Vulnerabilities Knowledge Base

How To Enable Content Sniffing?

How To Disable OPTIONS Method?

Clickjacking: X-Frame-Options Header Missing

Error Page Discloses Web Server Version

How To Disable Web Dav Extensions?

How To Configure Access-Control-Allow-Origin Header?

How To Disable Custom Errors At Webroot?

Excessive-Information-In-Headers

Protect Server Against Heartbleed OpenSSL Vulnerability

Data Being Sent In Plain Text In the URL Can Be Manipulated

Directory Listing Is Enabled Leading to Further Attacks

Vulnerability - Frontpage Extensions Are Enabled

Vulnerability - Anonymous FTP Access Is Enabled

Vulnerability - Host Header Attack Is Possible

Old SSL or Weak SSL Cipher Being Used

Outdated PHP Apache OpenSSL Stack being used

Strict Transport Security Header Missing Vulnerability

Vulnerable WordPress Version is installed

Session Cookie Found Without Secure Flag Set.

Session Cookie Found Without HTTPOnly Set

TRACE Method Is Enabled

Web Server Default Welcome Page

How To Disable Autocomplete?

Protect Server Against POODLE SSLv3 Vulnerability

Custom_errors

How To Encrypt Viewstates In Dotnet?

Excessive Information About The Server And Web Layer Are Visible In The Response Headers.

Firewall Admin Interface Is Externally Open

Cacheable HTTPS Response Vulnerability

Vulnerabile HTTP DELETE Method Enabled

Vulnerabile HTTP PUT Method Enabled

Insecure transition from HTTPS to HTTP observed

Internal IP Address Disclosure Vulnerability

Internal Code Path Disclosure Vulnerability

System infected with Conflickr Worm/Virus

Vulnerability - X-XSS-Protection Header Missing