Magento Unsupported Version

The installation of Magento detected on the remote host is no longer supported. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities. No source data...

ELMAH Information Disclosure

ELMAH Error Logging Modules and Handlers is an application error logging facility. This application is not properly configured and leads to information disclosure via elmah.axd or errorlog.axd. This allows an unauthenticated, remote attacker to view web requests made to the server, including...

Oracle WebLogic UDDI Explorer Server-Side Request Forgery

The Oracle WebLogic UDDI Explorer service in Oracle Fusion Middleware versions 10.0.2 and 10.3.6 is affected by a server-side request forgery vulnerability due to the lack of validation of the operator parameter in the SearchPublicRegistries.jsp page. A remote and unauthenticated attacker can...

Microsoft SharePoint Server 2013 build < 15.0.5215.1000 Multiple Vulnerabilities

According to its self-reported version number, the Microsoft SharePoint application running on the remote host is affected by multiple vulnerabilities, two cross-site-scripting XSS exist when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected...

Microsoft SharePoint Server 2016 build < 16.0.4783.1000 Information Disclosure

According to its self-reported version number, the Microsoft SharePoint application running on the remote host is affected by an information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks a...

Kentico CMS < 9.0.51 Cross-Site Scripting

Kentico CMS is a common ASP.NET Content Management System CMS used for building websites and online stores. Kentico CMS versions before 9.0.51 allow remote attackers to inject arbitrary javascript or HTML content via the CMSBodyClass cookie variable. No source data...

Kibana 7.x < 7.2.1 Multiple Vulnerabilities

According to its self-reported version number, the Kibana application running on the remote host is prior to 6.8.2 or 7.x prior to 7.2.1. It is, therefore, affected by : - A prototype pollution vulnerability in lodash. CVE-2019-10744 - A server-side request forgery SSRF vulnerability in the...

Apache Solr < 8.4.0 Remote Code Execution

Apache Solr versions 5.0.0 to 8.3.1 allow for a a remote, unauthenticated user to set 'params.resource.loader.enabled' to true via an HTTP POST request to the JMX server. Enabling this parameter would allow an attacker to use the velocity template parameter in a specially crafted Solr request,...

Apache Solr 1.3.0 < 1.4.1 XML Resource Consumption Attack

Solr versions 1.3.0 to 1.4.1, 3.1.0 to 3.6.2 and 4.0.0 to 4.10.4 are vulnerable to an XML resource consumption attack via its update handle; leveraging XML DOCTYPE and ENTITY type elements, a remote, unauthenticated attacker may write data to the server which will expand when the server parses th...

Apache Solr 1.3.0 <= 7.6.0 Server Side Request Forgery

Server Side Request Forgery in Apache Solr, versions 1.3.0 until 7.6.0 inclusive. A remote, unauthenticated attacker can use the 'shards' parameter to make a HTTP GET request to any reachable web server; as this does not use any applicable whitelist or URL validation. Note that the scanner has no...

Apache Solr 4.0.0 < 4.10.4 XML Resource Consumption Attack

Solr versions 1.3.0 to 1.4.1, 3.1.0 to 3.6.2 and 4.0.0 to 4.10.4 are vulnerable to an XML resource consumption attack via its update handle; leveraging XML DOCTYPE and ENTITY type elements, a remote, unauthenticated attacker may write data to the server which will expand when the server parses th...

Apache Solr 4.0.0 < 4.10.3 Cross-Site Scripting

Cross-site scripting XSS vulnerability in the Admin UI Plugin / Stats page in Apache Solr versions 4.x 4.10.3 allows remote attackers to inject arbitrary web script or HTML via the fieldvaluecache object. Note that the scanner has not tested for these issues but has instead relied only on the...

Fetch/XHR Detected

The scan detected that the web application makes requests that appear to be using Fetch or XMLHTTPRequests XHRs to communicate with a backend API server. Fetchs/XHRs allow retrieval of data from an API without triggering a page reload, making them especially useful for Single Page Applications. N...

Magento Cacheleak

Magento 1 cache files are stored in the public directory of Magento installation. Misconfigured authorisation for /var directory has been detected. As cache filenames can be predicted they could be accessed and then exposed critical information like database login/password for example. No source...

Joomla! 3.0.x < 3.9.12 Cross-Site Scripting

According to its self-reported version number, the detected Joomla! application is affected by a cross-site scripting vulnerability in versions 3.0.0 to 3.9.11 due to inadequate escaping in the logo parameter of the default templates. Note that the scanner has not tested for these issues but has...

Sitemap.xml File Detected

The Sitemap Protocol allows you to inform search engines about URLs on a website that are available for crawling. In its simplest form, a Sitemap is an XML file that lists URLs for a site. It has been discovered that many site owners are not building their Sitemaps through spidering, but by...

Magento API Anonymous Access

Sensitive Magento 2 API can be accessed by anonymous users. Therefore, confidential merchant information can be exposed like offline products, stock information or store configuration for example. No source data...

JetBrains .idea Directory Detected

A JetBrains .idea Directory has been detected. This directory contains project specific settings in xml format. These configuration files may include sensitive information such as server configuration settings, component module information, compiler information, credentials, project history and...

Moment.js < 2.15.2 Regular Expression Denial of Service

According to its self-reported version number, Moment.js is prior to 2.15.2. Therefore, it may be affected by a regular expression denial of service vulnerability when arbitrary user input is passed into format. Note that the scanner has not tested for these issues but has instead relied only on...

CVS Repository Detected

The web server on the remote host allows read access to files within a 'CVSROOT' directory exposing files tracked inside. This potential flaw can be used to access content from the web server that might otherwise be private & permit download of the source code of listed pages hosted on the remote...