Search Vulnerability


Vulnerability Name Classifications Severity
Bash Command Injection Vulnerability (Shellshock Bug) PCI v3.2-6.5.1; CAPEC-88; CWE-78; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-31; OWASP 2013-A1; OWASP 2017-A9 Critical
Blind Command Injection PCI v3.2-6.5.1; CAPEC-88; CWE-78; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-31; OWASP 2013-A1; OWASP 2017-A1 Critical
Blind SQL Injection PCI v3.2-6.5.1; CAPEC-66; CWE-89; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-19; OWASP 2013-A1; OWASP 2017-A1 Critical
Boolean Based SQL Injection PCI v3.2-6.5.1; CAPEC-66; CWE-89; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-19; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Apache Struts S02-53) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Apache Struts) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Apache Struts) S2-016 PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Apache Struts) S2-045 PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Apache Struts) S2-046 PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (ASP) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Node.js) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Perl) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (PHP) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (PHP) - IAST PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Python) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (RoR - JSON) PCI v3.2-6.5.1; CAPEC-356; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-23; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (RoR) PCI v3.2-6.5.1; CAPEC-356; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-23; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Ruby) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation via Local File Inclusion (PHP) PCI v3.2-6.5.1; CAPEC-251; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-33; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via File Upload PCI v3.2-6.5.1; CAPEC-210; CWE-94; HIPAA-164.306(a); ISO27001-A.14.2.5; WASC-42; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via Local File Inclusion PCI v3.2-6.5.1; CAPEC-170; CWE-94; HIPAA-164.306(a); ISO27001-A.14.2.5; WASC-33; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (ASP.NET Razor) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Java FreeMarker) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Java Pebble) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Java Velocity) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (JinJava) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js Dot) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js EJS) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js Marko) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js Nunjucks) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js Pug (Jade)) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (PHP Smarty) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (PHP Twig) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Python Jinja) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Python Mako) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Python Tornado) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Ruby ERB) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Ruby Slim) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via WebDAV PCI v3.2-6.5.8; CAPEC-17; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-17; OWASP 2017-A6 Critical
Command Injection PCI v3.2-6.5.1; CAPEC-88; CWE-78; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-31; OWASP 2013-A1; OWASP 2017-A1 Critical
Command Injection (IAST) PCI v3.2-6.5.1; CAPEC-88; CWE-78; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-31; OWASP 2013-A1; OWASP 2017-A1 Critical
Drupal Core - Remote Code Execution (CVE-2019-6340) PCI v3.2-6.5.1; CAPEC-242; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Malware Identified CWE-506 Critical
OpenSSL Heartbleed PCI v3.2-6.5.2; CAPEC-216; CWE-119; ISO27001-A.14.2.5; OWASP 2013-A6; OWASP 2017-A9 Critical
Oracle WebLogic Remote Code Execution (CVE-2020-14882) PCI v3.2-6.5.1; CAPEC-242; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (Apache Struts 2) PCI v3.2-6.5.1; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (Apache Struts 2) S2-053 PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (ASP) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (Perl) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (PHP) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (Python) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (RoR - JSON) PCI v3.2-6.5.1; CAPEC-356; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-23; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (RoR) PCI v3.2-6.5.1; CAPEC-356; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-23; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (Ruby) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Java FreeMarker) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Java Velocity) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js Dot) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js EJS) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js Marko) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js Nunjucks) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js Pug (Jade)) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (PHP Smarty) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (PHP Twig) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Python Jinja) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Python Mako) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Python Tornado) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Command Injection PCI v3.2-6.5.1; CAPEC-88; CWE-78; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-31; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Remote File Inclusion PCI v3.2-6.5.1; CAPEC-193; CWE-98; HIPAA-164.306(a); ISO27001-A.14.2.5; WASC-5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band SQL Injection PCI v3.2-6.5.1; CAPEC-66; CWE-89; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-19; OWASP 2013-A1; OWASP 2017-A1 Critical
Remote Code Execution and DoS in HTTP.sys (IIS) PCI v3.2-6.5.1; CAPEC-340; CWE-20; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-7; OWASP 2013-A1; OWASP 2017-A1 Critical
Remote File Inclusion PCI v3.2-6.5.1; CAPEC-193; CWE-98; HIPAA-164.306(a); ISO27001-A.14.2.5; WASC-5; OWASP 2013-A1; OWASP 2017-A1 Critical
Server-Side Request Forgery (Oracle Cloud) CWE-918; ISO27001-A.14.2.5; OWASP 2013-A5; OWASP 2017-A6 Critical
Server-Side Request Forgery (Packet Cloud) CWE-918; ISO27001-A.14.2.5; OWASP 2013-A5; OWASP 2017-A6 Critical
Server-Side Request Forgery (trace.axd) PCI v3.2-6.5.6; CAPEC-347; CWE-918; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Critical
Server-Side Template Injection PCI v3.2-6.5.1; CWE-74; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Server-Side Template Injection (ASP.NET Razor) PCI v3.2-6.5.1; CWE-74; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Server-Side Template Injection (Java FreeMarker) PCI v3.2-6.5.1; CWE-74; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Server-Side Template Injection (Java Pebble) PCI v3.2-6.5.1; CWE-74; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Server-Side Template Injection (Java Velocity) PCI v3.2-6.5.1; CWE-74; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Server-Side Template Injection (JinJava) PCI v3.2-6.5.1; CWE-74; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Server-Side Template Injection (Node.js Dot) PCI v3.2-6.5.1; CWE-74; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Server-Side Template Injection (Node.js EJS) PCI v3.2-6.5.1; CWE-74; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Server-Side Template Injection (Ruby ERB) PCI v3.2-6.5.1; CWE-74; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
SQL Injection (IAST) PCI v3.2-6.5.1; CAPEC-66; CWE-89; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-19; OWASP 2013-A1; OWASP 2017-A1 Critical
Web Backdoor Detected PCI v3.2-6.5.6; CAPEC-443; CWE-507; HIPAA-164.308(a); ISO27001-A.12.2.1; OWASP 2017-A10 Critical
Web Cache Deception PCI v3.2-2.2.3; CAPEC-CAPEC; ISO27001-A.14.1.3; WASC-6; OWASP 2013-A5; OWASP 2017-A6 Critical
Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo