Web App Vulnerabilities

1. Introduction Insecure Cross-Origin Resource Sharing Configuration allows websites to make requests on behalf of a user to your application,...

1. Introduction The scanner identified some responses with a status code other than the usual 200 (OK), 301 (Moved Permanently),...

1. Introduction The Invision Power Board Dragoran Portal Module index.php site parameter vulnerability is a SQL injection flaw in an...

1. Introduction The Invision Power Board index.php pop Parameter XSS vulnerability is a cross-site scripting flaw in the Invision Power...

1. Introduction The Invision Power Board Referer field XSS vulnerability allows an attacker to inject malicious scripts into a web...

1. Introduction The ION ion-p.exe page Parameter Traversal Arbitrary File Retrieval vulnerability allows an attacker to access confidential data on...

1. Introduction The vulnerability ‘ionCube loader-wizard.php Accessible’ involves an exposed setup wizard for ionCube, a PHP encoding and security tool....

1. Introduction The is_human() Plugin for WordPress ‘type’ Parameter Command Injection vulnerability allows a remote attacker to execute arbitrary code...

1. Introduction The Isilon OneFS Web Interface Detection indicates that the web interface for an Isilon OneFS system is accessible...

1. Introduction Ivanti Connect Secure Detection indicates that the web interface for Ivanti Connect Secure (formerly Pulse Connect Secure), an...