Complimentary 90-day, on-prem license available for entities involved in Covid19 response.

Search Vulnerability


Vulnerability Name Classifications Severity
Blind Command Injection PCI v3.2-, CAPEC-88, CWE-78, HIPAA-78, ISO27001-A.14.2.5, WASC-31, OWASP 2013-A1, OWASP 2017-A1 Critical
Blind SQL Injection PCI v3.2-, CAPEC-66, CWE-89, HIPAA-89, ISO27001-A.14.2.5, WASC-19, OWASP 2013-A1, OWASP 2017-A1 Critical
Boolean Based SQL Injection PCI v3.2-, CAPEC-66, CWE-89, HIPAA-89, ISO27001-A.14.2.5, WASC-19, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (Apache Struts S02-53) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (Apache Struts) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (Apache Struts) S2-016 PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (Apache Struts) S2-045 PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (Apache Struts) S2-046 PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (ASP) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (Node.js) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (Perl) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (PHP) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (Python) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (RoR - JSON) PCI v3.2-, CAPEC-356, CWE-94, HIPAA-94, ISO27001-A.14.2.5, WASC-23, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (RoR) PCI v3.2-, CAPEC-356, CWE-94, HIPAA-94, ISO27001-A.14.2.5, WASC-23, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation (Ruby) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Evaluation via Local File Inclusion (PHP) PCI v3.2-, CAPEC-251, CWE-94, HIPAA-94, ISO27001-A.14.2.5, WASC-33, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via File Upload PCI v3.2-, CAPEC-210, CWE-94, HIPAA-94, ISO27001-A.14.2.5, WASC-42, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via Local File Inclusion PCI v3.2-, CAPEC-170, CWE-94, HIPAA-94, ISO27001-A.14.2.5, WASC-33, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (Java FreeMarker) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (Java Velocity) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js Dot) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js EJS) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js Marko) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js Nunjucks) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js Pug (Jade)) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (PHP Smarty) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (PHP Twig) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (Python Jinja) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (Python Mako) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (Python Tornado) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (Ruby ERB) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via SSTI (Ruby Slim) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Code Execution via WebDAV PCI v3.2-, CAPEC-17, CWE-94, HIPAA-94, ISO27001-A.14.2.5, WASC-17, OWASP 2017-A6 Critical
Drupal Core - Remote Code Execution (CVE-2019-6340) PCI v3.2-, CAPEC-242, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Malware Identified CWE-506 Critical
OpenSSL Heartbleed PCI v3.2-, CAPEC-216, CWE-119, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A9 Critical
Out of Band Code Evaluation (Apache Struts 2) PCI v3.2-, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Evaluation (Apache Struts 2) S2-053 PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Evaluation (ASP) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Evaluation (Perl) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Evaluation (PHP) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Evaluation (Python) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Evaluation (RoR - JSON) PCI v3.2-, CAPEC-356, CWE-94, HIPAA-94, ISO27001-A.14.2.5, WASC-23, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Evaluation (RoR) PCI v3.2-, CAPEC-356, CWE-94, HIPAA-94, ISO27001-A.14.2.5, WASC-23, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Evaluation (Ruby) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Java FreeMarker) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Java Velocity) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js Dot) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js EJS) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js Marko) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js Nunjucks) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js Pug (Jade)) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (PHP Smarty) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (PHP Twig) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Python Jinja) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Python Mako) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Python Tornado) PCI v3.2-, CAPEC-23, CWE-94, HIPAA-94, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band Command Injection PCI v3.2-, CAPEC-88, CWE-78, HIPAA-78, ISO27001-A.14.2.5, WASC-31, OWASP 2013-A1, OWASP 2017-A1 Critical
Out of Band SQL Injection PCI v3.2-, CAPEC-66, CWE-89, HIPAA-89, ISO27001-A.14.2.5, WASC-19, OWASP 2013-A1, OWASP 2017-A1 Critical
Remote Code Execution and DoS in HTTP.sys (IIS) PCI v3.2-, CAPEC-340, CWE-20, HIPAA-20, ISO27001-A.14.2.5, WASC-7, OWASP 2013-A1, OWASP 2017-A1 Critical
Server-Side Request Forgery (Oracle Cloud) CWE-918, ISO27001-A.14.2.5, OWASP 2013-A5, OWASP 2017-A6 Critical
Server-Side Request Forgery (Packet Cloud) CWE-918, ISO27001-A.14.2.5, OWASP 2013-A5, OWASP 2017-A6 Critical
Server-Side Request Forgery (trace.axd) PCI v3.2-, CAPEC-347, CWE-918, HIPAA-918, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Critical
Server-Side Template Injection (Java FreeMarker) PCI v3.2-, CWE-74, HIPAA-74, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Server-Side Template Injection (Java Velocity) PCI v3.2-, CWE-74, HIPAA-74, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Server-Side Template Injection (Node.js Dot) PCI v3.2-, CWE-74, HIPAA-74, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Server-Side Template Injection (Node.js EJS) PCI v3.2-, CWE-74, HIPAA-74, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
Server-Side Template Injection (Ruby ERB) PCI v3.2-, CWE-74, HIPAA-74, ISO27001-A.14.2.5, OWASP 2013-A1, OWASP 2017-A1 Critical
SQL Injection PCI v3.2-, CAPEC-66, CWE-89, HIPAA-89, ISO27001-A.14.2.5, WASC-19, OWASP 2013-A1, OWASP 2017-A1 Critical
Web Backdoor Detected PCI v3.2-, CAPEC-443, CWE-507, HIPAA-507, ISO27001-A.12.2.1, OWASP 2017-A10 Critical
Web Cache Deception PCI v3.2-, CAPEC-CAPEC, ISO27001-A.14.1.3, WASC-6, OWASP 2013-A5, OWASP 2017-A6 Critical
Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO