Network Timeout Encountered

Provides a report of network timeouts encountered during the scan, showing URLs and the number of timeouts for each URL. Note that assessment will stop on any URLs in timeout state, and timeouts may increase significantly the overall duration of the scan. No source data...

Target Information

Publishes the target information of the starting url as evaluated by the scan. No source data...

Scan aborted after too many timeouts

The scanner aborted the scan due to the number of consecutive timeouts received from the web application, to prevent this latter to be completely unresponsive and unable to process normal requests. No source data...

Login Form Authentication Failed

This plugin is raised when the scanner has not been able to authenticate against the web application using the login form credentials provided in the scan policy. Check the output of the plugin to get an explanation of the issue encountered by the scan. No source data...

CAPTCHA Detection

Detects any known CAPTCHA products being used on a page. No source data...

Scan Information

Provides scan information and statistics of plugins run. No source data...

Interesting Response

The scanner identified some responses with a status code other than the usual 200 OK, 301 Moved Permanently, 302 Found and 404 Not Found codes. These codes can provide useful insights into the behavior of the web application and identify any unexpected responses to be addressed. No source data...

Mixed Resource Detection

Scanner discovered that the affected site is utilising both HTTP and HTTPS. While the HTML code is served over HTTPS, the server is also serving resources over an unencrypted channel, which can lead to the compromise of data, while providing a false sense of security to the user. No source data...

Allowed HTTP Methods

There are a number of HTTP methods that can be used on a webserver OPTIONS, HEAD, GET, POST, PUT, DELETE etc.. Each of these methods perform a different function and each have an associated level of risk when their use is permitted on the webserver. By sending an HTTP OPTIONS request and a direct...

HTML Object

The scanner detected one or more HTML object tags. This tag is used to embed multimedia like audio, video, Java applets, ActiveX, PDF and Flash in HTML pages. No source data...

CVE-2015-0537

creationtimestamp| type| source ---|---|--- 2015-08-21 13:00:41+00:00| seen| MISP/55d720e0-f5c8-4290-ba7f-289f0a00020f...

CVE-2012-2376

creationtimestamp| type| source ---|---|--- 2012-05-11 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/18861 2025-08-31 03:13:08+00:00| seen| MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57...

CVE-2011-3230

creationtimestamp| type| source ---|---|--- 2011-10-17 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/17986 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/osx/browser/safarifilepolicy.rb 2025-02-06 03:13:40+00:00| seen|...

Adobe Boosts Privacy Protections with Flash Player Update

Adobe released an update to its Flash Player that it says will make it easier for users to manage their online privacy. The company released Flash Player Version 10.3 on Thursday. The update to the common rich media player includes support for a new cross platform application program interface AP...

CVE-2006-6424

creationtimestamp| type| source ---|---|--- 2010-05-09 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16813 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/novell/nmapstor.rb 2025-02-06 03:13:38+00:00| seen|...

CVE-2009-1978

creationtimestamp| type| source ---|---|--- 2009-09-14 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/9652 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/oracle/osbexecqr2.rb 2025-02-06 03:13:39+00:00| seen|...

CVE-2009-2261

creationtimestamp| type| source ---|---|--- 2009-06-05 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/8881 2010-09-20 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16307 2018-05-29 15:50:33+00:00| seen|...

CSRF through HTML message in squirrelmail

Cross-site request forgery CSRF vulnerability in compose.php in SquirrelMail 1.4.0 through 1.4.9a allows remote attackers to send e-mails from arbitrary users via certain data in the SRC attribute of an IMG element...