Web Access Identified PCI v3.2-6.5.8; CAPEC-87; CWE-425; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.4.1; WASC-34; OWASP PC-C6; OWASP 2013-A7; OWASP 2017-A5 Information
TwistedWeb HTTP Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Typo3 Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
UNC Server and Share Disclosure CWE-16; ISO27001-A.18.1.3; WASC-15; OWASP PC-C7; OWASP 2013-A5; OWASP 2017-A6 Information
Undertow Web Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Unexpected Redirect Response Body (Too Large) CWE-698; ISO27001-A.14.2.5; WASC-40; OWASP PC-C6 Information
Unknown Option Used In Referrer-Policy CWE-200; ISO27001-A.14.2.5; OWASP PC-C9; OWASP 2013-A6; OWASP 2017-A6 Information
Unsupported Hash Detected in Content Security Policy (CSP) CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Information
Vanilla Forums Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Varnish HTTP Cache Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Vegur Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
W3 Total Cache Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Weak Nonce Detected in Content Security Policy (CSP) Declaration CWE-330; ISO27001-A.14.2.5; WASC-16; OWASP 2013-A5; OWASP 2017-A6 Information
Web Application Firewall Detected ISO27001-A.18.1.3; OWASP PC-C7 Information
Web.config File Detected CAPEC-87; CWE-425; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-34; OWASP PC-C6; OWASP 2013-A7; OWASP 2017-A5 Information
Webalizer Detected CAPEC-224; CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-45; OWASP PC-C6; OWASP 2017-A6 Information
WebDAV Enabled CWE-16; ISO27001-A.9.4.4; WASC-15; OWASP PC-C6 Information
webERP Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
WeBid Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
WebLogic Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Werkzeug Python WSGI Library Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Whoops Error Handler Framework Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Wildcard Detected in Domain Portion of Content Security Policy (CSP) Directive ISO27001-A.14.2.5 Information
Wildcard Detected in Port Portion of Content Security Policy (CSP) Directive ISO27001-A.14.2.5 Information
Wildcard Detected in Scheme Portion of Content Security Policy (CSP) Directive ISO27001-A.14.2.5 Information
WildFly Application Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Windows Azure Web Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
WordPress Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
WS_FTP Log File Detected CAPEC-118; CWE-538; ISO27001-A.9.4.1; WASC-13; OWASP PC-C6 Information
XOOPS Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
YetiForce CRM Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
YOURLS Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Zen Cart Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
ZenPhoto Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Zikula Detected CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Zope Web Server Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo