Web App Scanning Release Notes from Tenable

Web App Scanning Plugin Feed 202603120735

Feed built 5 days ago

New

115165 WordPress 6.9.x < 6.9.2 Multiple Vulnerabilities : undefined
115166 WordPress 6.8.x < 6.8.5 Multiple Vulnerabilities : undefined
115167 WordPress 6.7.x < 6.7.5 Multiple Vulnerabilities : undefined
115168 WordPress 6.6.x < 6.6.5 Multiple Vulnerabilities : undefined
115169 WordPress 6.5.x < 6.5.8 Multiple Vulnerabilities : undefined
115170 WordPress 6.4.x < 6.4.8 Multiple Vulnerabilities : undefined

Web App Scanning Plugin Feed 202603100743

Feed built 7 days ago

Modified Detection

114223 HTTP Request Smuggling : undefined

New

115118 Validated Secret Detected : undefined
115152 Apache Tomcat 11.0.0-M1 < 11.0.15 Multiple Vulnerabilities : undefined
115153 Apache Tomcat 10.1.0-M1 < 10.1.50 Multiple Vulnerabilities : undefined
115154 Apache Tomcat 9.0.0-M1 < 9.0.113 Multiple Vulnerabilities : undefined
115157 SolarWinds WHD < 2026.1 Authentication Bypass : undefined
115158 Nginx UI < 2.3.3 Sensitive Information Disclosure : undefined
115159 CKEditor < 47.6.0 Cross-Site Scripting : undefined
115160 CKEditor 5.44.2.x < 5.45.2.2 Cross-Site Scripting : undefined
115161 CKEditor 5.46.0.2 < 5.46.0.3 Cross-Site Scripting : undefined
115162 CKEditor 5.42.0.x < 5.44.2.1 Cross-Site Scripting : undefined
115163 CKEditor 5.40.0.x < 5.41.3.2 Cross-Site Scripting : undefined
115164 CKEditor < 43.1.1 Cross-Site Scripting : undefined

Web App Scanning Plugin Feed 202603050720

Feed built 12 days ago

Modified Detection

114790 MCP Server Detected : undefined
115062 Third-Party Service Secret Disclosure : undefined
98115 SQL Injection : undefined
98994 Kentico CMS < 9.0.51 / 10.x < 10.0.48 Access Control Bypass : undefined
98995 Kentico CMS 8.2.x < 8.2.41 Open Redirect : undefined
98996 Kentico CMS < 9.0.51 Cross-Site Scripting : undefined
98997 Kentico CMS 9.x < 10.0.52 / 11.0.x < 11.0.48 / 12.0.x < 12.0.15 Remote Code Execution : undefined

New

115149 Apache Tomcat 11.0.0-M1 < 11.0.18 Incomplete OCSP Verification Checks : undefined
115150 Apache Tomcat 10.1.0-M7 < 10.1.52 Incomplete OCSP Verification Checks : undefined
115151 Apache Tomcat 9.0.83 < 9.0.115 Incomplete OCSP Verification Checks : undefined
115152 Apache Tomcat 11.0.0-M1 < 11.0.15 Multiple Vulnerabilities : undefined
115153 Apache Tomcat 10.1.0-M1 < 10.1.50 Multiple Vulnerabilities : undefined
115154 Apache Tomcat 9.0.0-M1 < 9.0.113 Multiple Vulnerabilities : undefined
115155 TLS 1.3 Not Supported Protocol : undefined
115156 SolarWinds WHD < 2026.1 Multiple Vulnerabilities : undefined
115157 SolarWinds WHD < 2026.1 Authentication Bypass : undefined

Web App Scanning Plugin Feed 202602170740

Feed built 28 days ago

Modified Detection

115010 Object-Relational Mapping (ORM) Leak : undefined
115128 Ivanti Endpoint Manager Mobile < 12.8.0.0 Remote Code Execution : undefined
98146 Password Submitted Using GET Method : undefined

New

115141 Nginx 1.3.0 < 1.29.5 SSL Upstream Injection : undefined
115142 Ruby Configuration File Detected : undefined
115143 eSMTPRC Configuration File Detected : undefined
115144 MSMTPRC Configuration File Detected : undefined
115145 Wgetrc Configuration File Detected : undefined
115146 Claude Code Settings File Detected : undefined
115147 Configuration File Detected : undefined
115148 Git Credentials Configuration File Detected : undefined

Web App Scanning Plugin Feed 202602110738

Feed built about 1 month ago

Modified Detection

112686 JSON Web Token Detected : undefined
112703 JSON Web Token None Hashing Algorithm : undefined
113158 Package Dependencies Detected : undefined
114129 Generic Secret Disclosure : undefined
114223 HTTP Request Smuggling : undefined
114450 Mura/Masa CMS SQL Injection : undefined
115010 Object-Relational Mapping (ORM) Leak : undefined
115062 Third-Party Service Secret Disclosure : undefined
115063 AI Service Secret Disclosure : undefined
115121 Versa Concerto 11.4.x < 12.1.2 Authentication Bypass : undefined
115128 Ivanti Endpoint Manager Mobile < 12.8.0.0 Remote Code Execution : undefined
98008 Web Application Firewall Detected : undefined
98099 Publicly writable directory : undefined
98115 SQL Injection : undefined
98146 Password Submitted Using GET Method : undefined
98994 Kentico CMS < 9.0.51 / 10.x < 10.0.48 Access Control Bypass : undefined
98995 Kentico CMS 8.2.x < 8.2.41 Open Redirect : undefined
98996 Kentico CMS < 9.0.51 Cross-Site Scripting : undefined
98997 Kentico CMS 9.x < 10.0.52 / 11.0.x < 11.0.48 / 12.0.x < 12.0.15 Remote Code Execution : undefined

New

115127 Kubernetes Kustomization Configuration Detected : undefined
115129 Apache Configuration File Detected : undefined
115130 Ansible Configuration File Detected : undefined
115131 Apache Airflow Configuration File Detected : undefined
115132 OpenCMS <= 18.0.0 Multiple Cross-Site Scripting : undefined
115133 OpenCMS < 17.0.0 Multiple Vulnerabilities : undefined
115134 OpenCMS 14.0.0 < 16.0.0 Multiple Vulnerabilities : undefined
115135 OpenCMS <= 15.0 Arbitrary File Upload : undefined
115136 Roundcube Webmail < 1.5.12 Multiple Vulnerabilities : undefined
115137 Roundcube Webmail 1.6.x < 1.6.12 Multiple Vulnerabilities : undefined
115138 Roundcube Webmail < 1.5.10 Remote Code Execution : undefined
115139 Roundcube Webmail 1.6.x < 1.6.11 Remote Code Execution : undefined
115140 Mura CMS < 10.0.580 Authentication Bypass : undefined
115141 Nginx 1.3.0 < 1.29.5 SSL Upstream Injection : undefined
115142 Ruby Configuration File Detected : undefined

Web App Scanning Plugin Feed 202602030728

Feed built about 1 month ago

Modified Detection

115121 Versa Concerto 11.4.x < 12.1.2 Authentication Bypass : undefined
115128 Ivanti Endpoint Manager Mobile < 12.8.0.0 Remote Code Execution : undefined

New

115127 Kubernetes Kustomization Configuration Detected : undefined

Web App Scanning Plugin Feed 202601301011

Feed built about 2 months ago

New

115123 OpenClaw Gateway Dashboard Detected : undefined
115124 Firebase Configuration Detected : undefined
115125 Parameters YML Configuration Detected : undefined
115126 CodeDeploy Appspec Configuration Detected : undefined

Web App Scanning Plugin Feed 202601280747

Feed built about 2 months ago

Modified Detection

115088 PHP 8.5.x < 8.5.1 Multiple Vulnerabilities : undefined
115121 Versa Concerto 11.4.x < 12.1.2 Authentication Bypass : undefined
115122 Zimbra Collaboration 10.0.x < 10.0.18 / 10.1.x < 10.1.13 Local File Inclusion : undefined
115540 Cookie Without SameSite Flag Detected : undefined
98062 Cookie Set For Parent Domain : undefined
98063 Cookie Without HttpOnly Flag Detected : undefined
98064 Cookie Without Secure Flag Detected : undefined
98230 PHP Unsupported Version : undefined

New

115115 Deep Chat Chatbot Detected : undefined
115116 OpenAssistantGPT Chatbot Detected : undefined
115117 SmarterMail < build 9413 Unrestricted File Upload : undefined
115119 Redis Configuration File Detected : undefined
115120 Vite < 4.5.11 / 5.0.x < 5.4.16 / 6.0.x < 6.0.13 / 6.1.x < 6.1.3 / 6.2.x < 6.2.4 Arbitrary File Read : undefined

Web App Scanning Plugin Feed 202601210831

Feed built about 2 months ago

Modified Detection

114129 Generic Secret Disclosure : undefined
115062 Third-Party Service Secret Disclosure : undefined
115063 AI Service Secret Disclosure : undefined
115088 PHP 8.5.x < 8.5.1 Multiple Vulnerabilities : undefined

New

115114 SSH Known Hosts File Detected : undefined
115115 Deep Chat Chatbot Detected : undefined

Web App Scanning Plugin Feed 202601191037

Feed built about 2 months ago

Modified Detection

114116 XML Injection : undefined
115113 Livewire 3.x < 3.6.4 Remote Code Execution : undefined

Web App Scanning Plugin Feed 202601150854

Feed built 2 months ago

Modified Detection

114129 Generic Secret Disclosure : undefined
114200 Google Cloud Platform Detected : undefined
115062 Third-Party Service Secret Disclosure : undefined
115063 AI Service Secret Disclosure : undefined

New

115106 Shibboleth SSO Open Redirect : undefined
115107 Ambassador API Gateway Diagnostics Sensitive Information Disclosure : undefined
115108 SAP NetWeaver ICM Info Sensitive Information Disclosure : undefined
115109 JetBrains TeamCity Registration Enabled : undefined
115110 JetBrains TeamCity Guest Access Detected : undefined
115111 Private Key File Detected : undefined
115112 Livewire Request Detected : undefined

Web App Scanning Plugin Feed 202601081113

Feed built 2 months ago

Modified Detection

114129 Generic Secret Disclosure : undefined
115062 Third-Party Service Secret Disclosure : undefined
115063 AI Service Secret Disclosure : undefined

New

115096 Commvault CommandCenter < 11.36.60 Unauthorized API Access : undefined
115097 Sitecore Debug Page Detected : undefined
115098 Next.js Configuration File Detected : undefined
115099 Symfony Conflicting Headers Information Disclosure : undefined
115100 Joomla! 3.9.x < 5.4.2 Multiple Vulnerabilities : undefined
115101 Joomla! 6.x < 6.0.2 Multiple Vulnerabilities : undefined
115102 N8n < 2.2.2 Unauthenticated Forged Webhooks : undefined
115103 N8n < 2.0.0 Multiple Vulnerabilities : undefined
115104 N8n < 1.121.3 Arbitrary File Write : undefined
115105 N8n < 1.121.0 Remote Code Execution (Ni8mare) : undefined

Web App Scanning Plugin Feed 202601051133

Feed built 2 months ago

Modified Detection

112686 JSON Web Token Detected : undefined
112703 JSON Web Token None Hashing Algorithm : undefined
113029 Microsoft IIS Unsupported Version : undefined
113158 Package Dependencies Detected : undefined
113217 Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell) : undefined
113943 Disclosed Hong Kong Identity Number : undefined
114064 MediaWiki Status Module Information Disclosure : undefined
114116 XML Injection : undefined
114129 Generic Secret Disclosure : undefined
114200 Google Cloud Platform Detected : undefined
114223 HTTP Request Smuggling : undefined
114276 Database Connection String Disclosure : undefined
114450 Mura/Masa CMS SQL Injection : undefined
114790 MCP Server Detected : undefined
115010 Object-Relational Mapping (ORM) Leak : undefined
115062 Third-Party Service Secret Disclosure : undefined
115063 AI Service Secret Disclosure : undefined
115088 PHP 8.5.x < 8.5.1 Multiple Vulnerabilities : undefined
115540 Cookie Without SameSite Flag Detected : undefined
98008 Web Application Firewall Detected : undefined
98062 Cookie Set For Parent Domain : undefined
98063 Cookie Without HttpOnly Flag Detected : undefined
98064 Cookie Without Secure Flag Detected : undefined
98099 Publicly writable directory : undefined
98115 SQL Injection : undefined
98146 Password Submitted Using GET Method : undefined
98228 Drupal Unsupported Version : undefined
98230 PHP Unsupported Version : undefined
98538 Environment Configuration File Detected : undefined
98994 Kentico CMS < 9.0.51 / 10.x < 10.0.48 Access Control Bypass : undefined
98995 Kentico CMS 8.2.x < 8.2.41 Open Redirect : undefined
98996 Kentico CMS < 9.0.51 Cross-Site Scripting : undefined
98997 Kentico CMS 9.x < 10.0.52 / 11.0.x < 11.0.48 / 12.0.x < 12.0.15 Remote Code Execution : undefined

New

115076 Gladinet Triofox < 16.7.10368.56560 Improper Access Control : undefined
115077 Gladinet CentreStack < 16.4.10315.56368 Insecure Deserialization : undefined
115078 Gladinet CentreStack / Triofox < 16.12.10420.56791 Hardcoded Credentials : undefined
115079 Kubernetes Configuration Detected : undefined
115080 Atlassian Jira 10.3.x < 10.3.13 XML External Entity Injection : undefined
115081 Atlassian Jira 11.x < 11.2.0 XML External Entity Injection : undefined
115082 Astro < 5.15.8 Reflected Cross-Site Scripting : undefined
115083 FreeBPX < 16.0.92 Multiples Vulnerabilities : undefined
115084 FreeBPX 17.0.x < 17.0.6 Multiples Vulnerabilities : undefined
115085 FreeBPX < 16.0.44 Authentication Bypass : undefined
115086 FreeBPX 17.0.x < 17.0.23 Authentication Bypass : undefined
115087 PostgREST API Server Detected : undefined
115089 PHP 8.4.x < 8.4.16 Multiple Vulnerabilities : undefined
115090 PHP 8.3.x < 8.3.29 Multiple Vulnerabilities : undefined
115091 PHP 8.2.x < 8.2.30 Multiple Vulnerabilities : undefined
115092 Behat Configuration File Detected : undefined
115093 PHP 8.1.x < 8.1.34 Multiple Vulnerabilities : undefined
115094 Nexus Repository Anonymous Access : undefined
115095 JFrog Artifactory Artifacts Repository Detected : undefined

Web App Scanning Plugin Feed 202512170727

Feed built 3 months ago

Modified Detection

114129 Generic Secret Disclosure : undefined
114276 Database Connection String Disclosure : undefined
115062 Third-Party Service Secret Disclosure : undefined
115063 AI Service Secret Disclosure : undefined
98538 Environment Configuration File Detected : undefined

New

115073 Apache Tika < 3.2.2 XML External Entity : undefined
115075 GeoServer < 2.25.6 / 2.26.x < 2.26.2 XML External Entity : undefined
115076 Gladinet Triofox < 16.7.10368.56560 Improper Access Control : undefined
115077 Gladinet CentreStack < 16.4.10315.56368 Insecure Deserialization : undefined
115078 Gladinet CentreStack / Triofox < 16.12.10420.56791 Hardcoded Credentials : undefined
115079 Kubernetes Configuration Detected : undefined
115080 Atlassian Jira 10.3.x < 10.3.13 XML External Entity Injection : undefined
115081 Atlassian Jira 11.x < 11.2.0 XML External Entity Injection : undefined
115082 Astro < 5.15.8 Reflected Cross-Site Scripting : undefined

Web App Scanning Plugin Feed 202512110934

Feed built 3 months ago

Modified Detection

113067 Basic Authentication Bruteforced : undefined
114907 Citrix NetScaler Gateway / ADC Memory Disclosure : undefined
115010 Object-Relational Mapping (ORM) Leak : undefined
115069 React Server Components 19.0 / 19.1.0 / 19.1.1 / 19.2.0 Remote Code Execution (React2Shell) : undefined
98209 Drupal User Enumeration : undefined

New

115072 Adobe Experience Manager (AEM) Forms Login Panel Detected : undefined
115073 Apache Tika < 3.2.2 XML External Entity : undefined
115074 Drupal JSON:API User Enumeration : undefined
115075 GeoServer < 2.25.6 / 2.26.x < 2.26.2 XML External Entity : undefined

Web App Scanning Plugin Feed 202512081107

Feed built 3 months ago

Modified Detection

113150 Google Cloud Service Account Private Key Disclosure (deprecated) : undefined
113164 AWS Credentials Disclosure (deprecated) : undefined
115069 React Server Components 19.0 / 19.1.0 / 19.1.1 / 19.2.0 Remote Code Execution (React2Shell) : undefined

New

115070 Adobe Experience Manager (AEM) < 6.5.23.0 XML External Entity : undefined
115071 Apache 2.4.x < 2.4.66 Multiple Vulnerabilities : undefined

Web App Scanning Plugin Feed 202512041111

Feed built 3 months ago

Modified Detection

113150 Google Cloud Service Account Private Key Disclosure (deprecated) : undefined
113164 AWS Credentials Disclosure (deprecated) : undefined
114129 Generic Secret Disclosure : undefined
115010 Object-Relational Mapping (ORM) Leak : undefined
115062 Third-Party Service Secret Disclosure : undefined
115063 AI Service Secret Disclosure : undefined
115069 React Server Components 19.0 / 19.1.0 / 19.1.1 / 19.2.0 Remote Code Execution (React2Shell) : undefined
98112 Cross-Site Request Forgery : undefined

New

115047 GFI KerioControl < 9.4.5 HTTP Response Splitting : undefined
115048 Adobe Experience Manager (AEM) Login Panel Detected : undefined
115049 Adobe Experience Manager (AEM) CRX Package Manager Panel Detected : undefined
115050 Adobe Experience Manager (AEM) Sling Login Panel Detected : undefined
115051 Sneeit Framework Plugin for WordPress < 8.4 Remote Code Execution : undefined
115052 Adobe Experience Manager (AEM) CRX Namespace Editor Panel Detected : undefined
115053 Adobe Experience Manager (AEM) QueryBuilder Feed Servlet Detected : undefined
115054 Adobe Experience Manager (AEM) Custom Scripts Listing Detection : undefined
115055 Adobe Experience Manager (AEM) CRX Search Endpoint Exposure : undefined
115056 Adobe Experience Manager (AEM) Sling User Information Servlet Exposure : undefined
115057 Adobe Experience Manager (AEM) Querybuilder Internal Path Read : undefined
115058 Adobe Experience Manager (AEM) Debugging Client Libraries Exposure : undefined
115059 Adobe Experience Manager (AEM) Felix Console Default Credentials : undefined
115060 Adobe Experience Manager (AEM) CRX Content Explorer : undefined
115061 Adobe Experience Manager (AEM) Dispatcher Bypass : undefined
115064 Adobe Experience Manager (AEM) QueryBuilder JCR Role Disclosure : undefined
115065 Adobe Experience Manager (AEM) QueryBuilder JCR Hashed Password Disclosure : undefined
115066 Adobe Experience Manager (AEM) Merge Metadata Servlet Detected : undefined
115067 Adobe Experience Manager (AEM) Unauthenticated Cache Purge : undefined
115068 Adobe Experience Manager (AEM) Groovy Console : undefined

Web App Scanning Plugin Feed 202511240942

Feed built 4 months ago

Modified Detection

113058 Apache 2.4.10 < 2.4.44 Source Code Disclosure : undefined
113448 Microsoft Access Database Detected : undefined
114129 Generic Secret Disclosure : undefined
114947 User Enumeration : undefined
98115 SQL Injection : undefined

New

115033 Drupal 11.2.x < 11.2.8 Multiple Vulnerabilities : undefined
115034 Drupal 11.0.x < 11.1.9 Multiple Vulnerabilities : undefined
115035 Drupal 10.5.x < 10.5.6 Multiple Vulnerabilities : undefined
115036 Drupal 8.0.x < 10.4.9 Multiple Vulnerabilities : undefined
115041 Liferay Portal API Explorer Detected : undefined
115042 Wazuh 4.4x < 4.9.1 Remote Code Execution : undefined
115043 Liferay Portal JSON Web Services Detected : undefined
115044 Liferay Portal License Manager Detected : undefined
115045 Oracle Identity Manager < 12.2.1.4.0 / < 14.1.2.1.0 Remote Code Execution : undefined
115046 Liferay Portal GraphQL Schema Detected : undefined

Web App Scanning Plugin Feed 202511171010

Feed built 4 months ago

Modified Detection

112685 Symfony Secret Fragments Remote Code Execution : undefined
113058 Apache 2.4.10 < 2.4.44 Source Code Disclosure : undefined
113067 Basic Authentication Bruteforced : undefined
113150 Google Cloud Service Account Private Key Disclosure (deprecated) : undefined
113158 Package Dependencies Detected : undefined
113164 AWS Credentials Disclosure (deprecated) : undefined
114128 External Backend API Detected : undefined
114129 Generic Secret Disclosure : undefined
114276 Database Connection String Disclosure : undefined
114604 Drupal 11.1.x < 11.1.3 Multiple Vulnerabilities : undefined
114605 Drupal 11.0.x < 11.0.12 Multiple Vulnerabilities : undefined
114606 Drupal 10.4.x < 10.4.3 Multiple Vulnerabilities : undefined
114607 Drupal 8.0.x < 10.3.13 Multiple Vulnerabilities : undefined
114947 User Enumeration : undefined
115010 Object-Relational Mapping (ORM) Leak : undefined
115027 Lucee Administration Panel Login Form Detected : undefined
115029 Lucee Unset Credentials : undefined
115040 Fortinet FortiWeb Authentication Bypass : undefined
98146 Password Submitted Using GET Method : undefined

New

115032 Lucee < 6.0.1.59 Remote Code Execution : undefined
115033 Drupal 11.2.x < 11.2.8 Multiple Vulnerabilities : undefined
115034 Drupal 11.0.x < 11.1.9 Multiple Vulnerabilities : undefined
115035 Drupal 10.5.x < 10.5.6 Multiple Vulnerabilities : undefined
115036 Drupal 8.0.x < 10.4.9 Multiple Vulnerabilities : undefined
115037 Telerik UI for ASP.NET AJAX Unsafe Reflection : undefined
115038 Lucee < 5.3.12.1 Remote Code Execution : undefined
115039 Lucee 5.4.x < 5.4.3.2 Remote Code Execution : undefined

Web App Scanning Plugin Feed 202511111515

Feed built 4 months ago

Modified Detection

115029 Lucee Unset Credentials : undefined

Web App Scanning Plugin Feed 202511101202

Feed built 4 months ago

Modified Detection

113900 Cross-Site Request Forgery Token Validation Bypass : undefined
114262 Request URL Override : undefined
114947 User Enumeration : undefined
115010 Object-Relational Mapping (ORM) Leak : undefined
115027 Lucee Administration Panel Login Form Detected : undefined
98146 Password Submitted Using GET Method : undefined

New

115028 Lucee Default Credentials : undefined
115030 Gladinet CentreStack/Triofox < 16.10.10408.56683 Local File Inclusion : undefined
115031 DotNetNuke < 10.1.1 Unrestricted File Upload : undefined
155029 Lucee Unset Credentials : undefined

Web App Scanning Plugin Feed 202511040749

Feed built 4 months ago

Modified Detection

113217 Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell) : undefined
114899 Bootstrap 4.x <= 4.6.2 Cross-Site Scripting : undefined
115006 Custom HTTP Header Detected : undefined
98000 Scan Information : undefined
98611 Error Message : undefined
98646 .DS_Store File Detected : undefined
98997 Kentico CMS 9.x < 10.0.52 / 11.0.x < 11.0.48 / 12.0.x < 12.0.15 Remote Code Execution : undefined

New

115013 Atlassian Jira 9.12.x < 9.12.28 Path Traversal : undefined
115014 Atlassian Jira 10.3.x < 10.3.12 Path Traversal : undefined
115015 Atlassian Jira 11.x < 11.1.0 Path Traversal : undefined
115019 Adobe Commerce / Magento Insecure Deserialization (SessionReaper) : undefined
115020 Squid < 7.2 Information Disclosure : undefined
115021 Apache Tomcat 11.0.0-M1 < 11.0.12 Denial of Service : undefined
115022 Apache Tomcat 10.1.0-M1 < 10.1.47 Denial of Service : undefined
115023 Apache Tomcat 9.0.0-M1 < 9.0.110 Denial of Service : undefined
115024 Apache Tomcat 11.0.0-M1 < 11.0.11 Multiple Vulnerabilities : undefined
115025 Apache Tomcat 10.1.0-M1 < 10.1.45 Multiple Vulnerabilities : undefined
115026 Apache Tomcat 9.0.0-M1 < 9.0.109 Multiple Vulnerabilities : undefined

Web App Scanning Plugin Feed 202510241143

Feed built 5 months ago

Modified Detection

115006 Custom HTTP Header Detected : undefined
115010 Object-Relational Mapping (ORM) Leak : undefined

New

115011 Authentik < 2024.6.5 Authentication Bypass : undefined
115012 Authentik 2024.8.x < 2024.8.3 Authentication Bypass : undefined
115013 Atlassian Jira 9.12.x < 9.12.28 Path Traversal : undefined
115014 Atlassian Jira 10.3.x < 10.3.12 Path Traversal : undefined
115015 Atlassian Jira 11.x < 11.1.0 Path Traversal : undefined
115016 Atlassian Confluence 2.x < 8.5.25 Denial of Service : undefined
115017 Atlassian Confluence 9.2.x < 9.2.7 Denial of Service : undefined
115018 Atlassian Confluence 10.x < 10.0.2 Denial of Service : undefined
115019 Adobe Commerce / Magento Insecure Deserialization (SessionReaper) : undefined

Web App Scanning Plugin Feed 202510210631

Feed built 5 months ago

Modified Detection

112544 HTTP to HTTPS Redirect Not Enabled : undefined
113158 Package Dependencies Detected : undefined
114129 Generic Secret Disclosure : undefined
114146 Subdomain Takeover : undefined
115006 Custom HTTP Header Detected : undefined
115010 Object-Relational Mapping (ORM) Leak : undefined

New

114999 Grafana 8.0.x < 8.0.7 / 8.1.x < 8.1.8 / 8.2.x < 8.2.7 / 8.3.x < 8.3.1 Path Traversal : undefined
115003 Fortra GoAnywhere MFT License Servlet Deserialization Vulnerability : undefined
115004 Zimbra Collaboration 10.1.x < 10.1.5 Stored Cross-Site Scripting : undefined
115005 Zimbra Collaboration 10.0.x < 10.0.13 Stored Cross-Site Scripting : undefined
115007 Node.js Express DevMode Enabled : undefined
115008 Jenkins Sidepanel Unauthorized Agent/Queue Exposure : undefined
115009 Discourse < 3.3.3 Backup Disclosure : undefined

Web App Scanning Plugin Feed 202510070656

Feed built 5 months ago

Modified Detection

114129 Generic Secret Disclosure : undefined
114923 Microsoft SharePoint Remote Code Execution : undefined
115002 Netdisco Unauthenticated Access : undefined

New

114980 TRUFusion Entreprise Sensitive Data Exposure : undefined
114986 Apache Airflow Unauthenticated Access : undefined
114987 Grafana < 11.3.8 Multiples Vulnerabilities : undefined
114988 Grafana 11.4.x < 11.4.6 Multiples Vulnerabilities : undefined
114989 Grafana 11.5.x < 11.5.6 Multiples Vulnerabilities : undefined
114990 Grafana 11.6.x < 11.6.3 Multiples Vulnerabilities : undefined
114991 Grafana 12.0.x < 12.0.2 Multiples Vulnerabilities : undefined
114992 Grafana 12.1.x < 12.1.2 Multiples Vulnerabilities : undefined
114993 Grafana < 11.6.2 Improper Input Validation : undefined
114994 Grafana < 10.4.17 Improper Authorization : undefined
114995 Grafana 11.2.x < 11.2.8 Improper Authorization : undefined
114996 Grafana 11.3.x < 11.3.5 Improper Authorization : undefined
114997 Grafana 11.4.x < 11.4.3 Improper Authorization : undefined
114998 Grafana 11.5.x < 11.5.3 Improper Authorization : undefined
114999 Grafana 8.0.x < 8.0.7 / 8.1.x < 8.1.8 / 8.2.x < 8.2.7 / 8.3.x < 8.3.1 Path Traversal : undefined
115000 Dell UnityVSA < 5.5.1.0 Remote Code Execution : undefined
115001 Intercom Chatbot Misconfiguration : undefined

Web App Scanning Plugin Feed 202510030844

Feed built 6 months ago

Modified Detection

114129 Generic Secret Disclosure : undefined

New

114975 Anteon Unauthenticated Access : undefined
114976 GoCD Unauthenticated Access : undefined
114977 ProjectSend < r1720 Improper Authorization : undefined
114978 pyLoad < 0.5.0b3.dev76 Improper Access Control : undefined
114979 pyLoad Default Credentials : undefined
114980 TRUFusion Entreprise Sensitive Data Exposure : undefined
114981 Joomla! 5.x < 5.3.4 Multiple Vulnerabilities : undefined
114982 Joomla! 4.x < 4.4.14 Multiple Vulnerabilities : undefined
114983 Zyxel < 5.38 Directory Traversal : undefined
114984 Apache Kylin 2.3.x < 3.1.0 Command Injection : undefined
114985 Hitachi Pentaho Business Analytics Server 8.3.x < 9.3.0.2 / 9.4.x < 9.4.0.1 Remote Code Execution : undefined
114986 Apache Airflow Unauthenticated Access : undefined

Web App Scanning Plugin Feed 202509260914

Feed built 6 months ago

Modified Detection

112544 HTTP to HTTPS Redirect Not Enabled : undefined
98201 Drupal User Registration Form Detected : undefined
98202 WordPress User Registration Form Detected : undefined
98205 Joomla! User Registration Form Detected : undefined

New

114966 Personal Identifying Information (PII) Fields Detected : undefined
114967 Jenkins User Registration Form Detected : undefined
114968 Jenkins Unauthenticated Access : undefined
114969 H2O Flow Unauthenticated Access : undefined
114970 cAdvisor Unauthenticated Access : undefined
114971 File Browser Unauthenticated Access : undefined
114972 Tiny File Manager Unauthenticated Access : undefined
114973 Tiny File Manager Default Credentials : undefined
114974 Clickhouse API Unauthenticated Access : undefined

Web App Scanning Plugin Feed 202509190633

Feed built 6 months ago

Modified Detection

112686 JSON Web Token Detected : undefined
112703 JSON Web Token None Hashing Algorithm : undefined
113150 Google Cloud Service Account Private Key Disclosure (deprecated) : undefined
113164 AWS Credentials Disclosure (deprecated) : undefined
114116 XML Injection : undefined
114129 Generic Secret Disclosure : undefined
114276 Database Connection String Disclosure : undefined
114502 Cross-Site WebSocket Hijacking : undefined
114947 User Enumeration : undefined
98008 Web Application Firewall Detected : undefined
98091 Mixed Resource Detection : undefined
98115 SQL Injection : undefined
98611 Error Message : undefined

New

114962 Lunary Detected : undefined
114963 Flowise < 3.0.6 Multiples Vulnerabilities : undefined
114964 Jenkins Cross-Site WebSocket Hijacking : undefined
114965 MCP Server Tools Detected : undefined

Web App Scanning Plugin Feed 202509120627

Feed built 6 months ago

Modified Detection

113219 Insecure Redirect Chain : undefined
114923 Microsoft SharePoint Remote Code Execution : undefined

New

114961 AIOHTTP < 3.9.2 Directory Traversal : undefined

Web App Scanning Plugin Feed 202509090656

Feed built 6 months ago

Modified Detection

114450 Mura/Masa CMS SQL Injection : undefined
114947 User Enumeration : undefined

New

114955 FreeBPX < 15.0.66 Authentication Bypass : undefined
114956 FreeBPX < 16.0.89 Authentication Bypass : undefined
114957 FreeBPX < 17.0.3 Authentication Bypass : undefined
114958 Nuxt Icon < 1.4.5 Server-Side Request Forgery : undefined
114959 LLM Detected : undefined
114960 Cacti 1.3.x-DEV Remote Code Execution : undefined

Web App Scanning Plugin Feed 202509031437

Feed built 6 months ago

Modified Detection

113059 OPcache UI Detected : undefined
113943 Disclosed Hong Kong Identity Number : undefined
114129 Generic Secret Disclosure : undefined
114232 PHP Development Server < 7.4.22 Source Disclosure : undefined
114247 Authentication Check Pattern Found in Unauthenticated Browser : undefined
114450 Mura/Masa CMS SQL Injection : undefined
114790 MCP Server Detected : undefined
114796 Content Security Policy Missing 'Report-To' : undefined
114867 GraphQL Query Length Not Limited : undefined
114923 Microsoft SharePoint Remote Code Execution : undefined
114947 User Enumeration : undefined
98008 Web Application Firewall Detected : undefined
98054 Unvalidated Redirection : undefined
98101 Response Splitting : undefined
98779 Source Code Passive Disclosure : undefined

New

114946 Unauthenticated Cache Purge : undefined
114948 UUID/GUID Version 1 Detected : undefined
114949 Langflow < 1.5.1 Privilege Escalation : undefined
114950 CrushFTP < 10.8.5 / 11.x < 11.3.4_23 Race Condition : undefined
114951 Apache Tomcat 11.0.0-M1 < 11.0.10 Denial of Service : undefined
114952 Apache Tomcat 10.1.0-M1 < 10.1.44 Denial of Service : undefined
114953 Apache Tomcat 9.0.0-M1 < 9.0.108 Denial of Service : undefined
114954 Nginx 0.7.22 < 1.29.1 Buffer Over-read : undefined
114955 FreeBPX < 15.0.66 Authentication Bypass : undefined
114956 FreeBPX < 16.0.89 Authentication Bypass : undefined
114957 FreeBPX < 17.0.3 Authentication Bypass : undefined

Web App Scanning Plugin Feed 202508191313

Feed built 7 months ago

New

114929 WSDL Import Success : undefined
114930 WSDL Import Failed : undefined

Web App Scanning Plugin Feed 202508131706

Feed built 7 months ago

New

114944 Liferay Portal 7.4.x < 7.4.3.132 Cross-Site Scripting : undefined
114945 Liferay Portal 7.4.x < 7.4.3.133 Cross-Site Scripting : undefined

