Vulnerabilities Report (Page 1 of 2)

 Scan Name: Webscantest
 Date: 9/12/2017 9:33:08 PM
 Authenticated User: testuser
 Total Links / Attackable Links: 409 / 409
 Target URL: http://webscantest.com/
https://webscantest.com/
 Reports:
<< >>

Summary


Vulnerabilities by Risk

Root Causes: 268

Vulnerabilities by Who Will Fix

Most Vulnerable Sites

Vulnerability Type

Root Causes

Variances

Blind SQL Injection  14   48 
Browser Cache directive (leaking sensitive information)  19   28 
Brute Force Form based Authentication  1   1 
Buffer Overflow  6   14 
Business Logic Abuse  3   5 
Command Injection  2   6 
Content Security Policy Headers  2   3 
Content Type Charset Check  100   146 
Credentials Over Un Encrypted Channel  2   2 
Cross-Site Request Forgery (CSRF)  21   33 
Custom Directory Check  2   2 
Custom Parameter Check  10   10 
Custom Passive Check  10   10 
Directory Indexing  3   3 
DOM based Cross-site scripting (XSS)  1   1 
HTTP Verb Tampering  1   2 
HttpOnly attribute  7   7 
Information Disclosure  12   12 
Information Leakage  4   4 
Parameter Fuzzing  6   24 
Persistent Cross-site scripting (XSS)  2   2 
Predictable Resource Location  2   2 
Reflected Cross-site scripting (XSS)  19   85 
Server Type Disclosure  2   2 
Session Fixation  1   1 
Session Strength  1   1 
SQL Information Leakage  3   5 
SQL Injection  7   28 
SQL injection Auth Bypass  1   3 
SQL Parameter Check  1   1 
XPath Injection  3   11 
Total:  268   502 

Details

   Disable Validate Applet
  Collapse All Attacks   Collapse All

Collapse Blind SQL Injection

some text
  Collapse Site: http://webscantest.com:80
URL: http://webscantest.com/datastore/getimage_by_id.php Root Cause #1: (Parameter: id / 4 Attack Variances)  Expand
URL: http://webscantest.com/datastore/getimage_by_name.php Root Cause #2: (Parameter: name / 3 Attack Variances)  Expand
URL: http://webscantest.com/datastore/search_by_name.php Root Cause #3: (Parameter: name / 4 Attack Variances)  Expand
URL: http://webscantest.com/datastore/search_double_by_name.php Root Cause #4: (Parameter: name / 4 Attack Variances)  Expand
URL: http://webscantest.com/datastore/search_get_by_id.php Root Cause #5: (Parameter: id / 4 Attack Variances)  Expand
URL: http://webscantest.com/datastore/search_get_by_name.php Root Cause #6: (Parameter: name / 4 Attack Variances)  Expand
URL: http://webscantest.com/login.php Root Cause #7: (Parameter: login / 1 Attack Variance)  Expand
URL: http://webscantest.com/shutterdb/filter_by_name.php Root Cause #8: (Parameter: filter / 3 Attack Variances)  Expand
URL: http://webscantest.com/shutterdb/search_by_name.php Root Cause #9: (Parameter: name / 4 Attack Variances)  Expand
URL: http://webscantest.com/shutterdb/search_get_by_id.php Root Cause #10: (Parameter: id / 4 Attack Variances)  Expand
URL: http://webscantest.com/shutterdb/search_get_by_id2.php Root Cause #11: (Parameter: id / 4 Attack Variances)  Expand