Vulnerability Name |
Classifications |
Severity |
Expect-CT Not Enabled
|
CWE-16, ISO27001-A.14.1.2, WASC-15 |
Best Practice
|
Insecure Transportation Security Protocol Supported (TLS 1.1)
|
PCI v3.2-6.5.4, CAPEC-217, CWE-326, HIPAA-164.306, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3 |
Best Practice
|
Missing X-XSS-Protection Header
|
CWE-16, HIPAA-164.308(a), ISO27001-A.14.2.5, WASC-15 |
Best Practice
|
Referrer-Policy Not Implemented
|
CWE-200, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A3 |
Best Practice
|
SameSite Cookie Not Implemented
|
CWE-16, ISO27001-A.14.2.5, WASC-15 |
Best Practice
|
SameSite None Cookie Not Marked as Secure
|
CWE-16, ISO27001-A.14.2.5, WASC-15 |
Best Practice
|
Subresource Integrity (SRI) Not Implemented
|
CWE-16, ISO27001-A.14.2.5, WASC-15 |
Best Practice
|
.htaccess File Detected
|
CWE-285, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Information
|
aah Go Server Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C |
Information
|
AbanteCart Detected
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
actionhero.js Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
Adminer Detected
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
Administration Page Detected
|
PCI v3.2-6.5.8, CAPEC-87, CWE-425, HIPAA-164.306(a), 164.308(a), ISO27001-A.9.4.1, WASC-34, OWASP 2013-A7, OWASP 2017-A5, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Information
|
AEM Detected
|
CWE-205, ISO27001-A14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
Ampache Detected
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
An Unsafe Content Security Policy (CSP) Directive in Use
|
CWE-16, ISO27001-A.14.2.5, WASC-15 |
Information
|
Angularjs Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
Apache Coyote Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C |
Information
|
Apache Module Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C |
Information
|
Apache Shiro Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
Apache Traffic Server Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C |
Information
|
Apache Web Server Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C |
Information
|
Apple’s App-Site Association (AASA) Detected
|
ISO27001-A.18.1.3 |
Information
|
Artifactory DevOps Solution Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C |
Information
|
ASP.NET Debugging Enabled
|
CWE-16, ISO27001-A.9.4.1, WASC-14, OWASP 2013-A5, OWASP 2017-A6 |
Information
|
ASP.NET Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C |
Information
|
ASP.NET MVC Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C |
Information
|
AspNetSignalR Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
Atlassian Confluence Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C |
Information
|
Atlassian Jira Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C |
Information
|
Atlassian Proxy Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C |
Information
|
ATutor Detected
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
Authorization Required
|
ISO27001-A.9.4.1 |
Information
|
Autocomplete Enabled (Password Field)
|
CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Information
|
AWStats Detected
|
CAPEC-224, CWE-205, ISO27001-A.14.2.5, WASC-45, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Information
|
Axios Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
Axway SecureTransport Server Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C |
Information
|
b2evolution Detected
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
Backbonejs Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
Basic Authorization Required
|
ISO27001-A.9.4.1 |
Information
|
BitNinja Captcha Server Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C |
Information
|
Bluebird Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
Bomgar Remote Support Software Detected
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
Bootbox Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
Bootstrap3DateTimePicker Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
Bootstrapjs Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
BootstrapSelect Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
BootstrapTable Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
BootstrapToggle Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
BootstrapTypeahead Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
Caddy Web Server Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
CakePHP Framework Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
CanvasJS Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
CDN Detected (Airee)
|
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 |
Information
|
CDN Detected (Akamai)
|
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 |
Information
|
CDN Detected (Arvan Cloud)
|
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 |
Information
|
CDN Detected (Azure CDN)
|
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 |
Information
|
CDN Detected (CDN77)
|
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 |
Information
|
CDN Detected (Fastly)
|
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 |
Information
|
CDN Detected (Fireblade)
|
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 |
Information
|
CDN Detected (Google Cloud CDN)
|
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 |
Information
|
CDN Detected (Incapsula)
|
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 |
Information
|
CDN Detected (Instart)
|
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 |
Information
|
CDN Detected (JsDelivr)
|
CAPEC-224, CWE-200, WASC-45 |
Information
|
CDN Detected (KeyCDN)
|
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 |
Information
|
CDN Detected (MaxCDN)
|
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 |
Information
|
CDN Detected (Netlify)
|
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 |
Information
|
CDN Detected (PowerCDN)
|
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 |
Information
|
CDN Detected (Qrator)
|
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 |
Information
|
CDN Detected (StackPath)
|
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 |
Information
|
CDN Detected (Sucuri)
|
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 |
Information
|
CDN Detected (West263)
|
CAPEC-224, CWE-200, ISO27001-A.18.1.3, WASC-45 |
Information
|
Cdnjs Identified
|
CWE-205, ISO27001-A14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
Chamilo Detected
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|
Chartjs Identified
|
CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6 |
Information
|