Web App Scanning Plugin Feed 202508110720

Feed built 7 months ago

Modified Detection

114232 PHP Development Server < 7.4.22 Source Disclosure : undefined
114899 Bootstrap 4.x <= 4.6.2 Cross-Site Scripting : undefined

New

114938 ClearML Detected : undefined
114939 ClearML < 1.16.0 Unauthenticated File Access : undefined
114940 NVIDIA Triton Detected : undefined
114941 NVIDIA Triton < 25.07 Multiple Vulnerabilities : undefined
114942 Active! Mail < 6.60.05008562 Remote Code Execution : undefined
114943 Rejetto HTTP File Server < 2.3c Remote Code Execution : undefined

Web App Scanning Plugin Feed 202508051026

Feed built 7 months ago

Modified Detection

114699 Moodle 4.3.x < 4.3.10 Multiple Vulnerabilities : undefined
114899 Bootstrap 4.x <= 4.6.2 Cross-Site Scripting : undefined

New

114928 MCP Server Prompt Injection : undefined
114931 Squid < 6.4 Remote Code Execution : undefined
114932 BentoML 1.4.x < 1.4.19 Server-Side Request Forgery : undefined
114933 BentoML 1.x < 1.4.8 Insecure Deserialization : undefined
114934 BentoML 1.3.4 < 1.4.3 Insecure Deserialization : undefined
114935 Advantive Veracore < 2025.1.1.3 SQL Injection : undefined
114936 ZenML < 0.57.0 Account Takeover : undefined
114937 ZenML Insufficient Session Expiration : undefined

Web App Scanning Plugin Feed 202507310654

Feed built 8 months ago

Modified Detection

114699 Moodle 4.3.x < 4.3.10 Multiple Vulnerabilities : undefined

New

114927 BentoML Detected : undefined

Web App Scanning Plugin Feed 202507281416

Feed built 8 months ago

Modified Detection

113258 OpenAPI Permissive Input Validation : undefined

New

114925 Wing FTP < 7.4.4 Remote Code Execution : undefined
114926 Lighthouse Studio < 9.16.14 Remote Code Execution : undefined

Web App Scanning Plugin Feed 202507280656

Feed built 8 months ago

Modified Detection

114129 Generic Secret Disclosure : undefined
114901 Bootstrap 3.2.x <= 3.4.1 Cross-Site Scripting : undefined

New

114925 Wing FTP < 7.4.4 Remote Code Execution : undefined

Web App Scanning Plugin Feed 202507240901

Feed built 8 months ago

Modified Detection

113310 Blind XPath Injection (differential analysis) : undefined
114699 Moodle 4.3.x < 4.3.10 Multiple Vulnerabilities : undefined
114900 Bootstrap < 4.0.0 Multiples Cross-Site Scripting : undefined
114901 Bootstrap 3.2.x <= 3.4.1 Cross-Site Scripting : undefined
114902 Bootstrap Unsupported Version : undefined
114923 Microsoft SharePoint Remote Code Execution : undefined

New

114922 Fortinet FortiWeb Fabric Connector SQL Injection : undefined
114924 Apache 2.4.64 RewriteCond expr Vulnerability : undefined

Web App Scanning Plugin Feed 202507220655

Feed built 8 months ago

Modified Detection

114129 Generic Secret Disclosure : undefined
114276 Database Connection String Disclosure : undefined
114790 MCP Server Detected : undefined

Web App Scanning Plugin Feed 202507210313

Feed built 8 months ago

Modified Detection

114029 Well-Known URIs Detected : undefined
114699 Moodle 4.3.x < 4.3.10 Multiple Vulnerabilities : undefined
114900 Bootstrap < 4.0.0 Multiples Cross-Site Scripting : undefined
114902 Bootstrap Unsupported Version : undefined
114907 Citrix NetScaler Gateway / ADC Memory Disclosure : undefined

Web App Scanning Plugin Feed 202507180928

Feed built 8 months ago

Modified Detection

114029 Well-Known URIs Detected : undefined
114699 Moodle 4.3.x < 4.3.10 Multiple Vulnerabilities : undefined
114900 Bootstrap < 4.0.0 Multiples Cross-Site Scripting : undefined
114902 Bootstrap Unsupported Version : undefined
114907 Citrix NetScaler Gateway / ADC Memory Disclosure : undefined

New

114908 PHP 8.4.x < 8.4.10 Multiple Vulnerabilities : undefined
114909 PHP 8.3.x < 8.3.23 Multiple Vulnerabilities : undefined
114910 PHP 8.2.x < 8.2.29 Multiple Vulnerabilities : undefined
114911 PHP 8.1.x < 8.1.33 Multiple Vulnerabilities : undefined
114913 XWiki User Registration Remote Code Execution : undefined
114914 Apache Tomcat 11.0.0-M1 < 11.0.9 Multiple Vulnerabilities : undefined
114915 Apache Tomcat 10.1.0-M1 < 10.1.43 Multiple Vulnerabilities : undefined
114916 Apache Tomcat 9.0.0-M1 < 9.0.107 Multiple Vulnerabilities : undefined
114917 Apache 2.4.x < 2.4.64 Multiple Vulnerabilities : undefined
114918 OAuth Dynamic Client Registration Detected : undefined
114919 OAuth Dynamic Client Registration Permissive Redirect URI : undefined
114920 OAuth Dynamic Client Registration Permissive Metadata Field : undefined
114921 MCP Server Tool Poisoning : undefined

Web App Scanning Plugin Feed 202507100539

Feed built 8 months ago

Modified Detection

114029 Well-Known URIs Detected : undefined
114699 Moodle 4.3.x < 4.3.10 Multiple Vulnerabilities : undefined
114790 MCP Server Detected : undefined
114900 Bootstrap < 4.0.0 Multiples Cross-Site Scripting : undefined
114902 Bootstrap Unsupported Version : undefined
114907 Citrix NetScaler Gateway / ADC Memory Disclosure : undefined
98109 DOM-based Cross-Site Scripting (XSS) : undefined

New

114908 PHP 8.4.x < 8.4.10 Multiple Vulnerabilities : undefined
114909 PHP 8.3.x < 8.3.23 Multiple Vulnerabilities : undefined
114910 PHP 8.2.x < 8.2.29 Multiple Vulnerabilities : undefined
114911 PHP 8.1.x < 8.1.33 Multiple Vulnerabilities : undefined
114912 XWiki Platform SolrSearch Macro Remote Code Execution : undefined

Web App Scanning Plugin Feed 202507040646

Feed built 9 months ago

New

114906 MCP Inspector < 0.14.1 Remote Code Execution : undefined

Web App Scanning Plugin Feed 202507030710

Feed built 9 months ago

Modified Detection

112439 Server-Side Request Forgery : undefined
113057 Microsoft Exchange Server Autodiscover Cross-Site Scripting : undefined
113369 BackupBuddy Plugin for WordPress < 8.7.5 Arbitrary File Read : undefined
114116 XML Injection : undefined
114129 Generic Secret Disclosure : undefined
114313 Flowise Chatflow Detected : undefined
114590 Microsoft Exchange Autodiscover V2 User Enumeration : undefined
114655 SimpleHelp Detected : undefined
114885 MCP Server SSE DNS Rebinding : undefined
114899 Bootstrap 4.x <= 4.6.2 Cross-Site Scripting : undefined
114900 Bootstrap < 4.0.0 Multiples Cross-Site Scripting : undefined
114901 Bootstrap 3.2.x <= 3.4.1 Cross-Site Scripting : undefined
114902 Bootstrap Unsupported Version : undefined

New

114903 Microsoft Exchange Admin Center Detected : undefined
114904 DocsGPT Detected : undefined
114905 DocsGPT 0.8.1 < 0.13.0 Unauthenticated Remote Code Execution : undefined

Web App Scanning Plugin Feed 202506240732

Feed built 9 months ago

Modified Detection

114129 Generic Secret Disclosure : undefined
114699 Moodle 4.3.x < 4.3.10 Multiple Vulnerabilities : undefined
114885 MCP Server SSE DNS Rebinding : undefined

New

114886 Apache Tomcat 11.0.0-M1 < 11.0.8 Multiple Vulnerabilities : undefined
114887 Apache Tomcat 10.1.0-M1 < 10.1.42 Multiple Vulnerabilities : undefined
114888 Apache Tomcat 9.0.0-M1 < 9.0.106 Multiple Vulnerabilities : undefined
114889 Sitecore XM/XP/XC Hardcoded Credentials : undefined
114890 Moodle 4.1.x < 4.1.19 Multiple Vulnerabilities : undefined
114891 Moodle 4.4.x < 4.4.9 Multiple Vulnerabilities : undefined
114892 Moodle 4.5.x < 4.5.5 Multiple Vulnerabilities : undefined
114893 Moodle 5.0.x < 5.0.1 Multiple Vulnerabilities : undefined
114894 Moodle 4.1.x < 4.1.18 Multiple Vulnerabilities : undefined
114895 Moodle 4.3.x < 4.3.12 Multiple Vulnerabilities : undefined
114896 Moodle 4.4.x < 4.4.8 Multiple Vulnerabilities : undefined
114897 Moodle 4.5.x < 4.5.4 Multiple Vulnerabilities : undefined
114898 Moodle 5.x < 5.0.1 Reflected XSS In MathJax : undefined

Web App Scanning Plugin Feed 202506200632

Feed built 9 months ago

Modified Detection

112290 Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities : undefined
113900 Cross-Site Request Forgery Token Validation Bypass : undefined
114791 MCP Server Unauthenticated Access : undefined
114885 MCP Server SSE DNS Rebinding : undefined

New

114886 Apache Tomcat 11.0.0-M1 < 11.0.8 Multiple Vulnerabilities : undefined
114887 Apache Tomcat 10.1.0-M1 < 10.1.42 Multiple Vulnerabilities : undefined
114888 Apache Tomcat 9.0.0-M1 < 9.0.106 Multiple Vulnerabilities : undefined

Web App Scanning Plugin Feed 202506170623

Feed built 9 months ago

Modified Detection

113195 Spring Boot Actuator Detected : undefined
114790 MCP Server Detected : undefined
114791 MCP Server Unauthenticated Access : undefined
98074 Backup File : undefined

New

114884 FastJSON Object Deserialization : undefined

Web App Scanning Plugin Feed 202506110833

Feed built 9 months ago

Modified Detection

114790 MCP Server Detected : undefined
114791 MCP Server Unauthenticated Access : undefined
114867 GraphQL Query Length Not Limited : undefined

New

114882 GraphQL Unauthenticated Mutation Detected : undefined
114883 Llms.txt File Detected : undefined

Web App Scanning Plugin Feed 202506060629

Feed built 9 months ago

Modified Detection

114784 Citrix Netscaler 14.1.x < 14.1-25.53 Information Disclosure : undefined

New

114880 Intercom Chatbot Detected : undefined
114881 Drift Chatbot Detected : undefined

Web App Scanning Plugin Feed 202506040629

Feed built 10 months ago

Modified Detection

112907 GraphQL Interface Detected : undefined
113906 Advanced Custom Fields for WordPress 6.0.x < 6.1.6 Cross-Site Scripting : undefined
113908 Advanced Custom Fields Pro for WordPress 6.0.x < 6.1.6 Cross-Site Scripting : undefined
114313 Flowise Chatflow Detected : undefined
114790 MCP Server Detected : undefined
114791 MCP Server Unauthenticated Access : undefined
114867 GraphQL Query Length Not Limited : undefined
98008 Web Application Firewall Detected : undefined

New

114804 Grafana < 10.4.19 Improper Access Control : undefined
114805 Grafana 11.2.x < 11.2.10 Improper Access Control : undefined
114806 Grafana 11.3.x < 11.3.7 Improper Access Control : undefined
114807 Grafana 11.4.x < 11.4.5 Improper Access Control : undefined
114808 Grafana 11.5.x < 11.5.5 Improper Access Control : undefined
114809 Grafana 11.6.x < 11.6.2 Improper Access Control : undefined
114810 Grafana 12.0.x < 12.0.1 Improper Access Control : undefined
114811 Grafana < 10.4.18 Cross-site Scripting : undefined
114812 Grafana 11.2.x < 11.2.9 Cross-site Scripting : undefined
114813 Grafana 11.3.x < 11.3.6 Cross-site Scripting : undefined
114814 Grafana 11.4.x < 11.4.4 Cross-site Scripting : undefined
114815 Grafana 11.5.x < 11.5.4 Cross-site Scripting : undefined
114816 Grafana 11.6.x < 11.6.1 Cross-site Scripting : undefined
114817 Grafana 11.1.x < 11.2.8+security-01 Cross-site Scripting : undefined
114818 Grafana 11.1.x < 11.3.5+security-01 Cross-site Scripting : undefined
114819 Grafana 11.1.x < 11.4.3+security-01 Cross-site Scripting : undefined
114820 Grafana 11.1.x < 11.5.3+security-01 Cross-site Scripting : undefined
114821 Grafana 11.1.x < 11.6.0+security-01 Cross-site Scripting : undefined
114822 Grafana < 10.4.15 Exposure Of Sensitive Information To An Unauthorized Actor : undefined
114823 Grafana < 11.0.11 Exposure Of Sensitive Information To An Unauthorized Actor : undefined
114824 Grafana < 11.1.11 Exposure Of Sensitive Information To An Unauthorized Actor : undefined
114825 Grafana < 11.2.6 Exposure Of Sensitive Information To An Unauthorized Actor : undefined
114826 Grafana < 11.3.3 Exposure Of Sensitive Information To An Unauthorized Actor : undefined
114827 Grafana < 11.4.1 Exposure Of Sensitive Information To An Unauthorized Actor : undefined
114828 Grafana 11.2.x < 11.2.3+security-01 Incorrect Privilege Assignment : undefined
114829 Grafana 11.3.x < 11.3.0+security-01 Incorrect Privilege Assignment : undefined
114830 Grafana 10.3.x < 10.3.10 Multiple Vulnerabilities : undefined
114831 Grafana 10.4.x < 10.4.9 Multiple Vulnerabilities : undefined
114832 Grafana 11.0.x < 11.0.5 Multiple Vulnerabilities : undefined
114833 Grafana 11.1.x < 11.1.6 Multiple Vulnerabilities : undefined
114834 Grafana 11.2.x < 11.2.1 Multiple Vulnerabilities : undefined
114835 Grafana 9.5.x < 9.5.18 Authorization Bypass Through User-controlled Key : undefined
114836 Grafana 10.0.x < 10.0.13 Authorization Bypass Through User-controlled Key : undefined
114837 Grafana 10.1.x < 10.1.9 Authorization Bypass Through User-controlled Key : undefined
114838 Grafana 10.2.x < 10.2.6 Authorization Bypass Through User-controlled Key : undefined
114839 Grafana 10.3.x < 10.3.5 Authorization Bypass Through User-controlled Key : undefined
114840 Grafana 8.5.x < 9.5.7 Improper Privilege Management : undefined
114841 Grafana 10.0.x < 10.0.12 Improper Privilege Management : undefined
114842 Grafana 10.1.x < 10.1.8 Improper Privilege Management : undefined
114843 Grafana 10.2.x < 10.2.5 Improper Privilege Management : undefined
114844 Grafana 10.3.x < 10.3.4 Improper Privilege Management : undefined
114845 Grafana 9.5.x < 9.5.16 Incorrect Authorization : undefined
114846 Grafana 10.0.x < 10.0.11 Incorrect Authorization : undefined
114847 Grafana 10.1.x < 10.1.7 Incorrect Authorization : undefined
114848 Grafana 10.2.x < 10.2.4 Incorrect Authorization : undefined
114849 Grafana 10.3.x < 10.3.3 Incorrect Authorization : undefined
114850 Grafana < 8.5.26 Multiple Vulnerabilities : undefined
114851 Grafana < 9.2.19 Multiple Vulnerabilities : undefined
114852 Grafana < 9.3.15 Multiple Vulnerabilities : undefined
114853 Grafana < 9.4.12 Multiple Vulnerabilities : undefined
114854 Grafana 9.5.x < 9.5.3 Multiple Vulnerabilities : undefined
114855 Grafana 9.2.x < 9.2.17 Exposure Of Sensitive Information To An Unauthorized Actor : undefined
114856 Grafana 9.3.x < 9.3.13 Exposure Of Sensitive Information To An Unauthorized Actor : undefined
114857 Grafana 9.4.x < 9.4.9 Exposure Of Sensitive Information To An Unauthorized Actor : undefined
114858 Grafana < 8.5.22 Cross-site Scripting : undefined
114859 Grafana < 9.2.15 Cross-site Scripting : undefined
114860 Grafana < 9.3.11 Cross-site Scripting : undefined
114861 Grafana 8.5.x < 8.5.21 Multiple Vulnerabilities : undefined
114862 Grafana 9.2.x < 9.2.13 Multiple Vulnerabilities : undefined
114863 Grafana 9.3.x < 9.3.8 Multiple Vulnerabilities : undefined
114864 Grafana < 9.2.10 Cross-site Scripting : undefined
114865 Grafana 9.3.x < 9.3.4 Cross-site Scripting : undefined
114866 GraphQL Debug Mode Enabled : undefined
114868 GraphQL Alias Overloading Enabled : undefined
114869 vBulletin 5.0.x < 6.0.4 Remote Code Execution : undefined
114870 Langflow Chatbot Detected : undefined
114871 Botpress Chatbot Detected : undefined
114872 Voiceflow Chatbot Detected : undefined
114873 Azure Bot Framework Chatbot Detected : undefined
114874 Typebot Chatbot Detected : undefined
114875 Apache Tomcat 11.0.0-M1 < 11.0.7 CGI Security Constraint Bypass : undefined
114876 Apache Tomcat 10.1.0-M1 < 10.1.41 CGI Security Constraint Bypass : undefined
114877 Apache Tomcat 9.0.0-M1 < 9.0.105 CGI Security Constraint Bypass : undefined
114878 Dialogflow Chatbot Detected : undefined
114879 Livechat Chatbot Detected : undefined

Web App Scanning Plugin Feed 202505270631

Feed built 10 months ago

Modified Detection

114790 MCP Server Detected : undefined
114791 MCP Server Unauthenticated Access : undefined
114795 FortiOS 7.0.x < 7.0.13 / 7.2.x < 7.2.6 / 7.4.x < 7.4.2 Remote Code Execution : undefined

Web App Scanning Plugin Feed 202505230535

Feed built 10 months ago

Modified Detection

113217 Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell) : undefined
114699 Moodle 4.3.x < 4.3.10 Multiple Vulnerabilities : undefined
114784 Citrix Netscaler 14.1.x < 14.1-25.53 Information Disclosure : undefined

New

114794 Ivanti Endpoint Manager Mobile < 11.12.0.5 / < 12.3.0.2 / < 12.4.0.2 / < 12.5.0.1 Authentication Bypass : undefined
114798 Label Studio < 1.18.0 Reflected Cross-Site Scripting : undefined
114803 MCP Client Configuration File Detected : undefined

Web App Scanning Plugin Feed 202505220705

Feed built 10 months ago

Modified Detection

114006 Web Cache Poisoning Denial of Service : undefined
114434 Flask Weak Secret Key : undefined
114790 MCP Server Detected : undefined
114791 MCP Server Unauthenticated Access : undefined
114795 FortiOS 7.0.x < 7.0.13 / 7.2.x < 7.2.6 / 7.4.x < 7.4.2 Remote Code Execution : undefined
114796 Content Security Policy Missing 'Report-To' : undefined
98008 Web Application Firewall Detected : undefined
98080 Form-based File Upload : undefined

New

114792 Agent2Agent (A2A) Card Detected : undefined
114793 MCP Manifest Detected : undefined
114794 Ivanti Endpoint Manager Mobile < 11.12.0.5 / < 12.3.0.2 / < 12.4.0.2 / < 12.5.0.1 Authentication Bypass : undefined
114797 MCP Inspector Detected : undefined
114798 Label Studio < 1.18.0 Reflected Cross-Site Scripting : undefined
114799 SonicWall SMA < 10.2.1.14-75sv Unauthenticated Arbitrary File Read : undefined
114800 Atlassian Jira < 9.12.20 Privilege Escalation : undefined
114801 Atlassian Jira 10.3.x < 10.3.5 Privilege Escalation : undefined
114802 Atlassian Jira 10.5.x < 10.5.1 Privilege Escalation : undefined

Web App Scanning Plugin Feed 202505160631

Feed built 10 months ago

Modified Detection

112907 GraphQL Interface Detected : undefined
113217 Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell) : undefined
113373 Atlassian Bitbucket Remote Code Execution : undefined
113943 Disclosed Hong Kong Identity Number : undefined
113973 Web Services Description Language (WSDL) File Detected : undefined
114166 SOAP API Detected : undefined
114434 Flask Weak Secret Key : undefined
98056 Missing HTTP Strict Transport Security Policy : undefined
98109 DOM-based Cross-Site Scripting (XSS) : undefined
98623 Host Header Injection : undefined
98648 Missing 'Content-Type' Header : undefined
98779 Source Code Passive Disclosure : undefined

New

114775 GraphQL Import Success : undefined
114776 GraphQL Import Failed : undefined
114787 Apache Tomcat 11.0.0-M1 < 11.0.6 Multiple Vulnerabilities : undefined
114788 Apache Tomcat 10.1.0-M1 < 10.1.40 Multiple Vulnerabilities : undefined
114789 Apache Tomcat 9.0.0-M1 < 9.0.104 Multiple Vulnerabilities : undefined

Web App Scanning Plugin Feed 202504290627

Feed built 11 months ago

Modified Detection

113943 Disclosed Hong Kong Identity Number : undefined
114357 Polyfill Detected : undefined
114615 Username Disclosure : undefined
114784 Citrix Netscaler 14.1.x < 14.1-25.53 Information Disclosure : undefined
98623 Host Header Injection : undefined

New

114779 Rails Configuration File Detected : undefined
114780 NPM Debug Log File Detected : undefined
114781 Atlassian Jira 9.12.x < 9.12.22 XML External Entity : undefined
114782 Greenshift Plugin for WordPress < 11.4.5 Arbitrary File Upload : undefined
114783 SureTriggers Plugin for WordPress < 1.0.79 Authorization Bypass : undefined
114785 SAP NetWeaver Visual Composer Metadata Uploader Arbitrary File Upload : undefined
114786 CraftCMS 3.x < 3.9.15 / 4.x < 4.14.15 / 5.x < 5.6.17 Remote Code Execution : undefined

Web App Scanning Plugin Feed 202504170639

Feed built 11 months ago

Modified Detection

112439 Server-Side Request Forgery : undefined
112524 Oracle WebLogic WSAT Remote Code Execution : undefined
112545 Oracle WebLogic Server Administration Console Detected : undefined
112704 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 Remote Code Execution : undefined
112706 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 / 12.2.1.3.0 Remote Code Execution : undefined
112720 Rails < 4.2.11.3 / 5.x < 5.0.1 Remote Code Execution : undefined
113634 Server-Side Inclusion Injection : undefined
114116 XML Injection : undefined
114168 Jenkins < 2.442 / < LTS 2.426.3 Arbitrary File Read : undefined
98100 Path Traversal : undefined
98123 Operating System Command Injection : undefined
98125 Local File Inclusion : undefined

New

114772 Vite < 4.5.10 / 5.0.x < 5.4.15 / 6.0.x < 6.0.12 / 6.1.x < 6.1.2 / 6.2.x < 6.2.3 Arbitrary File Read : undefined
114773 Joomla! 5.x < 5.2.6 Multiple Vulnerabilities : undefined
114774 Joomla! 4.x < 4.4.13 Multiple Vulnerabilities : undefined
114777 FortiOS 7.0.x < 7.0.16 Authentication Bypass : undefined
114778 Vite < 4.5.13 / 5.0.x < 5.4.18 / 6.0.x < 6.0.15 / 6.1.x < 6.1.5 / 6.2.x < 6.2.6 Arbitrary File Read : undefined

Web App Scanning Plugin Feed 202504100656

Feed built 11 months ago

Modified Detection

113452 WordPress Plugins Detected : undefined
114434 Flask Weak Secret Key : undefined
114668 Langflow < 1.3.0 Unauthenticated Remote Code Execution : undefined
114681 Next.js 13.0.x < 13.5.9 Authorization Bypass : undefined
114699 Moodle 4.3.x < 4.3.10 Multiple Vulnerabilities : undefined

New

114692 Moodle 4.1.x < 4.1.11 Multiple Vulnerabilities : undefined
114693 Moodle 4.5.x < 4.5.3 Hidden Grades Shown Without Permission : undefined
114694 Moodle 4.4.x < 4.4.7 Hidden Grades Shown Without Permission : undefined
114695 Moodle 4.3.x < 4.3.11 Hidden Grades Shown Without Permission : undefined
114696 Moodle 4.1.x < 4.1.17 Hidden Grades Shown Without Permission : undefined
114697 Moodle 4.5.x < 4.5.2 Multiple Vulnerabilities : undefined
114698 Moodle 4.4.x < 4.4.6 Multiple Vulnerabilities : undefined
114700 Moodle 4.1.x < 4.1.16 Multiple Vulnerabilities : undefined
114701 Moodle 4.5.x < 4.5.3 Unauthenticated REST API Data Exposure : undefined
114702 Moodle 4.3.x < 4.3.9 Multiple Vulnerabilities : undefined
114703 Moodle < 4.1.15 Multiple Vulnerabilities : undefined
114704 Moodle 4.3.x < 4.3.8 Reflected XSS In Question Bank Filter : undefined
114705 Moodle 4.4.4 < 4.4.5 Reflected XSS In Question Bank Filter : undefined
114706 Moodle 4.5.x < 4.5.1 Reflected XSS In Question Bank Filter : undefined
114707 Moodle 4.4.x < 4.4.4 Multiple Vulnerabilities : undefined
114708 Moodle 4.3.x < 4.3.8 Multiple Vulnerabilities : undefined
114709 Moodle 4.2.x < 4.2.11 Multiple Vulnerabilities : undefined
114710 Moodle < 4.1.14 Multiple Vulnerabilities : undefined
114711 Moodle 4.4.x < 4.4.4 Multiple Insecure Direct Object Reference : undefined
114712 Moodle 4.4.x < 4.4.3 Multiple Vulnerabilities : undefined
114713 Moodle 4.3.x < 4.3.7 Multiple Vulnerabilities : undefined
114714 Moodle 4.2.x < 4.2.10 Multiple Vulnerabilities : undefined
114715 Moodle 4.1.x < 4.1.13 Multiple Vulnerabilities : undefined
114716 Moodle 4.4.x < 4.4.2 Multiple Vulnerabilities : undefined
114717 Moodle 4.3.x < 4.3.6 Multiple Vulnerabilities : undefined
114718 Moodle 4.2.x < 4.2.9 Multiple Vulnerabilities : undefined
114719 Moodle < 4.1.12 Multiple Vulnerabilities : undefined
114720 Moodle 4.4.x < 4.4.2 Multiples Vulnerabilities : undefined
114721 Moodle 4.4.x < 4.4.5 Multiple Vulnerabilities : undefined
114722 Moodle 4.2.x < 4.2.8 Multiple Vulnerabilities : undefined
114723 Moodle 4.3.x < 4.3.5 Multiple Vulnerabilities : undefined
114724 Moodle 4.4.x < 4.4.1 Multiple Vulnerabilities : undefined
114725 Moodle 4.3.x < 4.3.4 Multiple Vulnerabilities : undefined
114726 Moodle < 4.1.10 Multiple Vulnerabilities : undefined
114727 Moodle 4.2.x < 4.2.7 Multiple Vulnerabilities : undefined
114728 Moodle 4.3.x < 4.3.3 Multiple Vulnerabilities : undefined
114729 Moodle < 3.9.25 Multiple Vulnerabilities : undefined
114730 Moodle 3.11.x < 3.11.18 Multiple Vulnerabilities : undefined
114731 Moodle 4.0.x < 4.0.12 Multiple Vulnerabilities : undefined
114732 Moodle 4.1.x < 4.1.7 Multiple Vulnerabilities : undefined
114733 Moodle 4.2.x < 4.2.4 Multiple Vulnerabilities : undefined
114734 Moodle 4.2.x < 4.2.4 Multiple Cross-Site Scripting : undefined
114735 Moodle 4.3.x < 4.3.1 Multiple Cross-Site Scripting : undefined
114736 Moodle < 3.9.24 Multiple Vulnerabilities : undefined
114737 Moodle 3.11.x < 3.11.17 Multiple Vulnerabilities : undefined
114738 Moodle 4.0.x < 4.0.11 Multiple Vulnerabilities : undefined
114739 Moodle 4.1.x < 4.1.6 Multiple Vulnerabilities : undefined
114740 Moodle 4.2.x < 4.2.3 Multiple Vulnerabilities : undefined
114741 Moodle 4.2.x < 4.2.2 Multiple Vulnerabilities : undefined
114742 Moodle 4.1.x < 4.1.5 Multiple Vulnerabilities : undefined
114743 Moodle 4.0.x < 4.0.10 Multiple Vulnerabilities : undefined
114744 Moodle 3.11.x < 3.11.16 Multiple Vulnerabilities : undefined
114745 Moodle < 3.9.23 Multiple Vulnerabilities : undefined
114746 Moodle 3.11.x < 3.11.16 JQuery UI Library Upgrade : undefined
114747 Moodle < 3.9.23 JQuery UI Library Upgrade : undefined
114748 Moodle 4.0.x < 4.0.10 phpCAS Library Upgrade : undefined
114749 Moodle 3.11.x < 3.11.16 phpCAS Library Upgrade : undefined
114750 Moodle < 3.9.23 phpCAS Library Upgrade : undefined
114751 Moodle 4.1.x < 4.1.4 Multiple Vulnerabilities : undefined
114752 Moodle 4.0.x < 4.0.9 Multiple Vulnerabilities : undefined
114753 Moodle 3.11.x < 3.11.15 Multiple Vulnerabilities : undefined
114754 Moodle < 3.9.22 Multiple Vulnerabilities : undefined
114755 Moodle 4.2.x < 4.2.1 XSS Risk on groups page : undefined
114756 Moodle 4.1.x < 4.1.4 XSS Risk on groups page : undefined
114757 Moodle 4.0.x < 4.0.9 XSS Risk on groups page : undefined
114758 Moodle 3.11.x < 3.11.15 XSS Risk on groups page : undefined
114759 Moodle 4.1.x < 4.1.3 SQL injection : undefined
114760 Moodle 4.0.x < 4.0.8 SQL injection : undefined
114761 Moodle 3.11.x < 3.11.14 SQL injection : undefined
114762 Moodle < 3.9.21 SQL injection : undefined
114763 Moodle 4.1.x < 4.1.3 Arbitrary Folder Creation : undefined
114764 Moodle 4.1.x < 4.1.2 Multiple Vulnerabilities : undefined
114765 Moodle 4.0.x < 4.0.7 Multiple Vulnerabilities : undefined
114766 Moodle 3.11.x < 3.11.13 Multiple Vulnerabilities : undefined
114767 Moodle < 3.9.20 Multiple Vulnerabilities : undefined
114768 Next.js 9.5.5 < 14.2.15 Authorization Bypass : undefined
114769 Next.js 13.5.1 < 13.5.7 Cache Poisoning : undefined
114770 Next.js 14.0.x < 14.2.10 Cache Poisoning : undefined
114771 Next.js 11.1.4 < 12.3.5 Authorization Bypass : undefined

Web App Scanning Plugin Feed 202504040814

Feed built 12 months ago

Modified Detection

114575 Ollama Multiples Vulnerabilities : undefined
114681 Next.js 13.0.x < 13.5.9 Authorization Bypass : undefined

New

114690 Apache Tomcat Path Equivalence Remote Code Execution : undefined
114691 Kubernetes Ingress NGINX Controller Arbitrary Code Execution : undefined

Web App Scanning Plugin Feed 202504030730

Feed built 12 months ago

Modified Detection

112290 Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities : undefined
113943 Disclosed Hong Kong Identity Number : undefined
114129 Generic Secret Disclosure : undefined
114575 Ollama Multiples Vulnerabilities : undefined
98920 Disclosed US Social Security Number : undefined

New

114684 CrushFTP 10.x < 10.8.3 / 11.x < 11.3.0 Authentication Bypass : undefined
114685 Webmin < 2.100 Multiple Vulnerabilities : undefined
114686 Webmin < 2.101 Multiple Vulnerabilities : undefined
114687 Webmin < 2.110 Cross-Site Scripting : undefined
114688 Webmin < 2.301 Network Traffic Loop Vulnerability : undefined
114689 Ivanti EPM Credentials Coercion : undefined

Web App Scanning Plugin Feed 202503280913

Feed built 12 months ago

Modified Detection

112290 Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities : undefined
112524 Oracle WebLogic WSAT Remote Code Execution : undefined
112541 SSL/TLS Certificate Common Name Mismatch : undefined
112704 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 Remote Code Execution : undefined
112706 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 / 12.2.1.3.0 Remote Code Execution : undefined
112720 Rails < 4.2.11.3 / 5.x < 5.0.1 Remote Code Execution : undefined
113057 Microsoft Exchange Server Autodiscover Cross-Site Scripting : undefined
113123 Dockerfile Detected : undefined
113168 Docker Compose Configuration Detected : undefined
113217 Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell) : undefined
113369 BackupBuddy Plugin for WordPress < 8.7.5 Arbitrary File Read : undefined
113373 Atlassian Bitbucket Remote Code Execution : undefined
113906 Advanced Custom Fields for WordPress 6.0.x < 6.1.6 Cross-Site Scripting : undefined
113908 Advanced Custom Fields Pro for WordPress 6.0.x < 6.1.6 Cross-Site Scripting : undefined
113943 Disclosed Hong Kong Identity Number : undefined
114006 Web Cache Poisoning Denial of Service : undefined
114146 Subdomain Takeover : undefined
114168 Jenkins < 2.442 / < LTS 2.426.3 Arbitrary File Read : undefined
114262 Request URL Override : undefined
114357 Polyfill Detected : undefined
114434 Flask Weak Secret Key : undefined
114450 Mura/Masa CMS SQL Injection : undefined
114575 Ollama Multiples Vulnerabilities : undefined
114668 Langflow < 1.3.0 Unauthenticated Remote Code Execution : undefined
114681 Next.js 13.0.x < 13.5.9 Authorization Bypass : undefined
98920 Disclosed US Social Security Number : undefined
98994 Kentico CMS < 9.0.51 / 10.x < 10.0.48 Access Control Bypass : undefined
98995 Kentico CMS 8.2.x < 8.2.41 Open Redirect : undefined
98996 Kentico CMS < 9.0.51 Cross-Site Scripting : undefined
98997 Kentico CMS 9.x < 10.0.52 / 11.0.x < 11.0.48 / 12.0.x < 12.0.15 Remote Code Execution : undefined

