| 7 |
Remote File Inclusion |
release |
High |
Active |
| 10028 |
Off-site Redirect |
release |
High |
Passive |
| 10029 |
Cookie Poisoning |
release |
Informational |
Passive |
| 10030 |
User Controllable Charset |
release |
Informational |
Passive |
| 10031 |
User Controllable HTML Element Attribute (Potential XSS) |
release |
Informational |
Passive |
| 10043 |
User Controllable JavaScript Event (XSS) |
release |
Informational |
Passive |
| 20014 |
HTTP Parameter Pollution |
beta |
Informational |
Active |
| 20019-1 |
External Redirect |
release |
High |
Active |
| 20019-2 |
External Redirect |
release |
High |
Active |
| 20019-3 |
External Redirect |
release |
High |
Active |
| 20019-4 |
External Redirect |
release |
High |
Active |
| 30001 |
Buffer Overflow |
release |
Medium |
Active |
| 30002 |
Format String Error |
release |
Medium |
Active |
| 30003 |
Integer Overflow Error |
beta |
Medium |
Active |
| 40003 |
CRLF Injection |
release |
Medium |
Active |
| 40009 |
Server Side Include |
release |
High |
Active |
| 40012 |
Cross Site Scripting (Reflected) |
release |
High |
Active |
| 40014-1 |
Cross Site Scripting (Persistent) |
release |
High |
Active |
| 40014-2 |
Cross Site Scripting Weakness (Persistent in JSON Response) |
release |
Low |
Active |
| 40014-3 |
Cross Site Scripting (Persistent) |
release |
High |
Active |
| 40015-1 |
LDAP Injection - activedirectory |
alpha |
High |
Active |
| 40015-2 |
LDAP Injection |
alpha |
High |
Active |
| 40016 |
Cross Site Scripting (Persistent) - Prime |
release |
Informational |
Active |
| 40017 |
Cross Site Scripting (Persistent) - Spider |
release |
Informational |
Active |
| 40018 |
SQL Injection |
release |
High |
Active |
| 40019 |
SQL Injection - MySQL (Time Based) |
release |
High |
Active |
| 40020 |
SQL Injection - Hypersonic SQL (Time Based) |
release |
High |
Active |
| 40021 |
SQL Injection - Oracle (Time Based) |
release |
High |
Active |
| 40022 |
SQL Injection - PostgreSQL (Time Based) |
release |
High |
Active |
| 40024-1 |
SQL Injection - SQLite (Time Based) |
alpha |
High |
Active |
| 40024-2 |
SQL Injection - SQLite (Time Based) |
alpha |
High |
Active |
| 40026 |
Cross Site Scripting (DOM Based) |
release |
High |
Active |
| 40027 |
SQL Injection - MsSQL (Time Based) |
release |
High |
Active |
| 40031 |
Out of Band XSS |
beta |
High |
Active |
| 40033 |
NoSQL Injection - MongoDB |
beta |
High |
Active |
| 40045 |
Spring4Shell |
release |
High |
Active |
| 40048 |
Remote Code Execution (React2Shell) |
release |
High |
Active |
| 40101 |
Cross-site Scripting |
alpha |
High |
Tool |
| 40102 |
Cross-site Scripting |
alpha |
High |
Tool |
| 40103 |
Cross Site Request Forgery |
alpha |
High |
Tool |
| 90017 |
XSLT Injection |
release |
Medium |
Active |
| 90018 |
Advanced SQL Injection |
beta |
High |
Active |
| 90019-1 |
Server Side Code Injection - PHP Code Injection |
release |
High |
Active |
| 90019-2 |
Server Side Code Injection - ASP Code Injection |
release |
High |
Active |
| 90020 |
Remote OS Command Injection |
release |
High |
Active |
| 90021 |
XPath Injection |
release |
High |
Active |
| 90023 |
XML External Entity Attack |
release |
High |
Active |
| 90025 |
Expression Language Injection |
beta |
High |
Active |
| 90026 |
SOAP Action Spoofing |
beta |
High |
Active |
| 90029 |
SOAP XML Injection |
beta |
High |
Active |
| 90035 |
Server Side Template Injection |
release |
High |
Active |
| 90036 |
Server Side Template Injection (Blind) |
release |
High |
Active |
| 90037 |
Remote OS Command Injection (Time Based) |
release |
High |
Active |
| 90039 |
NoSQL Injection - MongoDB (Time Based) |
beta |
High |
Active |
| 100029 |
File Content Disclosure (CVE-2019-5418) |
alpha |
High |
Script Active |
| 100044-1 |
Suspicious Input Transformation - Quote Consumption |
alpha |
High |
Script Active |
| 100044-2 |
Suspicious Input Transformation - Arithmetic Evaluation |
alpha |
High |
Script Active |
| 100044-3 |
Suspicious Input Transformation - Expression Evaluation |
alpha |
High |
Script Active |
| 100044-4 |
Suspicious Input Transformation - Template Evaluation |
alpha |
High |
Script Active |
| 100044-5 |
Suspicious Input Transformation - EL Evaluation |
alpha |
High |
Script Active |
| 100044-6 |
Suspicious Input Transformation - Unicode Normalisation |
alpha |
High |
Script Active |
| 100044-7 |
