- The GlassFish Admin Console is protected with weak or default credentials. Acunetix was able to guess the username and password required to access this page. A weak password is short, common, a system default, or something that could be rapidly guessed by executing a brute force attack using a subset of all possible passwords, such as words in the dictionary, proper names, words based on the user name or common variations on these themes.
- Enforce a strong password policy. Don't permit weak passwords or passwords based on dictionary words.
- WordPress Plugin SS Downloads Cross-Site Request Forgery and Information Disclosure Vulnerabilities (1.4.3)
- WordPress Plugin U Extended Comment 'fileurl' Parameter Arbitrary File Download (1.0.1)
- Error message on page
- WordPress W3 Total Cache plugin predictable cache filenames
- Apache mod_negotiation filename bruteforcing