New

114669 JFrog Artifactory Anonymous Deployment Detected : undefined
114680 Age Gates Plugin for WordPress < 3.5.4 Local File Inclusion : undefined
114682 Next.js 14.x < 14.2.25 Authorization Bypass : undefined
114683 Next.js 15.x < 15.2.3 Authorization Bypass : undefined

Web App Scanning Plugin Feed 202503241229

Feed built 12 months ago

Modified Detection

114386 External Broken Resources Detected : undefined
114681 Next.js 13.0.x < 13.5.9 Authorization Bypass : undefined

New

114669 JFrog Artifactory Anonymous Deployment Detected : undefined
114674 ServiceNow SAML Single Sign-On Bypass : undefined
114675 ServiceNow Public Knowledge Base Detected : undefined
114676 Drupal 11.1.x < 11.1.5 Cross-Site Scripting : undefined
114677 Drupal 11.0.x < 11.0.13 Cross-Site Scripting : undefined
114678 Drupal 10.4.x < 10.4.5 Cross-Site Scripting : undefined
114679 Drupal 8.0.x < 10.3.14 Cross-Site Scripting : undefined
114680 Age Gates Plugin for WordPress < 3.5.4 Local File Inclusion : undefined
114682 Next.js 14.x < 14.2.25 Authorization Bypass : undefined
114683 Next.js 15.x < 15.2.3 Authorization Bypass : undefined

Web App Scanning Plugin Feed 202503180749

Feed built 12 months ago

Modified Detection

112907 GraphQL Interface Detected : undefined
114400 Apache OFBiz < 18.12.11 Server-Side Request Forgery : undefined
114621 Docker Public Registry Detected : undefined
114668 Langflow < 1.3.0 Unauthenticated Remote Code Execution : undefined
98117 Blind SQL Injection (differential analysis) : undefined

New

114661 Nokri - Job Board Theme for WordPress < 1.6.3 Arbitrary Password Change : undefined
114662 SEO Automatic Seo Tools Plugin for WordPress Cross-Site Scripting : undefined
114663 HUSKY (formerly WOOF) Plugin for WordPress < 1.3.6.6 Path Traversal : undefined
114664 WHMPress Plugin for WordPress < 6.3-revision-1 Local File Inclusion : undefined
114665 Joomla! 5.x < 5.2.5 Arbitrary File Upload : undefined
114666 Joomla! 4.x < 4.4.12 Arbitrary File Upload : undefined
114667 FlowiseAI Arbitrary File Upload : undefined
114670 PHP 8.4.x < 8.4.5 Multiple Vulnerabilities : undefined
114671 PHP 8.3.x < 8.3.19 Multiple Vulnerabilities : undefined
114672 PHP 8.2.x < 8.2.28 Multiple Vulnerabilities : undefined
114673 PHP 8.1.x < 8.1.32 Multiple Vulnerabilities : undefined

Web App Scanning Plugin Feed 202503120808

Feed built about 1 year ago

Modified Detection

114655 SimpleHelp Detected : undefined

New

114653 Ngrok Detected : undefined
114654 ConnectWise ScreenConnect Detected : undefined
114656 Apache Tomcat 11.0.0-M1 < 11.0.3 Remote Code Execution : undefined
114657 Apache Tomcat 10.1.0-M1 < 10.1.35 Remote Code Execution : undefined
114658 Apache Tomcat 9.0.0-M1 < 9.0.99 Remote Code Execution : undefined
114659 SimpleHelp Unauthenticated Path Traversal : undefined
114660 SPIP CMS < 4.1.16 / 4.2.x < 4.2.13 / 4.3.x < 4.3.0-alpha2 Remote Code Execution : undefined

Web App Scanning Plugin Feed 202503110730

Feed built about 1 year ago

Modified Detection

114129 Generic Secret Disclosure : undefined
114614 CraftCMS < 4.13.2 / 5.x < 5.5.2 Remote Code Execution : undefined
114615 Username Disclosure : undefined
114621 Docker Public Registry Detected : undefined
98104 Cross-Site Scripting (XSS) : undefined
98117 Blind SQL Injection (differential analysis) : undefined
98538 Environment Configuration File Detected : undefined

New

114609 Essential Addons for Elementor Plugin for WordPress < 6.0.15 Cross-Site Scripting : undefined
114616 GitLab Public Sign-Up Detected : undefined
114617 GitLab Public Projects Detected : undefined
114618 GiveWP Plugin for WordPress < 3.20.0 Remote Code Execution : undefined
114619 GitLab Public Snippets Detected : undefined
114620 RustDesk Console Detected : undefined
114622 LiteLLM Detected : undefined
114623 LiteLLM < 1.48.18 Server-Side Request Forgery : undefined
114624 RustDesk Console Default Credentials : undefined
114625 LiteLLM Default Credentials : undefined
114626 RustDesk API Admin Detected : undefined
114627 RustDesk API Admin Registration Enabled : undefined
114628 VNC Viewer for Java Detected : undefined
114629 Newscrunch Plugin for WordPress < 1.8.4.1 Arbitrary File Upload : undefined
114630 OpenVPN Access Server Detected : undefined
114631 Kibana 8.15.x < 8.17.3 Prototype Pollution : undefined
114632 Kibana 7.x < 7.17.23 Multiples Denial Of Service : undefined
114633 Kibana 8.x < 8.15.0 Multiples Vulnerabilities : undefined
114634 Kibana 7.x < 7.17.23 Multiples Vulnerabilities : undefined
114635 Kibana 8.x < 8.14.2 Multiples Vulnerabilities : undefined
114636 Kibana 8.15.x < 8.15.1 Multiples Vulnerabilities : undefined
114637 Kibana 8.x < 8.14.0 Denial Of Service : undefined
114638 Kibana 7.x < 7.17.23 Denial Of Service : undefined
114639 Kibana 8.x < 8.14.0 Multiples Vulnerabilities : undefined
114640 Kibana 7.x < 7.17.22 Multiples Vulnerabilities : undefined
114641 Kibana 8.x < 8.11.2 Insertion of Sensitive Information into Log File : undefined
114642 Kibana 7.13.x < 7.17.16 Insertion of Sensitive Information into Log File : undefined
114643 Kibana 8.x < 8.11.1 Insertion of Sensitive Information into Log File : undefined
114644 Kibana 8.x < 8.10.1 Insertion of Sensitive Information into Log File : undefined
114645 Kibana 8.x < 8.7.1 Multiples Vulnerabilities : undefined
114646 TSPlus Detected : undefined
114647 Apache Guacamole Detected : undefined
114648 Pritunl Detected : undefined
114649 Sitecore XM/XP Remote Code Execution : undefined
114650 BeyondTrust Remote Support Detected : undefined
114651 AirDroid Detected : undefined
114652 SonicWall SonicOS SSLVPN Authentication Bypass : undefined

Web App Scanning Plugin Feed 202503030738

Feed built about 1 year ago

Modified Detection

114166 SOAP API Detected : undefined
114614 CraftCMS < 4.13.2 / 5.x < 5.5.2 Remote Code Execution : undefined

New

114608 REST API Detected : undefined
114609 Essential Addons for Elementor Plugin for WordPress < 6.0.15 Cross-Site Scripting : undefined
114610 ASP.NET Cookieless Session State Enabled : undefined
114611 Azure Entra ID Identity Provider Detected : undefined
114612 NAKIVO Backup & Replication < 11.0.0.88174 Arbitrary File Read : undefined
114613 Auth0 Identity Provider Detected : undefined

Web App Scanning Plugin Feed 202502250732

Feed built about 1 year ago

Modified Detection

113078 AngularJS Unsupported Version : undefined
114604 Drupal 11.1.x < 11.1.3 Multiple Vulnerabilities : undefined
114605 Drupal 11.0.x < 11.0.12 Multiple Vulnerabilities : undefined
114606 Drupal 10.4.x < 10.4.3 Multiple Vulnerabilities : undefined
114607 Drupal 8.0.x < 10.3.13 Multiple Vulnerabilities : undefined
98083 CAPTCHA Detection : undefined
98113 XML External Entity : undefined
98228 Drupal Unsupported Version : undefined

New

114596 Atlassian Jira UserPickerBrowser Information Disclosure : undefined
114598 Palo Alto PAN-OS Authentication Bypass : undefined
114599 DWT - Directory & Listing Theme for WordPress < 3.3.4 Cross-Site Scripting : undefined
114600 Atlassian Jira Managefilters Information Disclosure : undefined
114601 Atlassian Jira Public Dashboard Detected : undefined
114602 Joomla! 5.x < 5.2.4 SQL injection : undefined
114603 Joomla! 4.x < 4.4.11 SQL injection : undefined

Web App Scanning Plugin Feed 202502120843

Feed built about 1 year ago

Modified Detection

113031 Out-of-Date JQuery UI Detected : undefined
113034 Out-of-Date MediaElement.Js Detected : undefined
113373 Atlassian Bitbucket Remote Code Execution : undefined

New

114412 WebSocket Unencrypted Traffic : undefined
114586 LobeChat < 1.19.13 Server-Side Request Forgery : undefined
114587 LobeChat < 0.162.25 Sensitive Data Exposure : undefined
114588 LobeChat < 0.150.6 Server-Side Request Forgery : undefined
114589 LobeChat < 0.122.4 Improper Access Control : undefined
114591 GSheetConnector for Forminator Forms for WordPress Cross-Site Scripting : undefined
114592 Multilang Contact Form Plugin for WordPress Cross-Site Scripting : undefined
114593 Build Private Store For Woocommerce Plugin for WordPress < 1.1 Cross-Site Request Forgery : undefined
114594 Nginx 1.27.x < 1.27.4 SSL Session Reuse : undefined
114595 Nginx 1.11.4 < 1.26.3 SSL Session Reuse : undefined
114596 Atlassian Jira UserPickerBrowser Information Disclosure : undefined
114597 Atlassian Confluence Public Space Detected : undefined

Web App Scanning Plugin Feed 202502030823

Feed built about 1 year ago

Modified Detection

113943 Disclosed Hong Kong Identity Number : undefined
114129 Generic Secret Disclosure : undefined
114590 Microsoft Exchange Autodiscover V2 User Enumeration : undefined
98100 Path Traversal : undefined
98611 Error Message : undefined

New

114584 Drupal Full Path Disclosures : undefined
114585 LobeChat Detected : undefined
114586 LobeChat < 1.19.13 Server-Side Request Forgery : undefined
114587 LobeChat < 0.162.25 Sensitive Data Exposure : undefined
114588 LobeChat < 0.150.6 Server-Side Request Forgery : undefined
114589 LobeChat < 0.122.4 Improper Access Control : undefined

Web App Scanning Plugin Feed 202501290807

Feed built about 1 year ago

Modified Detection

113162 MySQLjs SQL Injection Authentication Bypass : undefined
113337 NoSQL Injection Authentication Bypass : undefined
98117 Blind SQL Injection (differential analysis) : undefined

New

114572 DNS Dangling Record : undefined
114581 Masa CMS < 7.2.1 Path Traversal : undefined
114582 Masa CMS < 7.2.5 / 7.3.x < 7.3.10 Authentication Bypass : undefined
114583 Masa CMS Default Credentials : undefined

Web App Scanning Plugin Feed 202501280736

Feed built about 1 year ago

Modified Detection

113158 Package Dependencies Detected : undefined
114146 Subdomain Takeover : undefined
114575 Ollama Multiples Vulnerabilities : undefined

New

114567 Oak Server < 17.1.3 Path Traversal : undefined
114568 GitHub Workflow Detected : undefined
114569 Atlassian BitBucket Public Repository Detected : undefined
114570 Envoy Admin Interface Exposed : undefined
114571 Istio Sensitive Information Disclosure : undefined
114572 DNS Dangling Record : undefined
114573 Microsoft Remote Desktop Web Access Detected : undefined
114574 Spring Framework 5.3.x < 5.3.40 / 6.0.x < 6.0.24 / 6.1.x < 6.1.13 Path Traversal : undefined
114576 Ollama < 0.4.0 Remote Code Execution : undefined
114577 Ollama < 0.1.47 Path Traversal : undefined
114578 Ollama < 0.1.46 Multiples Vulnerabilities : undefined
114579 Ollama < 0.1.34 Multiples Vulnerabilities : undefined
114580 Ollama < 0.1.29 DNS Rebinding : undefined

Web App Scanning Plugin Feed 202501200850

Feed built about 1 year ago

Modified Detection

113310 Blind XPath Injection (differential analysis) : undefined
113943 Disclosed Hong Kong Identity Number : undefined
98119 Blind NoSQL Injection (differential analysis) : undefined

Web App Scanning Plugin Feed 202501170929

Feed built about 1 year ago

Modified Detection

112526 Missing 'X-XSS-Protection' Header (deprecated) : undefined
113943 Disclosed Hong Kong Identity Number : undefined
114029 Well-Known URIs Detected : undefined
114146 Subdomain Takeover : undefined
114258 LayerSlider Plugin for WordPress 7.9.11 < 7.10.1 SQL Injection : undefined
98070 Common Administration Interfaces Detection : undefined
98071 Common Files Detection : undefined
98109 DOM-based Cross-Site Scripting (XSS) : undefined

New

114543 Plugin Telemetry : undefined
114550 Joomla! 5.x < 5.2.3 Multiple Vulnerabilities : undefined
114551 Roundcube Webmail < 1.4.14 Cross-Site-Scripting : undefined
114552 Roundcube Webmail 1.5.x < 1.5.4 Cross-Site-Scripting : undefined
114553 Roundcube Webmail 1.6.x < 1.6.3 Cross-Site-Scripting : undefined
114554 Roundcube Webmail 1.5.x < 1.5.8 Multiples Vulnerabilities : undefined
114555 Roundcube Webmail 1.6.x < 1.6.8 Multiples Vulnerabilities : undefined
114556 Roundcube Webmail 1.5.x < 1.5.7 Multiples Vulnerabilities : undefined
114557 Roundcube Webmail 1.6.x < 1.6.7 Multiples Vulnerabilities : undefined
114558 Roundcube Webmail 1.5.x < 1.5.6 Cross-Site-Scripting : undefined
114559 Roundcube Webmail 1.6.x < 1.6.5 Cross-Site-Scripting : undefined
114560 Roundcube Webmail < 1.4.15 Cross-Site-Scripting : undefined
114561 Roundcube Webmail 1.5.x < 1.5.5 Cross-Site-Scripting : undefined
114562 Roundcube Webmail 1.6.x < 1.6.4 Cross-Site-Scripting : undefined
114563 GiveWP Plugin for WordPress < 3.19.4 Remote Code Execution : undefined
114564 Content Security Policy Permissive Sources : undefined
114565 Joomla! 4.x < 4.4.10 Multiple Vulnerabilities : undefined
114566 Joomla! 3.x < 3.10.20 Multiple Vulnerabilities : undefined

Web App Scanning Plugin Feed 202501070844

Feed built about 1 year ago

Modified Detection

112290 Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities : undefined
112439 Server-Side Request Forgery : undefined
112524 Oracle WebLogic WSAT Remote Code Execution : undefined
112526 Missing 'X-XSS-Protection' Header (deprecated) : undefined
112541 SSL/TLS Certificate Common Name Mismatch : undefined
112544 HTTP to HTTPS Redirect Not Enabled : undefined
112545 Oracle WebLogic Server Administration Console Detected : undefined
112685 Symfony Secret Fragments Remote Code Execution : undefined
112686 JSON Web Token Detected : undefined
112703 JSON Web Token None Hashing Algorithm : undefined
112704 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 Remote Code Execution : undefined
112706 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 / 12.2.1.3.0 Remote Code Execution : undefined
112720 Rails < 4.2.11.3 / 5.x < 5.0.1 Remote Code Execution : undefined
112907 GraphQL Interface Detected : undefined
113029 Microsoft IIS Unsupported Version : undefined
113031 Out-of-Date JQuery UI Detected : undefined
113034 Out-of-Date MediaElement.Js Detected : undefined
113057 Microsoft Exchange Server Autodiscover Cross-Site Scripting : undefined
113058 Apache 2.4.10 < 2.4.44 Source Code Disclosure : undefined
113059 OPcache UI Detected : undefined
113067 Basic Authentication Bruteforced : undefined
113078 AngularJS Unsupported Version : undefined
113123 Dockerfile Detected : undefined
113150 Google Cloud Service Account Private Key Disclosure (deprecated) : undefined
113158 Package Dependencies Detected : undefined
113162 MySQLjs SQL Injection Authentication Bypass : undefined
113164 AWS Credentials Disclosure (deprecated) : undefined
113168 Docker Compose Configuration Detected : undefined
113195 Spring Boot Actuator Detected : undefined
113217 Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell) : undefined
113219 Insecure Redirect Chain : undefined
113258 OpenAPI Permissive Input Validation : undefined
113310 Blind XPath Injection (differential analysis) : undefined
113337 NoSQL Injection Authentication Bypass : undefined
113369 BackupBuddy Plugin for WordPress < 8.7.5 Arbitrary File Read : undefined
113373 Atlassian Bitbucket Remote Code Execution : undefined
113448 Microsoft Access Database Detected : undefined
113452 WordPress Plugins Detected : undefined
113634 Server-Side Inclusion Injection : undefined
113900 Cross-Site Request Forgery Token Validation Bypass : undefined
113906 Advanced Custom Fields for WordPress 6.0.x < 6.1.6 Cross-Site Scripting : undefined
113908 Advanced Custom Fields Pro for WordPress 6.0.x < 6.1.6 Cross-Site Scripting : undefined
113943 Disclosed Hong Kong Identity Number : undefined
113973 Web Services Description Language (WSDL) File Detected : undefined
114006 Web Cache Poisoning Denial of Service : undefined
114029 Well-Known URIs Detected : undefined
114064 MediaWiki Status Module Information Disclosure : undefined
114116 XML Injection : undefined
114128 External Backend API Detected : undefined
114129 Generic Secret Disclosure : undefined
114146 Subdomain Takeover : undefined
114166 SOAP API Detected : undefined
114168 Jenkins < 2.442 / < LTS 2.426.3 Arbitrary File Read : undefined
114200 Google Cloud Platform Detected : undefined
114223 HTTP Request Smuggling : undefined
114232 PHP Development Server < 7.4.22 Source Disclosure : undefined
114247 Authentication Check Pattern Found in Unauthenticated Browser : undefined
114258 LayerSlider Plugin for WordPress 7.9.11 < 7.10.1 SQL Injection : undefined
114262 Request URL Override : undefined
114276 Database Connection String Disclosure : undefined
114313 Flowise Chatflow Detected : undefined
114357 Polyfill Detected : undefined
114386 External Broken Resources Detected : undefined
114400 Apache OFBiz < 18.12.11 Server-Side Request Forgery : undefined
114434 Flask Weak Secret Key : undefined
114450 Mura/Masa CMS SQL Injection : undefined
114502 Cross-Site WebSocket Hijacking : undefined
114549 Apache Struts < 6.4.0 Unrestricted File Upload (S2-067) : undefined
115540 Cookie Without SameSite Flag Detected : undefined
98000 Scan Information : undefined
98008 Web Application Firewall Detected : undefined
98054 Unvalidated Redirection : undefined
98056 Missing HTTP Strict Transport Security Policy : undefined
98062 Cookie Set For Parent Domain : undefined
98063 Cookie Without HttpOnly Flag Detected : undefined
98064 Cookie Without Secure Flag Detected : undefined
98070 Common Administration Interfaces Detection : undefined
98071 Common Files Detection : undefined
98074 Backup File : undefined
98080 Form-based File Upload : undefined
98083 CAPTCHA Detection : undefined
98091 Mixed Resource Detection : undefined
98099 Publicly writable directory : undefined
98100 Path Traversal : undefined
98101 Response Splitting : undefined
98104 Cross-Site Scripting (XSS) : undefined
98107 Cross-Site Scripting (XSS) in path : undefined
98109 DOM-based Cross-Site Scripting (XSS) : undefined
98110 DOM-based Cross-Site Scripting (XSS) in attribute context : undefined
98112 Cross-Site Request Forgery : undefined
98113 XML External Entity : undefined
98115 SQL Injection : undefined
98117 Blind SQL Injection (differential analysis) : undefined
98119 Blind NoSQL Injection (differential analysis) : undefined
98123 Operating System Command Injection : undefined
98125 Local File Inclusion : undefined
98146 Password Submitted Using GET Method : undefined
98201 Drupal User Registration Form Detected : undefined
98202 WordPress User Registration Form Detected : undefined
98205 Joomla! User Registration Form Detected : undefined
98209 Drupal User Enumeration : undefined
98228 Drupal Unsupported Version : undefined
98230 PHP Unsupported Version : undefined
98538 Environment Configuration File Detected : undefined
98611 Error Message : undefined
98623 Host Header Injection : undefined
98646 .DS_Store File Detected : undefined
98648 Missing 'Content-Type' Header : undefined
98779 Source Code Passive Disclosure : undefined
98920 Disclosed US Social Security Number : undefined
98994 Kentico CMS < 9.0.51 / 10.x < 10.0.48 Access Control Bypass : undefined
98995 Kentico CMS 8.2.x < 8.2.41 Open Redirect : undefined
98996 Kentico CMS < 9.0.51 Cross-Site Scripting : undefined
98997 Kentico CMS 9.x < 10.0.52 / 11.0.x < 11.0.48 / 12.0.x < 12.0.15 Remote Code Execution : undefined

New

114546 Apache Tomcat 11.0.0-M1 < 11.0.2 Multiple Vulnerabilities : undefined
114547 Apache Tomcat 10.1.0-M1 < 10.1.34 Multiple Vulnerabilities : undefined
114548 Apache Tomcat 9.0.0-M1 < 9.0.98 Multiple Vulnerabilities : undefined

Web App Scanning Plugin Feed 202412231324

Feed built about 1 year ago

Modified Detection

112290 Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities : undefined
98107 Cross-Site Scripting (XSS) in path : undefined
98109 DOM-based Cross-Site Scripting (XSS) : undefined
98110 DOM-based Cross-Site Scripting (XSS) in attribute context : undefined

New

114546 Apache Tomcat 11.0.0-M1 < 11.0.2 Multiple Vulnerabilities : undefined
114547 Apache Tomcat 10.1.0-M1 < 10.1.34 Multiple Vulnerabilities : undefined
114548 Apache Tomcat 9.0.0-M1 < 9.0.98 Multiple Vulnerabilities : undefined

Web App Scanning Plugin Feed 202412190727

Feed built about 1 year ago

Modified Detection

112290 Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities : undefined
112719 Client-Side Prototype Pollution : undefined
112726 Apache Struts 2.3.5 < 2.3.32 / 2.5.x < 2.5.10.1 Remote Code Execution (S2-045 / S2-046) : undefined
112727 Apache Struts 2.0.4 < 2.3.35 / 2.5.x < 2.5.17 Remote Code Execution (S2-057) : undefined
112741 Apache Struts 2.x < 2.3.15.1 Remote Code Execution (S2-016) : undefined
112742 Apache Struts 2 < 2.3.29 DevMode Remote Code Execution : undefined
112760 Apache Struts 2 Demo Application Detected : undefined
112762 Apache Struts 2 < 2.3.33 Remote Code Execution (S2-048) : undefined
112763 Apache Struts 2.1.6 < 2.3.34 / 2.5 < 2.5.13 Remote Code Execution (S2-052) : undefined
114129 Generic Secret Disclosure : undefined
114357 Polyfill Detected : undefined
114469 CyberPanel < 2.3.8 Remote Command Execution : undefined
98115 SQL Injection : undefined

New

114542 Cleo < 5.8.0.21 Unrestricted File Read/Upload : undefined
114544 Cleo < 5.8.0.24 Unrestricted File Upload : undefined
114545 Hunk Companion Plugin for WordPress < 1.9.0 Arbitrary Plugin Installation : undefined

Web App Scanning Plugin Feed 202412100732

Feed built over 1 year ago

Modified Detection

114313 Flowise Chatflow Detected : undefined
114469 CyberPanel < 2.3.8 Remote Command Execution : undefined

New

114524 Ivanti EPM XML External Entity : undefined
114529 GeoServer 2.10.0 < 2.24.4 Sensitive Information Exposure : undefined
114530 GeoServer 2.25.0 < 2.25.1 Sensitive Information Exposure : undefined
114531 GeoServer < 2.23.5 Path Traversal : undefined
114532 GeoServer 2.24.0 < 2.24.3 Path Traversal : undefined
114533 GeoServer 2.24.0 < 2.24.2 Path Traversal : undefined
114534 GeoServer < 2.23.4 Multiples Vulnerabilities : undefined
114535 GeoServer 2.24.0 < 2.24.1 Multiples Vulnerabilities : undefined
114536 GeoServer < 2.23.4 Path Traversal : undefined
114537 GeoServer < 2.23.3 Multiples Vulnerabilities : undefined
114538 GeoServer < 2.22.5 Multiples Vulnerabilities : undefined
114539 GeoServer 2.23.0 < 2.23.1 Multiples Vulnerabilities : undefined
114540 GeoServer < 2.19.6 Insecure Deserialization : undefined
114541 GeoServer 2.20.0 < 2.20.4 Insecure Deserialization : undefined

Web App Scanning Plugin Feed 202412030816

Feed built over 1 year ago

Modified Detection

114129 Generic Secret Disclosure : undefined
114223 HTTP Request Smuggling : undefined
98077 Private IP Address Disclosure : undefined
98623 Host Header Injection : undefined

New

114524 Ivanti EPM XML External Entity : undefined
114525 Spring Eureka Detected : undefined
114526 Spam protection, Anti-Spam, FireWall by CleanTalk Plugin for WordPress < 6.45 Authorization Bypass : undefined
114527 Spam protection, Anti-Spam, FireWall by CleanTalk Plugin for WordPress < 6.44 Authorization Bypass : undefined
114528 PhpSysInfo Detected : undefined

Web App Scanning Plugin Feed 202411260719

Feed built over 1 year ago

Modified Detection

113158 Package Dependencies Detected : undefined
114129 Generic Secret Disclosure : undefined
114503 Virtual Hosts Detected : undefined
98067 Insecure Cross-Domain Policy (allow-access-from) : undefined
98068 Insecure Cross-Domain Policy (allow-http-request-headers-from) : undefined

New

114512 Really Simple Security Plugin for WordPress 9.x < 9.1.2 Authentication Bypass : undefined
114514 Palo Alto PAN-OS GlobalProtect Authentication Bypass : undefined
114515 Surecart Plugin for WordPress < 2.30.0 SQL Injection : undefined
114516 PHP 8.3.x < 8.3.14 Multiple Vulnerabilities : undefined
114517 PHP 8.2.x < 8.2.26 Multiple Vulnerabilities : undefined
114518 PHP 8.1.x < 8.1.31 Multiple Vulnerabilities : undefined
114519 Drupal 11.0.x < 11.0.8 Multiple Vulnerabilities : undefined
114520 Drupal 10.3.x < 10.3.9 Multiple Vulnerabilities : undefined
114521 Drupal 10.2.x < 10.2.11 Multiple Vulnerabilities : undefined
114522 Drupal 7.x < 7.102 Multiple Vulnerabilities : undefined
114523 Sitecore 8.x < 10.4 Arbitrary File Read : undefined

Web App Scanning Plugin Feed 202411200736

Feed built over 1 year ago

Modified Detection

114143 Node-config Configuration File Detected : undefined
114400 Apache OFBiz < 18.12.11 Server-Side Request Forgery : undefined
114497 Symfony < 5.4.46 / 6.x < 6.4.14 / 7.x < 7.1.7 Improper Input Handling : undefined
114502 Cross-Site WebSocket Hijacking : undefined
114503 Virtual Hosts Detected : undefined

New

114504 Opti Marketing Plugin for WordPress <= 2.0.9 SQL Injection : undefined
114505 HTTP Hop-By-Hop Headers Detected : undefined
114506 Apache Tomcat 11.0.0 Cross-Site Scripting : undefined
114507 Apache Tomcat 10.1.31 Cross-Site Scripting : undefined
114508 Apache Tomcat 9.0.96 Cross-Site Scripting : undefined
114509 Apache Tomcat 11.0.0-M1 < 11.0.0 Multiple Vulnerabilities : undefined
114510 Apache Tomcat 10.1.0-M1 < 10.1.31 Multiple Vulnerabilities : undefined
114511 Apache Tomcat 9.0.0-M1 < 9.0.96 Multiple Vulnerabilities : undefined
114512 Really Simple Security Plugin for WordPress 9.x < 9.1.2 Authentication Bypass : undefined
114513 Ivanti Cloud Services Appliance < 4.6 patch 519 Path Traversal : undefined

Web App Scanning Plugin Feed 202411140727

Feed built over 1 year ago

Modified Detection

112353 ASP.NET DEBUG Method Enabled : undefined
112920 GraphQL Cross-Site Request Forgery : undefined
113219 Insecure Redirect Chain : undefined
114143 Node-config Configuration File Detected : undefined
114223 HTTP Request Smuggling : undefined
114400 Apache OFBiz < 18.12.11 Server-Side Request Forgery : undefined
114497 Symfony < 5.4.46 / 6.x < 6.4.14 / 7.x < 7.1.7 Improper Input Handling : undefined

New

114499 Apache APISIX Dashboard < 2.10.1 Authentication Bypass : undefined
114500 Apache APISIX Dashboard Default Credentials : undefined
114501 jQuery < 1.9.0 Cross-Site Scripting : undefined

Web App Scanning Plugin Feed 202411080956

Feed built over 1 year ago

Modified Detection

113897 HTML Comments Detected : undefined
114129 Generic Secret Disclosure : undefined
114223 HTTP Request Smuggling : undefined
114386 External Broken Resources Detected : undefined
114466 Path Relative Stylesheet Import : undefined
114497 Symfony < 5.4.46 / 6.x < 6.4.14 / 7.x < 7.1.7 Improper Input Handling : undefined

Web App Scanning Plugin Feed 202411050843

Feed built over 1 year ago

Modified Detection

113897 HTML Comments Detected : undefined
114129 Generic Secret Disclosure : undefined
114468 SonarQube Public Projects Detected : undefined
114469 CyberPanel < 2.3.8 Remote Command Execution : undefined

New

114470 Mastodon < 4.1.20 Regular Expression Denial of Service : undefined
114471 Mastodon 4.2.x < 4.2.13 Regular Expression Denial of Service : undefined
114472 Mastodon < 4.1.18 Multiples Vulnerabilities : undefined
114473 Mastodon 4.2.x < 4.2.10 Multiples Vulnerabilities : undefined
114474 Mastodon < 4.1.17 Multiples Vulnerabilities : undefined
114475 Mastodon 4.2.x < 4.2.9 Multiples Vulnerabilities : undefined
114476 Mastodon < 3.5.19 Unrestricted File Upload : undefined
114477 Mastodon 4.0.x < 4.0.15 Unrestricted File Upload : undefined
114478 Mastodon 4.1.x < 4.1.15 Unrestricted File Upload : undefined
114479 Mastodon 4.2.x < 4.2.7 Unrestricted File Upload : undefined
114480 Mastodon < 3.5.17 Authentication Bypass : undefined
114481 Mastodon < 4.1.13 Authentication Bypass : undefined
114482 Mastodon < 4.2.5 Authentication Bypass : undefined
114483 Mastodon < 3.5.18 Multiples Vulnerabilities : undefined
114484 Mastodon 4.0.x < 4.0.14 Multiples Vulnerabilities : undefined
114485 Mastodon 4.1.x < 4.1.14 Multiples Vulnerabilities : undefined
114486 Mastodon 4.2.x < 4.2.6 Multiples Vulnerabilities : undefined
114487 Mastodon < 3.5.14 Multiples Vulnerabilities : undefined
114488 Mastodon < 4.0.10 Multiples Vulnerabilities : undefined
114489 Mastodon < 4.1.8 Multiples Vulnerabilities : undefined
114490 Mastodon < 3.5.9 Multiples Vulnerabilities : undefined
114491 Mastodon 4.0.x < 4.0.5 Multiples Vulnerabilities : undefined
114492 Mastodon 4.1.x < 4.1.3 Multiples Vulnerabilities : undefined
114493 Mastodon 2.5.0 < 3.5.8 LDAP injection : undefined
114494 Mastodon 4.0.x < 4.0.4 LDAP injection : undefined
114495 Mastodon 4.1.x < 4.1.2 LDAP injection : undefined
114496 Apache Solr 5.3.0 < 8.11.4 / 9.x < 9.7.0 Authentication Bypass : undefined

Web App Scanning Plugin Feed 202410310824

Feed built over 1 year ago

Modified Detection

114466 Path Relative Stylesheet Import : undefined
114469 CyberPanel < 2.3.8 Remote Command Execution : undefined

Web App Scanning Plugin Feed 202410290727

Feed built over 1 year ago

Modified Detection

114466 Path Relative Stylesheet Import : undefined
114468 SonarQube Public Projects Detected : undefined

New

114460 Clockwork Detected : undefined
114461 Clockwork Unrestricted Access : undefined
114462 SuiteCRM < 7.14.4 / 8.x < 8.6.1 SQL Injection : undefined
114463 Robomongo File Detected : undefined
114464 SSH Authorized Keys File Detected : undefined
114465 SSH id_rsa File Detected : undefined
114467 Danswer < 0.10.0-beta.1 Insecure Direct Object Reference : undefined

