Search Vulnerability


Vulnerability Name Classifications Severity
Blind Command Injection PCI v3.2-6.5.1; CAPEC-88; CWE-78; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-31; OWASP 2013-A1; OWASP 2017-A1 Critical
Blind SQL Injection PCI v3.2-6.5.1; CAPEC-66; CWE-89; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-19; OWASP 2013-A1; OWASP 2017-A1 Critical
Boolean Based SQL Injection PCI v3.2-6.5.1; CAPEC-66; CWE-89; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-19; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Apache Struts S02-53) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Apache Struts) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Apache Struts) S2-016 PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Apache Struts) S2-045 PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Apache Struts) S2-046 PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (ASP) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Node.js) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Perl) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (PHP) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Python) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (RoR - JSON) PCI v3.2-6.5.1; CAPEC-356; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-23; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (RoR) PCI v3.2-6.5.1; CAPEC-356; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-23; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation (Ruby) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Evaluation via Local File Inclusion (PHP) PCI v3.2-6.5.1; CAPEC-251; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-33; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via File Upload PCI v3.2-6.5.1; CAPEC-210; CWE-94; HIPAA-164.306(a); ISO27001-A.14.2.5; WASC-42; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via Local File Inclusion PCI v3.2-6.5.1; CAPEC-170; CWE-94; HIPAA-164.306(a); ISO27001-A.14.2.5; WASC-33; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Java FreeMarker) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Java Velocity) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js Dot) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js EJS) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js Marko) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js Nunjucks) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Node.js Pug (Jade)) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (PHP Smarty) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (PHP Twig) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Python Jinja) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Python Mako) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Python Tornado) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Ruby ERB) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Code Execution via SSTI (Ruby Slim) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Drupal Core - Remote Code Execution (CVE-2019-6340) PCI v3.2-6.5.1; CAPEC-242; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
OpenSSL Heartbleed PCI v3.2-6.5.2; CAPEC-216; CWE-119; ISO27001-A.14.2.5; OWASP 2013-A6; OWASP 2017-A9 Critical
Out of Band Code Evaluation (Apache Struts 2) PCI v3.2-6.5.1; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (Apache Struts 2) S2-053 PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (ASP) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (Perl) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (PHP) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (Python) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (RoR - JSON) PCI v3.2-6.5.1; CAPEC-356; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-23; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (RoR) PCI v3.2-6.5.1; CAPEC-356; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-23; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Evaluation (Ruby) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Java FreeMarker) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Java Velocity) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js Dot) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js EJS) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js Marko) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js Nunjucks) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Node.js Pug (Jade)) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (PHP Smarty) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (PHP Twig) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Python Jinja) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Python Mako) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Code Execution via SSTI (Python Tornado) PCI v3.2-6.5.1; CAPEC-23; CWE-94; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Command Injection PCI v3.2-6.5.1; CAPEC-88; CWE-78; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-31; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band Remote File Inclusion PCI v3.2-6.5.1; CAPEC-193; CWE-98; HIPAA-164.306(a); ISO27001-A.14.2.5; WASC-5; OWASP 2013-A1; OWASP 2017-A1 Critical
Out of Band SQL Injection PCI v3.2-6.5.1; CAPEC-66; CWE-89; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-19; OWASP 2013-A1; OWASP 2017-A1 Critical
