Download

Alert Tag: POLICY_QA_FULL

Alert Tags > POLICY_QA_FULL

POLICY_QA_FULL

All of the alerts which use this tag:
ID Alert Status Risk Type
0 Directory Browsing release Medium Active
6-1 Path Traversal release High Active
6-2 Path Traversal release High Active
6-3 Path Traversal release High Active
6-4 Path Traversal release High Active
6-5 Path Traversal release High Active
7 Remote File Inclusion release High Active
41 Source Code Disclosure - Git beta High Active
42 Source Code Disclosure - SVN beta Medium Active
43 Source Code Disclosure - File Inclusion beta High Active
10045-1 Source Code Disclosure - /WEB-INF Folder release High Active
10045-2 Properties File Disclosure - /WEB-INF folder release High Active
10047 HTTPS Content Available via HTTP release Low Active
10051 Relative Path Confusion beta Medium Active
10058 GET for POST release Informational Active
10095 Backup File Disclosure beta Medium Active
10106 HTTP Only Site release Medium Active
10107 Httpoxy - Proxy Header Misuse beta High Active
10205-1 HTTPS Configuration alpha Informational Active
10205-2 HTTPS Security Configuration Issues alpha High Active
20012 Anti-CSRF Tokens Check beta Medium Active
20015 Heartbleed OpenSSL Vulnerability release High Active
20016-1 Cross-Domain Misconfiguration - Adobe - Read beta High Active
20016-2 Cross-Domain Misconfiguration - Adobe - Send beta High Active
20016-3 Cross-Domain Misconfiguration - Silverlight beta High Active
20017 Source Code Disclosure - CVE-2012-1823 release High Active
20018 Remote Code Execution - CVE-2012-1823 release High Active
20019-1 External Redirect release High Active
20019-2 External Redirect release High Active
20019-3 External Redirect release High Active
20019-4 External Redirect release High Active
30002 Format String Error release Medium Active
40003 CRLF Injection release Medium Active
40008 Parameter Tampering release Medium Active
40009 Server Side Include release High Active
40012 Cross Site Scripting (Reflected) release High Active
40014-1 Cross Site Scripting (Persistent) release High Active
40014-2 Cross Site Scripting Weakness (Persistent in JSON Response) release Low Active
40014-3 Cross Site Scripting (Persistent) release High Active
40016 Cross Site Scripting (Persistent) - Prime release Informational Active
40017 Cross Site Scripting (Persistent) - Spider release Informational Active
40018 SQL Injection release High Active
40019 SQL Injection - MySQL (Time Based) release High Active
40020 SQL Injection - Hypersonic SQL (Time Based) release High Active
40021 SQL Injection - Oracle (Time Based) release High Active
40022 SQL Injection - PostgreSQL (Time Based) release High Active
40024-1 SQL Injection - SQLite (Time Based) alpha High Active
40024-2 SQL Injection - SQLite (Time Based) alpha High Active
40026 Cross Site Scripting (DOM Based) release High Active
40027 SQL Injection - MsSQL (Time Based) release High Active
40028 ELMAH Information Leak release Medium Active
40029 Trace.axd Information Leak release Medium Active
40031 Out of Band XSS beta High Active
40032 .htaccess Information Leak release Medium Active
40034 .env Information Leak release Medium Active
40035 Hidden File Found release Medium Active
40038 Bypassing 403 beta Medium Active
40040-1 CORS Header beta Informational Active
40040-2 CORS Misconfiguration beta Medium Active
40040-3 CORS Misconfiguration beta High Active
40042 Spring Actuator Information Leak release Medium Active
40043-1 Log4Shell (CVE-2021-44228) release High Active
40043-2 Log4Shell (CVE-2021-45046) release High Active
40044 Exponential Entity Expansion (Billion Laughs Attack) release Medium Active
40045 Spring4Shell release High Active
40046 Server Side Request Forgery beta High Active
40047 Text4shell (CVE-2022-42889) beta High Active
40048 Remote Code Execution (React2Shell) release High Active
90017 XSLT Injection release Medium Active
90019-1 Server Side Code Injection - PHP Code Injection release High Active
90019-2 Server Side Code Injection - ASP Code Injection release High Active
90020 Remote OS Command Injection release High Active
90021 XPath Injection release High Active
90023 XML External Entity Attack release High Active
90024 Generic Padding Oracle release High Active
90025 Expression Language Injection beta High Active
90026 SOAP Action Spoofing beta High Active
90028-1 Insecure HTTP Method - DELETE beta Medium Active
90028-2 Insecure HTTP Method - PUT beta Medium Active
90028-3 Insecure HTTP Method - TRACE beta Medium Active
90028-4 Insecure HTTP Method - CONNECT beta Medium Active
90028-5 Insecure HTTP Method - PROPFIND beta Informational Active
90028-6 Insecure HTTP Method - PUT beta Medium Active
90029 SOAP XML Injection beta High Active
90034 Cloud Metadata Potentially Exposed release High Active
90035 Server Side Template Injection release High Active
90036 Server Side Template Injection (Blind) release High Active
90037 Remote OS Command Injection (Time Based) release High Active