Web App Scanning Plugin Feed 202410210711

Feed built over 1 year ago

Modified Detection

113217 Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell) : undefined
113838 WooCommerce Payments Plugin for WordPress 5.6.x < 5.6.2 Authentication Bypass : undefined
114031 WooCommerce Payments Plugin for WordPress 6.3.x < 6.3.2 Authentication Bypass : undefined
114032 WooCommerce Payments Plugin for WordPress 6.2.x < 6.2.2 Authentication Bypass : undefined
114033 WooCommerce Payments Plugin for WordPress 5.5.x < 5.5.2 Authentication Bypass : undefined
114034 WooCommerce Payments Plugin for WordPress 5.4.x < 5.4.1 Authentication Bypass : undefined
114035 WooCommerce Payments Plugin for WordPress 5.3.x < 5.3.1 Authentication Bypass : undefined
114036 WooCommerce Payments Plugin for WordPress 5.2.x < 5.2.2 Authentication Bypass : undefined
114037 WooCommerce Payments Plugin for WordPress 5.1.x < 5.1.3 Authentication Bypass : undefined
114038 WooCommerce Payments Plugin for WordPress 5.0.x < 5.0.4 Authentication Bypass : undefined
114039 WooCommerce Payments Plugin for WordPress 4.9.x < 4.9.1 Authentication Bypass : undefined
114040 WooCommerce Payments Plugin for WordPress 4.8.x < 4.8.2 Authentication Bypass : undefined
114129 Generic Secret Disclosure : undefined
114450 Mura/Masa CMS SQL Injection : undefined
98228 Drupal Unsupported Version : undefined

New

114449 Dolibarr 16.x < 16.0.5 Database Download : undefined
114451 XWiki Platform 7.0 < 14.4.8 / 14.5 < 14.10.4 Remote Code Execution : undefined
114452 SEOPress Plugin for WordPress < 7.9 PHP Object Injection : undefined
114453 Atlassian Confluence < 7.19.25 Cross-Site Scripting : undefined
114454 Atlassian Confluence 7.20.x < 8.5.11 Cross-Site Scripting : undefined
114455 Atlassian Confluence 8.6.x < 8.9.3 Cross-Site Scripting : undefined
114456 Drupal 10.2.x < 10.2.10 Improper Error Handling : undefined
114457 Palo Alto Expedition < 1.2.96 Multiple Vulnerabilties : undefined
114458 GiveWP Plugin for WordPress < 3.16.4 Remote Code Execution : undefined
114459 Gradio < 4.37.1 Open Redirect : undefined

Web App Scanning Plugin Feed 202410150635

Feed built over 1 year ago

Modified Detection

114129 Generic Secret Disclosure : undefined
114247 Authentication Check Pattern Found in Unauthenticated Browser : undefined

New

114448 Apache Tapestry Arbitrary File Read : undefined

Web App Scanning Plugin Feed 202410030740

Feed built over 1 year ago

Modified Detection

112550 Full Path Disclosure : undefined
113393 Performance Telemetry : undefined
114129 Generic Secret Disclosure : undefined
114439 Express.js Cookie-Session Weak Secret Key : undefined
115540 Cookie Without SameSite Flag Detected : undefined
98062 Cookie Set For Parent Domain : undefined
98063 Cookie Without HttpOnly Flag Detected : undefined
98064 Cookie Without Secure Flag Detected : undefined

New

114445 PHP 8.3.x < 8.3.12 Multiple Vulnerabilities : undefined
114446 PHP 8.2.x < 8.2.24 Multiple Vulnerabilities : undefined
114447 PHP 8.1.x < 8.1.30 Multiple Vulnerabilities : undefined

Web App Scanning Plugin Feed 202409261254

Feed built over 1 year ago

Modified Detection

114283 Unrestricted File Upload : undefined

New

114441 PowerPress Podcasting Plugin for WordPress 11.9.3 / 11.9.4 Injected Backdoor : undefined
114442 Pods Plugin for WordPress 3.2.3 Injected Backdoor : undefined
114443 Social Warfare Plugin for WordPress 4.4.6.4 < 4.4.7.3 Injected Backdoor : undefined
114444 Apache OFBiz < 18.12.16 Remote Code Execution : undefined

Web App Scanning Plugin Feed 202409240634

Feed built over 1 year ago

Modified Detection

112686 JSON Web Token Detected : undefined
114433 Ivanti EPM RecordGoodApp SQL Injection : undefined
114434 Flask Weak Secret Key : undefined
114439 Express.js Cookie-Session Weak Secret Key : undefined

New

114432 Laravel Weak Secret Key : undefined
114435 Django Weak Secret Key : undefined
114436 Ruby On Rails Weak Secret Key : undefined
114437 Pyramid Weak Secret Key : undefined
114438 Express.js Express-Session Weak Secret Key : undefined
114440 LiteSpeed Cache Plugin for WordPress < 6.5.0.1 Sensitive Information Exposure : undefined

Web App Scanning Plugin Feed 202409170625

Feed built over 1 year ago

Modified Detection

98538 Environment Configuration File Detected : undefined

New

114429 Service Worker Detected : undefined
114430 Next.js Remote Patterns Server-Side Request Forgery : undefined
114431 Next.js < 14.1.1 Server Actions Server-Side Request Forgery : undefined

Web App Scanning Plugin Feed 202409120921

Feed built over 1 year ago

Modified Detection

114129 Generic Secret Disclosure : undefined
114283 Unrestricted File Upload : undefined

New

114428 Sequelize Configuration File Detected : undefined

Web App Scanning Plugin Feed 202409091331

Feed built over 1 year ago

Modified Detection

112726 Apache Struts 2.3.5 < 2.3.32 / 2.5.x < 2.5.10.1 Remote Code Execution (S2-045 / S2-046) : undefined
112741 Apache Struts 2.x < 2.3.15.1 Remote Code Execution (S2-016) : undefined
113420 Nginx < 1.22.1 Multiple Vulnerabilities : undefined
113421 Nginx 1.23.x < 1.23.2 Multiple Vulnerabilities : undefined
114168 Jenkins < 2.442 / < LTS 2.426.3 Arbitrary File Read : undefined

New

114421 Nginx 1.27.0 Buffer Over-read : undefined
114422 Nginx 1.5.13 < 1.26.2 Buffer Over-read : undefined
114424 CKEditor < 5.35.0.1 Cross-Site Scripting : undefined
114425 CKEditor < 4.25.0-LTS Multiples Cross-Site Scripting : undefined
114426 CKEditor < 4.24.0-LTS Multiples Cross-Site Scripting : undefined
114427 Gutenberg Forms Plugin for WordPress <= 2.2.9 Arbitrary File Upload : undefined

Web App Scanning Plugin Feed 202409061119

Feed built over 1 year ago

Modified Detection

112544 HTTP to HTTPS Redirect Not Enabled : undefined
112907 GraphQL Interface Detected : undefined
113420 Nginx < 1.22.1 Multiple Vulnerabilities : undefined
113421 Nginx 1.23.x < 1.23.2 Multiple Vulnerabilities : undefined
114220 Atlassian Confluence < 7.19.18 Cross-Site Scripting : undefined
114221 Atlassian Confluence 8.7.x < 8.7.2 Cross-Site Scripting : undefined
114222 Atlassian Confluence 7.20.x < 8.5.5 Cross-Site Scripting : undefined
114238 Atlassian Confluence < 7.19.20 Path Traversal : undefined
114239 Atlassian Confluence 7.20.x < 8.5.7 Path Traversal : undefined
114240 Atlassian Confluence 8.6.x < 8.8.1 Path Traversal : undefined
114373 Joomla! 5.x < 5.1.2 Multiple Vulnerabilities : undefined
114374 Joomla! 4.x < 4.4.6 Multiple Vulnerabilities : undefined
114375 Joomla! 3.x < 3.10.16 Multiple Vulnerabilities : undefined
114377 Atlassian Confluence < 7.19.22 Cross-Site Scripting : undefined
114378 Atlassian Confluence 7.20.x < 8.5.9 Cross-Site Scripting : undefined
114379 Atlassian Confluence 8.6.x < 8.9.1 Cross-Site Scripting : undefined
98146 Password Submitted Using GET Method : undefined
98950 Nginx < 1.4.1 ngx_http_proxy_module.c Multiple Vulnerabilities : undefined
98951 Nginx < 1.2.9 ngx_http_proxy_module.c Multiple Vulnerabilities : undefined

New

114413 Flowise < 2.0.6 Authentication Bypass : undefined
114414 Joomla! 5.x < 5.1.3 Multiple Vulnerabilities : undefined
114415 Joomla! 4.x < 4.4.7 Multiple Vulnerabilities : undefined
114416 Joomla! 3.x < 3.10.17 Multiple Vulnerabilities : undefined
114417 Atlassian Confluence < 7.19.26 Multiple Vulnerabilities : undefined
114418 Atlassian Confluence 7.20.x < 8.5.14 Multiple Vulnerabilities : undefined
114419 Atlassian Confluence 8.6.x < 8.9.5 Multiple Vulnerabilities : undefined
114420 Atlassian Confluence 9.0.x < 9.0.1 Multiple Vulnerabilities : undefined
114421 Nginx 1.27.0 Buffer Over-read : undefined
114422 Nginx 1.5.13 < 1.26.2 Buffer Over-read : undefined
114423 Nginx 1.25.x < 1.26.1 Multiple Vulnerabilities : undefined

Web App Scanning Plugin Feed 202409030646

Feed built over 1 year ago

Modified Detection

112290 Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities : undefined
112353 ASP.NET DEBUG Method Enabled : undefined
112439 Server-Side Request Forgery : undefined
112524 Oracle WebLogic WSAT Remote Code Execution : undefined
112526 Missing 'X-XSS-Protection' Header (deprecated) : undefined
112541 SSL/TLS Certificate Common Name Mismatch : undefined
112544 HTTP to HTTPS Redirect Not Enabled : undefined
112545 Oracle WebLogic Server Administration Console Detected : undefined
112550 Full Path Disclosure : undefined
112685 Symfony Secret Fragments Remote Code Execution : undefined
112686 JSON Web Token Detected : undefined
112703 JSON Web Token None Hashing Algorithm : undefined
112704 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 Remote Code Execution : undefined
112706 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 / 12.2.1.3.0 Remote Code Execution : undefined
112719 Client-Side Prototype Pollution : undefined
112720 Rails < 4.2.11.3 / 5.x < 5.0.1 Remote Code Execution : undefined
112726 Apache Struts 2.3.5 < 2.3.32 / 2.5.x < 2.5.10.1 Remote Code Execution (S2-045 / S2-046) : undefined
112727 Apache Struts 2.0.4 < 2.3.35 / 2.5.x < 2.5.17 Remote Code Execution (S2-057) : undefined
112741 Apache Struts 2.x < 2.3.15.1 Remote Code Execution (S2-016) : undefined
112742 Apache Struts 2 < 2.3.29 DevMode Remote Code Execution : undefined
112760 Apache Struts 2 Demo Application Detected : undefined
112762 Apache Struts 2 < 2.3.33 Remote Code Execution (S2-048) : undefined
112763 Apache Struts 2.1.6 < 2.3.34 / 2.5 < 2.5.13 Remote Code Execution (S2-052) : undefined
112907 GraphQL Interface Detected : undefined
112920 GraphQL Cross-Site Request Forgery : undefined
113029 Microsoft IIS Unsupported Version : undefined
113031 Out-of-Date JQuery UI Detected : undefined
113034 Out-of-Date MediaElement.Js Detected : undefined
113057 Microsoft Exchange Server Autodiscover Cross-Site Scripting : undefined
113058 Apache 2.4.10 < 2.4.44 Source Code Disclosure : undefined
113059 OPcache UI Detected : undefined
113067 Basic Authentication Bruteforced : undefined
113078 AngularJS Unsupported Version : undefined
113123 Dockerfile Detected : undefined
113150 Google Cloud Service Account Private Key Disclosure (deprecated) : undefined
113158 Package Dependencies Detected : undefined
113162 MySQLjs SQL Injection Authentication Bypass : undefined
113164 AWS Credentials Disclosure (deprecated) : undefined
113168 Docker Compose Configuration Detected : undefined
113195 Spring Boot Actuator Detected : undefined
113217 Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell) : undefined
113219 Insecure Redirect Chain : undefined
113258 OpenAPI Permissive Input Validation : undefined
113310 Blind XPath Injection (differential analysis) : undefined
113337 NoSQL Injection Authentication Bypass : undefined
113369 BackupBuddy Plugin for WordPress < 8.7.5 Arbitrary File Read : undefined
113373 Atlassian Bitbucket Remote Code Execution : undefined
113393 Performance Telemetry : undefined
113420 Nginx < 1.22.1 Multiple Vulnerabilities : undefined
113421 Nginx 1.23.x < 1.23.2 Multiple Vulnerabilities : undefined
113448 Microsoft Access Database Detected : undefined
113452 WordPress Plugins Detected : undefined
113634 Server-Side Inclusion Injection : undefined
113838 WooCommerce Payments Plugin for WordPress 5.6.x < 5.6.2 Authentication Bypass : undefined
113897 HTML Comments Detected : undefined
113900 Cross-Site Request Forgery Token Validation Bypass : undefined
113906 Advanced Custom Fields for WordPress 6.0.x < 6.1.6 Cross-Site Scripting : undefined
113908 Advanced Custom Fields Pro for WordPress 6.0.x < 6.1.6 Cross-Site Scripting : undefined
113943 Disclosed Hong Kong Identity Number : undefined
113973 Web Services Description Language (WSDL) File Detected : undefined
114006 Web Cache Poisoning Denial of Service : undefined
114029 Well-Known URIs Detected : undefined
114031 WooCommerce Payments Plugin for WordPress 6.3.x < 6.3.2 Authentication Bypass : undefined
114032 WooCommerce Payments Plugin for WordPress 6.2.x < 6.2.2 Authentication Bypass : undefined
114033 WooCommerce Payments Plugin for WordPress 5.5.x < 5.5.2 Authentication Bypass : undefined
114034 WooCommerce Payments Plugin for WordPress 5.4.x < 5.4.1 Authentication Bypass : undefined
114035 WooCommerce Payments Plugin for WordPress 5.3.x < 5.3.1 Authentication Bypass : undefined
114036 WooCommerce Payments Plugin for WordPress 5.2.x < 5.2.2 Authentication Bypass : undefined
114037 WooCommerce Payments Plugin for WordPress 5.1.x < 5.1.3 Authentication Bypass : undefined
114038 WooCommerce Payments Plugin for WordPress 5.0.x < 5.0.4 Authentication Bypass : undefined
114039 WooCommerce Payments Plugin for WordPress 4.9.x < 4.9.1 Authentication Bypass : undefined
114040 WooCommerce Payments Plugin for WordPress 4.8.x < 4.8.2 Authentication Bypass : undefined
114064 MediaWiki Status Module Information Disclosure : undefined
114116 XML Injection : undefined
114128 External Backend API Detected : undefined
114129 Generic Secret Disclosure : undefined
114143 Node-config Configuration File Detected : undefined
114146 Subdomain Takeover : undefined
114166 SOAP API Detected : undefined
114168 Jenkins < 2.442 / < LTS 2.426.3 Arbitrary File Read : undefined
114200 Google Cloud Platform Detected : undefined
114220 Atlassian Confluence < 7.19.18 Cross-Site Scripting : undefined
114221 Atlassian Confluence 8.7.x < 8.7.2 Cross-Site Scripting : undefined
114222 Atlassian Confluence 7.20.x < 8.5.5 Cross-Site Scripting : undefined
114223 HTTP Request Smuggling : undefined
114232 PHP Development Server < 7.4.22 Source Disclosure : undefined
114238 Atlassian Confluence < 7.19.20 Path Traversal : undefined
114239 Atlassian Confluence 7.20.x < 8.5.7 Path Traversal : undefined
114240 Atlassian Confluence 8.6.x < 8.8.1 Path Traversal : undefined
114247 Authentication Check Pattern Found in Unauthenticated Browser : undefined
114258 LayerSlider Plugin for WordPress 7.9.11 < 7.10.1 SQL Injection : undefined
114262 Request URL Override : undefined
114276 Database Connection String Disclosure : undefined
114283 Unrestricted File Upload : undefined
114313 Flowise Chatflow Detected : undefined
114357 Polyfill Detected : undefined
114373 Joomla! 5.x < 5.1.2 Multiple Vulnerabilities : undefined
114374 Joomla! 4.x < 4.4.6 Multiple Vulnerabilities : undefined
114375 Joomla! 3.x < 3.10.16 Multiple Vulnerabilities : undefined
114377 Atlassian Confluence < 7.19.22 Cross-Site Scripting : undefined
114378 Atlassian Confluence 7.20.x < 8.5.9 Cross-Site Scripting : undefined
114379 Atlassian Confluence 8.6.x < 8.9.1 Cross-Site Scripting : undefined
114386 External Broken Resources Detected : undefined
114400 Apache OFBiz < 18.12.11 Server-Side Request Forgery : undefined
115540 Cookie Without SameSite Flag Detected : undefined
98000 Scan Information : undefined
98008 Web Application Firewall Detected : undefined
98054 Unvalidated Redirection : undefined
98056 Missing HTTP Strict Transport Security Policy : undefined
98062 Cookie Set For Parent Domain : undefined
98063 Cookie Without HttpOnly Flag Detected : undefined
98064 Cookie Without Secure Flag Detected : undefined
98067 Insecure Cross-Domain Policy (allow-access-from) : undefined
98068 Insecure Cross-Domain Policy (allow-http-request-headers-from) : undefined
98070 Common Administration Interfaces Detection : undefined
98071 Common Files Detection : undefined
98074 Backup File : undefined
98077 Private IP Address Disclosure : undefined
98080 Form-based File Upload : undefined
98083 CAPTCHA Detection : undefined
98084 Directory Listing : undefined
98091 Mixed Resource Detection : undefined
98099 Publicly writable directory : undefined
98100 Path Traversal : undefined
98101 Response Splitting : undefined
98104 Cross-Site Scripting (XSS) : undefined
98107 Cross-Site Scripting (XSS) in path : undefined
98109 DOM-based Cross-Site Scripting (XSS) : undefined
98110 DOM-based Cross-Site Scripting (XSS) in attribute context : undefined
98112 Cross-Site Request Forgery : undefined
98113 XML External Entity : undefined
98114 XPath Injection : undefined
98115 SQL Injection : undefined
98117 Blind SQL Injection (differential analysis) : undefined
98119 Blind NoSQL Injection (differential analysis) : undefined
98123 Operating System Command Injection : undefined
98125 Local File Inclusion : undefined
98146 Password Submitted Using GET Method : undefined
98201 Drupal User Registration Form Detected : undefined
98202 WordPress User Registration Form Detected : undefined
98205 Joomla! User Registration Form Detected : undefined
98209 Drupal User Enumeration : undefined
98228 Drupal Unsupported Version : undefined
98230 PHP Unsupported Version : undefined
98538 Environment Configuration File Detected : undefined
98611 Error Message : undefined
98623 Host Header Injection : undefined
98646 .DS_Store File Detected : undefined
98648 Missing 'Content-Type' Header : undefined
98779 Source Code Passive Disclosure : undefined
98920 Disclosed US Social Security Number : undefined
98950 Nginx < 1.4.1 ngx_http_proxy_module.c Multiple Vulnerabilities : undefined
98951 Nginx < 1.2.9 ngx_http_proxy_module.c Multiple Vulnerabilities : undefined
98994 Kentico CMS < 9.0.51 / 10.x < 10.0.48 Access Control Bypass : undefined
98995 Kentico CMS 8.2.x < 8.2.41 Open Redirect : undefined
98996 Kentico CMS < 9.0.51 Cross-Site Scripting : undefined
98997 Kentico CMS 9.x < 10.0.52 / 11.0.x < 11.0.48 / 12.0.x < 12.0.15 Remote Code Execution : undefined

New

114395 WebSocket Detected : undefined
114396 Apache OFBiz < 18.12.15 Remote Code Execution : undefined
114397 AI Engine Plugin for WordPress < 2.4.8 Server-Side Request Forgery : undefined
114398 Edge Side Includes Injection : undefined
114399 Apache OFBiz < 18.12.13 Path Traversal : undefined
114401 Nginx+ Dashboard Unrestricted Access : undefined
114402 Nginx HTTP API Module Unrestricted Access : undefined
114403 Laravel Pulse Unrestricted Access : undefined
114404 Laravel Horizon Unrestricted Access : undefined
114405 Laravel Telescope Unrestricted Access : undefined
114406 LiteSpeed Cache Plugin for WordPress < 6.4 Privilege Escalation : undefined
114407 Gradio Detected : undefined
114408 Gradio Unauthenticated Access : undefined
114409 Gradio 4.3 < 4.13 Local File Read : undefined
114410 FCKEditor Unsupported Version : undefined
114411 Ivanti Virtual Traffic Manager Authentication Bypass : undefined

Web App Scanning Plugin Feed 202408120631

Feed built over 1 year ago

Modified Detection

113030 Out-of-Date Bootstrap Detected : undefined
113031 Out-of-Date JQuery UI Detected : undefined
113032 Out-of-Date Modernizr Detected : undefined
113033 Out-of-Date Underscore.js Detected : undefined
113034 Out-of-Date MediaElement.Js Detected : undefined
113037 Out-of-Date Backbone JS Framework Detected : undefined
114400 Apache OFBiz < 18.12.11 Server-Side Request Forgery : undefined
98084 Directory Listing : undefined
98114 XPath Injection : undefined

New

114393 Danswer Unauthenticated Access : undefined
114395 WebSocket Detected : undefined
114396 Apache OFBiz < 18.12.15 Remote Code Execution : undefined
114397 AI Engine Plugin for WordPress < 2.4.8 Server-Side Request Forgery : undefined
114398 Edge Side Includes Injection : undefined
114399 Apache OFBiz < 18.12.13 Path Traversal : undefined

Web App Scanning Plugin Feed 202408010642

Feed built over 1 year ago

Modified Detection

113030 Out-of-Date Bootstrap Detected : undefined
113031 Out-of-Date JQuery UI Detected : undefined
113032 Out-of-Date Modernizr Detected : undefined
113033 Out-of-Date Underscore.js Detected : undefined
113034 Out-of-Date MediaElement.Js Detected : undefined
113037 Out-of-Date Backbone JS Framework Detected : undefined
113959 GeoServer SQL Injection : undefined
114006 Web Cache Poisoning Denial of Service : undefined
114313 Flowise Chatflow Detected : undefined
98084 Directory Listing : undefined
98114 XPath Injection : undefined

New

114390 AnythingLLM API Sensitive Information Disclosure : undefined
114391 Dify Detected : undefined
114392 Danswer Detected : undefined
114393 Danswer Unauthenticated Access : undefined
114394 GeoServer Remote Code Execution : undefined

Web App Scanning Plugin Feed 202407290728

Feed built over 1 year ago

Modified Detection

113219 Insecure Redirect Chain : undefined
113338 Web Cache Poisoning : undefined
114381 Apache Hugegraph 1.0.0 < 1.3.0 Remote Command Execution : undefined
114382 Missing 'Content-Type' Charset : undefined
114386 External Broken Resources Detected : undefined

New

114387 PaperCut NG/MF < 22.1.3 Path Traversal : undefined
114388 Facade Ignition < 2.5.2 Remote Code Execution : undefined
114389 ChatGPT-web Detected : undefined
114390 AnythingLLM API Sensitive Information Disclosure : undefined
114391 Dify Detected : undefined
114392 Danswer Detected : undefined

Web App Scanning Plugin Feed 202407220715

Feed built over 1 year ago

Modified Detection

114360 Apache 2.4.x < 2.4.60 Multiple Vulnerabilities : undefined
114363 Apache 2.4.60 Source Code Disclosure : undefined
114382 Missing 'Content-Type' Charset : undefined

New

114383 Ivanti EPM Cloud Services Appliance < 4.6.0-512 Remote Code Execution : undefined
114384 Progress Kemp LoadMaster Remote Command Execution : undefined
114385 Apache 2.4.x < 2.4.62 Multiple Vulnerabilities : undefined

Web App Scanning Plugin Feed 202407180631

Feed built over 1 year ago

Modified Detection

113117 Magento Administration Panel Login Form Bruteforced : undefined
114325 Adobe Commerce / Magento XML External Entity Injection (CosmicSting) : undefined
114357 Polyfill Detected : undefined
114373 Joomla! 5.x < 5.1.2 Multiple Vulnerabilities : undefined
114374 Joomla! 4.x < 4.4.6 Multiple Vulnerabilities : undefined
114375 Joomla! 3.x < 3.10.16 Multiple Vulnerabilities : undefined
114377 Atlassian Confluence < 7.19.22 Cross-Site Scripting : undefined
114378 Atlassian Confluence 7.20.x < 8.5.9 Cross-Site Scripting : undefined
114379 Atlassian Confluence 8.6.x < 8.9.1 Cross-Site Scripting : undefined
114381 Apache Hugegraph 1.0.0 < 1.3.0 Remote Command Execution : undefined
98064 Cookie Without Secure Flag Detected : undefined

New

114367 H2O Flow Detected : undefined
114368 Bricks Theme for WordPress < 1.9.6.1 Remote Code Execution : undefined
114369 Qlik Sense Enterprise Path Traversal : undefined
114370 Grafana Default Credentials : undefined
114371 Odoo Database Manager Detected : undefined
114372 Odoo Unprotected Database Manager : undefined
114376 ServiceNow Server-Side Template Injection : undefined
114380 Nortek Linear eMerge E3-Series < 0.32-08f Command Injection : undefined

Web App Scanning Plugin Feed 202407050836

Feed built over 1 year ago

Modified Detection

112290 Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities : undefined
112353 ASP.NET DEBUG Method Enabled : undefined
112439 Server-Side Request Forgery : undefined
112524 Oracle WebLogic WSAT Remote Code Execution : undefined
112526 Missing 'X-XSS-Protection' Header (deprecated) : undefined
112541 SSL/TLS Certificate Common Name Mismatch : undefined
112544 HTTP to HTTPS Redirect Not Enabled : undefined
112545 Oracle WebLogic Server Administration Console Detected : undefined
112550 Full Path Disclosure : undefined
112685 Symfony Secret Fragments Remote Code Execution : undefined
112686 JSON Web Token Detected : undefined
112703 JSON Web Token None Hashing Algorithm : undefined
112704 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 Remote Code Execution : undefined
112706 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 / 12.2.1.3.0 Remote Code Execution : undefined
112719 Client-Side Prototype Pollution : undefined
112720 Rails < 4.2.11.3 / 5.x < 5.0.1 Remote Code Execution : undefined
112726 Apache Struts 2.3.5 < 2.3.32 / 2.5.x < 2.5.10.1 Remote Code Execution (S2-045 / S2-046) : undefined
112727 Apache Struts 2.0.4 < 2.3.35 / 2.5.x < 2.5.17 Remote Code Execution (S2-057) : undefined
112741 Apache Struts 2.x < 2.3.15.1 Remote Code Execution (S2-016) : undefined
112742 Apache Struts 2 < 2.3.29 DevMode Remote Code Execution : undefined
112760 Apache Struts 2 Demo Application Detected : undefined
112762 Apache Struts 2 < 2.3.33 Remote Code Execution (S2-048) : undefined
112763 Apache Struts 2.1.6 < 2.3.34 / 2.5 < 2.5.13 Remote Code Execution (S2-052) : undefined
112907 GraphQL Interface Detected : undefined
112920 GraphQL Cross-Site Request Forgery : undefined
113029 Microsoft IIS Unsupported Version : undefined
113030 Out-of-Date Bootstrap Detected : undefined
113031 Out-of-Date JQuery UI Detected : undefined
113032 Out-of-Date Modernizr Detected : undefined
113033 Out-of-Date Underscore.js Detected : undefined
113034 Out-of-Date MediaElement.Js Detected : undefined
113037 Out-of-Date Backbone JS Framework Detected : undefined
113057 Microsoft Exchange Server Autodiscover Cross-Site Scripting : undefined
113058 Apache 2.4.10 < 2.4.44 Source Code Disclosure : undefined
113059 OPcache UI Detected : undefined
113067 Basic Authentication Bruteforced : undefined
113078 AngularJS Unsupported Version : undefined
113117 Magento Administration Panel Login Form Bruteforced : undefined
113123 Dockerfile Detected : undefined
113150 Google Cloud Service Account Private Key Disclosure (deprecated) : undefined
113158 Package Dependencies Detected : undefined
113162 MySQLjs SQL Injection Authentication Bypass : undefined
113164 AWS Credentials Disclosure (deprecated) : undefined
113168 Docker Compose Configuration Detected : undefined
113195 Spring Boot Actuator Detected : undefined
113217 Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell) : undefined
113219 Insecure Redirect Chain : undefined
113258 OpenAPI Permissive Input Validation : undefined
113310 Blind XPath Injection (differential analysis) : undefined
113337 NoSQL Injection Authentication Bypass : undefined
113338 Web Cache Poisoning : undefined
113369 BackupBuddy Plugin for WordPress < 8.7.5 Arbitrary File Read : undefined
113373 Atlassian Bitbucket Remote Code Execution : undefined
113393 Performance Telemetry : undefined
113420 Nginx < 1.22.1 Multiple Vulnerabilities : undefined
113421 Nginx 1.23.x < 1.23.2 Multiple Vulnerabilities : undefined
113448 Microsoft Access Database Detected : undefined
113452 WordPress Plugins Detected : undefined
113634 Server-Side Inclusion Injection : undefined
113838 WooCommerce Payments Plugin for WordPress 5.6.x < 5.6.2 Authentication Bypass : undefined
113897 HTML Comments Detected : undefined
113900 Cross-Site Request Forgery Token Validation Bypass : undefined
113906 Advanced Custom Fields for WordPress 6.0.x < 6.1.6 Cross-Site Scripting : undefined
113908 Advanced Custom Fields Pro for WordPress 6.0.x < 6.1.6 Cross-Site Scripting : undefined
113943 Disclosed Hong Kong Identity Number : undefined
113959 GeoServer SQL Injection : undefined
113973 Web Services Description Language (WSDL) File Detected : undefined
114006 Web Cache Poisoning Denial of Service : undefined
114029 Well-Known URIs Detected : undefined
114031 WooCommerce Payments Plugin for WordPress 6.3.x < 6.3.2 Authentication Bypass : undefined
114032 WooCommerce Payments Plugin for WordPress 6.2.x < 6.2.2 Authentication Bypass : undefined
114033 WooCommerce Payments Plugin for WordPress 5.5.x < 5.5.2 Authentication Bypass : undefined
114034 WooCommerce Payments Plugin for WordPress 5.4.x < 5.4.1 Authentication Bypass : undefined
114035 WooCommerce Payments Plugin for WordPress 5.3.x < 5.3.1 Authentication Bypass : undefined
114036 WooCommerce Payments Plugin for WordPress 5.2.x < 5.2.2 Authentication Bypass : undefined
114037 WooCommerce Payments Plugin for WordPress 5.1.x < 5.1.3 Authentication Bypass : undefined
114038 WooCommerce Payments Plugin for WordPress 5.0.x < 5.0.4 Authentication Bypass : undefined
114039 WooCommerce Payments Plugin for WordPress 4.9.x < 4.9.1 Authentication Bypass : undefined
114040 WooCommerce Payments Plugin for WordPress 4.8.x < 4.8.2 Authentication Bypass : undefined
114064 MediaWiki Status Module Information Disclosure : undefined
114116 XML Injection : undefined
114128 External Backend API Detected : undefined
114129 Generic Secret Disclosure : undefined
114143 Node-config Configuration File Detected : undefined
114146 Subdomain Takeover : undefined
114166 SOAP API Detected : undefined
114168 Jenkins < 2.442 / < LTS 2.426.3 Arbitrary File Read : undefined
114200 Google Cloud Platform Detected : undefined
114220 Atlassian Confluence < 7.19.18 Cross-Site Scripting : undefined
114221 Atlassian Confluence 8.7.x < 8.7.2 Cross-Site Scripting : undefined
114222 Atlassian Confluence 7.20.x < 8.5.5 Cross-Site Scripting : undefined
114223 HTTP Request Smuggling : undefined
114232 PHP Development Server < 7.4.22 Source Disclosure : undefined
114238 Atlassian Confluence < 7.19.20 Path Traversal : undefined
114239 Atlassian Confluence 7.20.x < 8.5.7 Path Traversal : undefined
114240 Atlassian Confluence 8.6.x < 8.8.1 Path Traversal : undefined
114247 Authentication Check Pattern Found in Unauthenticated Browser : undefined
114258 LayerSlider Plugin for WordPress 7.9.11 < 7.10.1 SQL Injection : undefined
114262 Request URL Override : undefined
114276 Database Connection String Disclosure : undefined
114283 Unrestricted File Upload : undefined
114313 Flowise Chatflow Detected : undefined
114325 Adobe Commerce / Magento XML External Entity Injection (CosmicSting) : undefined
114357 Polyfill Detected : undefined
114360 Apache 2.4.x < 2.4.60 Multiple Vulnerabilities : undefined
114363 Apache 2.4.60 Source Code Disclosure : undefined
115540 Cookie Without SameSite Flag Detected : undefined
98000 Scan Information : undefined
98008 Web Application Firewall Detected : undefined
98054 Unvalidated Redirection : undefined
98056 Missing HTTP Strict Transport Security Policy : undefined
98062 Cookie Set For Parent Domain : undefined
98063 Cookie Without HttpOnly Flag Detected : undefined
98064 Cookie Without Secure Flag Detected : undefined
98067 Insecure Cross-Domain Policy (allow-access-from) : undefined
98068 Insecure Cross-Domain Policy (allow-http-request-headers-from) : undefined
98070 Common Administration Interfaces Detection : undefined
98071 Common Files Detection : undefined
98074 Backup File : undefined
98077 Private IP Address Disclosure : undefined
98080 Form-based File Upload : undefined
98083 CAPTCHA Detection : undefined
98084 Directory Listing : undefined
98091 Mixed Resource Detection : undefined
98099 Publicly writable directory : undefined
98100 Path Traversal : undefined
98101 Response Splitting : undefined
98104 Cross-Site Scripting (XSS) : undefined
98107 Cross-Site Scripting (XSS) in path : undefined
98109 DOM-based Cross-Site Scripting (XSS) : undefined
98110 DOM-based Cross-Site Scripting (XSS) in attribute context : undefined
98112 Cross-Site Request Forgery : undefined
98113 XML External Entity : undefined
98114 XPath Injection : undefined
98115 SQL Injection : undefined
98117 Blind SQL Injection (differential analysis) : undefined
98119 Blind NoSQL Injection (differential analysis) : undefined
98123 Operating System Command Injection : undefined
98125 Local File Inclusion : undefined
98146 Password Submitted Using GET Method : undefined
98201 Drupal User Registration Form Detected : undefined
98202 WordPress User Registration Form Detected : undefined
98205 Joomla! User Registration Form Detected : undefined
98209 Drupal User Enumeration : undefined
98228 Drupal Unsupported Version : undefined
98230 PHP Unsupported Version : undefined
98538 Environment Configuration File Detected : undefined
98611 Error Message : undefined
98623 Host Header Injection : undefined
98646 .DS_Store File Detected : undefined
98648 Missing 'Content-Type' Header : undefined
98779 Source Code Passive Disclosure : undefined
98920 Disclosed US Social Security Number : undefined
98950 Nginx < 1.4.1 ngx_http_proxy_module.c Multiple Vulnerabilities : undefined
98951 Nginx < 1.2.9 ngx_http_proxy_module.c Multiple Vulnerabilities : undefined
98994 Kentico CMS < 9.0.51 / 10.x < 10.0.48 Access Control Bypass : undefined
98995 Kentico CMS 8.2.x < 8.2.41 Open Redirect : undefined
98996 Kentico CMS < 9.0.51 Cross-Site Scripting : undefined
98997 Kentico CMS 9.x < 10.0.52 / 11.0.x < 11.0.48 / 12.0.x < 12.0.15 Remote Code Execution : undefined