Remote Code Execution and DoS in HTTP.sys (IIS) PCI v3.2-6.5.1; CAPEC-340; CWE-20; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-7; OWASP 2013-A1; OWASP 2017-A1 Critical
Server-Side Request Forgery (Oracle Cloud) CWE-918; ISO27001-A.14.2.5; OWASP 2013-A5; OWASP 2017-A6 Critical
Server-Side Request Forgery (Packet Cloud) CWE-918; ISO27001-A.14.2.5; OWASP 2013-A5; OWASP 2017-A6 Critical
Server-Side Request Forgery (trace.axd) PCI v3.2-6.5.6; CAPEC-347; CWE-918; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Critical
Server-Side Template Injection PCI v3.2-6.5.1; CWE-74; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Server-Side Template Injection (Java FreeMarker) PCI v3.2-6.5.1; CWE-74; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Server-Side Template Injection (Java Velocity) PCI v3.2-6.5.1; CWE-74; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Server-Side Template Injection (Node.js Dot) PCI v3.2-6.5.1; CWE-74; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Server-Side Template Injection (Node.js EJS) PCI v3.2-6.5.1; CWE-74; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Server-Side Template Injection (Ruby ERB) PCI v3.2-6.5.1; CWE-74; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 Critical
Web Cache Deception PCI v3.2-2.2.3; CAPEC-CAPEC; ISO27001-A.14.1.3; WASC-6; OWASP 2013-A5; OWASP 2017-A6 Critical
Backup Source Code Detected PCI v3.2-6.5.8; CAPEC-87; CWE-530; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-34; OWASP 2013-A7; OWASP 2017-A5 High
Basic Authorization over HTTP PCI v3.2-6.5.4; CAPEC-65; CWE-319; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 High
Certificate is Signed Using a Weak Signature Algorithm PCI v3.2-6.5.4; CAPEC-459; ISO27001-A.10; WASC-4; OWASP 2013-A6; OWASP 2017-A3 High
Database User Has Admin Privileges PCI v3.2-6.5.6; CWE-267; ISO27001-A.9.2.2; WASC-14; OWASP 2013-A5; OWASP 2017-A6 High
Elmah.axd / Errorlog.axd Detected PCI v3.2-6.5.6; CAPEC-347; CWE-16; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-15; OWASP 2013-A5; OWASP 2017-A6 High
Expression Language Injection PCI v3.2-6.5.1; CWE-20; HIPAA-164.308(a); ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 High
Insecure Transportation Security Protocol Supported (SSLv2) PCI v3.2-6.5.4; CAPEC-217; CWE-326; HIPAA-164.306; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 High
Local File Inclusion PCI v3.2-6.5.8; CAPEC-252; CWE-22; HIPAA-164.306(a); ISO27001-A.14.2.5; WASC-33; OWASP 2013-A4; OWASP 2017-A5 High
Out of Band XML External Entity Injection PCI v3.2-6.5.1; CAPEC-376; CWE-611; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-43; OWASP 2013-A1; OWASP 2017-A4 High
Out-of-date Version (Microsoft SQL Server) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP 2013-A9; OWASP 2017-A9 High
Out-of-date Version (MySQL) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP 2013-A9; OWASP 2017-A9 High
Out-of-date Version (Oracle) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP 2013-A9; OWASP 2017-A9 High
Out-of-date Version (PostgreSQL) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP 2013-A9; OWASP 2017-A9 High
Password Transmitted over HTTP PCI v3.2-6.5.4; CAPEC-65; CWE-319; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 High
ROBOT Attack Detected (Strong Oracle) PCI v3.2-6.5.4; CAPEC-217; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 High
ROBOT Attack Detected (Weak Oracle) PCI v3.2-6.5.4; CAPEC-217; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 High
Ruby on Rails File Content Disclosure (CVE-2019-5418) PCI v3.2-6.5.8; CAPEC-252; CWE-98; HIPAA-164.306(a); ISO27001-A.14.2.5; WASC-33; OWASP 2013-A4; OWASP 2017-A5 High
Server-Side Request Forgery (Apache Server Status) CWE-918; ISO27001-A.14.2.5; OWASP 2013-A5; OWASP 2017-A6 High
Server-Side Request Forgery (AWS) CWE-918; ISO27001-A.14.2.5; OWASP 2017-A5 High
Server-Side Request Forgery (elmah MVC) PCI v3.2-6.5.6; CAPEC-347; CWE-918; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 High
Server-Side Request Forgery (elmah) PCI v3.2-6.5.6; CAPEC-347; CWE-918; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 High
Server-Side Request Forgery (MySQL) CWE-918; ISO27001-A.14.2.5; OWASP 2013-A5; OWASP 2017-A6 High
Server-Side Request Forgery (SSH) CWE-918; ISO27001-A.14.2.5; OWASP 2013-A5; OWASP 2017-A6 High
Session Cookie Not Marked as Secure PCI v3.2-6.5.10; CAPEC-102; CWE-614; ISO27001-A.14.1.2; WASC-15; OWASP 2013-A6; OWASP 2017-A3 High
SVN Detected CAPEC-118; CWE-527; ISO27001-A.9.4.1; WASC-13; OWASP 2013-A5; OWASP 2017-A6 High
Trace.axd Detected PCI v3.2-6.5.6; CAPEC-347; CWE-16; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-15; OWASP 2013-A5; OWASP 2017-A6 High
Unrestricted File Upload PCI v3.2-6.5.1; CWE-434; ISO27001-A.14.2.5; OWASP 2013-A1; OWASP 2017-A1 High
Weak Basic Authentication Credentials PCI v3.2-6.5.10; CAPEC-16; CWE-521; ISO27001-A.9.4.3; WASC-15; OWASP 2013-A6; OWASP 2017-A3 High
XML External Entity Injection PCI v3.2-6.5.1; CAPEC-376; CWE-611; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-43; OWASP 2013-A1; OWASP 2017-A4 High
Active Mixed Content over HTTPS CWE-319; ISO27001-A.14.1.3; OWASP 2013-A6; OWASP 2017-A3 Medium
Anonymous Ciphers Supported PCI v3.2-6.5.4; CAPEC-117; CWE-311; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 Medium
Apache Server-Info Detected CAPEC-347; CWE-16; ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Medium
