Knowledge Base - Issues

Our knowledge-base provides a comprehensive collection of information on vulnerabilities related to cyber security.

/ Account Provisioning

Account Provisioning is an IT vulnerability of the category Identity Management, which occurs in Web and API. This vulnerability involves the ability to create and manage user accounts, allowing malicious actors to gain unauthorized access. According to the Common Weakness Enumeration (CWE) directory, Account Provisioning is a vulnerability that involves...

/ Admin Interface Identified

Admin interface identified is a vulnerability related to information gathering. It is categorized under CWE-200 and is classified as an ‘Incomplete Information’ type vulnerability. This vulnerability arises when an attacker is able to identify and access the administrative interface of a web application or API without the user’s authorization. This...

/ Ajax Request Header Manipulation

Ajax request header manipulation (CWE-20) is a type of client side vulnerability in web and API applications that can be exploited by manipulating the request headers sent from the client. This attack can be used to gain access to restricted resources, bypass authentication or authorization mechanisms, or modify data stored...
When a web application is accessible using arbitrary HTTP Host headers, it can be vulnerable to a security issue known as Host Header Injection. This vulnerability occurs when an attacker can manipulate the Host header in an HTTP request to trick the server into processing the request as if it...

/ ASP.net Debugging Enabled

ASP.NET debugging enabled is a configuration management vulnerability (CWE-534) that occurs in web and API applications. It occurs when ASP.NET debugging is enabled in a production environment, allowing attackers to access debugging information and potentially exploit the web application. According to the OWASP Testing Guide, "Debugging information can provide an...

/ ASP.net Tracing Enabled

ASP.NET tracing enabled is a vulnerability in web and API applications that can allow attackers to gain access to sensitive information stored in the application. This vulnerability is described in the Common Weakness Enumeration (CWE) directory as CWE-611: Improper Restriction of Excessive Authentication Attempts. It can also be found in...
ASP.NET ViewState without MAC enabled is a cryptography vulnerability, classified under CWE-352, that occurs in web and API applications. It occurs when the application does not properly validate the ViewState data transmitted between the client and the server, enabling malicious users to tamper with the contents of the ViewState. This...

/ Auto-Generated Screenhots

Manufacturers want to provide device users with an aesthetically pleasing effect when an application is started or exited, so they introduced the concept of saving a screenshot when the application goes into the background. ## Risk This feature can pose a security risk because screenshots (which may display sensitive information such as...

/ Backup File

Backup file is an authorization vulnerability that occurs when an application does not properly restrict access to backup files, such as database backups. This type of vulnerability allows an attacker to gain access to sensitive data, such as passwords and personal information, which can be used to gain further access...
Base64-encoded data in parameter is a type of cryptography vulnerability that occurs in Web and API applications. According to Common Weakness Enumeration (CWE) directory, it is classified as CWE-344: Improper Insufficient Cryptographic Validation. This vulnerability is caused when an application fails to validate or restrict the unverified Base64- encoded data...
Browser cross-site scripting filter disabled (CWE-79) is a configuration management vulnerability that falls under Web and API category. This vulnerability allows malicious code to be executed in the user’s browser, as the cross-site scripting filter is not enabled. According to the OWASP Testing Guide, cross-site scripting filters are used to...
No X-XSS-Protection header was set in the response. This means that the browser uses default behavior that detection of a cross-site scripting attack never prevents rendering. ## Risk Cross-site scripting (XSS) filters in browsers check if the URL contains possible harmful XSS payloads and if they are reflected in the response page....

/ Cacheable HTTPS Response

Cacheable HTTPS response, CWE-315, occurs when a web server or API responds to an HTTPS request with a response that is marked as cacheable. This can lead to the response being stored in an unencrypted form, exposing sensitive data to anyone with access to the cache. According to the OWASP...

/ Check Point Firewall Compliance

Compliance checks for Check Point Firewall
Cleartext storage of sensitive information in cookie is a vulnerability that occurs when an application stores sensitive information in a cookie without any encryption or hashing. This can make it easy for an attacker to access the stored information. This vulnerability is classified as CWE-312 and is listed in the...
Cleartext submission of password is a vulnerability that occurs when a password is transmitted in a non-encrypted form during authentication processes over an open network like the internet. Unencrypted data can be easily intercepted by malicious actors and used to gain access to systems and resources. According to the OWASP...

/ Client-Side HTTP Parameter Pollution

Client-side HTTP parameter pollution (CWE-20) is a type of web application vulnerability that occurs when user-supplied parameters are used to manipulate the intended logic of a web application. The attacker can inject additional HTTP parameters into a single HTTP request, which can be used to manipulate the application's behaviour. By...

