112555 | Report Only Content Security Policy Detected | Web App Scanning | HTTP Security Header | 3/25/2024 | info |
112553 | Missing 'Cache-Control' Header | Web App Scanning | HTTP Security Header | 3/25/2024 | low |
112551 | Missing Content Security Policy | Web App Scanning | HTTP Security Header | 3/25/2024 | low |
112535 | HTTP Strict Transport Security Policy Detected | Web App Scanning | HTTP Security Header | 3/25/2024 | info |
112529 | Missing 'X-Content-Type-Options' Header | Web App Scanning | HTTP Security Header | 3/25/2024 | low |
112527 | Disabled 'X-XSS-Protection' Header | Web App Scanning | HTTP Security Header | 3/25/2024 | info |
112526 | Missing 'X-XSS-Protection' Header | Web App Scanning | HTTP Security Header | 3/25/2024 | info |
98056 | Missing HTTP Strict Transport Security Policy | Web App Scanning | HTTP Security Header | 3/18/2024 | medium |
113158 | Package Dependencies Detected | Web App Scanning | Data Exposure | 3/18/2024 | medium |
112543 | HTTPS Not Detected | Web App Scanning | SSL/TLS | 3/13/2024 | high |
112295 | Apache Tomcat 9.0.0.M1 < 9.0.0.M22 Multiple Vulnerabilities | Web App Scanning | Component Vulnerability | 3/13/2024 | high |
112290 | Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities | Web App Scanning | Component Vulnerability | 3/13/2024 | critical |
98607 | Ultimate Member Plugin for WordPress < 2.0.46 Multiple Vulnerabilities | Web App Scanning | Component Vulnerability | 3/6/2024 | medium |
113075 | Apache Log4j Remote Code Execution (Log4Shell) | Web App Scanning | Component Vulnerability | 3/6/2024 | critical |
98047 | Allowed HTTP Methods | Web App Scanning | Web Applications | 2/27/2024 | info |
114214 | ConnectWise ScreenConnect < 23.9.8 Authentication Bypass | Web App Scanning | Component Vulnerability | 2/27/2024 | critical |
114145 | Apache OFBiz Authentication Bypass | Web App Scanning | Component Vulnerability | 2/21/2024 | critical |
113580 | Web Cache Deception | Web App Scanning | Web Applications | 2/21/2024 | high |
112705 | Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 / 12.2.1.4.0 / 14.1.1.0.0 Authentication Bypass | Web App Scanning | Component Vulnerability | 2/21/2024 | critical |
114203 | Ivanti Connect Secure 9.x / 22.x XML External Entity | Web App Scanning | Component Vulnerability | 2/19/2024 | high |
114164 | Stripe Payment Plugin for WooCommerce Plugin for WordPress < 3.8.0 SQL Injection | Web App Scanning | Component Vulnerability | 2/15/2024 | high |
114122 | Appwrite Server-Side Request Forgery | Web App Scanning | Component Vulnerability | 2/15/2024 | high |
114027 | WP Fastest Cache Plugin for WordPress < 1.1.3 Multiple Vulnerabilities | Web App Scanning | Component Vulnerability | 2/15/2024 | medium |
114166 | SOAP API Detected | Web App Scanning | Web Applications | 2/8/2024 | info |
113237 | PHP Object Deserialization | Web App Scanning | Web Applications | 2/8/2024 | critical |
112614 | Server-Side Template Injection | Web App Scanning | Injection | 2/8/2024 | high |
98200 | Drupal Administration Panel Login Form Detected | Web App Scanning | Web Applications | 2/2/2024 | low |
98145 | Selenium Crawl Failed | Web App Scanning | General | 2/2/2024 | info |
98143 | Selenium Crawl Succeeded | Web App Scanning | General | 2/2/2024 | info |
98123 | Operating System Command Injection | Web App Scanning | Code Execution | 2/2/2024 | critical |
98115 | SQL Injection | Web App Scanning | Injection | 2/2/2024 | high |
98097 | Backdoor Detection | Web App Scanning | Web Servers | 2/2/2024 | critical |
114129 | Secret Data Disclosure | Web App Scanning | Data Exposure | 2/2/2024 | high |
113973 | Web Services Description Language (WSDL) File Detected | Web App Scanning | Web Applications | 2/2/2024 | info |
113900 | Cross-Site Request Forgery Token Validation Bypass | Web App Scanning | Cross Site Request Forgery | 2/2/2024 | medium |
114157 | POST SMTP Mailer Plugin for WordPress < 2.8.8 Authorization Bypass | Web App Scanning | Component Vulnerability | 1/24/2024 | critical |
114156 | Atlassian Confluence 8.6.x < 8.7.2 Multiple Remote Code Execution | Web App Scanning | Component Vulnerability | 1/24/2024 | high |
114155 | Atlassian Confluence 8.x < 8.5.5 Multiple Remote Code Execution | Web App Scanning | Component Vulnerability | 1/24/2024 | high |
114154 | Atlassian Confluence < 7.19.18 Multiple Remote Code Execution | Web App Scanning | Component Vulnerability | 1/24/2024 | high |
114153 | Atlassian Confluence 8.6.x < 8.7.2 Remote Code Execution | Web App Scanning | Component Vulnerability | 1/24/2024 | high |
114152 | Atlassian Confluence 8.x < 8.5.5 Remote Code Execution | Web App Scanning | Component Vulnerability | 1/24/2024 | high |
114151 | Atlassian Confluence 7.13.x < 7.19.17 Remote Code Execution | Web App Scanning | Component Vulnerability | 1/24/2024 | high |
114099 | Microsoft SharePoint Server 2019 build < 16.0.10399.20005 Elevation of Privilege | Web App Scanning | Component Vulnerability | 1/24/2024 | critical |
114089 | Pimcore User Enumeration | Web App Scanning | Web Applications | 1/24/2024 | medium |
113904 | Sitecore Unauthenticated User Enumeration | Web App Scanning | Web Applications | 1/24/2024 | medium |
113871 | DotNetNuke User Enumeration | Web App Scanning | Web Applications | 1/24/2024 | medium |
113855 | GiveWP Plugin for WordPress < 2.24.1 SQL Injection | Web App Scanning | Component Vulnerability | 1/24/2024 | critical |
113853 | Customer Reviews for WooCommerce Plugin for WordPress < 5.17.0 Cross-Site Scripting | Web App Scanning | Component Vulnerability | 1/24/2024 | medium |
113337 | NoSQL Injection Authentication Bypass | Web App Scanning | Injection | 1/24/2024 | high |
98112 | Cross-Site Request Forgery | Web App Scanning | Cross Site Request Forgery | 1/19/2024 | medium |