Apache Server-Status Detected CAPEC-347; CWE-16; ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Medium
Base Tag Hijacking PCI v3.2-6.5.7; CAPEC-19; CWE-20; HIPAA-164.308(a); ISO27001-A.14.2.5; WASC-8; OWASP 2013-A3; OWASP 2017-A7 Medium
BREACH Attack Detected CWE-310; OWASP 2013-A9; OWASP 2017-A9 Medium
Critical Form Send to HTTP PCI v3.2-6.5.4; CAPEC-65; CWE-319; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 Medium
Critical Form Served over HTTP PCI v3.2-6.5.4; CAPEC-65; CWE-319; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 Medium
CVS Detected CAPEC-118; CWE-527; ISO27001-A.9.4.5; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Medium
Frame Injection PCI v3.2-6.5.1; CWE-601; HIPAA-164.308(a); ISO27001-A.14.2.5; WASC-38; OWASP 2013-A1; OWASP 2017-A1 Medium
GIT Detected CAPEC-118; CWE-527; ISO27001-A.9.4.5; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Medium
HTTP Header Injection PCI v3.2-6.5.1; CAPEC-105; CWE-93; HIPAA-164.306(a), 164.308(a); ISO27001-A.14.2.5; WASC-24; OWASP 2013-A1; OWASP 2017-A1 Medium
HTTP Strict Transport Security (HSTS) Errors and Warnings CWE-16; ISO27001-A.14.1.2; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Medium
HTTP Strict Transport Security (HSTS) Policy Not Enabled CAPEC-217; CWE-523; ISO27001-A.14.1.2; WASC-4; OWASP 2013-A6; OWASP 2017-A3 Medium
Insecure HTTP Usage ISO27001-A.14.1.3; WASC-4; OWASP 2013-A5; OWASP 2017-A3 Medium
Insecure Transportation Security Protocol Supported (SSLv3) PCI v3.2-6.5.4; CAPEC-217; CWE-326; HIPAA-164.306; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 Medium
Invalid SSL Certificate PCI v3.2-6.5.4; CAPEC-459; CWE-295; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 Medium
Microsoft Access Database File Detected PCI v3.2-6.5.8; CWE-284; ISO27001-A.18.1.3; WASC-2; OWASP 2013-A7; OWASP 2017-A3 Medium
Open Policy Crossdomain.xml Detected CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Medium
Open Silverlight Client Access Policy CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Medium
Password Transmitted over Query String PCI v3.2-6.5.4; CWE-598; ISO27001-A.14.2.5; WASC-13; OWASP 2013-A6; OWASP 2017-A3 Medium
RSA Private Key Detected CAPEC-118; CWE-200; ISO27001-A.18.1.3; WASC-13; OWASP 2013-A6; OWASP 2017-A3 Medium
Server-Side Request Forgery CWE-918; ISO27001-A.14.2.5; WASC-20; OWASP 2013-A1; OWASP 2017-A1 Medium
Server-Side Request Forgery (Time Based) CWE-918; ISO27001-A.14.2.5; WASC-20; OWASP 2013-A1; OWASP 2017-A1 Medium
Source Code Disclosure (ASP.NET) CAPEC-118; CWE-540; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Medium
Source Code Disclosure (ColdFusion) CAPEC-118; CWE-540; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Medium
Source Code Disclosure (Generic) CAPEC-118; CWE-540; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.4.5; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Medium
Source Code Disclosure (Java Servlet) CAPEC-118; CWE-540; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.4.5; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Medium
Source Code Disclosure (Java) CAPEC-118; CWE-540; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.4.5; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Medium
Source Code Disclosure (JSP) CAPEC-118; CWE-540; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.4.5; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Medium
Source Code Disclosure (Perl) CAPEC-118; CWE-540; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.4.5; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Medium
Source Code Disclosure (PHP) CAPEC-118; CWE-540; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.4.5; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Medium
Source Code Disclosure (Python) CAPEC-118; CWE-540; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.4.5; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Medium
Source Code Disclosure (Ruby) CAPEC-118; CWE-540; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.4.5; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Medium
Source Code Disclosure (Tomcat) CAPEC-118; CWE-540; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.4.5; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Medium
SQLite Database File Found PCI v3.2-6.5.8; CWE-284; ISO27001-A.18.1.3; WASC-2; OWASP 2013-A7; OWASP 2017-A3 Medium
SSL/TLS Not Implemented PCI v3.2-6.5.4; CAPEC-217; CWE-311; HIPAA-164.306; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 Medium
Stack Trace Disclosure (ColdFusion) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Medium
Stack Trace Disclosure (Django) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Medium
Stack Trace Disclosure (Java) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Medium
Stack Trace Disclosure (Laravel) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Medium
Stack Trace Disclosure (Python) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Medium
Stack Trace Disclosure (RoR) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Medium
Stack Trace Disclosure (Ruby-Sinatra Framework) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Medium
Sublime SFTP Config File Detected CWE-16; ISO27001-A.18.1.3; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Medium
Weak Ciphers Enabled PCI v3.2-6.5.4; CAPEC-217; CWE-327; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 Medium
