AcmeFoo AcmeWebSite issues

AcmeFoo / AcmeWebSite

New website

0 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

CONTRAST: Authorization Rules Missing Deny Rule under location ForgotPassword.aspx in \web.config

#95 zencid42 opened 4 years ago
0
CONTRAST: Authorization Rules Missing Deny Rule under location Logout.aspx in \web.config

#94 zencid42 opened 4 years ago
0
CONTRAST: Session Rewriting Allowed in forms section of \web.config

#93 zencid42 opened 4 years ago
0
CONTRAST: Application Disables Header Checking in \web.config

#92 zencid42 opened 4 years ago
0
CONTRAST: Authorization Rules Missing Deny Rule in \web.config

#91 zencid42 opened 4 years ago
0
CONTRAST: Application Displays Detailed Error Messages in \web.config

#90 zencid42 opened 4 years ago
0
CONTRAST: Authorization Rules Missing Deny Rule under location Autocomplete.ashx in \web.config

#89 zencid42 opened 4 years ago
0
CONTRAST: Authorization Rules Missing Deny Rule under location CustomerLogin.aspx in \web.config

#88 zencid42 opened 4 years ago
0
CONTRAST: Authorization Rules Missing Deny Rule under location ForgotPassword.aspx in \web.config

#87 zencid42 opened 4 years ago
0
CONTRAST: SSL Not Required For Forms Authentication in \web.config

#86 zencid42 opened 4 years ago
0
CONTRAST: Authorization Rules Missing Deny Rule under location Logout.aspx in \web.config

#85 zencid42 opened 4 years ago
0
CONTRAST: Session Rewriting Allowed in forms section of \web.config

#84 zencid42 opened 4 years ago
0
CONTRAST: Authorization Rules Missing Deny Rule under location CustomerLogin.aspx in \web.config

#82 zencid42 opened 4 years ago
0
CONTRAST: Request Validation Mode Disabled in \WebGoatCoins\ProductDetails.aspx

#83 zencid42 opened 4 years ago
0
CONTRAST: SSL Not Required For Forms Authentication in \web.config

#81 zencid42 opened 4 years ago
0
CONTRAST: Application Disables Header Checking in \web.config

#80 zencid42 opened 4 years ago
0
CONTRAST: Event Validation Disabled in \Content\HeaderInjection.aspx

#79 zencid42 opened 4 years ago
0
CONTRAST: Authorization Rules Missing Deny Rule under location Autocomplete.ashx in \web.config

#78 zencid42 opened 4 years ago
0
CONTRAST: Authorization Rules Missing Deny Rule in \web.config

#77 zencid42 opened 4 years ago
0
CONTRAST: Request Validation Mode Disabled in \WebGoatCoins\ProductDetails.aspx

#76 zencid42 opened 4 years ago
0
CONTRAST: Application Displays Detailed Error Messages in \web.config

#75 zencid42 opened 4 years ago
0
CONTRAST: Event Validation Disabled in \Content\HeaderInjection.aspx

#74 zencid42 opened 4 years ago
0
CONTRAST: Cross-Site Request Forgery detected

#73 zencid42 opened 4 years ago
0
CONTRAST: SQL Injection from "ctl00$BodyContentPlaceholder$txtID" Parameter on "/Content/SQLInjectionDiscovery.aspx" page

#72 zencid42 opened 4 years ago
0
CONTRAST: Path Traversal from Request Body on "/Content/UploadPathManipulation.aspx" page

#71 zencid42 opened 4 years ago
0
CONTRAST: Path Traversal from "filename" Parameter on "/Content/PathManipulation.aspx" page

#70 zencid42 opened 4 years ago
0
CONTRAST: SQL Injection from "ctl00$BodyContentPlaceholder$txtName" Parameter on "/Content/SQLInjection.aspx" page

#69 zencid42 opened 4 years ago
0
CONTRAST: Cookie Has No 'secure' Flag for the cookie Server

#68 zencid42 opened 4 years ago
0
CONTRAST: Session Cookie Has No 'secure' Flag for the cookie ASP.NET_SessionId

#67 zencid42 opened 4 years ago
0
CONTRAST: Application Disables Header Checking in C:\Users\Administrator\Source\Repos\WebGoat.NET\WebGoat\web.config

#66 zencid42 opened 4 years ago
0
CONTRAST: Session Rewriting Allowed in Application or Server Configuration

#65 zencid42 opened 4 years ago
0
CONTRAST: SSL Not Required For Forms Authentication in C:\Users\Administrator\Source\Repos\WebGoat.NET\WebGoat\web.config

#64 zencid42 opened 4 years ago
0
CONTRAST: Application Displays Detailed Error Messages in C:\Users\Administrator\Source\Repos\WebGoat.NET\WebGoat\web.config

#63 zencid42 opened 4 years ago
0
CONTRAST: Authorization Rules Missing Deny Rule in C:\Users\Administrator\Source\Repos\WebGoat.NET\WebGoat\web.config

#62 zencid42 opened 4 years ago
0
CONTRAST: Cookie Has No 'secure' Flag for the cookie Server

#61 zencid42 opened 4 years ago
0
CONTRAST: Session Cookie Has No 'secure' Flag for the cookie ASP.NET_SessionId

#60 zencid42 opened 4 years ago
0
CONTRAST: Cross-Site Scripting from "name" Parameter on "/spring-4-vuln-app-1.0/endpoint" page

#59 zencid42 opened 4 years ago
0
CONTRAST: Cross-Site Scripting from "name" Parameter on "/spring-4-vuln-app-1.0/endpoint" page

#58 zencid42 opened 4 years ago
0
CONTRAST: Cross-Site Scripting from "input" QueryString Parameter on "/xss_test/query" page

#57 zencid42 opened 4 years ago
0
CONTRAST: Hardcoded Cryptographic Key in ../vulnerabilities/express-session/index.js line 4

#56 zencid42 opened 4 years ago
0
CONTRAST: Hardcoded Cryptographic Key in ../vulnerabilities/static.js line 22

#55 zencid42 opened 4 years ago
0
CONTRAST: Hardcoded Password in ../vulnerabilities/static.js line 4

#54 zencid42 opened 4 years ago
0
CONTRAST: 'MD5' hash algorithm used at GranteeManager

#53 zencid42 opened 4 years ago
0
CONTRAST: 'MD5' hash algorithm used at GranteeManager

#52 zencid42 opened 4 years ago
0
CONTRAST: Cross-Site Scripting from "user" Parameter on "/welcome/hello" page

#51 zencid42 opened 4 years ago
0
CONTRAST: Application Disables 'secure' Flag on Cookies observed at IRequestImpl.java

#50 zencid42 opened 4 years ago
0
CONTRAST: Path Traversal from URI on "/IBMJMXConnectorREST/file/%2FUsers%2Fmarklacasse%2FSandbox%2FWebSphere%2Fusr%2Fservers%2FdefaultServer%2Flogs%2Fstate%2FfeatureList_8297814327095316781.xml" page

#49 zencid42 opened 4 years ago
0
CONTRAST: Path Traversal from URI on "/IBMJMXConnectorREST/file/%2FUsers%2Fmarklacasse%2FSandbox%2FWebSphere%2Fusr%2Fservers%2FdefaultServer%2Flogs%2Fstate%2FschemaGenerator_4055323226766755993.xsd" page

#48 zencid42 opened 4 years ago
0
CONTRAST: Path Traversal from URI on "/ibm/api/adminCenter/v1/icons/com.ibm.websphere.appserver.adminCenter.tool.serverConfig-1.0" page

#47 zencid42 opened 4 years ago
0
CONTRAST: Application Disables 'secure' Flag on Cookies observed at IRequestImpl.java (JSESSIONID.d3681dff)

#46 zencid42 opened 4 years ago
0