Vulnerability Name Classifications Severity
Cloudflare Identified CWE-205, ISO27001-A14.2.5, WASC-13, OWASP 2017-A6 Information
Collabtive Detected CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Concrete5 Detected CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Configuration File Detected PCI v3.2-6.5.8, CAPEC-87, CWE-425, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-34, OWASP 2013-A7, OWASP 2017-A5, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Information
contao Detected CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Content Security Policy (CSP) Contains Out of Scope report-uri Domain ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3 Information
Content Security Policy (CSP) Keywords Not Used Within Single Quotes CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Content Security Policy (CSP) Nonce Value Not Used Within Single Quotes CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Content Security Policy (CSP) Nonce Without Matching Script Block CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Content Security Policy (CSP) report-uri Uses HTTP ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3 Information
Content-Security-Policy-Report-Only Cannot Be Declared Between META Tags CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Content-Security-Policy-Report-Only Cannot Be Declared Without report-uri Directive CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6 Information
Coppermine Detected CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Cowboy HTTP Server Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Craft CMS Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Credit Card Disclosure PCI v3.2-6.5.3, CAPEC-118, CWE-213, ISO27001-A.18.1.4, WASC-13, OWASP 2013-A6, OWASP 2017-A3 Information
Cross-site Referrer Leakage through Permissive Referrer-Policy CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6 Information
Cross-site Referrer Leakage through Referrer-Policy CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6 Information
Cross-site Referrer Leakage through usage of no-referrer-when-downgrade in Referrer-Policy CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6 Information
Cross-site Referrer Leakage through usage of origin-when-cross-origin in Referrer-Policy CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6 Information
Cross-site Referrer Leakage through usage of strict-origin in Referrer-Policy CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6 Information
Cross-site Referrer Leakage through usage of strict-origin-when-cross-origin in Referrer-Policy CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6 Information
Cross-site Referrer Leakage through usage of the origin keyword in Referrer-Policy CWE-200, ISO27001-A.14.1.2, OWASP 2013-A6, OWASP 2017-A6 Information
Cross-site Referrer Leakage through usage of unsafe-url in Referrer-Policy CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A6 Information
Crossdomain.xml Detected ISO27001-A.12.5.1 Information
CrushFTP Server Detected CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
CubeCart Detected CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
D3Js Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Daiquiri Detected CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
data: Used in a Content Security Policy (CSP) Directive ISO27001-A.14.2.5 Information
Database Connection String Detected CWE-16, HIPAA-164.306(a), ISO27001-A.18.1.3, WASC-15, OWASP 2013-A5, OWASP 2017-A3, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N Information
Database Detected (HSQLDB) CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N Information
Database Detected (Microsoft Access) CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Information
Database Detected (Microsoft SQL Server) CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N Information
Database Detected (MongoDB) CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N Information
Database Detected (MySQL) CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N Information
Database Detected (Oracle) CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N Information
Database Detected (PostgreSQL) CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N Information
Database Detected (SQLite) CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N Information
DataDome Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
DataTables Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
DbNinja Detected CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Default Page Detected (Apache) CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Default Page Detected (CakePHP Framework) CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Default Page Detected (IIS 10.0) CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Default Page Detected (IIS 6) CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Default Page Detected (IIS 7.5) CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Default Page Detected (IIS 7.X) CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Default Page Detected (IIS 7) CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Default Page Detected (IIS 8.5) CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Default Page Detected (IIS 8) CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Default Page Detected (Tomcat) CWE-200, ISO27001-A.18.1.3, WASC-13, CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
default-src Used in Content Security Policy (CSP) ISO27001-A.14.2.5 Information
Denial of Service (MySQL) CWE-400, ISO27001-A.14.1.2, WASC-10, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H Information
Deprecated Header Instruction Used to Implement Content Security Policy (CSP) CWE-16, ISO27001-A.14.2.5, WASC-15 Information
Digest Authorization Required ISO27001-A.9.4.1 Information
Directory Listing (Apache) CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Directory Listing (ASP.NET Server) CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Directory Listing (IIS) CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Directory Listing (Lighttpd) CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Directory Listing (LiteSpeed) CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Directory Listing (Nginx) CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Directory Listing (Tomcat) CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
Directory Listing (WebDAV) CAPEC-127, CWE-548, ISO27001-A.9.4.1, WASC-16, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Information
Disabled X-XSS-Protection Header CWE-693, ISO27001-A.14.1.2, WASC-15 Information
Django Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C Information
DokuWiki Detected CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Dolibarr Detected CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Dolphin Detected CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
DomPurify Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
DotClear Detected CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
dotCMS Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Drupal Detected CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
Dwr Identified CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information
e107 Detected CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 Information