Suspicious Input Transformation - URL Decoding Error |
alpha |
High |
Script Active |
| 100044-8 |
Suspicious Input Transformation - Unicode Byte Truncation |
alpha |
High |
Script Active |
| 100044-9 |
Suspicious Input Transformation - Unicode Case Conversion |
alpha |
High |
Script Active |
| 100044-10 |
Suspicious Input Transformation - Unicode Combining Diacritic |
alpha |
High |
Script Active |
| 200000-1 |
SQL Injection - Single Quote (before) |
alpha |
High |
Tool |
| 200000-2 |
SQL Injection - Double Quote (before) |
alpha |
High |
Tool |
| 200000-3 |
SQL Injection - Single Quote (after) |
alpha |
High |
Tool |
| 200000-4 |
SQL Injection - Double Quote (after) |
alpha |
High |
Tool |
| 200001 |
OS Command Injection - Unix cat /etc/passwd (pipe) |
alpha |
High |
Tool |
| 200002-1 |
XSS - Unfiltered <script> tag |
alpha |
High |
Tool |
| 200002-2 |
XSS - Script tag after noscript tag |
alpha |
High |
Tool |
| 200002-3 |
XSS - Svg tag with animation event |
alpha |
High |
Tool |
| 200002-4 |
XSS - Img onerror |
alpha |
High |
Tool |
| 200002-5 |
XSS - Img onerror |
alpha |
High |
Tool |
| 200002-6 |
XSS - attribute context img onerror |
alpha |
High |
Tool |
| 200002-7 |
XSS - SVG onload polyglot |
alpha |
High |
Tool |
| 200002-8 |
XSS - JS string break-out |
alpha |
High |
Tool |
| 200002-9 |
XSS - JS template literal break-out |
alpha |
High |
Tool |
| 200002-10 |
XSS - JS expression replacement |
alpha |
High |
Tool |
| 200002-11 |
XSS - JS single-quoted string break-out |
alpha |
High |
Tool |
| 200002-12 |
XSS - JS slash/regex literal break-out |
alpha |
High |
Tool |
| 200002-13 |
XSS - JS block comment break-out |
alpha |
High |
Tool |
| 200002-14 |
XSS - double-quoted attribute event injection |
alpha |
High |
Tool |
| 200002-15 |
XSS - single-quoted attribute event injection |
alpha |
High |
Tool |
| 200002-16 |
XSS - unquoted attribute event injection |
alpha |
High |
Tool |
| 200002-17 |
XSS - attribute-name event injection |
alpha |
High |
Tool |
| 200002-18 |
XSS - tag-name SVG onload injection |
alpha |
High |
Tool |
| 200007 |
SPA hash DOM XSS |
alpha |
High |
Tool |
| 210000-1 |
DOM XSS via inline event handler |
alpha |
High |
Tool |
| 210000-2 |
DOM XSS via Element.innerHTML |
alpha |
High |
Tool |
| 210000-3 |
DOM XSS via Element.outerHTML |
alpha |
High |
Tool |
| 210000-4 |
DOM XSS via insertAdjacentHTML |
alpha |
High |
Tool |
| 210000-5 |
DOM XSS via document.write |
alpha |
High |
Tool |
| 210000-6 |
DOM XSS via DOM mutations |
alpha |
High |
Tool |
| 210001-1 |
Dynamic code execution via eval |
alpha |
High |
Tool |
| 210001-2 |
Dynamic code execution via Function constructor |
alpha |
High |
Tool |
| 210001-3 |
Dynamic code execution via Function.apply |
alpha |
High |
Tool |
| 210003-1 |
javascript: URL assigned to href |
alpha |
High |
Tool |
| 210003-2 |
javascript: URL navigated via location.href |
alpha |
High |
Tool |
| 210003-3 |
javascript: URL assigned to iframe.src |
alpha |
High |
Tool |
| 210003-4 |
data: URL assigned to script.src |
alpha |
High |
Tool |
| 210006-1 |
javascript: URL assigned to form action |
alpha |
High |
Tool |
| 210006-2 |
javascript: URL assigned to formAction |
alpha |
High |
Tool |
| 210007-1 |
Response field rendered via innerHTML |
alpha |
High |
Tool |
| 210007-2 |
Response field rendered via document.write |
alpha |
High |
Tool |
| 220000-1 |
Disallow innerHTML/outerHTML assignments |
alpha |
High |
Tool |
| 220000-2 |
Review uses of appendChild |
alpha |
High |
Tool |
| 220000-3 |
Disallow document.write()/writeln() |
alpha |
High |
Tool |
| 220000-4 |
Review DOMParser.parseFromString with dynamic HTML/XML |
alpha |
High |
Tool |
| 220000-5 |
template.innerHTML with dynamic content |
alpha |
High |
Tool |
| 220000-6 |
Inline event handler built from dynamic data |
alpha |
High |
Tool |
| 220000-7 |
Disallow insertAdjacentHTML() |
alpha |
High |
Tool |
| 220000-8 |
DOM-based XSS (taint flow) |
alpha |
High |
Tool |
| 220000-9 |
DOM XSS via innerHTML (Angular) |
alpha |
High |
Tool |
| 220003-1 |
Avoid string-based timers |
alpha |
High |
Tool |
| 220003-2 |
Avoid execScript dynamic execution |
alpha |
High |
Tool |
| 220003-3 |
Avoid eval with string literals |
alpha |
High |
Tool |
| 220003-4 |
Avoid Function constructor with strings |
alpha |
High |
Tool |
| 220003-5 |
DOM-based JavaScript Injection (taint flow) |
alpha |
High |
Tool |