Vulnerabilities Report (Page 1 of 3)

 Scan Name: webscantest
 Date: 10/24/2017 7:44:45 AM
 Authenticated User: admin
 Total Links / Attackable Links: 475 / 475
 Target URL: https://webscantest.com
http://webscantest.com
 Reports:
<< >>

Summary


Vulnerabilities by Risk

Root Causes: 278

Vulnerabilities by Who Will Fix

Most Vulnerable Sites

Vulnerability Type

Root Causes

Variances

Blind SQL Injection  14   50 
Browser Cache directive (leaking sensitive information)  23   33 
Brute Force Form based Authentication  1   1 
Buffer Overflow  6   14 
Business Logic Abuse  6   10 
Command Injection  1   4 
Content Security Policy Headers  2   2 
Content Type Charset Check  100   139 
Credentials Over Un Encrypted Channel  2   2 
Cross-Site Request Forgery (CSRF)  24   38 
Directory Indexing  3   3 
DOM based Cross-site scripting (XSS)  2   2 
Forced Browsing  1   1 
HTTP Response Splitting  1   1 
HTTP User-Agent Check  3   3 
HTTP Verb Tampering  1   2 
HttpOnly attribute  7   7 
Information Disclosure  1   2 
Information Leakage  4   4 
Parameter Fuzzing  6   24 
Persistent Cross-site scripting (XSS)  3   7 
Predictable Resource Location  22   22 
Privilege Escalation  1   2 
Reflected Cross-site scripting (XSS)  20   91 
Server Type Disclosure  2   2 
Session Fixation  1   1 
Session Strength  1   2 
Session Upgrade  5   5 
SQL Information Leakage  2   3 
SQL Injection  8   32 
SQL injection Auth Bypass  1   3 
SQL Parameter Check  1   1 
XPath Injection  3   11 
Total:  278   524 

Details

   Disable Validate Applet
  Collapse All Attacks   Collapse All

Collapse Blind SQL Injection

Confidence
Severity
some text
  Collapse Site: http://webscantest.com:80
URL: http://webscantest.com/datastore/getimage_by_id.php Root Cause #1: (Parameter: id / 4 Attack Variances)  Expand
URL: http://webscantest.com/datastore/getimage_by_name.php Root Cause #2: (Parameter: name / 3 Attack Variances)  Expand
URL: http://webscantest.com/datastore/search_by_name.php Root Cause #3: (Parameter: name / 4 Attack Variances)  Expand
URL: http://webscantest.com/datastore/search_double_by_name.php Root Cause #4: (Parameter: name / 4 Attack Variances)  Expand
URL: http://webscantest.com/datastore/search_get_by_id.php Root Cause #5: (Parameter: id / 4 Attack Variances)  Expand
URL: http://webscantest.com/datastore/search_get_by_name.php Root Cause #6: (Parameter: name / 4 Attack Variances)  Expand
URL: http://webscantest.com/login.php Root Cause #7: (Parameter: login / 2 Attack Variances)  Expand
URL: http://webscantest.com/shutterdb/filter_by_name.php Root Cause #8: (Parameter: filter / 4 Attack Variances)  Expand
URL: http://webscantest.com/shutterdb/search_by_name.php Root Cause #9: (Parameter: name / 4 Attack Variances)  Expand
URL: http://webscantest.com/shutterdb/search_get_by_id.php Root Cause #10: (Parameter: id / 4 Attack Variances)  Expand
URL: http://webscantest.com/shutterdb/search_get_by_id2.php Root Cause #11: (Parameter: id / 4 Attack Variances)  Expand