WordPress Setup Configuration File PCI v3.2-6.5.8; CAPEC-212; CWE-665; HIPAA-164.312(a)(1); ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Medium
.DS_Store File Found PCI v3.2-6.5.8; CWE-284; ISO27001-A.18.1.3; WASC-2; OWASP 2013-A7; OWASP 2017-A5 Low
Apache Multiple Choices Enabled CWE-16; ISO27001-A.9.4.1; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
Apache MultiViews Enabled CWE-16; ISO27001-A.9.4.1; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
Autocomplete is Enabled CWE-16; ISO27001-A.14.1.2; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Low
Backup File Disclosure PCI v3.2-6.5.8; CAPEC-87; CWE-530; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-34; OWASP 2013-A7; OWASP 2017-A5 Low
Cookie Not Marked as HttpOnly CAPEC-107; CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Low
Cookie Not Marked as Secure PCI v3.2-6.5.10; CAPEC-102; CWE-614; ISO27001-A.14.1.2; WASC-15; OWASP 2013-A6; OWASP 2017-A3 Low
Cookie Values Used in Anti-CSRF Token CWE-352; HIPAA-164.306(a); ISO27001-A.14.1.2; OWASP 2013-A5; OWASP 2017-A6 Low
Cross-site Request Forgery PCI v3.2-6.5.9; CAPEC-62; CWE-352; HIPAA-164.306(a); ISO27001-A.14.2.5; WASC-9; OWASP 2013-A8; OWASP 2017-A5 Low
Cross-site Request Forgery in Login Form PCI v3.2-6.5.9; CAPEC-62; CWE-352; HIPAA-164.306(a); ISO27001-A.14.2.5; WASC-9; OWASP 2013-A8; OWASP 2017-A5 Low
Database Error Message Disclosure PCI v3.2-6.5.5; CAPEC-118; CWE-210; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Database Name Disclosure (Microsoft SQL Server) PCI v3.2-6.5.5; CAPEC-118; CWE-201; HIPAA-164.306(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Database Name Disclosure (MySQL) PCI v3.2-6.5.5; CAPEC-118; CWE-201; HIPAA-164.306(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Django Debug Mode Enabled PCI v3.2-6.5.5; CAPEC-214; CWE-16; ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
Exception Report Disclosure (Tomcat) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
Form Hijacking CWE-20; ISO27001-A.14.2.5; WASC-20; OWASP 2013-A1; OWASP 2017-A1 Low
Insecure JSONP Endpoint CWE-20; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A1 Low
Insecure Reflected Content CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A1 Low
Insecure Transportation Security Protocol Supported (TLS 1.0) PCI v3.2-6.5.4; CAPEC-217; CWE-326; HIPAA-164.306; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 Low
Internal IP Address Disclosure CWE-200; ISO27001-A.18.1.4; OWASP 2013-A6; OWASP 2017-A3 Low
Laravel Debug Mode Enabled PCI v3.2-6.5.5; CAPEC-214; CWE-16; ISO27001-A.14.1.2; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
Laravel Environment Configuration File Detected CWE-16; ISO27001-A.9.4.1; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Low
Microsoft IIS Log File Detected PCI v3.2-6.5.8; CAPEC-87; CWE-425; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-34; OWASP 2013-A7; OWASP 2017-A5 Low
Microsoft Outlook Personal Folders File (.pst) Found PCI v3.2-6.5.8; CWE-284; ISO27001-A.18.1.3; WASC-2; OWASP 2013-A7; OWASP 2017-A5 Low
Misconfigured Access-Control-Allow-Origin Header CWE-16; ISO27001-A.14.1.2; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Low
Misconfigured X-Frame-Options Header CAPEC-103; CWE-693; ISO27001-A.14.2.5; OWASP 2013-A5; OWASP 2017-A6 Low
Missing Content-Type Header CWE-16; ISO27001-A.14.1.2; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Low
Missing X-Frame-Options Header CAPEC-103; CWE-693; ISO27001-A.14.2.5; OWASP 2013-A5; OWASP 2017-A6 Low
Multiple Declarations in X-Frame-Options Header CAPEC-103; CWE-693; ISO27001-A.14.2.5; OWASP 2013-A5; OWASP 2017-A6 Low
Open Redirection in POST method CWE-601; ISO27001-A.14.2.5; WASC-38; OWASP 2013-A10; OWASP 2017-A5 Low
Passive Mixed Content over HTTPS CWE-319; ISO27001-A.14.1.3; OWASP 2013-A6; OWASP 2017-A3 Low
Phishing by Navigating Browser Tabs CWE-16; ISO27001-A.14.1.2; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Low
phpinfo() Output Detected CAPEC-346; CWE-213; ISO27001-A.18.1.3; WASC-13; OWASP 2013-A6; OWASP 2017-A3 Low
Programming Error Message PCI v3.2-6.5.5; CAPEC-118; CWE-210; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Programming Error Message (Ruby) PCI v3.2-3.2 6.5.5; CAPEC-118; CWE-210; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Reflected File Download PCI v3.2-6.5.1; CAPEC-375; CWE-840; ISO27001-A.14.2.5; WASC-42; OWASP 2013-A1; OWASP 2017-A1 Low
RoR Database Configuration File Detected CWE-16; ISO27001-A.9.4.1; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Low
RoR Development Mode Enabled PCI v3.2-6.5.5; CAPEC-214; CWE-16; ISO27001-A.14.1.1; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
Social Security Number Disclosure PCI v3.2-6.5.3; CAPEC-118; CWE-213; ISO27001-A.18.1.3; WASC-13; OWASP 2013-A6; OWASP 2017-A3 Low
Stack Trace Disclosure (Apache MyFaces) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.2.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
Stack Trace Disclosure (ASP.NET) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.2.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
Stack Trace Disclosure (CakePHP Framework) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.2.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
Stack Trace Disclosure (CherryPy) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.2.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
