Apache Guacamole Detected

This is an informational notice that the scanner was able to detect an Apache Guacamole instance on the target server. Note that this detection is included in the Remote Access Tools category. No source data...

GeoServer 2.10.0 < 2.24.4 Sensitive Information Exposure

According to its banner, the version of GeoServer running on the remote host is 2.10.0 prior to 2.24.4 or 2.25.x prior to 2.25.1. It is, therefore, affected by a Sensitive Information Exposure. Note that the scanner has not tested for these issues but has instead relied only on the application's...

Sequelize Configuration File Detected

Sequelize is a promise-based Node.js ORM tool for databases engines. Sequelize CLI uses by default a configuration file in 'config' directory to store the environment and database information. By accessing it, an attacker could leverage the vulnerability to gain unauthorized and privileged access...

Apache Tomcat 11.0.0-M1 < 11.0.0-M11 Open Redirect

The version of Apache Tomcat installed on the remote host is 8.5.0 to 8.5.92, 9.0.0-M1 to 9.0.79, 10.1.0-M1 to 10.1.12 or 11.0.0-M1 to 11.0.0-M10. If the ROOT default web application is configured to use FORM authentication then it is possible that a specially crafted URL could be used to trigger...

Server-Side Inclusion Injection

A Server-Side Include Injection vulnerability exists when an application embeds and evaluates unsafe user-controlled server-side include directives. By injecting a specific payload an attacker can leverage this vulnerability to conduct a remote code execution. No source data...