Privacy Report

 Scan Name: Webscantest
 Date: 9/12/2017 9:33:08 PM
 Authenticated User: testuser
 Total Links / Attackable Links: 409 / 409
 Target URL: http://webscantest.com/
https://webscantest.com/
 Reports:

Summary


Finding Type

Root Causes

Variances

Collecting Sensitive Personal Information  10   32 
Social Security Number  1   1 
Total:  11   33 

By Risk

Variances: 33

Details


Collapse Collecting Sensitive Personal Information

some text
  Collapse Site: http://webscantest.com:80
URL: http://webscantest.com/crosstraining/aboutyou.php Root Cause #342: (2 Attack Variances)  Expand
URL: http://webscantest.com/crosstraining/aboutyou2.php Root Cause #343: (2 Attack Variances)  Expand
URL: http://webscantest.com/crosstraining/dom.php Root Cause #344: (1 Attack Variance)  Expand
URL: http://webscantest.com/crosstraining/reservation.php Root Cause #345: (3 Attack Variances)  Expand
URL: http://webscantest.com/crosstraining/review.php Root Cause #346: (9 Attack Variances)  Expand
URL: http://webscantest.com/crosstraining/sitereviews.php Root Cause #347: (1 Attack Variance)  Expand
URL: http://webscantest.com/login.php Root Cause #348: (1 Attack Variance)  Expand
URL: http://webscantest.com/shutterform/ Root Cause #349: (5 Attack Variances)  Expand
URL: http://webscantest.com/shutterform/index.php Root Cause #350: (5 Attack Variances)  Expand
URL: http://webscantest.com/userprofile.php Root Cause #351: (3 Attack Variances)  Expand

Description:  

Web form collects personal information.


Recommendations:  

If the collection of personal information is not required and violates a policy directive, do not collect it.


Collapse Social Security Number

some text
  Collapse Site: http://webscantest.com:80
URL: http://webscantest.com/csrf/token.php Root Cause #352: (1 Attack Variance)  Expand

Description:  

It has been detected that Social Security Number is stored on this site.


Recommendations:  

Avoid exposing user private data.