Stack Trace Disclosure (Grails) PCI v3.2-6.5.5; CAPEC-214; CWE-248; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
Struts2 Development Mode Enabled PCI v3.2-6.5.5; CAPEC-214; CWE-16; ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
TRACE/TRACK Method Detected CAPEC-107; CWE-16; ISO27001-A.14.1.2; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Low
Username Disclosure (Microsoft SQL Server) PCI v3.2-6.5.5; CAPEC-118; CWE-201; HIPAA-164.306(a); ISO27001-A.18.1.4; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Low
Username Disclosure (MySQL) PCI v3.2-6.5.5; CAPEC-118; CWE-201; HIPAA-164.306(a); ISO27001-A.18.1.4; WASC-13; OWASP 2013-A5; OWASP 2017-A3 Low
Version Disclosure (Apache Coyote) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Apache Module) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Apache) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (ASP.NET MVC) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (ASP.NET) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (CakePHP Framework) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Cherokee) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (CherryPy) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Django) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (FrontPage) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (GlassFish) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Hiawatha) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (IIS) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Java Servlet) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Java) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (JBoss) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Lighttpd) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (mod_ssl) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Mongrel Web Server) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Nginx) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (NuSOAP) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (OpenSSL) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Oracle) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Perl) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (PHP) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Python) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (RoR) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Ruby) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (RubyGems) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (SharePoint) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Telerik Web UI) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (Tomcat) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (WebLogic) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 Low
Version Disclosure (WEBrick) CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 Low
Windows Short Filename PCI v3.2-6.5.8; CAPEC-87; CWE-538; HIPAA-164.306(a), 164.308(a); ISO27001-A.8.2.3; WASC-34; OWASP 2013-A7; OWASP 2017-A6 Low
Windows Username Disclosure PCI v3.2-6.5.5; CAPEC-118; CWE-200; ISO27001-A.18.1.3; WASC-13; OWASP 2013-A6; OWASP 2017-A3 Low
WP Engine Configuration File Detected CWE-16; ISO27001-A.9.4.1; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Low
Insecure Transportation Security Protocol Supported (TLS 1.1) PCI v3.2-6.5.4; CAPEC-217; CWE-326; HIPAA-164.306; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 Best Practice
Referrer-Policy Not Implemented CWE-200; ISO27001-A.14.2.5; OWASP 2013-A6; OWASP 2017-A3 Best Practice
.htaccess File Detected CWE-16; OWASP 2013-A5; OWASP 2017-A6 Information
Administration Page Detected PCI v3.2-6.5.8; CAPEC-87; CWE-425; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.4.1; WASC-34; OWASP PC-C6; OWASP 2013-A7; OWASP 2017-A5 Information
ASP.NET Debugging Enabled CWE-16; ISO27001-A.9.4.1; WASC-14; OWASP PC-C7; OWASP 2013-A5; OWASP 2017-A6 Information
ASP.NET Identified CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-13; OWASP PC-C7; OWASP 2017-A6 Information
Autocomplete Enabled (Password Field) CWE-16; ISO27001-A.14.1.2; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Information
Configuration File Detected PCI v3.2-6.5.8; CAPEC-87; CWE-425; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-34; OWASP 2013-A7; OWASP 2017-A5 Information
Content Security Policy (CSP) Contains Out of Scope report-uri Domain ISO27001-A.14.2.5; OWASP 2013-A6; OWASP 2017-A3 Information
Content Security Policy (CSP) Keywords Not Used Within Single Quotes CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Information
Content Security Policy (CSP) Nonce Value Not Used Within Single Quotes CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Information
Content Security Policy (CSP) Nonce Without Matching Script Block CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Information
Content Security Policy (CSP) report-uri Uses HTTP ISO27001-A.14.2.5; OWASP 2013-A6; OWASP 2017-A3 Information
Content-Security-Policy-Report-Only Cannot Be Declared Between META Tags CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Information
Content-Security-Policy-Report-Only Cannot Be Declared Without report-uri Directive CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Information
