| Vulnerability Name | Classifications | Severity |
|---|---|---|
| .htaccess File Detected | CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | Information |
| aah Go Server Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| AbanteCart Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Adminer Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Administration Page Detected | PCI v3.2-6.5.8, CAPEC-87, CWE-425, HIPAA-164.306(a), 164.308(a), ISO27001-A.9.4.1, WASC-34, OWASP 2013-A7, OWASP 2017-A5, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | Information |
| Ampache Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| An Unsafe Content Security Policy (CSP) Directive in Use | CWE-16, ISO27001-A.14.2.5, WASC-15 | Information |
| Apache Coyote Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Apache Module Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Apache Traffic Server Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Apache Web Server Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Apple’s App-Site Association (AASA) Detected | ISO27001-A.18.1.3 | Information |
| Artifactory DevOps Solution Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| ASP.NET Debugging Enabled | CWE-16, ISO27001-A.9.4.1, WASC-14, OWASP 2013-A5, OWASP 2017-A6 | Information |
| ASP.NET Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| ASP.NET MVC Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Atlassian Confluence Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Atlassian Jira Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Atlassian Proxy Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| ATutor Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Authorization Required | ISO27001-A.9.4.1 | Information |
| Autocomplete Enabled (Password Field) | CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | Information |
| AWStats Detected | CAPEC-224, CWE-205, ISO27001-A.14.2.5, WASC-45, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | Information |
| Axway SecureTransport Server Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| b2evolution Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Basic Authorization Required | ISO27001-A.9.4.1 | Information |
| BitNinja Captcha Server Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Bomgar Remote Support Software Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Caddy Web Server Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| CakePHP Framework Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| CDN Detected (Airee) | CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 | Information |
| CDN Detected (Akamai) | CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 | Information |
| CDN Detected (Arvan Cloud) | CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 | Information |
| CDN Detected (Azure CDN) | CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 | Information |
| CDN Detected (CDN77) | CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 | Information |
| CDN Detected (Fastly) | CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 | Information |
| CDN Detected (Fireblade) | CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 | Information |
| CDN Detected (Google Cloud CDN) | CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 | Information |
| CDN Detected (Incapsula) | CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 | Information |
| CDN Detected (Instart) | CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 | Information |
| CDN Detected (KeyCDN) | CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 | Information |
| CDN Detected (MaxCDN) | CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 | Information |
| CDN Detected (Netlify) | CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 | Information |
| CDN Detected (PowerCDN) | CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 | Information |
| CDN Detected (Qrator) | CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 | Information |
| CDN Detected (Sucuri) | CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 | Information |
| CDN Detected (West263) | CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 | Information |
| Chamilo Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Cherokee Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| CherryPy Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Claroline Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| ClipBucket Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Collabtive Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Concrete5 Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Configuration File Detected | PCI v3.2-6.5.8, CAPEC-87, CWE-425, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-34, OWASP 2013-A7, OWASP 2017-A5, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | Information |
| contao Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Content Security Policy (CSP) Contains Out of Scope report-uri Domain | ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3 | Information |
| Content Security Policy (CSP) Keywords Not Used Within Single Quotes | CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 | Information |
| Content Security Policy (CSP) Nonce Value Not Used Within Single Quotes | CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 | Information |
| Content Security Policy (CSP) Nonce Without Matching Script Block | CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 | Information |
| Content Security Policy (CSP) report-uri Uses HTTP | ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3 | Information |
| Content-Security-Policy-Report-Only Cannot Be Declared Between META Tags | CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 | Information |
| Content-Security-Policy-Report-Only Cannot Be Declared Without report-uri Directive | CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 | Information |
| Coppermine Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Cowboy HTTP Server Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Craft CMS Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Credit Card Disclosure | PCI v3.2-6.5.3, CAPEC-118, CWE-213, ISO27001-A.18.1.4, WASC-13, OWASP 2013-A6, OWASP 2017-A3 | Information |
| Cross-site Referrer Leakage through Permissive Referrer-Policy | CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6 | Information |
| Cross-site Referrer Leakage through Referrer-Policy | CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6 | Information |
| Cross-site Referrer Leakage through usage of no-referrer-when-downgrade in Referrer-Policy | CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6 | Information |
| Cross-site Referrer Leakage through usage of origin-when-cross-origin in Referrer-Policy | CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6 | Information |
| Cross-site Referrer Leakage through usage of strict-origin in Referrer-Policy | CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6 | Information |
| Cross-site Referrer Leakage through usage of strict-origin-when-cross-origin in Referrer-Policy | CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6 | Information |
| Cross-site Referrer Leakage through usage of the origin keyword in Referrer-Policy | CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6 | Information |
| Cross-site Referrer Leakage through usage of unsafe-url in Referrer-Policy | CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6 | Information |