/ Client-Side Json Injection (DOM-Based)

Client-side JSON injection (DOM-based) is a type of vulnerability that occurs when a malicious user is able to inject JSON directly into a web page, usually through a browser, allowing malicious code to be executed within the browser. This vulnerability is categorized as a Client Side Vulnerability according to the...

/ Client-Side SQL Injection (DOM-Based)

Client-side SQL injection (DOM-based) is a type of injection attack that is classified as a Client Side Vulnerability (CWE-79). It occurs when a web application allows user-supplied input to be executed as part of a SQL query without proper validation or sanitization. According to the OWASP Testing Guide, DOM-based SQL...

/ Client-Side Template Injection

Client-side template injection (CSTI) is a type of injection attack that occurs when user-supplied data is injected into a web template in a client-side context. This type of attack is particularly dangerous as it allows an attacker to inject malicious code into a web page that is then executed by...

/ Client-Side Xpath Injection (DOM-Based)

Client-side XPath injection (DOM-based) is a type of security vulnerability which is classified under Client Side Vulnerabilities as per the Common Weakness Enumeration (CWE), and occurs in web and API applications. This is a type of injection attack where an attacker injects malicious XPath statements into a client's web page,...

/ Content Sniffing Not Disabled

Content Sniffing not disabled is a Configuration Management vulnerability that occurs in Web and API applications. It is a type of attack that attempts to exploit potential security flaws in web applications by exploiting the client's ability to interpret data sent from the server. Content Sniffing not disabled can allow...

/ Content Type Incorrectly Stated

Content type incorrectly stated, also known as CWE-200, is a type of vulnerability related to configuration management in web and API applications. It occurs when an application incorrectly states the content type of a response when the content type is not correctly given by the application. This can be dangerous...

/ Content Type Is Not Specified

Content type is not specified is a vulnerability that falls under the category of Configuration Management in the Common Weakness Enumeration (CWE) directory (CWE-20). This vulnerability occurs when there is no content type specified for data sent via Web and API requests. If a content type is not specified, the...

/ Cookie Issued to Parent Domain

Cookie issued to parent domain is a web application vulnerability in the configuration management category (CWE-20). The vulnerability occurs when a cookie is issued to a parent domain, allowing the cookie to be accessed in the parent domain or other subdomains. This type of cookie injection can be used to...

/ Cookie Manipulation (DOM-Based)

Cookie manipulation (DOM-based) is a type of web application security vulnerability classified as a Client Side Vulnerability. This vulnerability occurs when web applications fail to properly validate the integrity of cookies, resulting in the ability to execute malicious code. According to the [Common Weakness Enumeration (CWE) directory, this vulnerability is...

/ Cookie Variable Exposed

Cookie Variable Exposed is a type of vulnerability commonly found in web and API applications. It occurs when data stored in a cookie is made available to an unauthorized user, allowing them to gain access to the application or system. This vulnerability is classified as an Authentication vulnerability in the...
Credit card numbers disclosed is an authentication vulnerability (CWE-522) where credit card numbers, expiration dates, and CVV numbers are exposed during authentication. This vulnerability is commonly found in web applications and APIs (OWASP Testing Guide, V3.0). This type of vulnerability can be exploited with malicious intent, such as stealing credit...

/ Cross Site Scripting (DOM-Based)

Cross Site Scripting (DOM-Based) is a type of client side vulnerability that is listed in the CWE Top 25 (2022) and is classified as CWE-79. It is a type of injection attack that allows an attacker to execute malicious JavaScript on a web page or in an API. The attacker...

/ Cross-Domain Post

Cross-domain POST is a type of IT vulnerability which falls under the category of Configuration Management. This vulnerability is primarily found in web applications and APIs, and is defined as the ability to send a request from one domain to another, which is often done by malicious actors. This type...
Cross-domain Referer leakage is an authorization vulnerability that occurs when web applications fail to properly validate the HTTP Referer header. This allows attackers to bypass the same origin policy and access resources in another domain. This vulnerability is classified as CWE-352 (Cross-Site Request Forgery (CSRF)) in the Common Weakness Enumeration...
Cross-domain script include is a type of authentication vulnerability that occurs when a web application allows malicious scripts to be included from a different domain. This type of vulnerability can allow attackers to bypass access controls, such as the same-origin policy, allowing them to access sensitive data from the victim’s...