Credit Card Disclosure PCI v3.2-6.5.3; CAPEC-118; CWE-213; ISO27001-A.18.1.4; WASC-13; OWASP PC-C7; OWASP 2013-A6; OWASP 2017-A3 Information
Cross-site Referrer Leakage through usage of no-referrer-when-downgrade in Referrer-Policy CWE-200; ISO27001-A.14.2.5; OWASP PC-C9; OWASP 2013-A6; OWASP 2017-A6 Information
Cross-site Referrer Leakage through usage of unsafe-url in Referrer-Policy CWE-200; ISO27001-A.14.2.5; OWASP PC-C9; OWASP 2013-A6; OWASP 2017-A6 Information
Database Connection String Detected CWE-16; HIPAA-164.306(a); ISO27001-A.18.1.3; WASC-15; OWASP PC-C7; OWASP 2013-A5; OWASP 2017-A3 Information
Directory Listing (Apache) CAPEC-127; CWE-548; ISO27001-A.9.4.1; WASC-16; OWASP PC-C6; OWASP 2013-A5; OWASP 2017-A6 Information
Directory Listing (ASP.NET Server) CAPEC-127; CWE-548; ISO27001-A.9.4.1; WASC-16; OWASP PC-C6; OWASP 2013-A5; OWASP 2017-A6 Information
Directory Listing (IIS) CAPEC-127; CWE-548; ISO27001-A.9.4.1; WASC-16; OWASP PC-C6; OWASP 2013-A5; OWASP 2017-A6 Information
Directory Listing (Lighttpd) CAPEC-127; CWE-548; ISO27001-A.9.4.1; WASC-16; OWASP PC-C6; OWASP 2013-A5; OWASP 2017-A6 Information
Directory Listing (LiteSpeed) CAPEC-127; CWE-548; ISO27001-A.9.4.1; WASC-16; OWASP PC-C6; OWASP 2013-A5; OWASP 2017-A6 Information
Directory Listing (Nginx) CAPEC-127; CWE-548; ISO27001-A.9.4.1; WASC-16; OWASP PC-C6; OWASP 2013-A5; OWASP 2017-A6 Information
Directory Listing (Tomcat) CAPEC-127; CWE-548; ISO27001-A.9.4.1; WASC-16; OWASP PC-C6; OWASP 2013-A5; OWASP 2017-A6 Information
Directory Listing (WebDAV) CAPEC-127; CWE-548; ISO27001-A.9.4.1; WASC-16; OWASP PC-C6; OWASP 2013-A5; OWASP 2017-A6 Information
Incorrect Content Security Policy (CSP) Implementation CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Information
Installation File Detected PCI v3.2-6.5.8; CAPEC-87; CWE-425; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-34; OWASP 2013-A7; OWASP 2017-A5 Information
Intermediate Certificate is Signed Using a Weak Signature Algorithm CAPEC-459; ISO27001-A.10; WASC-4; OWASP 2013-A6; OWASP 2017-A3 Information
Invalid Content Security Policy (CSP) Directive Identified in meta Elements CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Information
Log File Detected PCI v3.2-6.5.8; CAPEC-87; CWE-425; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-34; OWASP PC-C6; OWASP 2013-A7; OWASP 2017-A5 Information
No Script Block Detected with the Hash Value Declared in Content Security Policy (CSP) ISO27001-A.14.2.5; OWASP 2013-A5; OWASP 2017-A6 Information
OPTIONS Method Enabled CAPEC-107; CWE-16; ISO27001-A.14.1.2; WASC-14; OWASP 2013-A5; OWASP 2017-A6 Information
Out-of-date Version (AbanteCart) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Ampache) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (AngularJS) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Apache) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (ASP.NET SignalR) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (ATutor) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (axios) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (b2evolution) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Backbone.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (bluebird) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Bootbox.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Bootstrap 3 Date/Time Picker) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Bootstrap Toggle) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Bootstrap) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (CakePHP Framework) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Chamilo) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Chart.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Cherokee) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (CherryPy) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (CKEditor) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Claroline) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (ClipBucket) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Collabtive) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Concerte5) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (contao) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Coppermine) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (CubeCart) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (D3.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (DataTables) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Django) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (DokuWiki) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Dolibarr) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Dolphin) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (DOMPurify) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (DotClear) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Drupal) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (DWR) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (e107) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (easyXDM) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (ef.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Elgg) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Ember.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (EspoCRM) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Ext JS) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Fabric.