Privacy Report

 Scan Name: webscantest
 Date: 10/24/2017 7:44:45 AM
 Authenticated User: admin
 Total Links / Attackable Links: 475 / 475
 Target URL: https://webscantest.com
http://webscantest.com
 Reports:

Summary


Finding Type

Root Causes

Variances

Collecting Sensitive Personal Information  10   32 
Email Address  1   4 
Social Security Number  1   1 
Total:  12   37 

By Risk

Variances: 37

Details


Collapse Collecting Sensitive Personal Information

Confidence
Severity
some text
  Collapse Site: http://webscantest.com:80
URL: http://webscantest.com/crosstraining/aboutyou.php Root Cause #454: (2 Attack Variances)  Expand
URL: http://webscantest.com/crosstraining/aboutyou2.php Root Cause #455: (2 Attack Variances)  Expand
URL: http://webscantest.com/crosstraining/dom.php Root Cause #456: (1 Attack Variance)  Expand
URL: http://webscantest.com/crosstraining/reservation.php Root Cause #457: (3 Attack Variances)  Expand
URL: http://webscantest.com/crosstraining/review.php Root Cause #458: (9 Attack Variances)  Expand
URL: http://webscantest.com/crosstraining/sitereviews.php Root Cause #459: (1 Attack Variance)  Expand
URL: http://webscantest.com/login.php Root Cause #460: (1 Attack Variance)  Expand
URL: http://webscantest.com/shutterform/ Root Cause #461: (5 Attack Variances)  Expand
URL: http://webscantest.com/shutterform/index.php Root Cause #462: (5 Attack Variances)  Expand
URL: http://webscantest.com/userprofile.php Root Cause #463: (3 Attack Variances)  Expand

Description:  

Web form collects personal information.


Recommendations:  

If the collection of personal information is not required and violates a policy directive, do not collect it.


Collapse Email Address

Confidence
Severity
some text
  Collapse Site: http://webscantest.com:80
URL: http://webscantest.com/crosstraining/sitereviews.php Root Cause #464: (4 Attack Variances)  Expand

Description:  

An email address was found.


Recommendations:  

Avoid exposing user email addresses.


Collapse Social Security Number

Confidence
Severity
some text
  Collapse Site: http://webscantest.com:80
URL: http://webscantest.com/csrf/token.php Root Cause #465: (1 Attack Variance)  Expand

Description:  

It has been detected that Social Security Number is stored on this site.


Recommendations:  

Avoid exposing user private data.