/ Cross-Origin Resource Sharing

Cross-origin resource sharing (CORS) is a vulnerability that occurs when a malicious website is allowed to access resources in a different domain. It is classified as a client-side vulnerability because it is the client's browser that is responsible for controlling access to resources. CORS is classified as CWE-918 in the...
A _Cross-Origin Resource Sharing (CORS)_ policy controls whether and how content running on other domains can interact with the domain that publishes the policy. The policy is granular and can apply per-request access controls based on the URL and other characteristics of the request. ## Risk The common exploitation scenarios can be...
Cross-origin resource sharing (CORS) is a browser mechanism which enables controlled access to resources located outside of a given domain. It extends and adds flexibility to the same-origin policy (SOP). It also provides potential for cross-domain based attacks, if a website's CORS policy is poorly configured and implemented. CORS is...
A _Cross-Origin Resource Sharing (CORS)_ policy controls whether and how content running on other domains can interact with the domain that publishes the policy. The policy is granular and can apply per-request access controls based on the URL and other characteristics of the request. ## Risk If a site allows interaction...

/ Cross-Site Request Forgery

Cross-Site Request Forgery (CSRF) is an attack vector that exploits the trust a website has for a user. It is a type of attack classified as a client-side attack, where an attacker can send malicious requests in the name of the target user without their knowledge. According to Common Weakness...

/ CSS Injection (Reflected)

CSS Injection (reflected) is an input validation vulnerability that occurs when an application does not properly validate input from a web or API user. This type of attack allows malicious code to be injected into a web page such that it is reflected back to the user when it is...

/ CSS Injection (Stored)

CSS injection (stored) is a type of input validation vulnerability which occurs when a web application stores user-supplied data in a web page without properly validating or encoding it, which allows malicious users to inject arbitrary CSS code into the page. This type of vulnerability is classified in the Common...

/ CSV Injection

CSV injection, also known as Formula Injection, is an attack technique used to exploit web and API applications that use comma-separated values (CSV) to store or exchange data. It is an input validation vulnerability, which is categorized as CWE-1236 according to the Common Weakness Enumeration (CWE). CSV injection is a...
Database connection string disclosed (CWE-209) is a vulnerability that occurs when a database connection string, such as a password, is disclosed in a web or API application or within the infrastructure. This can allow an attacker to gain access to the database and sensitive information stored within it. Furthermore, the...

/ Default Apache Web Page

Default Apache Web Page vulnerability is an attack technique that occurs in web and API applications and is categorized as Information Gathering. This vulnerability is defined as an attack that occurs when the attacker can access the default Apache web page on a target web server. This web page can...

/ Default Software Page

The disclosure of a default software page vulnerability occurs when an application or software system inadvertently exposes its default or administrative pages to users or external parties. These default pages are typically intended for internal use, testing, or administrative purposes, and their exposure can reveal sensitive information about the software...
The vulnerability refers to a security flaw in systems or applications where the initial default password provided to a user during account creation remains valid even after the user's first login. This vulnerability poses a significant security risk as it allows unauthorized access to user accounts, potentially leading to data...

/ Denial of Service

Denial of Service (DoS) is a type of IT vulnerability that is classified under Availability in the Common Weakness Enumeration (CWE) directory. DoS occurs when a malicious actor intentionally floods a network or system with an overwhelming amount of traffic, requests, or connections. This can cause the system to become...

/ Directory Listing

Directory listing is an information leakage vulnerability that occurs when a web or API server allows directory contents to be read, usually through a web browser, without proper authentication. This allows attackers to access sensitive files, such as configuration and log files, which may contain valuable information or credentials. Directory...

/ Disclosure of Source Code

Disclosure of source code is a vulnerability that occurs when an application or system fails to protect its source code from unauthorized access. The source code of an application is its most sensitive asset, as it contains confidential information and business logic. This vulnerability is identified by the Common Weakness...

/ Document Domain Manipulation

Document Domain Manipulation (CWE-213) is a client-side vulnerability that occurs when a malicious actor is able to manipulate the document domain of a web page or API. The document domain is the origin from which certain documents, such as JavaScript and HTML, are accessed. When this document domain is manipulated,...

/ Duplicate Cookies Set

Duplicate cookies set, also known as CWE-614, is a configuration management vulnerability that occurs in web and API applications. It occurs when two or more cookies are set with the same name and different values, resulting in different responses from the server. This vulnerability can be exploited to hijack a...
Element is not being deleted after delete is a type of vulnerability categorized under Business Logic (CWE-434), which can potentially occur in Web and API applications. This vulnerability occurs when a web or API application fails to delete an element from its database even after the element has been deleted....
Showing entries 1 to 50 of 205 entries.