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Family Connections) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (FancyBox) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Fingerprintjs2) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Flickity) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (FluxBB) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (FooTable) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Form Tools) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Foundation) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Front Accounting) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Fuel UX) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (GibbonEdu) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (GlassFish) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Google Charts) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (GSAP) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Hammer.JS) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Handlebars.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Hesk) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Hiawatha) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Highcharts) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (HTML5 Shiv) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (IIS) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (ImagePicker) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Inferno) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Intro.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Ion.RangeSlider) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Java) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (JavaScript Cookie) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (JBoss) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Joomla) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (jPlayer) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (jQuery Mask) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (jQuery Migrate) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (jQuery Mobile) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (jQuery UI Autocomplete) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (jQuery UI Dialog) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (jQuery UI Tooltip) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (jQuery Validation) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (jQuery) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (jsTree) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Knockout Mapping) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Knockout) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Lazy.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Leaflet) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Lightbox) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Lighttpd) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (LimeSurvey) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (List.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Lodash) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Marionette.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Math.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (MathJax) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (MediaWiki) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Mibew Messenger) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Mithril) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Modernizr) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (MODX) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Moment.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Moodle) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Movable Type) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (mustache.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (MyBB) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Nginx) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; WASC-13; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (NuSOAP) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; WASC-13; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Omeka) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (OpenCart) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (OpenSSL) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (osClass) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (osCommerce) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (osTicket) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (ownCloud) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (pdf.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Perl) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (pH7CMS) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Phaser) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Phorum) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Php Address Book) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (PHP) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (phpBB) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (PhpFusion) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (phpList) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (PhpMyFAQ) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Piwigo) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Pixi.