Inadequate Input ValidationLocal File Include8
Inadequate Input ValidationSQL Injection8
Insecure Software DefaultsDefault Login8
Inadequate Input ValidationRemote Code Injection8
Inadequate Input ValidationExpression Language Injection8
Inadequate Input ValidationCommand Injection8
Insecure Session ManagmentWeak Session Management8
Inadequate Input ValidationVanilla SQL Injection8
Inadequate Input ValidationRemote File Include8
Inadequate Input ValidationLDAP Injection7
Inadequate Input ValidationXPATH Injection7
Inadequate Input ValidationXML Injection7
Inadequate Input ValidationReflected Cross-site Scripting7
Inadequate Input ValidationPersistent Cross-site Scripting7
Inadequate Input ValidationCross-site Scripting7
Insecure Software ConfigurationOpen Cross Domain Policy6
Insecure Session ManagmentCross-site Request Forgery6
Inadequate Input ValidationFrame Injection5
Information DisclousureSource Version Control Disclosure5
Inadequate Input ValidationResponse Splitting5
Insecure Session ManagmentInadequate Session Revocation5
Inadequate Input ValidationOpen Redirect5
Inadequate Input ValidationCRLF Injection5
Inadequate Input ValidationDirectory Traversal5
Information DisclousureSQL Error4
Insecure Data TransportHTTP Authentication Scheme4
Weak Access ControlsUnrestricted File Upload4
Insecure Session ManagmentSession Fixation3
Insecure Session ManagmentSession Cookie not Flagged as Secure3
Insecure Session ManagmentSession Cookie not Flagged as HTTPOnly3
Insecure Data TransportGet Based Login Form3
Insecure Data TransportClear Text Login Form3
Information DisclousureError Disclosure2
Information DisclousurePath Disclosure2
Information DisclousureSource Leakage2
Information DisclousureUser Disclosure2
Information DisclousureIP Disclosure2
Information DisclousureDirectory Listing Enabled2
Insecure Software DefaultsAutocomplete Enabled2
Information GatheringDiscovered SOAP Service2
Abnormal BehaviourXSS Protection Error1
Information DisclousureMicrosoft Office Document1
Information GatheringAdmin Page Discovered1
Information GatheringAdditional Applications1
Insecure Data StorageInsecure Storage of Credentials1
Information DisclousureOutdated Software Version1
Insecure AuthenticationPassword Via GET1
Insecure Software ConfigurationPermissive Cross-Origin Resource Sharing1
Information DisclousureBanner Disclosure1
Insecure Software ConfigurationPermissive X-Frame Options Used1
Information DisclousureForbidden Resource1
Risky FeatureFile Upload1
Abnormal BehaviourRedirect Response With Body1
Information DisclousureReferer Leakage1
Information DisclousureEmail Disclosure1
Information DisclousureSoftware Type Disclosure1
Insecure Data TransportStrict Transport Security1
Information GatheringVersion Control Files1
Information DisclousureDirectory Listing Denied1
Insecure Session ManagmentViewState Not Encrypted1
Insecure Software DefaultsDebug Methods Enabled1
Insecure Software ConfigurationDangerous Methods Enabled1
Information GatheringBackup Files1
Insecure Session ManagmentViewState not Signed1
Insecure Software ConfigurationXSS Protection Disabled1
Risky FeatureCross Script Include1
Insecure AuthenticationWeak Password Detected1
Insecure Session ManagmentCookies Scoped to Parent Domain1
Insecure Session ManagmentCookie Domain Mismatch1
Information GatheringCommon Files1
Abnormal BehaviourX-Frame-Options Error1
Insecure Software ConfigurationX-Frame-Options Not Used1
Insecure Software ConfigurationOpen Cross-Origin Resource Sharing1
Generic Security FindingOSVDB Finding0
Generic Security FindingGeneric Finding0
Generic Security FindingCVE Finding0
Information GatheringVirtual Host Discovery0
Abnormal BehaviourBase Response Difference0