New

114358 Malicious Third Party Domain Detected : undefined
114359 ZenML Detected : undefined
114361 Ray Detected : undefined
114362 ChatGPT Plugin Manifest Detected : undefined
114364 Apache Tomcat 11.0.0-M1 < 11.0.0-M21 Denial Of Service : undefined
114365 Apache Tomcat 10.1.0-M1 < 10.1.25 Denial Of Service : undefined
114366 Apache Tomcat 9.0.0-M1 < 9.0.90 Denial Of Service : undefined

Web App Scanning Plugin Feed 202407030638

Feed built over 1 year ago

Modified Detection

112697 JSON Web Token Weak Secret : undefined
114357 Polyfill Detected : undefined
114360 Apache 2.4.x < 2.4.60 Multiple Vulnerabilities : undefined

New

114329 WordPress Emergency Password Reset Script Detected : undefined
114358 Malicious Third Party Domain Detected : undefined
114359 ZenML Detected : undefined
114361 Ray Detected : undefined

Web App Scanning Plugin Feed 202406280758

Feed built over 1 year ago

Modified Detection

114325 Adobe Commerce / Magento XML External Entity Injection (CosmicSting) : undefined
114357 Polyfill Detected : undefined

New

114329 WordPress Emergency Password Reset Script Detected : undefined
114355 Ivanti Endpoint Manager Mobile < 11.11.0.0 Authentication Bypass : undefined
114356 Ivanti Sentry Authentication Bypass : undefined

Web App Scanning Plugin Feed 202406260629

Feed built over 1 year ago

Modified Detection

114325 Adobe Commerce / Magento XML External Entity Injection (CosmicSting) : undefined
98112 Cross-Site Request Forgery : undefined

New

114317 MLflow Detected : undefined
114318 Flowise Unauthenticated Access : undefined
114319 Langflow Detected : undefined
114320 Langflow Unauthenticated Access : undefined
114321 Chatgpt.js Detected : undefined
114322 PHP Input Variables Exceeded : undefined
114323 MLflow Default Credentials : undefined
114324 MLflow Unauthenticated Access : undefined
114326 NextChat < 2.12.4 Server-Side Request Forgery : undefined
114327 Ollama Detected : undefined
114328 Ollama Unauthenticated Access : undefined
114330 WordPress 4.1.x < 4.1.41 Multiple Vulnerabilities : undefined
114331 WordPress 4.2.x < 4.2.38 Multiple Vulnerabilities : undefined
114332 WordPress 4.3.x < 4.3.34 Multiple Vulnerabilities : undefined
114333 WordPress 4.4.x < 4.4.33 Multiple Vulnerabilities : undefined
114334 WordPress 4.5.x < 4.5.32 Multiple Vulnerabilities : undefined
114335 WordPress 4.6.x < 4.6.29 Multiple Vulnerabilities : undefined
114336 WordPress 4.7.x < 4.7.29 Multiple Vulnerabilities : undefined
114337 WordPress 4.8.x < 4.8.25 Multiple Vulnerabilities : undefined
114338 WordPress 4.9.x < 4.9.26 Multiple Vulnerabilities : undefined
114339 WordPress 5.0.x < 5.0.22 Multiple Vulnerabilities : undefined
114340 WordPress 5.1.x < 5.1.19 Multiple Vulnerabilities : undefined
114341 WordPress 5.2.x < 5.2.21 Multiple Vulnerabilities : undefined
114342 WordPress 5.3.x < 5.3.18 Multiple Vulnerabilities : undefined
114343 WordPress 5.4.x < 5.4.16 Multiple Vulnerabilities : undefined
114344 WordPress 5.5.x < 5.5.15 Multiple Vulnerabilities : undefined
114345 WordPress 5.6.x < 5.6.14 Multiple Vulnerabilities : undefined
114346 WordPress 5.7.x < 5.7.12 Multiple Vulnerabilities : undefined
114347 WordPress 5.8.x < 5.8.10 Multiple Vulnerabilities : undefined
114348 WordPress 5.9.x < 5.9.10 Multiple Vulnerabilities : undefined
114349 WordPress 6.0.x < 6.0.9 Multiple Vulnerabilities : undefined
114350 WordPress 6.1.x < 6.1.7 Multiple Vulnerabilities : undefined
114351 WordPress 6.2.x < 6.2.6 Multiple Vulnerabilities : undefined
114352 WordPress 6.3.x < 6.3.5 Multiple Vulnerabilities : undefined
114353 WordPress 6.4.x < 6.4.5 Multiple Vulnerabilities : undefined
114354 WordPress 6.5.x < 6.5.5 Multiple Vulnerabilities : undefined

Web App Scanning Plugin Feed 202406200922

Feed built over 1 year ago

Modified Detection

114313 Flowise Chatflow Detected : undefined

New

114303 AnythingLLM Detected : undefined
114304 Open WebUI Detected : undefined
114305 Quivr Detected : undefined
114306 NextChat < 2.11.3 Server-Side Request Forgery : undefined
114307 NextChat Detected : undefined
114308 LibreChat Detected : undefined
114309 Flowise Detected : undefined
114310 Yoast SEO Plugin for WordPress < 22.7 Cross-Site Scripting : undefined
114311 Yoast SEO Plugin for WordPress < 22.6 Cross-Site Scripting : undefined
114312 Flowise < 1.6.6 Authentication Bypass : undefined
114314 Atlassian Jira < 9.4.21 Information Disclosure : undefined
114315 Atlassian Jira 9.5.x < 9.12.8 Information Disclosure : undefined
114316 Atlassian Jira 9.13.x < 9.16.0 Information Disclosure : undefined
114317 MLflow Detected : undefined
114318 Flowise Unauthenticated Access : undefined

Web App Scanning Plugin Feed 202406140803

Feed built almost 2 years ago

Modified Detection

112544 HTTP to HTTPS Redirect Not Enabled : undefined

New

114299 Rejetto HTTP File Server 2.x Remote Code Execution : undefined
114300 PHP CGI Argument Injection Remote Code Execution : undefined
114301 CData Path Traversal : undefined
114302 SolarWinds Serv-U < 15.4.2 HF 2 Directory Traversal : undefined

Web App Scanning Plugin Feed 202406100810

Feed built almost 2 years ago

Modified Detection

113211 HTTP Verb Tampering : undefined
114283 Unrestricted File Upload : undefined
98095 Misconfiguration in LIMIT directive of .htaccess file : undefined

New

114295 Digest Authentication Bruteforced : undefined
114296 PHP 8.3.x < 8.3.8 Multiple Vulnerabilities : undefined
114297 PHP 8.2.x < 8.2.20 Multiple Vulnerabilities : undefined
114298 PHP 8.1.x < 8.1.29 Multiple Vulnerabilities : undefined

Web App Scanning Plugin Feed 202406050742

Feed built almost 2 years ago

Modified Detection

113162 MySQLjs SQL Injection Authentication Bypass : undefined
113337 NoSQL Injection Authentication Bypass : undefined
114283 Unrestricted File Upload : undefined
98008 Web Application Firewall Detected : undefined

New

114292 Concrete CMS Login Panel Detected : undefined
114293 Concrete CMS Debug Mode Enabled : undefined
114294 Progress Telerik Report Server Authentication Bypass : undefined

Web App Scanning Plugin Feed 202405311223

Feed built almost 2 years ago

Modified Detection

113136 Wordpress Administration Panel Login Form Bruteforced : undefined
114276 Database Connection String Disclosure : undefined

New

114285 Contact Form 7 Plugin for WordPress < 5.8.4 Arbitrary File Upload : undefined
114286 Contact Form 7 Plugin for WordPress < 5.9.2 Cross-Site Scripting : undefined
114287 Atlassian Confluence 7.20.x < 8.5.9 Remote Code Execution : undefined
114288 Atlassian Confluence 8.6.x < 8.9.1 Remote Code Execution : undefined
114289 Atlassian Confluence < 7.19.22 Remote Code Execution : undefined
114290 JetBrains TeamCity < 2023.11.3 Authentication Bypass : undefined
114291 Check Point Quantum Gateway Directory Traversal : undefined

Web App Scanning Plugin Feed 202405270633

Feed built almost 2 years ago

Modified Detection

112569 OpenAPI Import Success : undefined
112570 OpenAPI Import Failed : undefined
113078 AngularJS Unsupported Version : undefined
114041 Strapi Cognito Provider Authentication Bypass : undefined
114108 Strapi < 4.8.0 Private Fields Sensitive Information Disclosure : undefined
114281 F5 BIG-IP Next Central Manager SQL Injection : undefined

New

114284 Nexus Repository 3.x < 3.68.1 Path Traversal : undefined
98036 Client Certificate Authentication Detected : undefined

Web App Scanning Plugin Feed 202405211100

Feed built almost 2 years ago

Modified Detection

112569 OpenAPI Import Success : undefined
112570 OpenAPI Import Failed : undefined
113078 AngularJS Unsupported Version : undefined
113452 WordPress Plugins Detected : undefined
98067 Insecure Cross-Domain Policy (allow-access-from) : undefined
98068 Insecure Cross-Domain Policy (allow-http-request-headers-from) : undefined

New

114282 Palo Alto PAN-OS GlobalProtect Remote Code Execution : undefined

Web App Scanning Plugin Feed 202405160651

Feed built almost 2 years ago

Modified Detection

112544 HTTP to HTTPS Redirect Not Enabled : undefined
113165 Apache mod_negotiation Alternative Filename Disclosure : undefined
113219 Insecure Redirect Chain : undefined
114006 Web Cache Poisoning Denial of Service : undefined
114237 Open Proxy : undefined
114281 F5 BIG-IP Next Central Manager SQL Injection : undefined
98107 Cross-Site Scripting (XSS) in path : undefined
98117 Blind SQL Injection (differential analysis) : undefined
98119 Blind NoSQL Injection (differential analysis) : undefined

New

114280 Automatic Plugin for WordPress < 3.92.1 Multiples Vulnerabilities : undefined

Web App Scanning Plugin Feed 202405060658

Feed built almost 2 years ago

Modified Detection

112290 Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities : undefined
114168 Jenkins < 2.442 / < LTS 2.426.3 Arbitrary File Read : undefined
114276 Database Connection String Disclosure : undefined

New

114275 IBM Aspera Faspex < 4.4.2 PL2 Remote Code Execution : undefined
114277 Ghost CMS < 5.42.1 Path Traversal : undefined
114278 Vercel Source Code Exposure : undefined
114279 Vmware vRealize Network Insight Command Injection : undefined

Web App Scanning Plugin Feed 202404260615

Feed built almost 2 years ago

Modified Detection

113310 Blind XPath Injection (differential analysis) : undefined
98008 Web Application Firewall Detected : undefined
98117 Blind SQL Injection (differential analysis) : undefined
98119 Blind NoSQL Injection (differential analysis) : undefined
98136 Target Information : undefined

New

114274 .NET HTTP Remoting Remote Code Execution : undefined

Web App Scanning Plugin Feed 202404240742

Feed built almost 2 years ago

Modified Detection

114273 CrushFTP < 10.7.1 / 11.x < 11.1.0 VFS Sandbox Escape : undefined

Web App Scanning Plugin Feed 202404231522

Feed built almost 2 years ago

Modified Detection

114006 Web Cache Poisoning Denial of Service : undefined
114273 CrushFTP < 10.7.1 / 11.x < 11.1.0 VFS Sandbox Escape : undefined

New

114263 ReviewX Plugin for WordPress < 1.6.3 SQL Injection : undefined
114264 One-click Countdowns Plugin for WordPress <= 0.6.2 SQL Injection : undefined
114265 Events Made Easy Plugin for WordPress <= 2.3.14 SQL Injection : undefined
114266 WP Popup Banners Plugin for WordPress <= 1.2.5 SQL Injection : undefined
114267 Gift Cards (Gift Vouchers and Packages) Plugin for WordPress < 4.3.3 SQL Injection : undefined
114268 Formidable PRO2PDF Plugin for WordPress < 3.11 SQL Injection : undefined
114269 Django Debug Mode Enabled : undefined
114270 PHP 8.3.x < 8.3.6 Multiple Vulnerabilities : undefined
114271 PHP 8.2.x < 8.2.18 Multiple Vulnerabilities : undefined
114272 PHP 8.1.x < 8.1.28 Multiple Vulnerabilities : undefined

Web App Scanning Plugin Feed 202404220908

Feed built almost 2 years ago

Modified Detection

112552 Deprecated Content Security Policy : undefined
112554 Permissive Content Security Policy Detected : undefined
112569 OpenAPI Import Success : undefined
112570 OpenAPI Import Failed : undefined
114237 Open Proxy : undefined
114262 Request URL Override : undefined
98715 Permissive HTTP Strict Transport Security Policy Detected : undefined

New

114259 Adobe ColdFusion Arbitrary File Read : undefined
114260 Keycloak Information Disclosure : undefined
114261 WSO2 Management Console Cross-Site Scripting : undefined

Web App Scanning Plugin Feed 202404120628

Feed built almost 2 years ago

Modified Detection

112290 Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities : undefined
114238 Atlassian Confluence < 7.19.20 Path Traversal : undefined
114239 Atlassian Confluence 7.20.x < 8.5.7 Path Traversal : undefined
114240 Atlassian Confluence 8.6.x < 8.8.1 Path Traversal : undefined
114258 LayerSlider Plugin for WordPress 7.9.11 < 7.10.1 SQL Injection : undefined
98123 Operating System Command Injection : undefined

New

114245 OpenCMS < 10.5.1 Multiples Vulnerabilities : undefined
114250 Apache Superset < 2.1.0 Hardcoded Secret Key : undefined
114251 Oracle Reports Servlet Arbitrary File Read : undefined
114252 WordPress 6.1.x < 6.1.6 Cross-Site Scripting : undefined
114253 WordPress 6.2.x < 6.2.5 Cross-Site Scripting : undefined
114254 WordPress 6.3.x < 6.3.4 Cross-Site Scripting : undefined
114255 WordPress 6.4.x < 6.4.4 Cross-Site Scripting : undefined
114256 WordPress 6.5.x < 6.5.2 Cross-Site Scripting : undefined
114257 Quarkus DevMode Enabled : undefined

Web App Scanning Plugin Feed 202404090635

Feed built almost 2 years ago

Modified Detection

113010 API Key Authentication Succeeded : undefined
113011 API Key Authentication Failed : undefined
113012 Bearer Token Authentication Succeeded : undefined
113013 Bearer Token Authentication Failed : undefined
114247 Authentication Check Pattern Found in Unauthenticated Browser : undefined
98034 Login Form Authentication Failed : undefined
98035 Login Form Authentication Succeeded : undefined
98139 Cookie Authentication Succeeded : undefined
98140 Cookie Authentication Failed : undefined
98141 Selenium Authentication Succeeded : undefined
98142 Selenium Authentication Failed : undefined

New

114245 OpenCMS < 10.5.1 Multiples Vulnerabilities : undefined
114246 OpenCMS < 16.0 Multiples Vulnerabilities : undefined
114248 Pentaho Business Server Server-Side Template Injection : undefined
114249 Apache 2.4.x < 2.4.59 Multiple Vulnerabilities : undefined

Web App Scanning Plugin Feed 202404031603

Feed built almost 2 years ago

Modified Detection

114134 HTML/CSS Injection : undefined
114237 Open Proxy : undefined

Web App Scanning Plugin Feed 202404020849

Feed built almost 2 years ago

Modified Detection

113117 Magento Administration Panel Login Form Bruteforced : undefined
114043 Adobe ColdFusion Improper Access Control : undefined
98642 Magento Administration Panel Login Form Detected : undefined
98715 Permissive HTTP Strict Transport Security Policy Detected : undefined

New

114243 Adobe ColdFusion < 2021 Update 12 / < 2023 Update 6 Cross-Site Scripting : undefined
114244 Payment Form Detected : undefined

Web App Scanning Plugin Feed 202403250846

Feed built almost 2 years ago

Modified Detection

112526 Missing 'X-XSS-Protection' Header (deprecated) : undefined
112527 Disabled 'X-XSS-Protection' Header (deprecated) : undefined
112529 Missing 'X-Content-Type-Options' Header : undefined
112535 HTTP Strict Transport Security Policy Detected : undefined
112551 Missing Content Security Policy : undefined
112552 Deprecated Content Security Policy : undefined
112553 Missing 'Cache-Control' Header : undefined
112554 Permissive Content Security Policy Detected : undefined
112555 Report Only Content Security Policy Detected : undefined
113333 Duplicate HTTP Headers Detected : undefined
114042 Adobe ColdFusion Remote Code Execution : undefined
114224 Serialized Data Detected : undefined
114237 Open Proxy : undefined
114238 Atlassian Confluence < 7.19.20 Path Traversal : undefined
114239 Atlassian Confluence 7.20.x < 8.5.7 Path Traversal : undefined
114240 Atlassian Confluence 8.6.x < 8.8.1 Path Traversal : undefined
98057 Insecure 'Access-Control-Allow-Origin' Header : undefined
98060 Missing 'X-Frame-Options' Header : undefined
98084 Directory Listing : undefined
98526 Missing Permissions Policy : undefined
98527 Missing Referrer Policy : undefined
98618 HTTP Header Information Disclosure : undefined
98648 Missing 'Content-Type' Header : undefined
98715 Permissive HTTP Strict Transport Security Policy Detected : undefined

New

114241 PrestaShop 1.7.7.0 SQL injection : undefined
114242 Adobe ColdFusion < 2021 Update 12 / < 2023 Update 6 Remote Code Execution : undefined

Web App Scanning Plugin Feed 202403180850

Feed built almost 2 years ago

Modified Detection

112920 GraphQL Cross-Site Request Forgery : undefined
113158 Package Dependencies Detected : undefined
113162 MySQLjs SQL Injection Authentication Bypass : undefined
113310 Blind XPath Injection (differential analysis) : undefined
113337 NoSQL Injection Authentication Bypass : undefined
113634 Server-Side Inclusion Injection : undefined
113900 Cross-Site Request Forgery Token Validation Bypass : undefined
114006 Web Cache Poisoning Denial of Service : undefined
114116 XML Injection : undefined
114232 PHP Development Server < 7.4.22 Source Disclosure : undefined
98056 Missing HTTP Strict Transport Security Policy : undefined
98100 Path Traversal : undefined
98112 Cross-Site Request Forgery : undefined
98113 XML External Entity : undefined
98114 XPath Injection : undefined
98115 SQL Injection : undefined
98117 Blind SQL Injection (differential analysis) : undefined
98119 Blind NoSQL Injection (differential analysis) : undefined
98125 Local File Inclusion : undefined
98209 Drupal User Enumeration : undefined
98642 Magento Administration Panel Login Form Detected : undefined

New

114230 Sangfor NGAF Authentication Bypass : undefined
114231 Cisco IOS XE Remote Code Execution : undefined
114233 Apache Tomcat 11.0.0-M1 < 11.0.0-M17 Denial Of Service : undefined
114234 Apache Tomcat 10.1.0-M1 < 10.1.19 Denial Of Service : undefined
114235 Apache Tomcat 9.0.0-M1 < 9.0.86 Denial Of Service : undefined
114236 Apache Tomcat 8.5.x < 8.5.99 Denial Of Service : undefined

Web App Scanning Plugin Feed 202403130613

Feed built about 2 years ago

Modified Detection

112290 Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities : undefined
112295 Apache Tomcat 9.0.0.M1 < 9.0.0.M22 Multiple Vulnerabilities : undefined
112543 HTTPS Not Detected : undefined
112704 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 Remote Code Execution : undefined
112719 Client-Side Prototype Pollution : undefined
113075 Apache Log4j Remote Code Execution (Log4Shell) : undefined
113123 Dockerfile Detected : undefined
113150 Google Cloud Service Account Private Key Disclosure (deprecated) : undefined
113158 Package Dependencies Detected : undefined
113168 Docker Compose Configuration Detected : undefined
113217 Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell) : undefined
113369 BackupBuddy Plugin for WordPress < 8.7.5 Arbitrary File Read : undefined
113373 Atlassian Bitbucket Remote Code Execution : undefined
113420 Nginx < 1.22.1 Multiple Vulnerabilities : undefined
113421 Nginx 1.23.x < 1.23.2 Multiple Vulnerabilities : undefined
113634 Server-Side Inclusion Injection : undefined
113838 WooCommerce Payments Plugin for WordPress 5.6.x < 5.6.2 Authentication Bypass : undefined
114031 WooCommerce Payments Plugin for WordPress 6.3.x < 6.3.2 Authentication Bypass : undefined
114032 WooCommerce Payments Plugin for WordPress 6.2.x < 6.2.2 Authentication Bypass : undefined
114033 WooCommerce Payments Plugin for WordPress 5.5.x < 5.5.2 Authentication Bypass : undefined
114034 WooCommerce Payments Plugin for WordPress 5.4.x < 5.4.1 Authentication Bypass : undefined
114035 WooCommerce Payments Plugin for WordPress 5.3.x < 5.3.1 Authentication Bypass : undefined
114036 WooCommerce Payments Plugin for WordPress 5.2.x < 5.2.2 Authentication Bypass : undefined
114037 WooCommerce Payments Plugin for WordPress 5.1.x < 5.1.3 Authentication Bypass : undefined
114038 WooCommerce Payments Plugin for WordPress 5.0.x < 5.0.4 Authentication Bypass : undefined
114039 WooCommerce Payments Plugin for WordPress 4.9.x < 4.9.1 Authentication Bypass : undefined
114040 WooCommerce Payments Plugin for WordPress 4.8.x < 4.8.2 Authentication Bypass : undefined
114108 Strapi < 4.8.0 Private Fields Sensitive Information Disclosure : undefined
114129 Generic Secret Disclosure : undefined
114143 Node-config Configuration File Detected : undefined
114224 Serialized Data Detected : undefined
98060 Missing 'X-Frame-Options' Header : undefined
98117 Blind SQL Injection (differential analysis) : undefined
98125 Local File Inclusion : undefined
98607 Ultimate Member Plugin for WordPress < 2.0.46 Multiple Vulnerabilities : undefined
98642 Magento Administration Panel Login Form Detected : undefined
98950 Nginx < 1.4.1 ngx_http_proxy_module.c Multiple Vulnerabilities : undefined
98951 Nginx < 1.2.9 ngx_http_proxy_module.c Multiple Vulnerabilities : undefined
98994 Kentico CMS < 9.0.51 / 10.x < 10.0.48 Access Control Bypass : undefined

New

114225 JetBrains TeamCity < 2023.11.4 Authentication Bypass : undefined
114226 LiteSpeed Cache Plugin for WordPress < 5.7.0.1 Cross-Site Scripting : undefined
114227 Ultimate Member Plugin for WordPress < 2.8.3 SQL Injection : undefined
114228 PyTorch Serve Server-Side Request Forgery : undefined
114229 Popup Builder Plugin for WordPress < 4.2.3 Cross-Site Scripting : undefined

Web App Scanning Plugin Feed 202403060734

Feed built about 2 years ago

Modified Detection

113075 Apache Log4j Remote Code Execution (Log4Shell) : undefined
114223 HTTP Request Smuggling : undefined
114224 Serialized Data Detected : undefined
98117 Blind SQL Injection (differential analysis) : undefined
98119 Blind NoSQL Injection (differential analysis) : undefined
98607 Ultimate Member Plugin for WordPress < 2.0.46 Multiple Vulnerabilities : undefined

New

114225 JetBrains TeamCity < 2023.11.4 Authentication Bypass : undefined
114226 LiteSpeed Cache Plugin for WordPress < 5.7.0.1 Cross-Site Scripting : undefined
114227 Ultimate Member Plugin for WordPress < 2.8.3 SQL Injection : undefined

Web App Scanning Plugin Feed 202402270934

Feed built about 2 years ago

Modified Detection

114214 ConnectWise ScreenConnect < 23.9.8 Authentication Bypass : undefined
114220 Atlassian Confluence < 7.19.18 Cross-Site Scripting : undefined
114221 Atlassian Confluence 8.7.x < 8.7.2 Cross-Site Scripting : undefined
114222 Atlassian Confluence 7.20.x < 8.5.5 Cross-Site Scripting : undefined
98047 Allowed HTTP Methods : undefined
98117 Blind SQL Injection (differential analysis) : undefined

New

114219 HTTP/2 Cleartext Upgrade Support Detected : undefined

Web App Scanning Plugin Feed 202402211156

Feed built about 2 years ago

Modified Detection

112705 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 / 12.2.1.4.0 / 14.1.1.0.0 Authentication Bypass : undefined
113010 API Key Authentication Succeeded : undefined
113011 API Key Authentication Failed : undefined
113012 Bearer Token Authentication Succeeded : undefined
113013 Bearer Token Authentication Failed : undefined
113310 Blind XPath Injection (differential analysis) : undefined
113580 Web Cache Deception : undefined
114006 Web Cache Poisoning Denial of Service : undefined
114145 Apache OFBiz Authentication Bypass : undefined
114214 ConnectWise ScreenConnect < 23.9.8 Authentication Bypass : undefined
98034 Login Form Authentication Failed : undefined
98035 Login Form Authentication Succeeded : undefined
98117 Blind SQL Injection (differential analysis) : undefined
98119 Blind NoSQL Injection (differential analysis) : undefined
98139 Cookie Authentication Succeeded : undefined
98140 Cookie Authentication Failed : undefined
98141 Selenium Authentication Succeeded : undefined
98142 Selenium Authentication Failed : undefined

New

114211 GraphQL Batching : undefined
114212 Lead Generated Plugin for WordPress < 1.25 Insecure Deserialization : undefined
114213 BuddyForms Plugin for WordPress < 2.7.8 Insecure Deserialization : undefined
114215 Apache Tomcat 9.0.0-M11 < 9.0.44 Request Smuggling : undefined
114216 Apache Tomcat 8.5.7 < 8.5.64 Request Smuggling : undefined
114217 Joomla! 5.x < 5.0.3 Multiple Vulnerabilities : undefined
114218 Joomla! 1.5.x < 4.4.3 Multiple Vulnerabilities : undefined

Web App Scanning Plugin Feed 202402191057

Feed built about 2 years ago

Modified Detection

114203 Ivanti Connect Secure 9.x / 22.x XML External Entity : undefined

New

114207 Nginx 1.25.x < 1.25.4 Multiple Vulnerabilities : undefined
114208 InPost Gallery Plugin for WordPress < 2.1.4.2 Cross-Site Scripting : undefined
114209 Bulk Price Update for Woocommerce Plugin for WordPress < 2.2.2 Cross-Site Scripting : undefined
114210 Meta Data and Taxonomies Filter Plugin for WordPress < 1.3.1 Cross-Site Scripting : undefined

Web App Scanning Plugin Feed 202402150742

Feed built about 2 years ago

Modified Detection

114027 WP Fastest Cache Plugin for WordPress < 1.1.3 Multiple Vulnerabilities : undefined
114122 Appwrite Server-Side Request Forgery : undefined
114164 Stripe Payment Plugin for WooCommerce Plugin for WordPress < 3.8.0 SQL Injection : undefined
114203 Ivanti Connect Secure 9.x / 22.x XML External Entity : undefined

New

114204 My Calendar Plugin for WordPress < 3.4.22 SQL Injection : undefined
114205 Html5 Video Player Plugin for WordPress < 2.5.25 SQL Injection : undefined
114206 RStudio Connect < 2023.05 Open Redirect : undefined

Web App Scanning Plugin Feed 202402080752

Feed built about 2 years ago

Modified Detection

112614 Server-Side Template Injection : undefined
113237 PHP Object Deserialization : undefined
114042 Adobe ColdFusion Remote Code Execution : undefined
114166 SOAP API Detected : undefined
114200 Google Cloud Platform Detected : undefined

New

114199 Amazon Web Services Detected : undefined
114201 Microsoft Azure Detected : undefined
114202 Microsoft Entra ID Detected : undefined

Web App Scanning Plugin Feed 202402070739

Feed built about 2 years ago

Modified Detection

114145 Apache OFBiz Authentication Bypass : undefined

New

114196 Ivanti Connect Secure 9.x / 22.x Server-Side Request Forgery : undefined
114197 Openfire Path Traversal : undefined
114198 Juniper Junos OS Remote Code Execution : undefined

