Date of the scan: Sat, 14 Sep 2024 00:42:09 +0000. Scope of the scan: folder. Crawled pages: 1
Category | Number of vulnerabilities found |
---|---|
Backup file | 0 |
Weak credentials | 0 |
CRLF Injection | 0 |
Content Security Policy Configuration | 1 |
Cross Site Request Forgery | 0 |
Potentially dangerous file | 0 |
Command execution | 0 |
Path Traversal | 0 |
Fingerprint web application framework | 0 |
Fingerprint web server | 0 |
Htaccess Bypass | 0 |
HTML Injection | 0 |
HTTP Secure Headers | 2 |
HttpOnly Flag cookie | 0 |
Unencrypted Channels | 0 |
Log4Shell | 0 |
Open Redirect | 0 |
Reflected Cross Site Scripting | 0 |
Secure Flag cookie | 0 |
Spring4Shell | 0 |
SQL Injection | 0 |
TLS/SSL misconfigurations | 0 |
Server Side Request Forgery | 0 |
Stored HTML Injection | 0 |
Stored Cross Site Scripting | 0 |
Subdomain takeover | 0 |
Blind SQL Injection | 0 |
Unrestricted File Upload | 0 |
XML External Entity | 0 |
Internal Server Error | 0 |
Resource consumption | 0 |
Review Webserver Metafiles for Information Leakage | 0 |
Fingerprint web technology | 0 |
HTTP Methods | 0 |
CSP is not set
GET /tomcat-webapp-boilerplate/app HTTP/1.1
host: localhost:8080
connection: keep-alive
user-agent: Mozilla/5.0 (Windows NT 6.1; rv:45.0) Gecko/20100101 Firefox/45.0
accept-language: en-US
accept-encoding: gzip, deflate, br
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
curl "http://localhost:8080/tomcat-webapp-boilerplate/app"
['WSTG-CONF-12', 'OSHP-Content-Security-Policy']
X-Frame-Options is not set
GET /tomcat-webapp-boilerplate/app HTTP/1.1
host: localhost:8080
connection: keep-alive
user-agent: Mozilla/5.0 (Windows NT 6.1; rv:45.0) Gecko/20100101 Firefox/45.0
accept-language: en-US
accept-encoding: gzip, deflate, br
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
curl "http://localhost:8080/tomcat-webapp-boilerplate/app"
['OSHP-X-Frame-Options']
X-Content-Type-Options is not set
GET /tomcat-webapp-boilerplate/app HTTP/1.1
host: localhost:8080
connection: keep-alive
user-agent: Mozilla/5.0 (Windows NT 6.1; rv:45.0) Gecko/20100101 Firefox/45.0
accept-language: en-US
accept-encoding: gzip, deflate, br
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
curl "http://localhost:8080/tomcat-webapp-boilerplate/app"
['OSHP-X-Content-Type-Options']