| Vulnerability Name | Classifications | Severity |
|---|---|---|
| Cloudflare Browser Insights | CWE-205, ISO27001-A14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Cloudflare Identified | CWE-205, ISO27001-A14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Collabtive Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Concrete5 Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Configuration File Detected | PCI v3.2-6.5.8, CAPEC-87, CWE-425, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-34, OWASP 2013-A7, OWASP 2017-A5, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | Information |
| contao Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Content Security Policy (CSP) Contains Out of Scope report-uri Domain | ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3 | Information |
| Content Security Policy (CSP) Keywords Not Used Within Single Quotes | CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 | Information |
| Content Security Policy (CSP) Nonce Value Not Used Within Single Quotes | CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 | Information |
| Content Security Policy (CSP) Nonce Without Matching Script Block | CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 | Information |
| Content Security Policy (CSP) report-uri Uses HTTP | ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3 | Information |
| Content-Security-Policy-Report-Only Cannot Be Declared Between META Tags | CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 | Information |
| Content-Security-Policy-Report-Only Cannot Be Declared Without report-uri Directive | CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 | Information |
| cookieconsent2 Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Coppermine Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Cowboy HTTP Server Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Craft CMS Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Credit Card Disclosure | PCI v3.2-6.5.3, CAPEC-118, CWE-213, ISO27001-A.18.1.4, WASC-13, OWASP 2013-A6, OWASP 2017-A3 | Information |
| Cross-site Referrer Leakage through Permissive Referrer-Policy | CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6 | Information |
| Cross-site Referrer Leakage through Referrer-Policy | CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6 | Information |
| Cross-site Referrer Leakage through usage of no-referrer-when-downgrade in Referrer-Policy | CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6 | Information |
| Cross-site Referrer Leakage through usage of origin-when-cross-origin in Referrer-Policy | CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6 | Information |
| Cross-site Referrer Leakage through usage of strict-origin in Referrer-Policy | CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6 | Information |
| Cross-site Referrer Leakage through usage of strict-origin-when-cross-origin in Referrer-Policy | CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6 | Information |
| Cross-site Referrer Leakage through usage of the origin keyword in Referrer-Policy | CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6 | Information |
| Cross-site Referrer Leakage through usage of unsafe-url in Referrer-Policy | CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6 | Information |
| Crossdomain.xml Detected | ISO27001-A.12.5.1 | Information |
| CrushFTP Server Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| CubeCart Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| D3Js Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Daiquiri Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| data: Used in a Content Security Policy (CSP) Directive | ISO27001-A.14.2.5 | Information |
| Database Connection String Detected | CWE-16, HIPAA-164.306(a), ISO27001-A.18.1.3, WASC-15, OWASP 2013-A5, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N | Information |
| Database Detected (HSQLDB) | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N | Information |
| Database Detected (Microsoft Access) | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | Information |
| Database Detected (Microsoft SQL Server) | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N | Information |
| Database Detected (MongoDB) | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N | Information |
| Database Detected (MySQL) | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N | Information |
| Database Detected (Oracle) | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N | Information |
| Database Detected (PostgreSQL) | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N | Information |
| Database Detected (SQLite) | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N | Information |
| DataDome Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| DataTables Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| DbNinja Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Default Page Detected (Apache) | CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Default Page Detected (CakePHP Framework) | CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Default Page Detected (IIS 10.0) | CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Default Page Detected (IIS 6) | CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Default Page Detected (IIS 7.5) | CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Default Page Detected (IIS 7.X) | CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Default Page Detected (IIS 7) | CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Default Page Detected (IIS 8.5) | CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Default Page Detected (IIS 8) | CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Default Page Detected (Tomcat) | CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| default-src Used in Content Security Policy (CSP) | ISO27001-A.14.2.5 | Information |
| Denial of Service (MySQL) | CWE-400, ISO27001-A.14.1.2, WASC-10, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H | Information |
| Deprecated Header Instruction Used to Implement Content Security Policy (CSP) | CWE-16, ISO27001-A.14.2.5, WASC-15 | Information |
| Digest Authorization Required | ISO27001-A.9.4.1 | Information |
| Directory Listing (Apache) | CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Directory Listing (ASP.NET Server) | CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Directory Listing (IIS) | CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Directory Listing (Lighttpd) | CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Directory Listing (LiteSpeed) | CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Directory Listing (Nginx) | CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Directory Listing (Tomcat) | CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Directory Listing (WebDAV) | CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | Information |
| Disabled X-XSS-Protection Header | CWE-693, ISO27001-A.14.1.2, WASC-15 | Information |
| Django Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| Dojo Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C | Information |
| DokuWiki Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Dolibarr Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| Dolphin Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| DomPurify Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| DotClear Detected | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |
| dotCMS Identified | CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 | Information |