Web App Scanning Plugin Feed 202402020754

Feed built about 2 years ago

Modified Detection

112290 Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities : undefined
112295 Apache Tomcat 9.0.0.M1 < 9.0.0.M22 Multiple Vulnerabilities : undefined
112353 ASP.NET DEBUG Method Enabled : undefined
112439 Server-Side Request Forgery : undefined
112524 Oracle WebLogic WSAT Remote Code Execution : undefined
112526 Missing 'X-XSS-Protection' Header (deprecated) : undefined
112527 Disabled 'X-XSS-Protection' Header (deprecated) : undefined
112529 Missing 'X-Content-Type-Options' Header : undefined
112535 HTTP Strict Transport Security Policy Detected : undefined
112541 SSL/TLS Certificate Common Name Mismatch : undefined
112543 HTTPS Not Detected : undefined
112544 HTTP to HTTPS Redirect Not Enabled : undefined
112545 Oracle WebLogic Server Administration Console Detected : undefined
112550 Full Path Disclosure : undefined
112551 Missing Content Security Policy : undefined
112552 Deprecated Content Security Policy : undefined
112553 Missing 'Cache-Control' Header : undefined
112554 Permissive Content Security Policy Detected : undefined
112555 Report Only Content Security Policy Detected : undefined
112569 OpenAPI Import Success : undefined
112570 OpenAPI Import Failed : undefined
112614 Server-Side Template Injection : undefined
112685 Symfony Secret Fragments Remote Code Execution : undefined
112686 JSON Web Token Detected : undefined
112697 JSON Web Token Weak Secret : undefined
112703 JSON Web Token None Hashing Algorithm : undefined
112704 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 Remote Code Execution : undefined
112705 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 / 12.2.1.4.0 / 14.1.1.0.0 Authentication Bypass : undefined
112706 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 / 12.2.1.3.0 Remote Code Execution : undefined
112719 Client-Side Prototype Pollution : undefined
112720 Rails < 4.2.11.3 / 5.x < 5.0.1 Remote Code Execution : undefined
112726 Apache Struts 2.3.5 < 2.3.32 / 2.5.x < 2.5.10.1 Remote Code Execution (S2-045 / S2-046) : undefined
112727 Apache Struts 2.0.4 < 2.3.35 / 2.5.x < 2.5.17 Remote Code Execution (S2-057) : undefined
112741 Apache Struts 2.x < 2.3.15.1 Remote Code Execution (S2-016) : undefined
112742 Apache Struts 2 < 2.3.29 DevMode Remote Code Execution : undefined
112760 Apache Struts 2 Demo Application Detected : undefined
112762 Apache Struts 2 < 2.3.33 Remote Code Execution (S2-048) : undefined
112763 Apache Struts 2.1.6 < 2.3.34 / 2.5 < 2.5.13 Remote Code Execution (S2-052) : undefined
112907 GraphQL Interface Detected : undefined
112920 GraphQL Cross-Site Request Forgery : undefined
113010 API Key Authentication Succeeded : undefined
113011 API Key Authentication Failed : undefined
113012 Bearer Token Authentication Succeeded : undefined
113013 Bearer Token Authentication Failed : undefined
113029 Microsoft IIS Unsupported Version : undefined
113030 Out-of-Date Bootstrap Detected : undefined
113031 Out-of-Date JQuery UI Detected : undefined
113032 Out-of-Date Modernizr Detected : undefined
113033 Out-of-Date Underscore.js Detected : undefined
113034 Out-of-Date MediaElement.Js Detected : undefined
113037 Out-of-Date Backbone JS Framework Detected : undefined
113057 Microsoft Exchange Server Autodiscover Cross-Site Scripting : undefined
113058 Apache 2.4.10 < 2.4.44 Source Code Disclosure : undefined
113059 OPcache UI Detected : undefined
113067 Basic Authentication Bruteforced : undefined
113075 Apache Log4j Remote Code Execution (Log4Shell) : undefined
113078 AngularJS Unsupported Version : undefined
113117 Magento Administration Panel Login Form Bruteforced : undefined
113123 Dockerfile Detected : undefined
113136 Wordpress Administration Panel Login Form Bruteforced : undefined
113150 Google Cloud Service Account Private Key Disclosure (deprecated) : undefined
113158 Package Dependencies Detected : undefined
113162 MySQLjs SQL Injection Authentication Bypass : undefined
113164 AWS Credentials Disclosure (deprecated) : undefined
113165 Apache mod_negotiation Alternative Filename Disclosure : undefined
113168 Docker Compose Configuration Detected : undefined
113195 Spring Boot Actuator Detected : undefined
113211 HTTP Verb Tampering : undefined
113217 Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell) : undefined
113237 PHP Object Deserialization : undefined
113258 OpenAPI Permissive Input Validation : undefined
113310 Blind XPath Injection (differential analysis) : undefined
113333 Duplicate HTTP Headers Detected : undefined
113337 NoSQL Injection Authentication Bypass : undefined
113338 Web Cache Poisoning : undefined
113369 BackupBuddy Plugin for WordPress < 8.7.5 Arbitrary File Read : undefined
113373 Atlassian Bitbucket Remote Code Execution : undefined
113393 Performance Telemetry : undefined
113420 Nginx < 1.22.1 Multiple Vulnerabilities : undefined
113421 Nginx 1.23.x < 1.23.2 Multiple Vulnerabilities : undefined
113448 Microsoft Access Database Detected : undefined
113452 WordPress Plugins Detected : undefined
113580 Web Cache Deception : undefined
113634 Server-Side Inclusion Injection : undefined
113838 WooCommerce Payments Plugin for WordPress 5.6.x < 5.6.2 Authentication Bypass : undefined
113897 HTML Comments Detected : undefined
113900 Cross-Site Request Forgery Token Validation Bypass : undefined
113906 Advanced Custom Fields for WordPress 6.0.x < 6.1.6 Cross-Site Scripting : undefined
113908 Advanced Custom Fields Pro for WordPress 6.0.x < 6.1.6 Cross-Site Scripting : undefined
113943 Disclosed Hong Kong Identity Number : undefined
113959 GeoServer SQL Injection : undefined
113973 Web Services Description Language (WSDL) File Detected : undefined
114006 Web Cache Poisoning Denial of Service : undefined
114027 WP Fastest Cache Plugin for WordPress < 1.1.3 Multiple Vulnerabilities : undefined
114029 Well-Known URIs Detected : undefined
114031 WooCommerce Payments Plugin for WordPress 6.3.x < 6.3.2 Authentication Bypass : undefined
114032 WooCommerce Payments Plugin for WordPress 6.2.x < 6.2.2 Authentication Bypass : undefined
114033 WooCommerce Payments Plugin for WordPress 5.5.x < 5.5.2 Authentication Bypass : undefined
114034 WooCommerce Payments Plugin for WordPress 5.4.x < 5.4.1 Authentication Bypass : undefined
114035 WooCommerce Payments Plugin for WordPress 5.3.x < 5.3.1 Authentication Bypass : undefined
114036 WooCommerce Payments Plugin for WordPress 5.2.x < 5.2.2 Authentication Bypass : undefined
114037 WooCommerce Payments Plugin for WordPress 5.1.x < 5.1.3 Authentication Bypass : undefined
114038 WooCommerce Payments Plugin for WordPress 5.0.x < 5.0.4 Authentication Bypass : undefined
114039 WooCommerce Payments Plugin for WordPress 4.9.x < 4.9.1 Authentication Bypass : undefined
114040 WooCommerce Payments Plugin for WordPress 4.8.x < 4.8.2 Authentication Bypass : undefined
114041 Strapi Cognito Provider Authentication Bypass : undefined
114042 Adobe ColdFusion Remote Code Execution : undefined
114043 Adobe ColdFusion Improper Access Control : undefined
114064 MediaWiki Status Module Information Disclosure : undefined
114108 Strapi < 4.8.0 Private Fields Sensitive Information Disclosure : undefined
114116 XML Injection : undefined
114122 Appwrite Server-Side Request Forgery : undefined
114128 External Backend API Detected : undefined
114129 Generic Secret Disclosure : undefined
114134 HTML/CSS Injection : undefined
114143 Node-config Configuration File Detected : undefined
114145 Apache OFBiz Authentication Bypass : undefined
114146 Subdomain Takeover : undefined
114164 Stripe Payment Plugin for WooCommerce Plugin for WordPress < 3.8.0 SQL Injection : undefined
114166 SOAP API Detected : undefined
114168 Jenkins < 2.442 / < LTS 2.426.3 Arbitrary File Read : undefined
115540 Cookie Without SameSite Flag Detected : undefined
98000 Scan Information : undefined
98008 Web Application Firewall Detected : undefined
98034 Login Form Authentication Failed : undefined
98035 Login Form Authentication Succeeded : undefined
98047 Allowed HTTP Methods : undefined
98054 Unvalidated Redirection : undefined
98056 Missing HTTP Strict Transport Security Policy : undefined
98057 Insecure 'Access-Control-Allow-Origin' Header : undefined
98060 Missing 'X-Frame-Options' Header : undefined
98062 Cookie Set For Parent Domain : undefined
98063 Cookie Without HttpOnly Flag Detected : undefined
98064 Cookie Without Secure Flag Detected : undefined
98067 Insecure Cross-Domain Policy (allow-access-from) : undefined
98068 Insecure Cross-Domain Policy (allow-http-request-headers-from) : undefined
98070 Common Administration Interfaces Detection : undefined
98071 Common Files Detection : undefined
98074 Backup File : undefined
98077 Private IP Address Disclosure : undefined
98080 Form-based File Upload : undefined
98083 CAPTCHA Detection : undefined
98084 Directory Listing : undefined
98091 Mixed Resource Detection : undefined
98095 Misconfiguration in LIMIT directive of .htaccess file : undefined
98097 Backdoor Detection : undefined
98099 Publicly writable directory : undefined
98100 Path Traversal : undefined
98101 Response Splitting : undefined
98104 Cross-Site Scripting (XSS) : undefined
98107 Cross-Site Scripting (XSS) in path : undefined
98109 DOM-based Cross-Site Scripting (XSS) : undefined
98110 DOM-based Cross-Site Scripting (XSS) in attribute context : undefined
98112 Cross-Site Request Forgery : undefined
98113 XML External Entity : undefined
98114 XPath Injection : undefined
98115 SQL Injection : undefined
98117 Blind SQL Injection (differential analysis) : undefined
98119 Blind NoSQL Injection (differential analysis) : undefined
98123 Operating System Command Injection : undefined
98125 Local File Inclusion : undefined
98136 Target Information : undefined
98139 Cookie Authentication Succeeded : undefined
98140 Cookie Authentication Failed : undefined
98141 Selenium Authentication Succeeded : undefined
98142 Selenium Authentication Failed : undefined
98143 Selenium Crawl Succeeded : undefined
98145 Selenium Crawl Failed : undefined
98146 Password Submitted Using GET Method : undefined
98200 Drupal Administration Panel Login Form Detected : undefined
98201 Drupal User Registration Form Detected : undefined
98202 WordPress User Registration Form Detected : undefined
98205 Joomla! User Registration Form Detected : undefined
98209 Drupal User Enumeration : undefined
98228 Drupal Unsupported Version : undefined
98230 PHP Unsupported Version : undefined
98526 Missing Permissions Policy : undefined
98527 Missing Referrer Policy : undefined
98538 Environment Configuration File Detected : undefined
98607 Ultimate Member Plugin for WordPress < 2.0.46 Multiple Vulnerabilities : undefined
98611 Error Message : undefined
98618 HTTP Header Information Disclosure : undefined
98623 Host Header Injection : undefined
98642 Magento Administration Panel Login Form Detected : undefined
98646 .DS_Store File Detected : undefined
98648 Missing 'Content-Type' Header : undefined
98715 Permissive HTTP Strict Transport Security Policy Detected : undefined
98779 Source Code Passive Disclosure : undefined
98920 Disclosed US Social Security Number : undefined
98950 Nginx < 1.4.1 ngx_http_proxy_module.c Multiple Vulnerabilities : undefined
98951 Nginx < 1.2.9 ngx_http_proxy_module.c Multiple Vulnerabilities : undefined
98994 Kentico CMS < 9.0.51 / 10.x < 10.0.48 Access Control Bypass : undefined
98995 Kentico CMS 8.2.x < 8.2.41 Open Redirect : undefined
98996 Kentico CMS < 9.0.51 Cross-Site Scripting : undefined
98997 Kentico CMS 9.x < 10.0.52 / 11.0.x < 11.0.48 / 12.0.x < 12.0.15 Remote Code Execution : undefined

New

114162 XSLT Injection : undefined
114163 Fortra GoAnywhere MFT 6.x > 6.0.1 / 7.x < 7.4.1 Authentication Bypass : undefined
114165 Ivanti Connect Secure 9.x / 22.x Authentication Bypass : undefined
114167 gRPC Detected : undefined
114169 Google Extensible Service Proxy 2.20.0 < 2.43.0 Authentication Bypass : undefined
114170 WordPress 4.1.x < 4.1.40 Multiple Vulnerabilities : undefined
114171 WordPress 4.2.x < 4.2.37 Multiple Vulnerabilities : undefined
114172 WordPress 4.3.x < 4.3.33 Multiple Vulnerabilities : undefined
114173 WordPress 4.4.x < 4.4.32 Multiple Vulnerabilities : undefined
114174 WordPress 4.5.x < 4.5.31 Multiple Vulnerabilities : undefined
114175 WordPress 4.6.x < 4.6.28 Multiple Vulnerabilities : undefined
114176 WordPress 4.7.x < 4.7.28 Multiple Vulnerabilities : undefined
114177 WordPress 4.8.x < 4.8.24 Multiple Vulnerabilities : undefined
114178 WordPress 4.9.x < 4.9.25 Multiple Vulnerabilities : undefined
114179 WordPress 5.0.x < 5.0.21 Multiple Vulnerabilities : undefined
114180 WordPress 5.1.x < 5.1.18 Multiple Vulnerabilities : undefined
114181 WordPress 5.2.x < 5.2.20 Multiple Vulnerabilities : undefined
114182 WordPress 5.3.x < 5.3.17 Multiple Vulnerabilities : undefined
114183 WordPress 5.4.x < 5.4.15 Multiple Vulnerabilities : undefined
114184 WordPress 5.5.x < 5.5.14 Multiple Vulnerabilities : undefined
114185 WordPress 5.6.x < 5.6.13 Multiple Vulnerabilities : undefined
114186 WordPress 5.7.x < 5.7.11 Multiple Vulnerabilities : undefined
114187 WordPress 5.8.x < 5.8.9 Multiple Vulnerabilities : undefined
114188 WordPress 5.9.x < 5.9.9 Multiple Vulnerabilities : undefined
114189 WordPress 6.0.x < 6.0.7 Multiple Vulnerabilities : undefined
114190 WordPress 6.1.x < 6.1.5 Multiple Vulnerabilities : undefined
114191 WordPress 6.2.x < 6.2.4 Multiple Vulnerabilities : undefined
114192 WordPress 6.3.x < 6.3.3 Multiple Vulnerabilities : undefined
114193 WordPress 6.4.x < 6.4.3 Multiple Vulnerabilities : undefined
114194 Express.js Authentication Bypass : undefined
114195 Web Server Configuration File Detected : undefined

Web App Scanning Plugin Feed 202401260812

Feed built about 2 years ago

Modified Detection

114116 XML Injection : undefined
114164 Stripe Payment Plugin for WooCommerce Plugin for WordPress < 3.8.0 SQL Injection : undefined

New

114162 XSLT Injection : undefined
114163 Fortra GoAnywhere MFT 6.x > 6.0.1 / 7.x < 7.4.1 Authentication Bypass : undefined
114165 Ivanti Connect Secure 9.x / 22.x Authentication Bypass : undefined

Web App Scanning Plugin Feed 202401240953

Feed built about 2 years ago

Modified Detection

113337 NoSQL Injection Authentication Bypass : undefined
113853 Customer Reviews for WooCommerce Plugin for WordPress < 5.17.0 Cross-Site Scripting : undefined
113855 GiveWP Plugin for WordPress < 2.24.1 SQL Injection : undefined
113871 DotNetNuke User Enumeration : undefined
113900 Cross-Site Request Forgery Token Validation Bypass : undefined
113904 Sitecore Unauthenticated User Enumeration : undefined
114042 Adobe ColdFusion Remote Code Execution : undefined
114089 Pimcore User Enumeration : undefined
114099 Microsoft SharePoint Server 2019 build < 16.0.10399.20005 Elevation of Privilege : undefined
114129 Generic Secret Disclosure : undefined
114145 Apache OFBiz Authentication Bypass : undefined
114151 Atlassian Confluence 7.13.x < 7.19.17 Remote Code Execution : undefined
114152 Atlassian Confluence 8.x < 8.5.5 Remote Code Execution : undefined
114153 Atlassian Confluence 8.6.x < 8.7.2 Remote Code Execution : undefined
114154 Atlassian Confluence < 7.19.18 Multiple Remote Code Execution : undefined
114155 Atlassian Confluence 8.x < 8.5.5 Multiple Remote Code Execution : undefined
114156 Atlassian Confluence 8.6.x < 8.7.2 Multiple Remote Code Execution : undefined
114157 POST SMTP Mailer Plugin for WordPress < 2.8.8 Authorization Bypass : undefined

New

114160 LearnPress Plugin for WordPress < 4.2.5.8 Multiple Vulnerabilities : undefined
114161 WP Fastest Cache Plugin for WordPress < 1.2.2 SQL Injection : undefined

Web App Scanning Plugin Feed 202401190633

Feed built about 2 years ago

Modified Detection

112582 Microsoft SharePoint Server 2016 < 16.0.5056.1001 Multiple Vulnerabilities : undefined
112583 Microsoft SharePoint Server 2019 < 16.0.10366.12106 Multiple Vulnerabilities : undefined
112584 Microsoft SharePoint Server 2013 < 15.0.5275.1001 Multiple Vulnerabilities : undefined
112585 Microsoft SharePoint Server 2010 < 14.0.7260.5000 Multiple Vulnerabilities : undefined
112586 Microsoft SharePoint Server 2016 < 16.0.5044.1000 Multiple Vulnerabilities : undefined
112587 Microsoft SharePoint Server 2013 < 15.0.5267.1000 Multiple Vulnerabilities : undefined
112588 Microsoft SharePoint Server 2019 < 16.0.10364.20001 Multiple Vulnerabilities : undefined
112589 Microsoft SharePoint Server 2010 < 14.0.7256.5000 Multiple Vulnerabilities : undefined
112730 Microsoft SharePoint Server 2016 < 16.0.5095.1000 Multiple Vulnerabilities : undefined
112731 Microsoft SharePoint Server 2019 < 16.0.10369.20000 Multiple Vulnerabilities : undefined
112732 Microsoft SharePoint Server 2010 < 14.0.7263.5000 Multiple Vulnerabilities : undefined
112733 Microsoft SharePoint Server 2010 < 14.0.7262.5000 Multiple Vulnerabilities : undefined
112734 Microsoft SharePoint Server 2019 < 16.0.10368.20022 Multiple Vulnerabilities : undefined
112735 Microsoft SharePoint Server 2013 < 15.0.5293.1000 Multiple Vulnerabilities : undefined
112736 Microsoft SharePoint Server 2016 < 16.0.5083.1000 Multiple Vulnerabilities : undefined
112737 Microsoft SharePoint Server 2010 < 14.0.7261.5000 Multiple Vulnerabilities : undefined
112738 Microsoft SharePoint Server 2019 < 16.0.10367.20000 Multiple Vulnerabilities : undefined
112739 Microsoft SharePoint Server 2016 < 16.0.5071.1000 Multiple Vulnerabilities : undefined
112740 Microsoft SharePoint Server 2013 < 15.0.5285.1000 Multiple Vulnerabilities : undefined
112940 Microsoft SharePoint Server 2019 < 16.0.10370.20001 Multiple Vulnerabilities : undefined
112941 Microsoft SharePoint Server 2016 < 16.0.5110.1000 Multiple Vulnerabilities : undefined
112942 Microsoft SharePoint Server 2010 < 14.0.7264.5000 Multiple Vulnerabilities : undefined
112943 Microsoft SharePoint Server 2013 < 15.0.5311.1000 Multiple Vulnerabilities : undefined
113212 Content Injection : undefined
113584 Joomla! 4.0.0 < 4.2.8 Broken Access Control : undefined
114123 Atlassian Confluence 4.x < 7.19.17 Template Injection : undefined
114124 Atlassian Confluence 8.x < 8.4.5 Template Injection : undefined
114125 Atlassian Confluence 8.5.x < 8.5.4 Template Injection : undefined
114126 Atlassian Confluence 8.6.x < 8.6.2 Template Injection : undefined
114127 Atlassian Confluence 8.7.x < 8.7.1 Template Injection : undefined
114129 Generic Secret Disclosure : undefined
114151 Atlassian Confluence 7.13.x < 7.19.17 Remote Code Execution : undefined
114152 Atlassian Confluence 8.x < 8.5.5 Remote Code Execution : undefined
114153 Atlassian Confluence 8.6.x < 8.7.2 Remote Code Execution : undefined
114154 Atlassian Confluence < 7.19.18 Multiple Remote Code Execution : undefined
114155 Atlassian Confluence 8.x < 8.5.5 Multiple Remote Code Execution : undefined
114156 Atlassian Confluence 8.6.x < 8.7.2 Multiple Remote Code Execution : undefined
114157 POST SMTP Mailer Plugin for WordPress < 2.8.8 Authorization Bypass : undefined
98112 Cross-Site Request Forgery : undefined

New

114150 Atlassian Confluence 8.x < 8.5.4 Remote Code Execution : undefined
114158 Drupal 10.2.x < 10.2.2 Denial of Service : undefined
114159 Drupal 10.1.x < 10.1.8 Denial of Service : undefined

Web App Scanning Plugin Feed 202401110901

Feed built about 2 years ago

Modified Detection

112520 Magento Unsupported Version : undefined
113027 Out-of-Date JQuery Detected : undefined
113028 Out-of-Date Lodash Detected : undefined
113029 Microsoft IIS Unsupported Version : undefined
113030 Out-of-Date Bootstrap Detected : undefined
113031 Out-of-Date JQuery UI Detected : undefined
113032 Out-of-Date Modernizr Detected : undefined
113033 Out-of-Date Underscore.js Detected : undefined
113034 Out-of-Date MediaElement.Js Detected : undefined
113035 Out-of-Date Moment JS Framework Detected : undefined
113036 Out-of-Date Knockout JS Detected : undefined
113037 Out-of-Date Backbone JS Framework Detected : undefined
113078 AngularJS Unsupported Version : undefined
113871 DotNetNuke User Enumeration : undefined
113904 Sitecore Unauthenticated User Enumeration : undefined
114089 Pimcore User Enumeration : undefined
114146 Subdomain Takeover : undefined
98097 Backdoor Detection : undefined
98112 Cross-Site Request Forgery : undefined
98227 WordPress Unsupported Version : undefined
98228 Drupal Unsupported Version : undefined
98229 Joomla! Unsupported Version : undefined
98230 PHP Unsupported Version : undefined
98231 Apache Unsupported Version : undefined
98232 Apache Tomcat Unsupported Version : undefined

New

114147 Microsoft SharePoint Exposed Interfaces : undefined
114148 Microsoft SharePoint Exposed Web Services : undefined
114149 Microsoft SharePoint User Enumeration : undefined

Web App Scanning Plugin Feed 202401081628

Feed built about 2 years ago

Modified Detection

112615 OpenAPI File Detected : undefined
112703 JSON Web Token None Hashing Algorithm : undefined
113242 Java Psychic Signatures : undefined
114129 Generic Secret Disclosure : undefined
98071 Common Files Detection : undefined

Web App Scanning Plugin Feed 202401030754

Feed built about 2 years ago

Modified Detection

112354 lighttpd < 1.4.28 Insecure Temporary File Creation : undefined
112358 lighttpd < 1.4.35 Multiple Vulnerabilities : undefined
112501 Sitefinity < 10.0.6412.0 Multiple Vulnerabilities : undefined
112550 Full Path Disclosure : undefined
112673 Resin < 4.0.40 Incorrect Unicode Transformations : undefined
112697 JSON Web Token Weak Secret : undefined
112926 Microsoft SharePoint Server 2019 < 16.0.10376.20001 Multiple Vulnerabilities : undefined
112927 Microsoft SharePoint Server 2016 < 16.0.5188.1000 Multiple Vulnerabilities : undefined
112928 Microsoft SharePoint Server 2013 < 15.0.5363.1000 Multiple Vulnerabilities : undefined
113088 Microsoft SharePoint Server 2019 < 16.0.10377.20001 Multiple Vulnerabilities : undefined
113089 Microsoft SharePoint Server 2013 < 15.0.5371.1000 Multiple Vulnerabilities : undefined
113090 Microsoft SharePoint Server 2016 < 16.0.5200.1000 Multiple Vulnerabilities : undefined
113458 Yoast SEO Plugin for WordPress < 1.5.7 Multiple Vulnerabilities : undefined
113459 Yoast SEO Plugin for WordPress 1.6.x < 1.6.4 Multiple Vulnerabilities : undefined
113460 Yoast SEO Plugin for WordPress 1.7.x < 1.7.4 Multiple Vulnerabilities : undefined
113467 WP DBManager Plugin for WordPress < 2.7.2 Multiple Vulnerabilities : undefined
113472 WP EasyCart Plugin for WordPress < 3.0.9 Unrestricted File Upload : undefined
113473 WP Photo Album Plus Plugin for WordPress < 6.1.3 Multiple Cross-Site Scripting : undefined
113474 WP-Print Plugin for WordPress < 2.52 Cross-Site Request Forgery : undefined
113475 WP eCommerce Plugin for WordPress < 3.8.7.6 SQL Injection : undefined
113476 WP-PostViews Plugin for WordPress < 1.63 Cross-Site Request Forgery : undefined
113478 All In One WP Security & Firewall Plugin for WordPress < 3.8.8 SQL Injection : undefined
113479 All In One WP Security & Firewall Plugin for WordPress < 3.8.3 Multiple SQL Injection : undefined
113488 Advanced Dewplayer Plugin for WordPress < 1.3 Path Traversal : undefined
113489 WordPress Classifieds Plugin Plugin for WordPress < 3.0 SQL Injection : undefined
113490 WordPress Mobile Pack Plugin for WordPress < 2.0.2 Sensitive Information Disclosure : undefined
113491 WP Easy Post Types Plugin for WordPress < 1.4.4 Cross-Site Scripting : undefined
113492 Apptha WordPress Video Gallery Plugin for WordPress < 2.8.0 SQL Injection : undefined
113493 Cross-RSS Plugin for WordPress Arbitrary Files Read : undefined
113494 WP Ultimate Email Marketer Plugin for WordPress Multiple Vulnerabilities : undefined
113495 WP Cron Dashboard Plugin for WordPress < 1.1.6 Cross-Site Scripting : undefined
113496 WP RESTful Plugin for WordPress Multiple Cross-Site Scripting : undefined
113497 Social Invitations Plugin for WordPress < 1.4.4.3 Cross-Site Scripting : undefined
113498 WP e-Commerce Shop Styling Plugin for WordPress < 1.8 Code Injection : undefined
113499 WP Symposium Plugin for WordPress < 15.8 SQL Injection : undefined
113503 WordPress < 2.1 Cross-Site Request Forgery : undefined
113504 Slimstat Analytics Plugin for WordPress < 3.9.2 Cross-site Scripting : undefined
113545 Apache 2.4.x < 2.4.55 Multiple Vulnerabilities : undefined
113715 Atlassian Jira < 3.13.1 Cross-Site Scripting : undefined
113816 Atlassian Jira < 6.0.4 Directory Traversal In Issue Collector : undefined
113817 Atlassian Jira < 6.0.5 Multiple Vulnerabilities : undefined
113818 Atlassian Jira < 3.7.1 Giffy Plugin Arbitrary File Read : undefined
113819 Atlassian Jira < 6.4.3.1 / 6.5.x < 6.5.0.2 / 7.x < 7.0.3 Software Tempo Plugin Xml Denial Of Service : undefined
113820 Atlassian Jira 6.5.x < 6.5.0.2 Software Tempo Plugin Xml Denial Of Service : undefined
113821 Atlassian Jira 7.x < 7.0.3 Software Tempo Plugin Xml Denial Of Service : undefined
113823 Atlassian Jira < 3.12.1 Xss In 500 Page : undefined
113938 CA SiteMinder WebAgent Cross-Site Scripting : undefined
114026 WP EasyCart Plugin for WordPress < 2.0.6 Sensitive Information Disclosure : undefined
114117 OwnCloud graphapi 0.2.x < 0.2.1 / 0.3.x < 0.3.1 Sensitive Informations Disclosure : undefined
114123 Atlassian Confluence 4.x < 7.19.17 Template Injection : undefined
114124 Atlassian Confluence 8.x < 8.4.5 Template Injection : undefined
114125 Atlassian Confluence 8.5.x < 8.5.4 Template Injection : undefined
114126 Atlassian Confluence 8.6.x < 8.6.2 Template Injection : undefined
114127 Atlassian Confluence 8.7.x < 8.7.1 Template Injection : undefined
114141 Backup Migration Plugin for WordPress < 1.3.8 Remote Code Execution : undefined
114143 Node-config Configuration File Detected : undefined
114145 Apache OFBiz Authentication Bypass : undefined
98071 Common Files Detection : undefined
98072 Common Directories Detection : undefined
98237 MediaElement.js < 2.11.2 Cross-Site Scripting : undefined
98398 JK Status Manager Information Disclosure : undefined
98679 Webmin < 1.730 Read Mail Symlink Vulnerability : undefined
98703 Magento API Anonymous Access : undefined
98779 Source Code Passive Disclosure : undefined
98952 Nginx < 1.5.7 ngx_parse_http Security Bypass : undefined
98953 Nginx < 1.4.4 ngx_parse_http Security Bypass : undefined
98957 Nginx < 1.7.4 SMTP STARTTLS Command Injection : undefined
98958 Nginx < 1.6.1 SMTP STARTTLS Command Injection : undefined
98959 Nginx < 1.7.5 SSL Session Reuse : undefined
98960 Nginx < 1.6.2 SSL Session Reuse : undefined
98995 Kentico CMS 8.2.x < 8.2.41 Open Redirect : undefined
98996 Kentico CMS < 9.0.51 Cross-Site Scripting : undefined

