Web Applications Family for Web App Scanning

IDNameSeverity
115002Netdisco Unauthenticated Access
medium
114986Apache Airflow Unauthenticated Access
medium
114979pyLoad Default Credentials
critical
114976GoCD Unauthenticated Access
medium
114975Anteon Unauthenticated Access
medium
114974Clickhouse API Unauthenticated Access
medium
114973Tiny File Manager Default Credentials
critical
114972Tiny File Manager Unauthenticated Access
medium
114971File Browser Unauthenticated Access
medium
114970cAdvisor Unauthenticated Access
medium
114968Jenkins Unauthenticated Access
critical
114967Jenkins User Registration Form Detected
medium
114920OAuth Dynamic Client Registration Permissive Metadata Field
low
114919OAuth Dynamic Client Registration Permissive Redirect URI
low
114918OAuth Dynamic Client Registration Detected
info
114903Microsoft Exchange Admin Center Detected
info
114884FastJSON Object Deserialization
critical
114882GraphQL Unauthenticated Mutation Detected
medium
114868GraphQL Alias Overloading Enabled
medium
114867GraphQL Query Length Not Limited
medium
114866GraphQL Debug Mode Enabled
medium
114621Docker Public Registry Detected
info
114619GitLab Public Snippets Detected
info
114617GitLab Public Projects Detected
info
114616GitLab Public Sign-Up Detected
info
114613Auth0 Identity Provider Detected
info
114611Azure Entra ID Identity Provider Detected
info
114610ASP.NET Cookieless Session State Enabled
low
114608REST API Detected
info
114590Microsoft Exchange Autodiscover V2 User Enumeration
medium
114573Microsoft Remote Desktop Web Access Detected
info
114572DNS Dangling Record
medium
114570Envoy Admin Interface Exposed
medium
114571Istio Sensitive Information Disclosure
high
114528PhpSysInfo Detected
medium
114505HTTP Hop-By-Hop Headers Detected
info
114503Virtual Hosts Detected
info
114502Cross-Site WebSocket Hijacking
high
114439Express.js Cookie-Session Weak Secret Key
high
114438Express.js Express-Session Weak Secret Key
high
114437Pyramid Weak Secret Key
high
114436Ruby On Rails Weak Secret Key
high
114435Django Weak Secret Key
high
114434Flask Weak Secret Key
high
114432Laravel Weak Secret Key
high
114429Service Worker Detected
info
114395WebSocket Detected
info
114386External Broken Resources Detected
low
114358Malicious Third Party Domain Detected
medium
114322PHP Input Variables Exceeded
medium