Detections
Analytics

was Plugin Feed 202501070844Jan 7, 2025, 8:44 AM

Modified Detection
  • 112290Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities
  • 112439Server-Side Request Forgery
  • 112524Oracle WebLogic WSAT Remote Code Execution
  • 112526Missing 'X-XSS-Protection' Header (deprecated)
  • 112541SSL/TLS Certificate Common Name Mismatch
  • 112544HTTP to HTTPS Redirect Not Enabled
  • 112545Oracle WebLogic Server Administration Console Detected
  • 112685Symfony Secret Fragments Remote Code Execution
  • 112686JSON Web Token Detected
  • 112703JSON Web Token None Hashing Algorithm
  • 112704Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 Remote Code Execution
  • 112706Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 / 12.2.1.3.0 Remote Code Execution
  • 112720Rails < 4.2.11.3 / 5.x < 5.0.1 Remote Code Execution
  • 112907GraphQL Interface Detected
  • 113029Microsoft IIS Unsupported Version
  • 113031Out-of-Date JQuery UI Detected
  • 113034Out-of-Date MediaElement.Js Detected
  • 113057Microsoft Exchange Server Autodiscover Cross-Site Scripting
  • 113058Apache 2.4.10 < 2.4.44 Source Code Disclosure
  • 113059OPcache UI Detected
  • 113067Basic Authentication Bruteforced
  • 113078AngularJS Unsupported Version
  • 113123Dockerfile Detected
  • 113150Google Cloud Service Account Private Key Disclosure (deprecated)
  • 113158Package Dependencies Detected
  • 113162MySQLjs SQL Injection Authentication Bypass
  • 113164AWS Credentials Disclosure (deprecated)
  • 113168Docker Compose Configuration Detected
  • 113195Spring Boot Actuator Detected
  • 113217Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell)
  • 113219Insecure Redirect Chain
  • 113258OpenAPI Permissive Input Validation
  • 113310Blind XPath Injection (differential analysis)
  • 113337NoSQL Injection Authentication Bypass
  • 113369BackupBuddy Plugin for WordPress < 8.7.5 Arbitrary File Read
  • 113373Atlassian Bitbucket Remote Code Execution
  • 113448Microsoft Access Database Detected
  • 113452WordPress Plugins Detected
  • 113634Server-Side Inclusion Injection
  • 113900Cross-Site Request Forgery Token Validation Bypass
  • 113906Advanced Custom Fields for WordPress 6.0.x < 6.1.6 Cross-Site Scripting
  • 113908Advanced Custom Fields Pro for WordPress 6.0.x < 6.1.6 Cross-Site Scripting
  • 113943Disclosed Hong Kong Identity Number
  • 113973Web Services Description Language (WSDL) File Detected
  • 114006Web Cache Poisoning Denial of Service
  • 114029Well-Known URIs Detected
  • 114064MediaWiki Status Module Information Disclosure
  • 114116XML Injection
  • 114128External Backend API Detected
  • 114129Generic Secret Disclosure
  • 114146Subdomain Takeover
  • 114166SOAP API Detected
  • 114168Jenkins < 2.442 / < LTS 2.426.3 Arbitrary File Read
  • 114200Google Cloud Platform Detected
  • 114232PHP Development Server < 7.4.22 Source Disclosure
  • 114247Authentication Check Pattern Found in Unauthenticated Browser
  • 114258LayerSlider Plugin for WordPress 7.9.11 < 7.10.1 SQL Injection
  • 114262Request URL Override
  • 114276Database Connection String Disclosure
  • 114313Flowise Chatflow Detected
  • 114357Polyfill Detected
  • 114386External Broken Resources Detected
  • 114400Apache OFBiz < 18.12.11 Server-Side Request Forgery
  • 114434Flask Weak Secret Key
  • 114450Mura/Masa CMS SQL Injection
  • 114502Cross-Site WebSocket Hijacking
  • 114549Apache Struts < 6.4.0 Unrestricted File Upload (S2-067)
  • 115540Cookie Without SameSite Flag Detected
  • 98000Scan Information
  • 98008Web Application Firewall Detected
  • 98054Unvalidated Redirection
  • 98056Missing HTTP Strict Transport Security Policy
  • 98062Cookie Set For Parent Domain
  • 98063Cookie Without HttpOnly Flag Detected
  • 98064Cookie Without Secure Flag Detected
  • 98070Common Administration Interfaces Detection
  • 98071Common Files Detection
  • 98074Backup File
  • 98080Form-based File Upload
  • 98083CAPTCHA Detection
  • 98091Mixed Resource Detection
  • 98099Publicly writable directory
  • 98100Path Traversal
  • 98101Response Splitting
  • 98104Cross-Site Scripting (XSS)
  • 98107Cross-Site Scripting (XSS) in path
  • 98109DOM-based Cross-Site Scripting (XSS)
  • 98110DOM-based Cross-Site Scripting (XSS) in attribute context
  • 98112Cross-Site Request Forgery
  • 98113XML External Entity
  • 98115SQL Injection
  • 98117Blind SQL Injection (differential analysis)
  • 98119Blind NoSQL Injection (differential analysis)
  • 98123Operating System Command Injection
  • 98125Local File Inclusion
  • 98146Password Submitted Using GET Method
  • 98201Drupal User Registration Form Detected
  • 98202WordPress User Registration Form Detected
  • 98205Joomla! User Registration Form Detected
  • 98209Drupal User Enumeration
  • 98228Drupal Unsupported Version
  • 98230PHP Unsupported Version
  • 98538Environment Configuration File Detected
  • 98611Error Message
  • 98623Host Header Injection
  • 98646.DS_Store File Detected
  • 98648Missing 'Content-Type' Header
  • 98779Source Code Passive Disclosure
  • 98920Disclosed US Social Security Number
New
  • 114546Apache Tomcat 11.0.0-M1 < 11.0.2 Multiple Vulnerabilities
  • 114547Apache Tomcat 10.1.0-M1 < 10.1.34 Multiple Vulnerabilities
  • 114548Apache Tomcat 9.0.0-M1 < 9.0.98 Multiple Vulnerabilities