New

114142 ADFS Relying Party Trusts Disclosure : undefined
114144 Apache OFBiz Remote Code Execution : undefined

Web App Scanning Plugin Feed 202312180856

Feed built about 2 years ago

Modified Detection

112290 Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities : undefined
112295 Apache Tomcat 9.0.0.M1 < 9.0.0.M22 Multiple Vulnerabilities : undefined
112353 ASP.NET DEBUG Method Enabled : undefined
112354 lighttpd < 1.4.28 Insecure Temporary File Creation : undefined
112358 lighttpd < 1.4.35 Multiple Vulnerabilities : undefined
112439 Server-Side Request Forgery : undefined
112501 Sitefinity < 10.0.6412.0 Multiple Vulnerabilities : undefined
112520 Magento Unsupported Version : undefined
112524 Oracle WebLogic WSAT Remote Code Execution : undefined
112526 Missing 'X-XSS-Protection' Header (deprecated) : undefined
112527 Disabled 'X-XSS-Protection' Header (deprecated) : undefined
112529 Missing 'X-Content-Type-Options' Header : undefined
112535 HTTP Strict Transport Security Policy Detected : undefined
112541 SSL/TLS Certificate Common Name Mismatch : undefined
112543 HTTPS Not Detected : undefined
112544 HTTP to HTTPS Redirect Not Enabled : undefined
112545 Oracle WebLogic Server Administration Console Detected : undefined
112550 Full Path Disclosure : undefined
112551 Missing Content Security Policy : undefined
112552 Deprecated Content Security Policy : undefined
112553 Missing 'Cache-Control' Header : undefined
112554 Permissive Content Security Policy Detected : undefined
112555 Report Only Content Security Policy Detected : undefined
112569 OpenAPI Import Success : undefined
112570 OpenAPI Import Failed : undefined
112582 Microsoft SharePoint Server 2016 < 16.0.5056.1001 Multiple Vulnerabilities : undefined
112583 Microsoft SharePoint Server 2019 < 16.0.10366.12106 Multiple Vulnerabilities : undefined
112584 Microsoft SharePoint Server 2013 < 15.0.5275.1001 Multiple Vulnerabilities : undefined
112585 Microsoft SharePoint Server 2010 < 14.0.7260.5000 Multiple Vulnerabilities : undefined
112586 Microsoft SharePoint Server 2016 < 16.0.5044.1000 Multiple Vulnerabilities : undefined
112587 Microsoft SharePoint Server 2013 < 15.0.5267.1000 Multiple Vulnerabilities : undefined
112588 Microsoft SharePoint Server 2019 < 16.0.10364.20001 Multiple Vulnerabilities : undefined
112589 Microsoft SharePoint Server 2010 < 14.0.7256.5000 Multiple Vulnerabilities : undefined
112614 Server-Side Template Injection : undefined
112615 OpenAPI File Detected : undefined
112673 Resin < 4.0.40 Incorrect Unicode Transformations : undefined
112685 Symfony Secret Fragments Remote Code Execution : undefined
112686 JSON Web Token Detected : undefined
112697 JSON Web Token Weak Secret : undefined
112703 JSON Web Token None Hashing Algorithm : undefined
112704 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 Remote Code Execution : undefined
112705 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 / 12.2.1.4.0 / 14.1.1.0.0 Authentication Bypass : undefined
112706 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 / 12.2.1.3.0 Remote Code Execution : undefined
112719 Client-Side Prototype Pollution : undefined
112720 Rails < 4.2.11.3 / 5.x < 5.0.1 Remote Code Execution : undefined
112726 Apache Struts 2.3.5 < 2.3.32 / 2.5.x < 2.5.10.1 Remote Code Execution (S2-045 / S2-046) : undefined
112727 Apache Struts 2.0.4 < 2.3.35 / 2.5.x < 2.5.17 Remote Code Execution (S2-057) : undefined
112730 Microsoft SharePoint Server 2016 < 16.0.5095.1000 Multiple Vulnerabilities : undefined
112731 Microsoft SharePoint Server 2019 < 16.0.10369.20000 Multiple Vulnerabilities : undefined
112732 Microsoft SharePoint Server 2010 < 14.0.7263.5000 Multiple Vulnerabilities : undefined
112733 Microsoft SharePoint Server 2010 < 14.0.7262.5000 Multiple Vulnerabilities : undefined
112734 Microsoft SharePoint Server 2019 < 16.0.10368.20022 Multiple Vulnerabilities : undefined
112735 Microsoft SharePoint Server 2013 < 15.0.5293.1000 Multiple Vulnerabilities : undefined
112736 Microsoft SharePoint Server 2016 < 16.0.5083.1000 Multiple Vulnerabilities : undefined
112737 Microsoft SharePoint Server 2010 < 14.0.7261.5000 Multiple Vulnerabilities : undefined
112738 Microsoft SharePoint Server 2019 < 16.0.10367.20000 Multiple Vulnerabilities : undefined
112739 Microsoft SharePoint Server 2016 < 16.0.5071.1000 Multiple Vulnerabilities : undefined
112740 Microsoft SharePoint Server 2013 < 15.0.5285.1000 Multiple Vulnerabilities : undefined
112741 Apache Struts 2.x < 2.3.15.1 Remote Code Execution (S2-016) : undefined
112742 Apache Struts 2 < 2.3.29 DevMode Remote Code Execution : undefined
112760 Apache Struts 2 Demo Application Detected : undefined
112762 Apache Struts 2 < 2.3.33 Remote Code Execution (S2-048) : undefined
112763 Apache Struts 2.1.6 < 2.3.34 / 2.5 < 2.5.13 Remote Code Execution (S2-052) : undefined
112907 GraphQL Interface Detected : undefined
112920 GraphQL Cross-Site Request Forgery : undefined
112926 Microsoft SharePoint Server 2019 < 16.0.10376.20001 Multiple Vulnerabilities : undefined
112927 Microsoft SharePoint Server 2016 < 16.0.5188.1000 Multiple Vulnerabilities : undefined
112928 Microsoft SharePoint Server 2013 < 15.0.5363.1000 Multiple Vulnerabilities : undefined
112940 Microsoft SharePoint Server 2019 < 16.0.10370.20001 Multiple Vulnerabilities : undefined
112941 Microsoft SharePoint Server 2016 < 16.0.5110.1000 Multiple Vulnerabilities : undefined
112942 Microsoft SharePoint Server 2010 < 14.0.7264.5000 Multiple Vulnerabilities : undefined
112943 Microsoft SharePoint Server 2013 < 15.0.5311.1000 Multiple Vulnerabilities : undefined
113010 API Key Authentication Succeeded : undefined
113011 API Key Authentication Failed : undefined
113012 Bearer Token Authentication Succeeded : undefined
113013 Bearer Token Authentication Failed : undefined
113027 Out-of-Date JQuery Detected : undefined
113028 Out-of-Date Lodash Detected : undefined
113029 Microsoft IIS Unsupported Version : undefined
113030 Out-of-Date Bootstrap Detected : undefined
113031 Out-of-Date JQuery UI Detected : undefined
113032 Out-of-Date Modernizr Detected : undefined
113033 Out-of-Date Underscore.js Detected : undefined
113034 Out-of-Date MediaElement.Js Detected : undefined
113035 Out-of-Date Moment JS Framework Detected : undefined
113036 Out-of-Date Knockout JS Detected : undefined
113037 Out-of-Date Backbone JS Framework Detected : undefined
113057 Microsoft Exchange Server Autodiscover Cross-Site Scripting : undefined
113058 Apache 2.4.10 < 2.4.44 Source Code Disclosure : undefined
113059 OPcache UI Detected : undefined
113067 Basic Authentication Bruteforced : undefined
113075 Apache Log4j Remote Code Execution (Log4Shell) : undefined
113078 AngularJS Unsupported Version : undefined
113088 Microsoft SharePoint Server 2019 < 16.0.10377.20001 Multiple Vulnerabilities : undefined
113089 Microsoft SharePoint Server 2013 < 15.0.5371.1000 Multiple Vulnerabilities : undefined
113090 Microsoft SharePoint Server 2016 < 16.0.5200.1000 Multiple Vulnerabilities : undefined
113117 Magento Administration Panel Login Form Bruteforced : undefined
113123 Dockerfile Detected : undefined
113136 Wordpress Administration Panel Login Form Bruteforced : undefined
113150 Google Cloud Service Account Private Key Disclosure (deprecated) : undefined
113158 Package Dependencies Detected : undefined
113162 MySQLjs SQL Injection Authentication Bypass : undefined
113164 AWS Credentials Disclosure (deprecated) : undefined
113165 Apache mod_negotiation Alternative Filename Disclosure : undefined
113168 Docker Compose Configuration Detected : undefined
113195 Spring Boot Actuator Detected : undefined
113211 HTTP Verb Tampering : undefined
113212 Content Injection : undefined
113217 Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell) : undefined
113237 PHP Object Deserialization : undefined
113242 Java Psychic Signatures : undefined
113258 OpenAPI Permissive Input Validation : undefined
113310 Blind XPath Injection (differential analysis) : undefined
113333 Duplicate HTTP Headers Detected : undefined
113337 NoSQL Injection Authentication Bypass : undefined
113338 Web Cache Poisoning : undefined
113369 BackupBuddy Plugin for WordPress < 8.7.5 Arbitrary File Read : undefined
113373 Atlassian Bitbucket Remote Code Execution : undefined
113393 Performance Telemetry : undefined
113420 Nginx < 1.22.1 Multiple Vulnerabilities : undefined
113421 Nginx 1.23.x < 1.23.2 Multiple Vulnerabilities : undefined
113448 Microsoft Access Database Detected : undefined
113452 WordPress Plugins Detected : undefined
113458 Yoast SEO Plugin for WordPress < 1.5.7 Multiple Vulnerabilities : undefined
113459 Yoast SEO Plugin for WordPress 1.6.x < 1.6.4 Multiple Vulnerabilities : undefined
113460 Yoast SEO Plugin for WordPress 1.7.x < 1.7.4 Multiple Vulnerabilities : undefined
113467 WP DBManager Plugin for WordPress < 2.7.2 Multiple Vulnerabilities : undefined
113472 WP EasyCart Plugin for WordPress < 3.0.9 Unrestricted File Upload : undefined
113473 WP Photo Album Plus Plugin for WordPress < 6.1.3 Multiple Cross-Site Scripting : undefined
113474 WP-Print Plugin for WordPress < 2.52 Cross-Site Request Forgery : undefined
113475 WP eCommerce Plugin for WordPress < 3.8.7.6 SQL Injection : undefined
113476 WP-PostViews Plugin for WordPress < 1.63 Cross-Site Request Forgery : undefined
113478 All In One WP Security & Firewall Plugin for WordPress < 3.8.8 SQL Injection : undefined
113479 All In One WP Security & Firewall Plugin for WordPress < 3.8.3 Multiple SQL Injection : undefined
113488 Advanced Dewplayer Plugin for WordPress < 1.3 Path Traversal : undefined
113489 WordPress Classifieds Plugin Plugin for WordPress < 3.0 SQL Injection : undefined
113490 WordPress Mobile Pack Plugin for WordPress < 2.0.2 Sensitive Information Disclosure : undefined
113491 WP Easy Post Types Plugin for WordPress < 1.4.4 Cross-Site Scripting : undefined
113492 Apptha WordPress Video Gallery Plugin for WordPress < 2.8.0 SQL Injection : undefined
113493 Cross-RSS Plugin for WordPress Arbitrary Files Read : undefined
113494 WP Ultimate Email Marketer Plugin for WordPress Multiple Vulnerabilities : undefined
113495 WP Cron Dashboard Plugin for WordPress < 1.1.6 Cross-Site Scripting : undefined
113496 WP RESTful Plugin for WordPress Multiple Cross-Site Scripting : undefined
113497 Social Invitations Plugin for WordPress < 1.4.4.3 Cross-Site Scripting : undefined
113498 WP e-Commerce Shop Styling Plugin for WordPress < 1.8 Code Injection : undefined
113499 WP Symposium Plugin for WordPress < 15.8 SQL Injection : undefined
113503 WordPress < 2.1 Cross-Site Request Forgery : undefined
113504 Slimstat Analytics Plugin for WordPress < 3.9.2 Cross-site Scripting : undefined
113545 Apache 2.4.x < 2.4.55 Multiple Vulnerabilities : undefined
113580 Web Cache Deception : undefined
113584 Joomla! 4.0.0 < 4.2.8 Broken Access Control : undefined
113634 Server-Side Inclusion Injection : undefined
113715 Atlassian Jira < 3.13.1 Cross-Site Scripting : undefined
113816 Atlassian Jira < 6.0.4 Directory Traversal In Issue Collector : undefined
113817 Atlassian Jira < 6.0.5 Multiple Vulnerabilities : undefined
113818 Atlassian Jira < 3.7.1 Giffy Plugin Arbitrary File Read : undefined
113819 Atlassian Jira < 6.4.3.1 / 6.5.x < 6.5.0.2 / 7.x < 7.0.3 Software Tempo Plugin Xml Denial Of Service : undefined
113820 Atlassian Jira 6.5.x < 6.5.0.2 Software Tempo Plugin Xml Denial Of Service : undefined
113821 Atlassian Jira 7.x < 7.0.3 Software Tempo Plugin Xml Denial Of Service : undefined
113823 Atlassian Jira < 3.12.1 Xss In 500 Page : undefined
113838 WooCommerce Payments Plugin for WordPress 5.6.x < 5.6.2 Authentication Bypass : undefined
113853 Customer Reviews for WooCommerce Plugin for WordPress < 5.17.0 Cross-Site Scripting : undefined
113855 GiveWP Plugin for WordPress < 2.24.1 SQL Injection : undefined
113871 DotNetNuke User Enumeration : undefined
113897 HTML Comments Detected : undefined
113900 Cross-Site Request Forgery Token Validation Bypass : undefined
113904 Sitecore Unauthenticated User Enumeration : undefined
113906 Advanced Custom Fields for WordPress 6.0.x < 6.1.6 Cross-Site Scripting : undefined
113908 Advanced Custom Fields Pro for WordPress 6.0.x < 6.1.6 Cross-Site Scripting : undefined
113938 CA SiteMinder WebAgent Cross-Site Scripting : undefined
113943 Disclosed Hong Kong Identity Number : undefined
113959 GeoServer SQL Injection : undefined
113973 Web Services Description Language (WSDL) File Detected : undefined
114006 Web Cache Poisoning Denial of Service : undefined
114026 WP EasyCart Plugin for WordPress < 2.0.6 Sensitive Information Disclosure : undefined
114027 WP Fastest Cache Plugin for WordPress < 1.1.3 Multiple Vulnerabilities : undefined
114029 Well-Known URIs Detected : undefined
114031 WooCommerce Payments Plugin for WordPress 6.3.x < 6.3.2 Authentication Bypass : undefined
114032 WooCommerce Payments Plugin for WordPress 6.2.x < 6.2.2 Authentication Bypass : undefined
114033 WooCommerce Payments Plugin for WordPress 5.5.x < 5.5.2 Authentication Bypass : undefined
114034 WooCommerce Payments Plugin for WordPress 5.4.x < 5.4.1 Authentication Bypass : undefined
114035 WooCommerce Payments Plugin for WordPress 5.3.x < 5.3.1 Authentication Bypass : undefined
114036 WooCommerce Payments Plugin for WordPress 5.2.x < 5.2.2 Authentication Bypass : undefined
114037 WooCommerce Payments Plugin for WordPress 5.1.x < 5.1.3 Authentication Bypass : undefined
114038 WooCommerce Payments Plugin for WordPress 5.0.x < 5.0.4 Authentication Bypass : undefined
114039 WooCommerce Payments Plugin for WordPress 4.9.x < 4.9.1 Authentication Bypass : undefined
114040 WooCommerce Payments Plugin for WordPress 4.8.x < 4.8.2 Authentication Bypass : undefined
114041 Strapi Cognito Provider Authentication Bypass : undefined
114042 Adobe ColdFusion Remote Code Execution : undefined
114043 Adobe ColdFusion Improper Access Control : undefined
114064 MediaWiki Status Module Information Disclosure : undefined
114089 Pimcore User Enumeration : undefined
114099 Microsoft SharePoint Server 2019 build < 16.0.10399.20005 Elevation of Privilege : undefined
114108 Strapi < 4.8.0 Private Fields Sensitive Information Disclosure : undefined
114116 XML Injection : undefined
114117 OwnCloud graphapi 0.2.x < 0.2.1 / 0.3.x < 0.3.1 Sensitive Informations Disclosure : undefined
114122 Appwrite Server-Side Request Forgery : undefined
114123 Atlassian Confluence 4.x < 7.19.17 Template Injection : undefined
114124 Atlassian Confluence 8.x < 8.4.5 Template Injection : undefined
114125 Atlassian Confluence 8.5.x < 8.5.4 Template Injection : undefined
114126 Atlassian Confluence 8.6.x < 8.6.2 Template Injection : undefined
114127 Atlassian Confluence 8.7.x < 8.7.1 Template Injection : undefined
114128 External Backend API Detected : undefined
114129 Generic Secret Disclosure : undefined
114134 HTML/CSS Injection : undefined
114141 Backup Migration Plugin for WordPress < 1.3.8 Remote Code Execution : undefined
115540 Cookie Without SameSite Flag Detected : undefined
98000 Scan Information : undefined
98008 Web Application Firewall Detected : undefined
98034 Login Form Authentication Failed : undefined
98035 Login Form Authentication Succeeded : undefined
98047 Allowed HTTP Methods : undefined
98054 Unvalidated Redirection : undefined
98056 Missing HTTP Strict Transport Security Policy : undefined
98057 Insecure 'Access-Control-Allow-Origin' Header : undefined
98060 Missing 'X-Frame-Options' Header : undefined
98062 Cookie Set For Parent Domain : undefined
98063 Cookie Without HttpOnly Flag Detected : undefined
98064 Cookie Without Secure Flag Detected : undefined
98067 Insecure Cross-Domain Policy (allow-access-from) : undefined
98068 Insecure Cross-Domain Policy (allow-http-request-headers-from) : undefined
98070 Common Administration Interfaces Detection : undefined
98071 Common Files Detection : undefined
98072 Common Directories Detection : undefined
98074 Backup File : undefined
98077 Private IP Address Disclosure : undefined
98080 Form-based File Upload : undefined
98083 CAPTCHA Detection : undefined
98084 Directory Listing : undefined
98091 Mixed Resource Detection : undefined
98095 Misconfiguration in LIMIT directive of .htaccess file : undefined
98097 Backdoor Detection : undefined
98099 Publicly writable directory : undefined
98100 Path Traversal : undefined
98101 Response Splitting : undefined
98104 Cross-Site Scripting (XSS) : undefined
98107 Cross-Site Scripting (XSS) in path : undefined
98109 DOM-based Cross-Site Scripting (XSS) : undefined
98110 DOM-based Cross-Site Scripting (XSS) in attribute context : undefined
98112 Cross-Site Request Forgery : undefined
98113 XML External Entity : undefined
98114 XPath Injection : undefined
98115 SQL Injection : undefined
98117 Blind SQL Injection (differential analysis) : undefined
98119 Blind NoSQL Injection (differential analysis) : undefined
98123 Operating System Command Injection : undefined
98125 Local File Inclusion : undefined
98136 Target Information : undefined
98139 Cookie Authentication Succeeded : undefined
98140 Cookie Authentication Failed : undefined
98141 Selenium Authentication Succeeded : undefined
98142 Selenium Authentication Failed : undefined
98143 Selenium Crawl Succeeded : undefined
98145 Selenium Crawl Failed : undefined
98146 Password Submitted Using GET Method : undefined
98200 Drupal Administration Panel Login Form Detected : undefined
98201 Drupal User Registration Form Detected : undefined
98202 WordPress User Registration Form Detected : undefined
98205 Joomla! User Registration Form Detected : undefined
98209 Drupal User Enumeration : undefined
98227 WordPress Unsupported Version : undefined
98228 Drupal Unsupported Version : undefined
98229 Joomla! Unsupported Version : undefined
98230 PHP Unsupported Version : undefined
98231 Apache Unsupported Version : undefined
98232 Apache Tomcat Unsupported Version : undefined
98237 MediaElement.js < 2.11.2 Cross-Site Scripting : undefined
98398 JK Status Manager Information Disclosure : undefined
98526 Missing Permissions Policy : undefined
98527 Missing Referrer Policy : undefined
98538 Environment Configuration File Detected : undefined
98607 Ultimate Member Plugin for WordPress < 2.0.46 Multiple Vulnerabilities : undefined
98611 Error Message : undefined
98618 HTTP Header Information Disclosure : undefined
98623 Host Header Injection : undefined
98642 Magento Administration Panel Login Form Detected : undefined
98646 .DS_Store File Detected : undefined
98648 Missing 'Content-Type' Header : undefined
98679 Webmin < 1.730 Read Mail Symlink Vulnerability : undefined
98703 Magento API Anonymous Access : undefined
98715 Permissive HTTP Strict Transport Security Policy Detected : undefined
98779 Source Code Passive Disclosure : undefined
98920 Disclosed US Social Security Number : undefined
98950 Nginx < 1.4.1 ngx_http_proxy_module.c Multiple Vulnerabilities : undefined
98951 Nginx < 1.2.9 ngx_http_proxy_module.c Multiple Vulnerabilities : undefined
98952 Nginx < 1.5.7 ngx_parse_http Security Bypass : undefined
98953 Nginx < 1.4.4 ngx_parse_http Security Bypass : undefined
98957 Nginx < 1.7.4 SMTP STARTTLS Command Injection : undefined
98958 Nginx < 1.6.1 SMTP STARTTLS Command Injection : undefined
98959 Nginx < 1.7.5 SSL Session Reuse : undefined
98960 Nginx < 1.6.2 SSL Session Reuse : undefined
98994 Kentico CMS < 9.0.51 / 10.x < 10.0.48 Access Control Bypass : undefined
98995 Kentico CMS 8.2.x < 8.2.41 Open Redirect : undefined
98996 Kentico CMS < 9.0.51 Cross-Site Scripting : undefined
98997 Kentico CMS 9.x < 10.0.52 / 11.0.x < 11.0.48 / 12.0.x < 12.0.15 Remote Code Execution : undefined

New

114115 HTTP NTLM Information Disclosure : undefined
114130 WordPress 6.4.x < 6.4.2 Remote Code Execution : undefined
114131 SAP NetWeaver DI Server-Side Request Forgery : undefined
114132 JavaScript Source Map Detected : undefined
114133 SAP ICF Open-Redirect : undefined
114135 Input Reflected : undefined
114136 Bearer Token Authentication Detected : undefined
114137 NTLM Authentication Detected : undefined
114138 Digest Authentication Detected : undefined
114139 Joomla! 5.x < 5.0.1 Information Disclosure : undefined
114140 Joomla! 1.6.x < 4.4.1 Information Disclosure : undefined

Web App Scanning Plugin Feed 202312111146

Feed built over 2 years ago

Modified Detection

112569 OpenAPI Import Success : undefined
112570 OpenAPI Import Failed : undefined
114128 External Backend API Detected : undefined
114129 Generic Secret Disclosure : undefined
115540 Cookie Without SameSite Flag Detected : undefined
98062 Cookie Set For Parent Domain : undefined
98063 Cookie Without HttpOnly Flag Detected : undefined
98064 Cookie Without Secure Flag Detected : undefined

New

114115 HTTP NTLM Information Disclosure : undefined
114130 WordPress 6.4.x < 6.4.2 Remote Code Execution : undefined
114131 SAP NetWeaver DI Server-Side Request Forgery : undefined

Web App Scanning Plugin Feed 202312061345

Feed built over 2 years ago

Modified Detection

112615 OpenAPI File Detected : undefined
113059 OPcache UI Detected : undefined
113310 Blind XPath Injection (differential analysis) : undefined
113520 Kibana 7.14.0 HTML Injection : undefined
113521 Kibana 7.10.2 < 7.14.1 Code Execution : undefined
113522 Kibana 7.9.0 < 7.14.1 Path Traversal : undefined
113550 Zoho ManageEngine SAML SSO Remote Code Execution : undefined
114117 OwnCloud graphapi 0.2.x < 0.2.1 / 0.3.x < 0.3.1 Sensitive Informations Disclosure : undefined
114122 Appwrite Server-Side Request Forgery : undefined
114123 Atlassian Confluence 4.x < 7.19.17 Template Injection : undefined
114124 Atlassian Confluence 8.x < 8.4.5 Template Injection : undefined
114125 Atlassian Confluence 8.5.x < 8.5.4 Template Injection : undefined
114126 Atlassian Confluence 8.6.x < 8.6.2 Template Injection : undefined
114127 Atlassian Confluence 8.7.x < 8.7.1 Template Injection : undefined
98117 Blind SQL Injection (differential analysis) : undefined
98119 Blind NoSQL Injection (differential analysis) : undefined
98203 WordPress User Enumeration : undefined
98936 Joomla! 2.5.x < 3.9.14 Multiple Vulnerabilities : undefined

New

114118 OwnCloud 10.6.x < 10.13.1 WebDav Authentication Bypass : undefined
114119 Apache Tomcat 10.1.0-M1 < 10.1.16 Request Smuggling : undefined
114120 Apache Tomcat 9.0.0-M1 < 9.0.83 Request Smuggling : undefined
114121 Apache Tomcat 8.5.x < 8.5.96 Request Smuggling : undefined

Web App Scanning Plugin Feed 202312010605

Feed built over 2 years ago

Modified Detection

113136 Wordpress Administration Panel Login Form Bruteforced : undefined
114116 XML Injection : undefined
114117 OwnCloud graphapi 0.2.x < 0.2.1 / 0.3.x < 0.3.1 Sensitive Informations Disclosure : undefined
98113 XML External Entity : undefined
98129 Credit Card Number Disclosure : undefined
98780 Java Object Deserialization : undefined

New

114114 WS_FTP Server Remote Code Execution : undefined

Web App Scanning Plugin Feed 202311220755

Feed built over 2 years ago

Modified Detection

98084 Directory Listing : undefined
98098 Source Code Disclosure : undefined
98143 Selenium Crawl Succeeded : undefined
98145 Selenium Crawl Failed : undefined
98212 WordPress Directory Listing : undefined
98213 Drupal Directory Listing : undefined
98214 Joomla! Directory Listing : undefined
98986 Magento Directory Listing : undefined

New

114111 SAP NetWeaver KW Reflected Cross-Site Scripting : undefined
114113 Keycloak Reflected Cross-Site Scripting : undefined

Web App Scanning Plugin Feed 202311170804

Feed built over 2 years ago

Modified Detection

112798 Session Cookies Detected : undefined
112804 phpBB User Enumeration : undefined
112809 GraphQL API Detected : undefined
113393 Performance Telemetry : undefined
98000 Scan Information : undefined
98007 URI Blocked Due to Exclusion Rule : undefined
98008 Web Application Firewall Detected : undefined
98009 Web Application Sitemap : undefined
98019 Network Timeout Encountered : undefined
98047 Allowed HTTP Methods : undefined
98059 Technologies Detected : undefined
98061 Cookies Collected : undefined
98077 Private IP Address Disclosure : undefined
98078 E-mail Address Disclosure : undefined
98111 DOM Elements Excluded : undefined
98208 Joomla! User Enumeration : undefined
98209 Drupal User Enumeration : undefined
98671 CVS Entries Detected : undefined
98772 Fetch/XHR Detected : undefined

New

114110 Atlassian SAML Single Sign-On Bypass : undefined
114112 SysAid On-Premise < 23.3.36 Path Traversal : undefined

Web App Scanning Plugin Feed 202311150725

Feed built over 2 years ago

Modified Detection

112476 Prototype < 1.6.0.2 Cross-Site Ajax Request : undefined
112697 JSON Web Token Weak Secret : undefined
113900 Cross-Site Request Forgery Token Validation Bypass : undefined
113987 PHP 8.1.x < 8.1.22 Multiple Vulnerabilities : undefined
113988 PHP 8.0.x < 8.0.30 Multiple Vulnerabilities : undefined
114007 PHP 8.2.x < 8.2.9 Multiple Vulnerabilities : undefined
114055 Simple Membership Plugin For WordPress < 4.3.6 Reflected Cross-Site Scripting : undefined
114090 Apache 2.4.x < 2.4.58 Multiple Vulnerabilities : undefined
114092 Royal Elementor Addons and Templates Plugin for WordPress < 1.3.79 Arbitrary File Upload : undefined
114101 Atlassian Confluence 7.x < 7.19.16 Improper Authorization : undefined
114102 Atlassian Confluence 8.x < 8.3.4 Improper Authorization : undefined
114103 Atlassian Confluence 8.4.x < 8.4.4 Improper Authorization : undefined
114104 Atlassian Confluence 8.5.x < 8.5.3 Improper Authorization : undefined
114105 Atlassian Confluence 8.6.x < 8.6.1 Improper Authorization : undefined
114108 Strapi < 4.8.0 Private Fields Sensitive Information Disclosure : undefined
98806 PHP 5.6.x < 5.6.14 Multiple Vulnerabilities : undefined

New

114106 ServiceNow Widgets Data Exposure : undefined
114107 Metabase GeoJSON Remote Code Execution : undefined
114109 Atlassian Confluence Improper Authorization : undefined

Web App Scanning Plugin Feed 202311071717

Feed built over 2 years ago

Modified Detection

113224 Kerberos Authentication Succeeded : undefined
113225 Kerberos Authentication Failed : undefined
114056 Atlassian Confluence 8.x < 8.3.3 Privilege Escalation : undefined
114057 Atlassian Confluence 8.4.x < 8.4.3 Privilege Escalation : undefined
114058 Atlassian Confluence 8.5.x < 8.5.2 Privilege Escalation : undefined
114101 Atlassian Confluence 7.x < 7.19.16 Improper Authorization : undefined
114102 Atlassian Confluence 8.x < 8.3.4 Improper Authorization : undefined
114103 Atlassian Confluence 8.4.x < 8.4.4 Improper Authorization : undefined
114104 Atlassian Confluence 8.5.x < 8.5.3 Improper Authorization : undefined
114105 Atlassian Confluence 8.6.x < 8.6.1 Improper Authorization : undefined
98779 Source Code Passive Disclosure : undefined

Web App Scanning Plugin Feed 202310301031

Feed built over 2 years ago

Modified Detection

113987 PHP 8.1.x < 8.1.22 Multiple Vulnerabilities : undefined
113988 PHP 8.0.x < 8.0.30 Multiple Vulnerabilities : undefined
114007 PHP 8.2.x < 8.2.9 Multiple Vulnerabilities : undefined
114012 Prometheus Sensitive Endpoint Detected : undefined
114056 Atlassian Confluence 8.x < 8.3.3 Privilege Escalation : undefined
114057 Atlassian Confluence 8.4.x < 8.4.3 Privilege Escalation : undefined
114058 Atlassian Confluence 8.5.x < 8.5.2 Privilege Escalation : undefined
114060 Apache Tomcat 11.0.0-M1 < 11.0.0-M12 Multiple Vulnerabilities : undefined
114061 Apache Tomcat 10.1.0-M1 < 10.1.14 Multiple Vulnerabilities : undefined
114062 Apache Tomcat 9.0.70 < 9.0.81 Multiple Vulnerabilities : undefined
114063 Apache Tomcat 8.5.85 < 8.5.94 Multiple Vulnerabilities : undefined
114099 Microsoft SharePoint Server 2019 build < 16.0.10399.20005 Elevation of Privilege : undefined
98779 Source Code Passive Disclosure : undefined
98806 PHP 5.6.x < 5.6.14 Multiple Vulnerabilities : undefined
98828 PHP 5.6.x < 5.6.5 Multiple Vulnerabilities : undefined
98831 PHP 5.6.x < 5.6.8 Multiple Vulnerabilities : undefined
98901 Apache 2.4.x < 2.4.3 Multiple Vulnerabilities : undefined
98959 Nginx < 1.7.5 SSL Session Reuse : undefined
98960 Nginx < 1.6.2 SSL Session Reuse : undefined

New

114098 Sitecore Remote Code Execution : undefined
114100 Citrix Gateway / ADC Sensitive Information Exposure : undefined

Web App Scanning Plugin Feed 202310250932

Feed built over 2 years ago

Modified Detection

114065 Pimcore Administration Panel Login Form Detected : undefined
114066 WordPress 4.1.x < 4.1.39 Multiple Vulnerabilities : undefined
114067 WordPress 4.2.x < 4.2.36 Multiple Vulnerabilities : undefined
114068 WordPress 4.3.x < 4.3.32 Multiple Vulnerabilities : undefined
114069 WordPress 4.4.x < 4.4.31 Multiple Vulnerabilities : undefined
114070 WordPress 4.5.x < 4.5.30 Multiple Vulnerabilities : undefined
114071 WordPress 4.6.x < 4.6.27 Multiple Vulnerabilities : undefined
114072 WordPress 4.7.x < 4.7.27 Multiple Vulnerabilities : undefined
114073 WordPress 4.8.x < 4.8.23 Multiple Vulnerabilities : undefined
114074 WordPress 4.9.x < 4.9.24 Multiple Vulnerabilities : undefined
114075 WordPress 5.0.x < 5.0.20 Multiple Vulnerabilities : undefined
114076 WordPress 5.1.x < 5.1.17 Multiple Vulnerabilities : undefined
114077 WordPress 5.2.x < 5.2.19 Multiple Vulnerabilities : undefined
114078 WordPress 5.3.x < 5.3.16 Multiple Vulnerabilities : undefined
114079 WordPress 5.4.x < 5.4.14 Multiple Vulnerabilities : undefined
114080 WordPress 5.5.x < 5.5.13 Multiple Vulnerabilities : undefined
114081 WordPress 5.6.x < 5.6.12 Multiple Vulnerabilities : undefined
114082 WordPress 5.7.x < 5.7.10 Multiple Vulnerabilities : undefined
114083 WordPress 5.8.x < 5.8.8 Multiple Vulnerabilities : undefined
114084 WordPress 5.9.x < 5.9.8 Multiple Vulnerabilities : undefined
114085 WordPress 6.0.x < 6.0.6 Multiple Vulnerabilities : undefined
114086 WordPress 6.1.x < 6.1.4 Multiple Vulnerabilities : undefined
114087 WordPress 6.2.x < 6.2.3 Multiple Vulnerabilities : undefined
114088 WordPress 6.3.x < 6.3.2 Multiple Vulnerabilities : undefined
114089 Pimcore User Enumeration : undefined
114090 Apache 2.4.x < 2.4.58 Multiple Vulnerabilities : undefined
114092 Royal Elementor Addons and Templates Plugin for WordPress < 1.3.79 Arbitrary File Upload : undefined
114093 HandlebarsJS < 4.7.7 Multiple Vulnerabilities : undefined
114094 HandlebarsJS 4.x < 4.5.5 Regular Expression Denial Of Service : undefined
114095 HandlebarsJS < 3.0.8 Arbitrary Code Execution : undefined
114096 HandlebarsJS 4.x < 4.5.3 Arbitrary Code Execution : undefined
114097 HandlebarsJS < 4.3.0 Prototype Pollution : undefined
98115 SQL Injection : undefined
98203 WordPress User Enumeration : undefined

