Vulnerabilities Report (Page 1 of 3)

 Scan Name: Webscantest-includeAPIs-reactjs
 Date: 8/24/2016 11:24:23 PM
 Authenticated User: testuser
 Total Links / Attackable Links: 416 / 416
 Target URL: http://webscantest.com
 Reports:
<< >>

Summary


Vulnerabilities by Risk

Root Causes: 250

Vulnerabilities by Who Will Fix

Most Vulnerable Sites

Vulnerability Type

Root Causes

Variances

Blind SQL Injection  15   48 
Browser Cache directive (leaking sensitive information)  20   31 
Brute Force Form based Authentication  1   1 
Buffer Overflow  6   10 
Business Logic Abuse  5   5 
Command Injection  1   4 
Content Type Charset Check  100   153 
Cross-Site Request Forgery (CSRF)  25   50 
Custom Passive Check  10   10 
Directory Indexing  3   3 
DOM based Cross-site scripting (XSS)  1   1 
HTTP Verb Tampering  1   2 
HttpOnly attribute  5   7 
Information Leakage  4   4 
Parameter Fuzzing  6   16 
Persistent Cross-site scripting (XSS)  2   6 
Predictable Resource Location  2   2 
Reflected Cross-site scripting (XSS)  20   141 
Server Type Disclosure  2   2 
Session Fixation  1   1 
Session Strength  1   1 
SQL Information Leakage  5   7 
SQL Injection  9   36 
SQL injection Auth Bypass  1   3 
SQL Parameter Check  1   1 
XPath Injection  3   11 
Total:  250   556 

Details

   Disable Validate Applet
  Collapse All Attacks   Collapse All

Collapse Blind SQL Injection

some text
  Collapse Site: http://webscantest.com:80
URL: http://webscantest.com/datastore/getimage_by_id.php Root Cause #1: (Parameter: id / 4 Attack Variances)  Expand
URL: http://webscantest.com/datastore/getimage_by_name.php Root Cause #2: (Parameter: name / 3 Attack Variances)  Expand
URL: http://webscantest.com/datastore/search_by_name.php Root Cause #3: (Parameter: name / 3 Attack Variances)  Expand
URL: http://webscantest.com/datastore/search_double_by_name.php Root Cause #4: (Parameter: name / 3 Attack Variances)  Expand
URL: http://webscantest.com/datastore/search_get_by_id.php Root Cause #5: (Parameter: id / 4 Attack Variances)  Expand
URL: http://webscantest.com/datastore/search_get_by_name.php Root Cause #6: (Parameter: name / 4 Attack Variances)  Expand
URL: http://webscantest.com/login.php Root Cause #7: (Parameter: login / 1 Attack Variance)  Expand
URL: http://webscantest.com/shutterdb/filter_by_name.php Root Cause #8: (Parameter: filter / 4 Attack Variances)  Expand
URL: http://webscantest.com/shutterdb/search_by_name.php Root Cause #9: (Parameter: name / 3 Attack Variances)  Expand
URL: http://webscantest.com/shutterdb/search_get_by_id.php Root Cause #10: (Parameter: id / 4 Attack Variances)  Expand
URL: http://webscantest.com/shutterdb/search_get_by_id2.php Root Cause #11: (Parameter: id / 4 Attack Variances)  Expand