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Plupload) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (PmWiki) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Podcast Generator) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Polymer) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (PrestaShop) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (prettyPhoto) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (ProjectSend) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Prototype JS) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Python) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (qdPM) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Question2Answer) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Ramda) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (React) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (RequireJS) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Respond.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Reveal.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Revive Adserver) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Rickshaw) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Riot.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (RoR) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Roundcube) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Ruby) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (RubyGems) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Rukovoditel) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (ScrollReveal) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Select2) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Semantic UI) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (SeoPanel) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Serendipity) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (slick) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Snap.svg) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Sortable) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (SweetAlert2) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (TCExam) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Telerik Web UI) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Three.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Tomcat) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (typeahead.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Underscore.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Vanilla Forums) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Video.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Vue.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (webERP) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (WeBid) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (WebLogic) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (WordPress) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (XOOPS) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (XRegExp) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (YetiForce CRM) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (YOURLS) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (YUI) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Zen Cart) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (ZenPhoto) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Zepto.js) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Out-of-date Version (Zikula) PCI v3.2-6.2; CAPEC-310; CWE-937, 1035; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 Information
Readme/Help File Detected PCI v3.2-6.5.8; CAPEC-87; CWE-425; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-34; OWASP PC-C7; OWASP 2013-A7; OWASP 2017-A5 Information
Referrer-Policy Needs Proper Fallback CWE-200; ISO27001-A.14.2.5; OWASP PC-C9; OWASP 2013-A6; OWASP 2017-A6 Information
SQL File Detected PCI v3.2-6.5.8; CAPEC-87; CWE-425; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-34; OWASP PC-C7; OWASP 2013-A7; OWASP 2017-A5 Information
Static Nonce Identified in Content Security Policy (CSP) CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Information
Test File Detected PCI v3.2-6.5.8; CAPEC-87; CWE-425; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-34; OWASP PC-C7; OWASP 2013-A7; OWASP 2017-A5 Information
Travis CI Configuration File Detected CWE-16; ISO27001-A.9.4.1; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Information
TS Web Access Identified PCI v3.2-6.5.8; CAPEC-87; CWE-425; HIPAA-164.306(a), 164.308(a); ISO27001-A.9.4.1; WASC-34; OWASP PC-C6; OWASP 2013-A7; OWASP 2017-A5 Information
UNC Server and Share Disclosure CWE-16; ISO27001-A.18.1.3; WASC-15; OWASP PC-C7; OWASP 2013-A5; OWASP 2017-A6 Information
Unknown Option Used In Referrer-Policy CWE-200; ISO27001-A.14.2.5; OWASP PC-C9; OWASP 2013-A6; OWASP 2017-A6 Information
Unsupported Hash Detected in Content Security Policy (CSP) CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6 Information
Weak Nonce Detected in Content Security Policy (CSP) Declaration CWE-330; ISO27001-A.14.2.5; WASC-16; OWASP 2013-A5; OWASP 2017-A6 Information
Web.config File Detected CAPEC-87; CWE-425; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-34; OWASP PC-C6; OWASP 2013-A7; OWASP 2017-A5 Information
Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo