Web App Vulnerabilities

1. Introduction The ht://Dig package contains a search engine vulnerable to cross-site scripting (XSS). This allows an attacker to inject...

1. Introduction This report details the HTTP login page vulnerability, which involves using standard web form-based authentication. This is a...

1. Introduction The HTTP Origin Response Header Usage vulnerability involves web servers setting an Origin header in responses. This is...

1. Introduction The HTTP Proxy Open Relay Detection vulnerability identifies web proxy servers that accept unauthenticated HTTP requests. This allows...

1. Introduction HTTP Server Authentication Detected is an informational notice indicating that pages on your web server are protected by...

1. Introduction HTTP Server Authentication Succeeded is an informational notice indicating that a scan successfully authenticated against a web server...

1. Introduction HTTP Smuggling is a vulnerability where an attacker can send multiple requests within a single connection, potentially bypassing...

1. Introduction HTTP Strict Transport Security (HSTS) is a web server directive that tells browsers to only connect via HTTPS....

1. Introduction The vulnerability ‘HTTP to HTTPS Redirect Not Enabled’ means that a website allows unencrypted HTTP connections, even though...

1. Introduction HTML comments are often used by developers for inline information, ignored by web browsers during rendering. These comments...