| 10026 |
HTTP Parameter Override |
beta |
Medium |
Passive |
| 10032-1 |
Potential IP Addresses Found in the Viewstate |
release |
Medium |
Passive |
| 10032-2 |
Emails Found in the Viewstate |
release |
Medium |
Passive |
| 10032-3 |
Old Asp.Net Version in Use |
release |
Low |
Passive |
| 10032-4 |
Viewstate without MAC Signature (Unsure) |
release |
High |
Passive |
| 10032-5 |
Viewstate without MAC Signature (Sure) |
release |
High |
Passive |
| 10032-6 |
Split Viewstate in Use |
release |
Informational |
Passive |
| 10044-1 |
Big Redirect Detected (Potential Sensitive Information Leak) |
release |
Low |
Passive |
| 10044-2 |
Multiple HREFs Redirect Detected (Potential Sensitive Information Leak) |
release |
Low |
Passive |
| 10052 |
X-ChromeLogger-Data (XCOLD) Header Information Leak |
release |
Medium |
Passive |
| 10058 |
GET for POST |
release |
Informational |
Active |
| 10062 |
PII Disclosure |
release |
High |
Passive |
| 10094-1 |
ASP.NET ViewState Disclosure |
alpha |
Informational |
Passive |
| 10094-2 |
ASP.NET ViewState Integrity |
alpha |
High |
Passive |
| 10094-3 |
Base64 Disclosure |
alpha |
Informational |
Passive |
| 10097-1 |
Hash Disclosure - LanMan / DES |
release |
High |
Passive |
| 10097-2 |
Hash Disclosure - Kerberos AFS DES |
release |
High |
Passive |
| 10097-3 |
Hash Disclosure - OpenBSD Blowfish |
release |
High |
Passive |
| 10097-4 |
Hash Disclosure - MD5 Crypt |
release |
High |
Passive |
| 10097-5 |
Hash Disclosure - SHA-256 Crypt |
release |
High |
Passive |
| 10097-6 |
Hash Disclosure - SHA-512 Crypt |
release |
High |
Passive |
| 10097-7 |
Hash Disclosure - BCrypt |
release |
High |
Passive |
| 10097-8 |
Hash Disclosure - NTLM |
release |
High |
Passive |
| 10097-9 |
Hash Disclosure - Salted SHA-1 |
release |
Low |
Passive |
| 10097-10 |
Hash Disclosure - SHA-512 |
release |
Low |
Passive |
| 10097-11 |
Hash Disclosure - SHA-384 |
release |
Low |
Passive |
| 10097-12 |
Hash Disclosure - SHA-256 |
release |
Low |
Passive |
| 10097-13 |
Hash Disclosure - SHA-224 |
release |
Low |
Passive |
| 10097-14 |
Hash Disclosure - SHA-1 |
release |
Low |
Passive |
| 10097-15 |
Hash Disclosure - LanMan |
release |
Low |
Passive |
| 10097-16 |
Hash Disclosure - MD4 / MD5 |
release |
Low |
Passive |
| 10108 |
Reverse Tabnabbing |
release |
Medium |
Passive |
| 10110 |
Dangerous JS Functions |
beta |
Low |
Passive |
| 40008 |
Parameter Tampering |
release |
Medium |
Active |
| 40044 |
Exponential Entity Expansion (Billion Laughs Attack) |
release |
Medium |
Active |
| 50007-3 |
GraphQL Circular Type Reference |
alpha |
Informational |
Tool |
| 90001 |
Insecure JSF ViewState |
release |
Medium |
Passive |
| 90002 |
Java Serialization Object |
release |
Medium |
Passive |
| 90004-1 |
Cross-Origin-Resource-Policy Header Missing or Invalid |
beta |
Low |
Passive |
| 90004-2 |
Cross-Origin-Embedder-Policy Header Missing or Invalid |
beta |
Low |
Passive |
| 90004-3 |
Cross-Origin-Opener-Policy Header Missing or Invalid |
beta |
Low |
Passive |