Vulnerability Name Classifications Severity
.htaccess File Detected CWE-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Information
aah Go Server Identified CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
AbanteCart Detected CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6 Information
Adminer Detected CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6 Information
Administration Page Detected PCI v3.2-6.5.8, CAPEC-87, CWE-425, HIPAA-164.306(a), 164.308(a), ISO27001-A.9.4.1, WASC-34, OWASP 2013-A7, OWASP 2017-A5, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Information
Ampache Detected CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6 Information
An Unsafe Content Security Policy (CSP) Directive in Use CWE-16, ISO27001-A.14.2.5, WASC-15 Information
Apache Coyote Identified CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Apache Module Identified CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Apache Traffic Server Identified CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Apache Web Server Identified CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Apple’s App-Site Association (AASA) Detected ISO27001-A.18.1.3 Information
Artifactory DevOps Solution Identified CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
ASP.NET Debugging Enabled CWE-16, ISO27001-A.9.4.1, WASC-14, OWASP 2013-A5, OWASP 2017-A6 Information
ASP.NET Identified CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
ASP.NET MVC Identified CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Atlassian Proxy Identified CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
ATutor Detected CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6 Information
Authorization Required ISO27001-A.9.4.1 Information
Autocomplete Enabled (Password Field) CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Information
AWStats Detected CAPEC-224, CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-45, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Information
Axway SecureTransport Server Identified CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
b2evolution Detected CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6 Information
Basic Authorization Required ISO27001-A.9.4.1 Information
BitNinja Captcha Server Identified CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Bomgar Remote Support Software Detected CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6 Information
Caddy Web Server Identified CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6 Information
CakePHP Framework Identified CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6 Information
CDN Detected (Airee) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Akamai) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Arvan Cloud) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Azure CDN) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (CDN77) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Fastly) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Fireblade) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Google Cloud CDN) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Incapsula) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Instart) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (KeyCDN) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (MaxCDN) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Netlify) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (PowerCDN) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Qrator) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (Sucuri) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
CDN Detected (West263) CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 Information
Chamilo Detected CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6 Information
Cherokee Identified CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
CherryPy Identified CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Claroline Detected CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6 Information
ClipBucket Detected CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6 Information
Collabtive Detected CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6 Information
Concrete5 Detected CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6 Information
Configuration File Detected PCI v3.2-6.5.8, CAPEC-87, CWE-425, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-34, OWASP 2013-A7, OWASP 2017-A5, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Information
contao Detected CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6 Information
Content Security Policy (CSP) Contains Out of Scope report-uri Domain ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3 Information
Content Security Policy (CSP) Keywords Not Used Within Single Quotes CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Content Security Policy (CSP) Nonce Value Not Used Within Single Quotes CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Content Security Policy (CSP) Nonce Without Matching Script Block CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Content Security Policy (CSP) report-uri Uses HTTP ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3 Information
Content-Security-Policy-Report-Only Cannot Be Declared Between META Tags CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Content-Security-Policy-Report-Only Cannot Be Declared Without report-uri Directive CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Coppermine Detected CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6 Information
Cowboy HTTP Server Identified CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Craft CMS Identified CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Credit Card Disclosure PCI v3.2-6.5.3, CAPEC-118, CWE-213, ISO27001-A.18.1.4, WASC-13, OWASP 2013-A6, OWASP 2017-A3 Information
Cross-site Referrer Leakage through Permissive Referrer-Policy CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6 Information
Cross-site Referrer Leakage through Referrer-Policy CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6 Information
Cross-site Referrer Leakage through usage of no-referrer-when-downgrade in Referrer-Policy CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6 Information
Cross-site Referrer Leakage through usage of origin-when-cross-origin in Referrer-Policy CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6 Information
Cross-site Referrer Leakage through usage of strict-origin in Referrer-Policy CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6 Information
Cross-site Referrer Leakage through usage of strict-origin-when-cross-origin in Referrer-Policy CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6 Information
Cross-site Referrer Leakage through usage of the origin keyword in Referrer-Policy CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6 Information
Cross-site Referrer Leakage through usage of unsafe-url in Referrer-Policy CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6 Information
Crossdomain.xml Detected ISO27001-A.12.5.1 Information
CrushFTP Server Detected CWE-205, ISO27001-A.14.2.5 or A.18.1.3, WASC-13, OWASP 2017-A6 Information