WordPress 6.4.x < 6.4.3 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A PHP file upload bypass via Plugin Installer requiring admin privileges. - An RCE POP Chains vulnerability. Note that the scanner has not tested for these issues but has...

WordPress 4.3.x < 4.3.33 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A PHP file upload bypass via Plugin Installer requiring admin privileges. - An RCE POP Chains vulnerability. Note that the scanner has not tested for these issues but has...

WordPress 5.4.x < 5.4.15 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A PHP file upload bypass via Plugin Installer requiring admin privileges. - An RCE POP Chains vulnerability. Note that the scanner has not tested for these issues but has...

Web Server Configuration File Detected

A web server configuration file has been detected on the target host. This may expose privileged information or configurations to a malicious actor. No source data...

Web Services Description Language (WSDL) File Detected

A Web Services Description Language WSDL file has been detected on this url. No source data...

XSLT Injection

An XSLT Injection is when an attacker tries to inject XSLT documents to the application. This attack may lead to the disclosure of confidential data, denial of service, port scanning from the perspective of the machine where the parser is located, and other system impacts. No source data...

Node-config Configuration File Detected

Node-config is a Node.js module providing hierarchical configurations to help with web applications deployments. By defining one or more configuration files in their application project 'config' directory or in a custom location, developers can define various configuration variables to be used in...

NTLM Authentication Detected

The scanner detected the presence of a web page protected by a 'NTLM' authentication. No source data...

SAP ICF Open-Redirect

In all versions of SAP ABAP Platform, SAP NetWeaver, SAP Web Application Server and SAP S/4HANA an Open Redirect exists via the 'redirecturl' parameter from the logoff page. This can be used to redirect the victim to a malicious URL. Cyber-criminals will abuse these vulnerabilities in social...

Bearer Token Authentication Detected

The scanner detected the presence of a web page protected by a 'Bearer' authentication. No source data...

Digest Authentication Detected

The scanner detected the presence of a web page protected by a 'Digest' authentication. No source data...

External Backend API Detected

Modern web applications often rely on a third party service as a backend when they are built with a micro-service architecture or using a third party SaaS service. In such deployments, it is recommended to perform additional scans directly against these backend hosts with the consent and approval...

XML Injection

An XML Injection is when an attacker tries to inject an XML documents to the application. If the XML parser fails to contextually validate data, then the test will yield a positive result. This attack may lead to the disclosure of confidential data, denial of service, port scanning from the...

Atlassian SAML Single Sign-On Bypass

When the resolution Reichert Network Solutions GmbH plugin is used for SSO authentication on Atlassian Jira Server, Atlassian Jira Data Center, Atlassian Confluence Server, Atlassian Confluence Data Center, Atlassian Bitbucket Server, Atlassian Bitbucket Data center, Atlassian Bamboo 5 and...

Metabase GeoJSON Remote Code Execution

Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map admin-settings-maps-custom maps-add a map support and potential RCE including environment variables because URLs were not validated prior to being loaded. No...

Atlassian Confluence 8.4.x < 8.4.4 Improper Authorization

According to its self-reported version number, the Atlassian Confluence application running on the remote host is 7.x prior 7.19.6, 8.x prior to 8.3.4, 8.4.x prior to 8.4.4, 8.5.x prior to 8.5.3 or 8.6.x prior to 8.6.1. It is, therefore, affected by an improper authorization vulnerability. Note...

WordPress WPEngine Configuration Detected

WPengine is a popular provider of managed WordPress hosting. Configurations may be located in a file named config.json inside the wpeprivate hidden directory. This configuration file may expose sensitive information such as database credentials and WPEngine account information which may be used b...

Adobe ColdFusion Improper Access Control

Adobe ColdFusion prior to versions 2018 Update 19, 2021 Update 9 and 2023 Update 3, suffer from an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access the administration CFM and CFC endpoints. No source data...

Adobe ColdFusion Remote Code Execution

Adobe ColdFusion prior to versions 2018 Update 19, 2021 Update 9 or 2023 Update 3, suffer from an Insecure Deserialization vulnerability through the argumentCollection parameter on /CFIDE/adminapi/accessmanager.cfc endpoint. By leveraging this vulnerability, a remote unauthenticated attacker coul...

Strapi Cognito Provider Authentication Bypass

Strapi is a popular open-source headless CMS built with Node.js. Strapi versions after 3.2.0 and before 4.6.0 suffer from a lack of validation of JWT tokens sent through the AWS Cognito authentication provider during the OAuth flow. By forging a custom JWT token with any signature, a remote and...