Vulnerability Name Classifications Severity
.htaccess File Detected CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Information
aah Go Server Identified CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
AbanteCart Detected CWE-200, ISO27001-A.18.1.3, WASC-13 Information
Adminer Detected CWE-200, ISO27001-A.18.1.3, WASC-13 Information
Administration Page Detected PCI v3.2-6.5.8, CAPEC-87, CWE-425, HIPAA-164.306(a), 164.308(a), ISO27001-A.9.4.1, WASC-34, OWASP 2013-A7, OWASP 2017-A5, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Information
Ampache Detected CWE-200, ISO27001-A.18.1.3, WASC-13 Information
An Unsafe Content Security Policy (CSP) Directive in Use CWE-16, ISO27001-A.14.2.5, WASC-15 Information
Apache Web Server Identified CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Apple’s App-Site Association (AASA) Detected ISO27001-A.18.1.3 Information
ASP.NET Debugging Enabled CWE-16, ISO27001-A.9.4.1, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Information
ASP.NET Identified CWE-200, ISO27001-A.8.1.1, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
ATutor Detected CWE-200, ISO27001-A.18.1.3, WASC-13 Information
Authorization Required ISO27001-A.9.4.1 Information
Autocomplete Enabled (Password Field) CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Information
AWStats Detected CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Information
b2evolution Detected CWE-200, ISO27001-A.18.1.3, WASC-13 Information
Basic Authorization Required ISO27001-A.9.4.1 Information
Bomgar Remote Support Software Detected CWE-200, ISO27001-A.18.1.3, WASC-13 Information
Caddy Web Server Identified CWE-200, ISO27001-A.18.1.3, WASC-13 Information
CakePHP Framework Identified CWE-200, ISO27001-A.18.1.3, WASC-13 Information
CDN Detected (Airee) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Akamai) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Arvan Cloud) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Azure CDN) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (CDN77) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Fastly) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Fireblade) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Google Cloud CDN) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Incapsula) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Instart) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (KeyCDN) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (MaxCDN) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Netlify) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (PowerCDN) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Qrator) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Sucuri) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (West263) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
Chamilo Detected CWE-200, ISO27001-A.18.1.3, WASC-13 Information
Claroline Detected CWE-200, ISO27001-A.18.1.3, WASC-13 Information
ClipBucket Detected CWE-200, ISO27001-A.18.1.3, WASC-13 Information
Collabtive Detected CWE-200, ISO27001-A.18.1.3, WASC-13 Information
Concrete5 Detected CWE-200, ISO27001-A.18.1.3, WASC-13 Information
Configuration File Detected PCI v3.2-6.5.8, CAPEC-87, CWE-425, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-34, OWASP 2013-A7, OWASP 2017-A5, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Information
contao Detected CWE-200, ISO27001-A.18.1.3, WASC-13 Information
Content Security Policy (CSP) Contains Out of Scope report-uri Domain ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3 Information
Content Security Policy (CSP) Keywords Not Used Within Single Quotes CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Content Security Policy (CSP) Nonce Value Not Used Within Single Quotes CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Content Security Policy (CSP) Nonce Without Matching Script Block CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Content Security Policy (CSP) report-uri Uses HTTP ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3 Information
Content-Security-Policy-Report-Only Cannot Be Declared Between META Tags CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Content-Security-Policy-Report-Only Cannot Be Declared Without report-uri Directive CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Coppermine Detected CWE-200, ISO27001-A.18.1.3, WASC-13 Information
Credit Card Disclosure PCI v3.2-6.5.3, CAPEC-118, CWE-213, ISO27001-A.18.1.4, WASC-13, OWASP 2013-A6, OWASP 2017-A3 Information
Cross-site Referrer Leakage through Permissive Referrer-Policy CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6 Information
Cross-site Referrer Leakage through Referrer-Policy CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6 Information
Crossdomain.xml Detected ISO27001-A.12.5.1 Information
CubeCart Detected CWE-200, ISO27001-A.18.1.3, WASC-13 Information
data: Used in a Content Security Policy (CSP) Directive ISO27001-A.14.2.5 Information
Database Connection String Detected CWE-16, HIPAA-164.306(a), ISO27001-A.18.1.3, WASC-15, OWASP 2013-A5, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N Information
Database Detected (Microsoft Access) CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Information
Database Detected (Microsoft SQL Server) CWE-200, ISO27001-A.8.1.1, WASC-13, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N Information
Database Detected (MySQL) CWE-200, ISO27001-A.8.1.1, WASC-13, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N Information
Database Detected (Oracle) CWE-200, ISO27001-A.8.1.1, WASC-13, CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N Information
Database Detected (PostgreSQL) CWE-200, ISO27001-A.8.1.1, WASC-13, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N Information
DbNinja Detected CWE-200, ISO27001-A.18.1.3, WASC-13 Information
Default Page Detected (Apache) CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Default Page Detected (CakePHP Framework) CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Default Page Detected (IIS 10.0) CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Default Page Detected (IIS 6) CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Default Page Detected (IIS 7.5) CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Default Page Detected (IIS 7.X) CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Default Page Detected (IIS 7) CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Default Page Detected (IIS 8.5) CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Default Page Detected (IIS 8) CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Default Page Detected (Tomcat) CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information