New

114091 WordPress WPEngine Configuration Detected : undefined

Web App Scanning Plugin Feed 202310170831

Feed built over 2 years ago

Modified Detection

112290 Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities : undefined
112295 Apache Tomcat 9.0.0.M1 < 9.0.0.M22 Multiple Vulnerabilities : undefined
112353 ASP.NET DEBUG Method Enabled : undefined
112354 lighttpd < 1.4.28 Insecure Temporary File Creation : undefined
112358 lighttpd < 1.4.35 Multiple Vulnerabilities : undefined
112439 Server-Side Request Forgery : undefined
112476 Prototype < 1.6.0.2 Cross-Site Ajax Request : undefined
112501 Sitefinity < 10.0.6412.0 Multiple Vulnerabilities : undefined
112520 Magento Unsupported Version : undefined
112524 Oracle WebLogic WSAT Remote Code Execution : undefined
112529 Missing 'X-Content-Type-Options' Header : undefined
112541 SSL/TLS Certificate Common Name Mismatch : undefined
112543 HTTPS Not Detected : undefined
112544 HTTP to HTTPS Redirect Not Enabled : undefined
112545 Oracle WebLogic Server Administration Console Detected : undefined
112551 Missing Content Security Policy : undefined
112552 Deprecated Content Security Policy : undefined
112553 Missing 'Cache-Control' Header : undefined
112554 Permissive Content Security Policy Detected : undefined
112582 Microsoft SharePoint Server 2016 < 16.0.5056.1001 Multiple Vulnerabilities : undefined
112583 Microsoft SharePoint Server 2019 < 16.0.10366.12106 Multiple Vulnerabilities : undefined
112584 Microsoft SharePoint Server 2013 < 15.0.5275.1001 Multiple Vulnerabilities : undefined
112585 Microsoft SharePoint Server 2010 < 14.0.7260.5000 Multiple Vulnerabilities : undefined
112586 Microsoft SharePoint Server 2016 < 16.0.5044.1000 Multiple Vulnerabilities : undefined
112587 Microsoft SharePoint Server 2013 < 15.0.5267.1000 Multiple Vulnerabilities : undefined
112588 Microsoft SharePoint Server 2019 < 16.0.10364.20001 Multiple Vulnerabilities : undefined
112589 Microsoft SharePoint Server 2010 < 14.0.7256.5000 Multiple Vulnerabilities : undefined
112673 Resin < 4.0.40 Incorrect Unicode Transformations : undefined
112685 Symfony Secret Fragments Remote Code Execution : undefined
112697 JSON Web Token Weak Secret : undefined
112703 JSON Web Token None Hashing Algorithm : undefined
112704 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 Remote Code Execution : undefined
112705 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 / 12.2.1.4.0 / 14.1.1.0.0 Authentication Bypass : undefined
112706 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 / 12.2.1.3.0 Remote Code Execution : undefined
112719 Client-Side Prototype Pollution : undefined
112720 Rails < 4.2.11.3 / 5.x < 5.0.1 Remote Code Execution : undefined
112726 Apache Struts 2.3.5 < 2.3.32 / 2.5.x < 2.5.10.1 Remote Code Execution (S2-045 / S2-046) : undefined
112727 Apache Struts 2.0.4 < 2.3.35 / 2.5.x < 2.5.17 Remote Code Execution (S2-057) : undefined
112730 Microsoft SharePoint Server 2016 < 16.0.5095.1000 Multiple Vulnerabilities : undefined
112731 Microsoft SharePoint Server 2019 < 16.0.10369.20000 Multiple Vulnerabilities : undefined
112732 Microsoft SharePoint Server 2010 < 14.0.7263.5000 Multiple Vulnerabilities : undefined
112733 Microsoft SharePoint Server 2010 < 14.0.7262.5000 Multiple Vulnerabilities : undefined
112734 Microsoft SharePoint Server 2019 < 16.0.10368.20022 Multiple Vulnerabilities : undefined
112735 Microsoft SharePoint Server 2013 < 15.0.5293.1000 Multiple Vulnerabilities : undefined
112736 Microsoft SharePoint Server 2016 < 16.0.5083.1000 Multiple Vulnerabilities : undefined
112737 Microsoft SharePoint Server 2010 < 14.0.7261.5000 Multiple Vulnerabilities : undefined
112738 Microsoft SharePoint Server 2019 < 16.0.10367.20000 Multiple Vulnerabilities : undefined
112739 Microsoft SharePoint Server 2016 < 16.0.5071.1000 Multiple Vulnerabilities : undefined
112740 Microsoft SharePoint Server 2013 < 15.0.5285.1000 Multiple Vulnerabilities : undefined
112741 Apache Struts 2.x < 2.3.15.1 Remote Code Execution (S2-016) : undefined
112742 Apache Struts 2 < 2.3.29 DevMode Remote Code Execution : undefined
112760 Apache Struts 2 Demo Application Detected : undefined
112762 Apache Struts 2 < 2.3.33 Remote Code Execution (S2-048) : undefined
112763 Apache Struts 2.1.6 < 2.3.34 / 2.5 < 2.5.13 Remote Code Execution (S2-052) : undefined
112804 phpBB User Enumeration : undefined
112920 GraphQL Cross-Site Request Forgery : undefined
112926 Microsoft SharePoint Server 2019 < 16.0.10376.20001 Multiple Vulnerabilities : undefined
112927 Microsoft SharePoint Server 2016 < 16.0.5188.1000 Multiple Vulnerabilities : undefined
112928 Microsoft SharePoint Server 2013 < 15.0.5363.1000 Multiple Vulnerabilities : undefined
112940 Microsoft SharePoint Server 2019 < 16.0.10370.20001 Multiple Vulnerabilities : undefined
112941 Microsoft SharePoint Server 2016 < 16.0.5110.1000 Multiple Vulnerabilities : undefined
112942 Microsoft SharePoint Server 2010 < 14.0.7264.5000 Multiple Vulnerabilities : undefined
112943 Microsoft SharePoint Server 2013 < 15.0.5311.1000 Multiple Vulnerabilities : undefined
113029 Microsoft IIS Unsupported Version : undefined
113057 Microsoft Exchange Server Autodiscover Cross-Site Scripting : undefined
113058 Apache 2.4.10 < 2.4.44 Source Code Disclosure : undefined
113059 OPcache UI Detected : undefined
113067 Basic Authentication Bruteforced : undefined
113075 Apache Log4j Remote Code Execution (Log4Shell) : undefined
113078 AngularJS Unsupported Version : undefined
113088 Microsoft SharePoint Server 2019 < 16.0.10377.20001 Multiple Vulnerabilities : undefined
113089 Microsoft SharePoint Server 2013 < 15.0.5371.1000 Multiple Vulnerabilities : undefined
113090 Microsoft SharePoint Server 2016 < 16.0.5200.1000 Multiple Vulnerabilities : undefined
113117 Magento Administration Panel Login Form Bruteforced : undefined
113123 Dockerfile Detected : undefined
113136 Wordpress Administration Panel Login Form Bruteforced : undefined
113150 Google Cloud Service Account Private Key Disclosure (deprecated) : undefined
113158 Package Dependencies Detected : undefined
113164 AWS Credentials Disclosure (deprecated) : undefined
113165 Apache mod_negotiation Alternative Filename Disclosure : undefined
113168 Docker Compose Configuration Detected : undefined
113211 HTTP Verb Tampering : undefined
113217 Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell) : undefined
113242 Java Psychic Signatures : undefined
113258 OpenAPI Permissive Input Validation : undefined
113338 Web Cache Poisoning : undefined
113369 BackupBuddy Plugin for WordPress < 8.7.5 Arbitrary File Read : undefined
113373 Atlassian Bitbucket Remote Code Execution : undefined
113420 Nginx < 1.22.1 Multiple Vulnerabilities : undefined
113421 Nginx 1.23.x < 1.23.2 Multiple Vulnerabilities : undefined
113448 Microsoft Access Database Detected : undefined
113458 Yoast SEO Plugin for WordPress < 1.5.7 Multiple Vulnerabilities : undefined
113459 Yoast SEO Plugin for WordPress 1.6.x < 1.6.4 Multiple Vulnerabilities : undefined
113460 Yoast SEO Plugin for WordPress 1.7.x < 1.7.4 Multiple Vulnerabilities : undefined
113467 WP DBManager Plugin for WordPress < 2.7.2 Multiple Vulnerabilities : undefined
113472 WP EasyCart Plugin for WordPress < 3.0.9 Unrestricted File Upload : undefined
113473 WP Photo Album Plus Plugin for WordPress < 6.1.3 Multiple Cross-Site Scripting : undefined
113474 WP-Print Plugin for WordPress < 2.52 Cross-Site Request Forgery : undefined
113475 WP eCommerce Plugin for WordPress < 3.8.7.6 SQL Injection : undefined
113476 WP-PostViews Plugin for WordPress < 1.63 Cross-Site Request Forgery : undefined
113478 All In One WP Security & Firewall Plugin for WordPress < 3.8.8 SQL Injection : undefined
113479 All In One WP Security & Firewall Plugin for WordPress < 3.8.3 Multiple SQL Injection : undefined
113488 Advanced Dewplayer Plugin for WordPress < 1.3 Path Traversal : undefined
113489 WordPress Classifieds Plugin Plugin for WordPress < 3.0 SQL Injection : undefined
113490 WordPress Mobile Pack Plugin for WordPress < 2.0.2 Sensitive Information Disclosure : undefined
113491 WP Easy Post Types Plugin for WordPress < 1.4.4 Cross-Site Scripting : undefined
113492 Apptha WordPress Video Gallery Plugin for WordPress < 2.8.0 SQL Injection : undefined
113493 Cross-RSS Plugin for WordPress Arbitrary Files Read : undefined
113494 WP Ultimate Email Marketer Plugin for WordPress Multiple Vulnerabilities : undefined
113495 WP Cron Dashboard Plugin for WordPress < 1.1.6 Cross-Site Scripting : undefined
113496 WP RESTful Plugin for WordPress Multiple Cross-Site Scripting : undefined
113497 Social Invitations Plugin for WordPress < 1.4.4.3 Cross-Site Scripting : undefined
113498 WP e-Commerce Shop Styling Plugin for WordPress < 1.8 Code Injection : undefined
113499 WP Symposium Plugin for WordPress < 15.8 SQL Injection : undefined
113503 WordPress < 2.1 Cross-Site Request Forgery : undefined
113504 Slimstat Analytics Plugin for WordPress < 3.9.2 Cross-site Scripting : undefined
113520 Kibana 7.14.0 HTML Injection : undefined
113521 Kibana 7.10.2 < 7.14.1 Code Execution : undefined
113522 Kibana 7.9.0 < 7.14.1 Path Traversal : undefined
113545 Apache 2.4.x < 2.4.55 Multiple Vulnerabilities : undefined
113550 Zoho ManageEngine SAML SSO Remote Code Execution : undefined
113580 Web Cache Deception : undefined
113584 Joomla! 4.0.0 < 4.2.8 Broken Access Control : undefined
113715 Atlassian Jira < 3.13.1 Cross-Site Scripting : undefined
113816 Atlassian Jira < 6.0.4 Directory Traversal In Issue Collector : undefined
113817 Atlassian Jira < 6.0.5 Multiple Vulnerabilities : undefined
113818 Atlassian Jira < 3.7.1 Giffy Plugin Arbitrary File Read : undefined
113819 Atlassian Jira < 6.4.3.1 / 6.5.x < 6.5.0.2 / 7.x < 7.0.3 Software Tempo Plugin Xml Denial Of Service : undefined
113820 Atlassian Jira 6.5.x < 6.5.0.2 Software Tempo Plugin Xml Denial Of Service : undefined
113821 Atlassian Jira 7.x < 7.0.3 Software Tempo Plugin Xml Denial Of Service : undefined
113823 Atlassian Jira < 3.12.1 Xss In 500 Page : undefined
113838 WooCommerce Payments Plugin for WordPress 5.6.x < 5.6.2 Authentication Bypass : undefined
113853 Customer Reviews for WooCommerce Plugin for WordPress < 5.17.0 Cross-Site Scripting : undefined
113855 GiveWP Plugin for WordPress < 2.24.1 SQL Injection : undefined
113871 DotNetNuke User Enumeration : undefined
113900 Cross-Site Request Forgery Token Validation Bypass : undefined
113904 Sitecore Unauthenticated User Enumeration : undefined
113906 Advanced Custom Fields for WordPress 6.0.x < 6.1.6 Cross-Site Scripting : undefined
113908 Advanced Custom Fields Pro for WordPress 6.0.x < 6.1.6 Cross-Site Scripting : undefined
113938 CA SiteMinder WebAgent Cross-Site Scripting : undefined
113943 Disclosed Hong Kong Identity Number : undefined
113959 GeoServer SQL Injection : undefined
113987 PHP 8.1.x < 8.1.22 Multiple Vulnerabilities : undefined
113988 PHP 8.0.x < 8.0.30 Multiple Vulnerabilities : undefined
114006 Web Cache Poisoning Denial of Service : undefined
114007 PHP 8.2.x < 8.2.9 Multiple Vulnerabilities : undefined
114012 Prometheus Sensitive Endpoint Detected : undefined
114026 WP EasyCart Plugin for WordPress < 2.0.6 Sensitive Information Disclosure : undefined
114027 WP Fastest Cache Plugin for WordPress < 1.1.3 Multiple Vulnerabilities : undefined
114031 WooCommerce Payments Plugin for WordPress 6.3.x < 6.3.2 Authentication Bypass : undefined
114032 WooCommerce Payments Plugin for WordPress 6.2.x < 6.2.2 Authentication Bypass : undefined
114033 WooCommerce Payments Plugin for WordPress 5.5.x < 5.5.2 Authentication Bypass : undefined
114034 WooCommerce Payments Plugin for WordPress 5.4.x < 5.4.1 Authentication Bypass : undefined
114035 WooCommerce Payments Plugin for WordPress 5.3.x < 5.3.1 Authentication Bypass : undefined
114036 WooCommerce Payments Plugin for WordPress 5.2.x < 5.2.2 Authentication Bypass : undefined
114037 WooCommerce Payments Plugin for WordPress 5.1.x < 5.1.3 Authentication Bypass : undefined
114038 WooCommerce Payments Plugin for WordPress 5.0.x < 5.0.4 Authentication Bypass : undefined
114039 WooCommerce Payments Plugin for WordPress 4.9.x < 4.9.1 Authentication Bypass : undefined
114040 WooCommerce Payments Plugin for WordPress 4.8.x < 4.8.2 Authentication Bypass : undefined
114041 Strapi Cognito Provider Authentication Bypass : undefined
114042 Adobe ColdFusion Remote Code Execution : undefined
114043 Adobe ColdFusion Improper Access Control : undefined
114047 Drupal 10.1.x < 10.1.4 Cache Poisoning : undefined
114048 Drupal 10.0.x < 10.0.11 Cache Poisoning : undefined
114049 Drupal 8.7.x < 9.5.11 Cache Poisoning : undefined
114055 Simple Membership Plugin For WordPress < 4.3.6 Reflected Cross-Site Scripting : undefined
114056 Atlassian Confluence 8.x < 8.3.3 Privilege Escalation : undefined
114057 Atlassian Confluence 8.4.x < 8.4.3 Privilege Escalation : undefined
114058 Atlassian Confluence 8.5.x < 8.5.2 Privilege Escalation : undefined
114060 Apache Tomcat 11.0.0-M1 < 11.0.0-M12 Multiple Vulnerabilities : undefined
114061 Apache Tomcat 10.1.0-M1 < 10.1.14 Multiple Vulnerabilities : undefined
114062 Apache Tomcat 9.0.70 < 9.0.81 Multiple Vulnerabilities : undefined
114063 Apache Tomcat 8.5.85 < 8.5.94 Multiple Vulnerabilities : undefined
114064 MediaWiki Status Module Information Disclosure : undefined
114065 Pimcore Administration Panel Login Form Detected : undefined
115540 Cookie Without SameSite Flag Detected : undefined
98054 Unvalidated Redirection : undefined
98056 Missing HTTP Strict Transport Security Policy : undefined
98057 Insecure 'Access-Control-Allow-Origin' Header : undefined
98060 Missing 'X-Frame-Options' Header : undefined
98067 Insecure Cross-Domain Policy (allow-access-from) : undefined
98068 Insecure Cross-Domain Policy (allow-http-request-headers-from) : undefined
98074 Backup File : undefined
98084 Directory Listing : undefined
98091 Mixed Resource Detection : undefined
98095 Misconfiguration in LIMIT directive of .htaccess file : undefined
98097 Backdoor Detection : undefined
98098 Source Code Disclosure : undefined
98099 Publicly writable directory : undefined
98100 Path Traversal : undefined
98104 Cross-Site Scripting (XSS) : undefined
98107 Cross-Site Scripting (XSS) in path : undefined
98109 DOM-based Cross-Site Scripting (XSS) : undefined
98110 DOM-based Cross-Site Scripting (XSS) in attribute context : undefined
98112 Cross-Site Request Forgery : undefined
98113 XML External Entity : undefined
98129 Credit Card Number Disclosure : undefined
98146 Password Submitted Using GET Method : undefined
98200 Drupal Administration Panel Login Form Detected : undefined
98203 WordPress User Enumeration : undefined
98208 Joomla! User Enumeration : undefined
98209 Drupal User Enumeration : undefined
98212 WordPress Directory Listing : undefined
98213 Drupal Directory Listing : undefined
98214 Joomla! Directory Listing : undefined
98227 WordPress Unsupported Version : undefined
98228 Drupal Unsupported Version : undefined
98229 Joomla! Unsupported Version : undefined
98230 PHP Unsupported Version : undefined
98231 Apache Unsupported Version : undefined
98232 Apache Tomcat Unsupported Version : undefined
98237 MediaElement.js < 2.11.2 Cross-Site Scripting : undefined
98398 JK Status Manager Information Disclosure : undefined
98538 Environment Configuration File Detected : undefined
98607 Ultimate Member Plugin for WordPress < 2.0.46 Multiple Vulnerabilities : undefined
98618 HTTP Header Information Disclosure : undefined
98623 Host Header Injection : undefined
98642 Magento Administration Panel Login Form Detected : undefined
98646 .DS_Store File Detected : undefined
98648 Missing 'Content-Type' Header : undefined
98671 CVS Entries Detected : undefined
98679 Webmin < 1.730 Read Mail Symlink Vulnerability : undefined
98703 Magento API Anonymous Access : undefined
98715 Permissive HTTP Strict Transport Security Policy Detected : undefined
98779 Source Code Passive Disclosure : undefined
98780 Java Object Deserialization : undefined
98806 PHP 5.6.x < 5.6.14 Multiple Vulnerabilities : undefined
98828 PHP 5.6.x < 5.6.5 Multiple Vulnerabilities : undefined
98831 PHP 5.6.x < 5.6.8 Multiple Vulnerabilities : undefined
98901 Apache 2.4.x < 2.4.3 Multiple Vulnerabilities : undefined
98920 Disclosed US Social Security Number : undefined
98936 Joomla! 2.5.x < 3.9.14 Multiple Vulnerabilities : undefined
98950 Nginx < 1.4.1 ngx_http_proxy_module.c Multiple Vulnerabilities : undefined
98951 Nginx < 1.2.9 ngx_http_proxy_module.c Multiple Vulnerabilities : undefined
98952 Nginx < 1.5.7 ngx_parse_http Security Bypass : undefined
98953 Nginx < 1.4.4 ngx_parse_http Security Bypass : undefined
98957 Nginx < 1.7.4 SMTP STARTTLS Command Injection : undefined
98958 Nginx < 1.6.1 SMTP STARTTLS Command Injection : undefined
98959 Nginx < 1.7.5 SSL Session Reuse : undefined
98960 Nginx < 1.6.2 SSL Session Reuse : undefined
98986 Magento Directory Listing : undefined
98994 Kentico CMS < 9.0.51 / 10.x < 10.0.48 Access Control Bypass : undefined
98995 Kentico CMS 8.2.x < 8.2.41 Open Redirect : undefined
98996 Kentico CMS < 9.0.51 Cross-Site Scripting : undefined
98997 Kentico CMS 9.x < 10.0.52 / 11.0.x < 11.0.48 / 12.0.x < 12.0.15 Remote Code Execution : undefined

New

114059 Pimcore Admin Login Cross-Site Scripting : undefined

Web App Scanning Plugin Feed 202310060725

Feed built over 2 years ago

Modified Detection

112824 Atlassian Jira < 8.5.12 Cookie Without Secure Flag : undefined
112825 Atlassian Jira 8.6.x < 8.13.4 Cookie Without Secure Flag : undefined
112826 Atlassian Jira 8.14.x < 8.15.0 Cookie Without Secure Flag : undefined
112929 Microsoft SharePoint Server 2019 < 16.0.10375.20000 Multiple Vulnerabilities : undefined
112930 Microsoft SharePoint Server 2013 < 15.0.5353.1000 Multiple Vulnerabilities : undefined
112931 Microsoft SharePoint Server 2016 < 16.0.5173.1000 Multiple Vulnerabilities : undefined
113070 UAParser.js 0.7.29 Embedded Malware : undefined
113072 UAParser.js 1.0.0 Embedded Malware : undefined
113085 Microsoft SharePoint Server 2019 < 16.0.10379.20000 Multiple Vulnerabilities : undefined
113086 Microsoft SharePoint Server 2016 < 16.0.5227.1000 Multiple Vulnerabilities : undefined
113087 Microsoft SharePoint Server 2013 < 15.0.5389.1000 Multiple Vulnerabilities : undefined
113115 Adobe ColdFusion 11 < 11 Update 15 / 2016 < 2016 Update 7 / 2018 < 2018 Update 1 Arbitrary File Upload : undefined
113116 Adobe ColdFusion 2016 < 2016 Update 17 / 2018 < 2018 Update 11 / 2021 < 2021 Update 1 Cross-Site Scripting : undefined
113165 Apache mod_negotiation Alternative Filename Disclosure : undefined
113247 Google Web Toolkit Detected : undefined
113258 OpenAPI Permissive Input Validation : undefined
113430 Disclosed European Personal Data Number : undefined
113452 WordPress Plugins Detected : undefined
113545 Apache 2.4.x < 2.4.55 Multiple Vulnerabilities : undefined
113550 Zoho ManageEngine SAML SSO Remote Code Execution : undefined
113838 WooCommerce Payments Plugin for WordPress 5.6.x < 5.6.2 Authentication Bypass : undefined
113903 Adobe ColdFusion ComponentFilter Remote Code Execution : undefined
113987 PHP 8.1.x < 8.1.22 Multiple Vulnerabilities : undefined
113988 PHP 8.0.x < 8.0.30 Multiple Vulnerabilities : undefined
114006 Web Cache Poisoning Denial of Service : undefined
114007 PHP 8.2.x < 8.2.9 Multiple Vulnerabilities : undefined
114024 WP Data Access Plugin for WordPress < 5.3.8 Privilege Escalation : undefined
114030 CraftCMS 4.x < 4.4.15 Remote Code Execution : undefined
114031 WooCommerce Payments Plugin for WordPress 6.3.x < 6.3.2 Authentication Bypass : undefined
114032 WooCommerce Payments Plugin for WordPress 6.2.x < 6.2.2 Authentication Bypass : undefined
114033 WooCommerce Payments Plugin for WordPress 5.5.x < 5.5.2 Authentication Bypass : undefined
114034 WooCommerce Payments Plugin for WordPress 5.4.x < 5.4.1 Authentication Bypass : undefined
114035 WooCommerce Payments Plugin for WordPress 5.3.x < 5.3.1 Authentication Bypass : undefined
114036 WooCommerce Payments Plugin for WordPress 5.2.x < 5.2.2 Authentication Bypass : undefined
114037 WooCommerce Payments Plugin for WordPress 5.1.x < 5.1.3 Authentication Bypass : undefined
114038 WooCommerce Payments Plugin for WordPress 5.0.x < 5.0.4 Authentication Bypass : undefined
114039 WooCommerce Payments Plugin for WordPress 4.9.x < 4.9.1 Authentication Bypass : undefined
114040 WooCommerce Payments Plugin for WordPress 4.8.x < 4.8.2 Authentication Bypass : undefined
114041 Strapi Cognito Provider Authentication Bypass : undefined
114042 Adobe ColdFusion Remote Code Execution : undefined
114043 Adobe ColdFusion Improper Access Control : undefined
114044 Atlassian Confluence 7.13.15 < 7.13.19 Tomcat Dependancy Vulnerability : undefined
114047 Drupal 10.1.x < 10.1.4 Cache Poisoning : undefined
114048 Drupal 10.0.x < 10.0.11 Cache Poisoning : undefined
114049 Drupal 8.7.x < 9.5.11 Cache Poisoning : undefined
114055 Simple Membership Plugin For WordPress < 4.3.6 Reflected Cross-Site Scripting : undefined
114056 Atlassian Confluence 8.x < 8.3.3 Privilege Escalation : undefined
114057 Atlassian Confluence 8.4.x < 8.4.3 Privilege Escalation : undefined
114058 Atlassian Confluence 8.5.x < 8.5.2 Privilege Escalation : undefined
98070 Common Administration Interfaces Detection : undefined
98084 Directory Listing : undefined
98129 Credit Card Number Disclosure : undefined
98212 WordPress Directory Listing : undefined
98213 Drupal Directory Listing : undefined
98214 Joomla! Directory Listing : undefined
98784 WordPress 3.7.x < 3.7.32 Multiple Vulnerabilities : undefined
98785 WordPress 3.8.x < 3.8.32 Multiple Vulnerabilities : undefined
98786 WordPress 3.9.x < 3.9.30 Multiple Vulnerabilities : undefined
98787 WordPress 4.0.x < 4.0.29 Multiple Vulnerabilities : undefined
98788 WordPress 4.1.x < 4.1.29 Multiple Vulnerabilities : undefined
98789 WordPress 4.2.x < 4.2.26 Multiple Vulnerabilities : undefined
98790 WordPress 4.3.x < 4.3.22 Multiple Vulnerabilities : undefined
98791 WordPress 4.4.x < 4.4.21 Multiple Vulnerabilities : undefined
98792 WordPress 4.5.x < 4.5.20 Multiple Vulnerabilities : undefined
98793 WordPress 4.6.x < 4.6.17 Multiple Vulnerabilities : undefined
98794 WordPress 4.7.x < 4.7.16 Multiple Vulnerabilities : undefined
98795 WordPress 4.8.x < 4.8.12 Multiple Vulnerabilities : undefined
98796 WordPress 4.9.x < 4.9.13 Multiple Vulnerabilities : undefined
98797 WordPress 5.0.x < 5.0.8 Multiple Vulnerabilities : undefined
98798 WordPress 5.1.x < 5.1.4 Multiple Vulnerabilities : undefined
98799 WordPress 5.2.x < 5.2.5 Multiple Vulnerabilities : undefined
98885 WordPress 5.3.x < 5.3.1 Multiple Vulnerabilities : undefined
98986 Magento Directory Listing : undefined

New

113976 Simple Membership Plugin For WordPress < 4.0.9 Arbitary Member Deletion : undefined
114045 Atlassian Confluence 7.19.7 < 7.19.11 Tomcat Dependancy Vulnerabilty : undefined
114046 Atlassian Confluence 8.1.1 < 8.4.1 Tomcat Dependancy Vulnerabilty : undefined
114050 Simple Membership Plugin For WordPress < 4.1.0 Arbitary Transaction Deletion : undefined
114051 Simple Membership Plugin For WordPress < 4.1.1 Reflected Cross-Site Scripting : undefined
114052 Simple Membership Plugin For WordPress < 4.1.3 Multiple Vulnerabilities : undefined
114053 Simple Membership Plugin For WordPress < 4.2.2 Authenticated Cross-Site Scripting : undefined
114054 Simple Membership Plugin For WordPress < 4.3.5 Multiple Vulnerabilities : undefined

Web App Scanning Plugin Feed 202309200615

Feed built over 2 years ago

Modified Detection

113580 Web Cache Deception : undefined
113855 GiveWP Plugin for WordPress < 2.24.1 SQL Injection : undefined
114006 Web Cache Poisoning Denial of Service : undefined
114013 Download Manager Plugin for WordPress < 3.2.34 Multiple Vulnerabilities : undefined
114014 Easy WP SMTP Plugin for WordPress < 1.5.2 Multiple Vulnerabilities : undefined
114015 Events Manager Plugin for WordPress < 5.9.6 Stored Cross-Site Scripting : undefined
114016 Events Manager Plugin for WordPress < 5.9.5 Stored Cross-Site Scripting : undefined
114017 Everest Forms Plugin for WordPress < 1.8.0 Reflected Cross-Site Scripting : undefined
114018 GiveWP Plugin for WordPress < 2.3.1 Cross-Site Scripting : undefined
114019 WPBrigade LoginPress Plugin for WordPress < 1.6.3 Broken Access Control : undefined
114020 WPBrigade LoginPress Plugin for WordPress < 1.5.12 Reflected Cross-Site Scripting : undefined
114021 Ocean Extra Plugin for WordPress < 2.6.5 Insecure Deserialization : undefined
114022 WooCommerce PDF Invoices & Packing Slips Plugin for WordPress < 3.0.1 Reflected Cross-Site Scripting : undefined
114023 WooCommerce PDF Invoices & Packing Slips Plugin for WordPress < 2.10.5 Reflected Cross-Site Scripting : undefined
114024 WP Data Access Plugin for WordPress < 5.3.8 Privilege Escalation : undefined
114025 WP EasyCart Plugin for WordPress < 5.4.3 Local File Inclusions : undefined
114026 WP EasyCart Plugin for WordPress < 2.0.6 Sensitive Information Disclosure : undefined
114027 WP Fastest Cache Plugin for WordPress < 1.1.3 Multiple Vulnerabilities : undefined
114028 Backup and Staging by WP Time Capsule Plugin for WordPress < 1.21.16 Authentication Bypass : undefined
114029 Well-Known URIs Detected : undefined
114030 CraftCMS 4.x < 4.4.15 Remote Code Execution : undefined
98070 Common Administration Interfaces Detection : undefined
98129 Credit Card Number Disclosure : undefined

Web App Scanning Plugin Feed 202309110655

Feed built over 2 years ago

Modified Detection

114012 Prometheus Sensitive Endpoint Detected : undefined

Web App Scanning Plugin Feed 202309060822

Feed built over 2 years ago

Modified Detection

112805 JSONP Injection : undefined
113987 PHP 8.1.x < 8.1.22 Multiple Vulnerabilities : undefined
113988 PHP 8.0.x < 8.0.30 Multiple Vulnerabilities : undefined
114007 PHP 8.2.x < 8.2.9 Multiple Vulnerabilities : undefined
114008 Apache Tomcat 11.0.0-M1 < 11.0.0-M11 Open Redirect : undefined
114009 Apache Tomcat 10.1.0-M1 < 10.1.13 Open Redirect : undefined
114010 Apache Tomcat 9.0.0-M1 < 9.0.80 Open Redirect : undefined
114011 Apache Tomcat 8.5.x < 8.5.93 Open Redirect : undefined
98115 SQL Injection : undefined

Web App Scanning Plugin Feed 202308300900

Feed built over 2 years ago

Modified Detection

113162 MySQLjs SQL Injection Authentication Bypass : undefined
113337 NoSQL Injection Authentication Bypass : undefined
113338 Web Cache Poisoning : undefined
114006 Web Cache Poisoning Denial of Service : undefined

Web App Scanning Plugin Feed 202308290659

Feed built over 2 years ago

Modified Detection

112615 OpenAPI File Detected : undefined
112686 JSON Web Token Detected : undefined
112703 JSON Web Token None Hashing Algorithm : undefined
112808 Rails Mass Assignment : undefined
98103 Unvalidated DOM redirect : undefined
98109 DOM-based Cross-Site Scripting (XSS) : undefined
98110 DOM-based Cross-Site Scripting (XSS) in attribute context : undefined
98117 Blind SQL Injection (differential analysis) : undefined
98119 Blind NoSQL Injection (differential analysis) : undefined

New

113978 ActivityPub Username Enumeration : undefined

Web App Scanning Plugin Feed 202308091456

Feed built over 2 years ago

Modified Detection

112439 Server-Side Request Forgery : undefined
113338 Web Cache Poisoning : undefined
113634 Server-Side Inclusion Injection : undefined
113964 PHP 8.2.x < 8.2.7 Information Disclosure : undefined
113965 PHP 8.1.x < 8.1.20 Information Disclosure : undefined
113966 PHP 8.0.x < 8.0.29 Information Disclosure : undefined
113986 Ninja Forms Plugin for WordPress < 3.6.26 Multiple Vulnerabilities : undefined
113987 PHP 8.1.x < 8.1.22 Multiple Vulnerabilities : undefined
113988 PHP 8.0.x < 8.0.30 Multiple Vulnerabilities : undefined
113989 MediaWiki < 1.38.2 Unlimited Lexeme Length Denial Of Service : undefined
113990 MediaWiki < 1.35.5 Multiple Vulnerabilities : undefined
113991 MediaWiki 1.36.x < 1.36.3 Multiple Vulnerabilities : undefined
113992 MediaWiki 1.37.x < 1.37.1 Multiple Vulnerabilities : undefined
113993 MediaWiki < 1.37.0 Multiple Vulnerabilities : undefined
113994 MediaWiki < 1.36.0 Invalid MediaWiki Abusefilter-blocker Breaks Filters : undefined
113995 MediaWiki < 1.35.2 Oauth Overlength Rsa Key : undefined
113996 MediaWiki < 1.37.3 Multiple Vulnerabilities : undefined
113997 MediaWiki < 1.31.12 Special Contributions Hidden User Leakage : undefined
113998 MediaWiki 1.32.x < 1.35.2 Special Contributions Hidden User Leakage : undefined
113999 MediaWiki < 1.35.0 Multiple Vulnerabilities : undefined
114000 MediaWiki < 1.23.16 Wiki Visitor IP Leakage : undefined
114001 MediaWiki 1.24.x < 1.27.2 Wiki Visitor IP Leakage : undefined
114002 MediaWiki 1.28.x < 1.28.1 Wiki Visitor IP Leakage : undefined
114003 MediaWiki < 1.17.2 Deleted Text Exposure : undefined
114004 MediaWiki 1.18.x < 1.18.1 Deleted Text Exposure : undefined
98100 Path Traversal : undefined
98116 NoSQL Injection : undefined
98123 Operating System Command Injection : undefined
98125 Local File Inclusion : undefined
98127 LDAP Injection : undefined
98779 Source Code Passive Disclosure : undefined

New

114005 AYS Popup Box Plugin for WordPress < 3.1.3 Cross-Site Scripting : undefined

Web App Scanning Plugin Feed 202308020802

Feed built over 2 years ago

Modified Detection

112501 Sitefinity < 10.0.6412.0 Multiple Vulnerabilities : undefined
112704 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 Remote Code Execution : undefined
112705 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 / 12.2.1.4.0 / 14.1.1.0.0 Authentication Bypass : undefined
112726 Apache Struts 2.3.5 < 2.3.32 / 2.5.x < 2.5.10.1 Remote Code Execution (S2-045 / S2-046) : undefined
112727 Apache Struts 2.0.4 < 2.3.35 / 2.5.x < 2.5.17 Remote Code Execution (S2-057) : undefined
112741 Apache Struts 2.x < 2.3.15.1 Remote Code Execution (S2-016) : undefined
112762 Apache Struts 2 < 2.3.33 Remote Code Execution (S2-048) : undefined
112763 Apache Struts 2.1.6 < 2.3.34 / 2.5 < 2.5.13 Remote Code Execution (S2-052) : undefined
113075 Apache Log4j Remote Code Execution (Log4Shell) : undefined
113115 Adobe ColdFusion 11 < 11 Update 15 / 2016 < 2016 Update 7 / 2018 < 2018 Update 1 Arbitrary File Upload : undefined
113217 Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell) : undefined
113373 Atlassian Bitbucket Remote Code Execution : undefined
113550 Zoho ManageEngine SAML SSO Remote Code Execution : undefined
113903 Adobe ColdFusion ComponentFilter Remote Code Execution : undefined
113979 Atlassian Confluence < 7.13.17 Read Only User Attachment Uploads Service : undefined
113980 Atlassian Confluence 7.14.x < 7.19.9 Read Only User Attachment Uploads : undefined
113981 Atlassian Confluence 7.20.x < 8.2.2 Read Only User Attachment Uploads : undefined
113982 Atlassian Confluence 8.x < 8.3.2 Remote Code Execution : undefined
113983 Atlassian Confluence 6.1.x < 7.13.20 Remote Code Execution : undefined
113984 Atlassian Confluence 7.14.0 < 7.19.8 < Remote Code Execution : undefined
113985 Atlassian Confluence 8.x < 8.2.0 Remote Code Execution : undefined
98997 Kentico CMS 9.x < 10.0.52 / 11.0.x < 11.0.48 / 12.0.x < 12.0.15 Remote Code Execution : undefined

New

113976 Simple Membership Plugin For WordPress < 4.0.9 Arbitary Member Deletion : undefined

Web App Scanning Plugin Feed 202307311300

Feed built over 2 years ago

Modified Detection

112550 Full Path Disclosure : undefined
112614 Server-Side Template Injection : undefined
98779 Source Code Passive Disclosure : undefined

New

113976 Simple Membership Plugin For WordPress < 4.0.9 Arbitary Member Deletion : undefined

Web App Scanning Plugin Feed 202307240920

Feed built over 2 years ago

Modified Detection

112501 Sitefinity < 10.0.6412.0 Multiple Vulnerabilities : undefined
112704 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 Remote Code Execution : undefined
112705 Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 / 12.2.1.4.0 / 14.1.1.0.0 Authentication Bypass : undefined
112726 Apache Struts 2.3.5 < 2.3.32 / 2.5.x < 2.5.10.1 Remote Code Execution (S2-045 / S2-046) : undefined
112727 Apache Struts 2.0.4 < 2.3.35 / 2.5.x < 2.5.17 Remote Code Execution (S2-057) : undefined
112741 Apache Struts 2.x < 2.3.15.1 Remote Code Execution (S2-016) : undefined
112762 Apache Struts 2 < 2.3.33 Remote Code Execution (S2-048) : undefined
112763 Apache Struts 2.1.6 < 2.3.34 / 2.5 < 2.5.13 Remote Code Execution (S2-052) : undefined
113075 Apache Log4j Remote Code Execution (Log4Shell) : undefined
113115 Adobe ColdFusion 11 < 11 Update 15 / 2016 < 2016 Update 7 / 2018 < 2018 Update 1 Arbitrary File Upload : undefined
113217 Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell) : undefined
113335 DotNetNuke 5.x < 9.1.1 Remote Code Execution : undefined
113373 Atlassian Bitbucket Remote Code Execution : undefined
113550 Zoho ManageEngine SAML SSO Remote Code Execution : undefined
113903 Adobe ColdFusion ComponentFilter Remote Code Execution : undefined
113971 Citrix Gateway / ADC Cross-Site Scripting : undefined
113973 Web Services Description Language (WSDL) File Detected : undefined
98008 Web Application Firewall Detected : undefined
98060 Missing 'X-Frame-Options' Header : undefined
98072 Common Directories Detection : undefined
98611 Error Message : undefined
98612 Missing 'Expect-CT' Header (deprecated) : undefined
98779 Source Code Passive Disclosure : undefined
98828 PHP 5.6.x < 5.6.5 Multiple Vulnerabilities : undefined
98997 Kentico CMS 9.x < 10.0.52 / 11.0.x < 11.0.48 / 12.0.x < 12.0.15 Remote Code Execution : undefined

New

113972 OpenID Connect Anonymous Account : undefined
113974 Web Application Description Language (WADL) File Detected : undefined
113975 PHP Debug Bar Enabled : undefined
113977 Odoo < 16.2022.12.24 Cross-Site Scripting : undefined

Web App Scanning Plugin Feed 202307130817

Feed built over 2 years ago

Modified Detection

112540 SSL/TLS Certificate RSA Keys Less Than 2048 bits : undefined
113075 Apache Log4j Remote Code Execution (Log4Shell) : undefined
113335 DotNetNuke 5.x < 9.1.1 Remote Code Execution : undefined
113422 DotNetNuke Administration Panel Login Form Detected : undefined
113449 WordPress Cron Enabled : undefined
113716 Atlassian Jira < 3.13.2 WebWork 1 Parameter Injection Hole : undefined
113904 Sitecore Unauthenticated User Enumeration : undefined
113905 Sitecore Unauthenticated Arbitrary File Read : undefined
113960 Apache Tomcat 11.0.0-M5 Information Disclosure : undefined
113961 Apache Tomcat 10.1.8 Information Disclosure : undefined
113962 Apache Tomcat 9.0.74 Information Disclosure : undefined
113963 Apache Tomcat 8.5.88 Information Disclosure : undefined
113971 Citrix Gateway / ADC Cross-Site Scripting : undefined
98054 Unvalidated Redirection : undefined
98126 Remote File Inclusion : undefined
98649 Invalid Subresource Integrity : undefined
98681 Sitemap.xml File Detected : undefined

Web App Scanning Plugin Feed 202307060627

Feed built over 2 years ago

Modified Detection

112719 Client-Side Prototype Pollution : undefined
113069 SQL Injection Authentication Bypass : undefined
113162 MySQLjs SQL Injection Authentication Bypass : undefined
113309 XPath Injection Authentication Bypass : undefined
113317 Expression Language Injection : undefined
113331 LDAP Injection Authentication Bypass : undefined
113337 NoSQL Injection Authentication Bypass : undefined
113903 Adobe ColdFusion ComponentFilter Remote Code Execution : undefined
98042 Login Form Bruteforced : undefined
98109 DOM-based Cross-Site Scripting (XSS) : undefined
98139 Cookie Authentication Succeeded : undefined
98681 Sitemap.xml File Detected : undefined

New

113969 Social Login and Register for WordPress < 7.6.5 Authentication Bypass : undefined
113970 Nuxt.js 3.4.x < 3.4.3 Remote Code Execution : undefined