Detections
Analytics

was Plugin Feed 202407050836

Jul 5, 2024, 8:36 AM
Modified Detection
  • 112290Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities
  • 112353ASP.NET DEBUG Method Enabled
  • 112526Missing 'X-XSS-Protection' Header (deprecated)
  • 112544HTTP to HTTPS Redirect Not Enabled
  • 112550Full Path Disclosure
  • 112686JSON Web Token Detected
  • 112719Client-Side Prototype Pollution
  • 112726Apache Struts 2.3.5 < 2.3.32 / 2.5.x < 2.5.10.1 Remote Code Execution (S2-045 / S2-046)
  • 112727Apache Struts 2.0.4 < 2.3.35 / 2.5.x < 2.5.17 Remote Code Execution (S2-057)
  • 112741Apache Struts 2.x < 2.3.15.1 Remote Code Execution (S2-016)
  • 112742Apache Struts 2 < 2.3.29 DevMode Remote Code Execution
  • 112760Apache Struts 2 Demo Application Detected
  • 112762Apache Struts 2 < 2.3.33 Remote Code Execution (S2-048)
  • 112763Apache Struts 2.1.6 < 2.3.34 / 2.5 < 2.5.13 Remote Code Execution (S2-052)
  • 112907GraphQL Interface Detected
  • 112920GraphQL Cross-Site Request Forgery
  • 113030Out-of-Date Bootstrap Detected
  • 113031Out-of-Date JQuery UI Detected
  • 113032Out-of-Date Modernizr Detected
  • 113033Out-of-Date Underscore.js Detected
  • 113034Out-of-Date MediaElement.Js Detected
  • 113037Out-of-Date Backbone JS Framework Detected
  • 113059OPcache UI Detected
  • 113117Magento Administration Panel Login Form Bruteforced
  • 113158Package Dependencies Detected
  • 113162MySQLjs SQL Injection Authentication Bypass
  • 113168Docker Compose Configuration Detected
  • 113217Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell)
  • 113219Insecure Redirect Chain
  • 113310Blind XPath Injection (differential analysis)
  • 113337NoSQL Injection Authentication Bypass
  • 113338Web Cache Poisoning
  • 113393Performance Telemetry
  • 113420Nginx < 1.22.1 Multiple Vulnerabilities
  • 113421Nginx 1.23.x < 1.23.2 Multiple Vulnerabilities
  • 113838WooCommerce Payments Plugin for WordPress 5.6.x < 5.6.2 Authentication Bypass
  • 113897HTML Comments Detected
  • 113943Disclosed Hong Kong Identity Number
  • 113959GeoServer SQL Injection
  • 114006Web Cache Poisoning Denial of Service
  • 114029Well-Known URIs Detected
  • 114031WooCommerce Payments Plugin for WordPress 6.3.x < 6.3.2 Authentication Bypass
  • 114032WooCommerce Payments Plugin for WordPress 6.2.x < 6.2.2 Authentication Bypass
  • 114033WooCommerce Payments Plugin for WordPress 5.5.x < 5.5.2 Authentication Bypass
  • 114034WooCommerce Payments Plugin for WordPress 5.4.x < 5.4.1 Authentication Bypass
  • 114035WooCommerce Payments Plugin for WordPress 5.3.x < 5.3.1 Authentication Bypass
  • 114036WooCommerce Payments Plugin for WordPress 5.2.x < 5.2.2 Authentication Bypass
  • 114037WooCommerce Payments Plugin for WordPress 5.1.x < 5.1.3 Authentication Bypass
  • 114038WooCommerce Payments Plugin for WordPress 5.0.x < 5.0.4 Authentication Bypass
  • 114039WooCommerce Payments Plugin for WordPress 4.9.x < 4.9.1 Authentication Bypass
  • 114040WooCommerce Payments Plugin for WordPress 4.8.x < 4.8.2 Authentication Bypass
  • 114129Secret Data Disclosure
  • 114143Node-config Configuration File Detected
  • 114146Subdomain Takeover
  • 114220Atlassian Confluence < 7.19.18 Cross-Site Scripting
  • 114221Atlassian Confluence 8.7.x < 8.7.2 Cross-Site Scripting
  • 114222Atlassian Confluence 7.20.x < 8.5.5 Cross-Site Scripting
  • 114223HTTP Request Smuggling
  • 114238Atlassian Confluence < 7.19.20 Path Traversal
  • 114239Atlassian Confluence 7.20.x < 8.5.7 Path Traversal
  • 114240Atlassian Confluence 8.6.x < 8.8.1 Path Traversal
  • 114247Authentication Check Pattern Found in Unauthenticated Browser
  • 114258LayerSlider Plugin for WordPress 7.9.11 < 7.10.1 SQL Injection
  • 114283Unrestricted File Upload
  • 114325Adobe Commerce / Magento XML External Entity Injection (CosmicSting)
  • 114357Polyfill Detected
  • 114360Apache 2.4.x < 2.4.60 Multiple Vulnerabilities
  • 114363Apache 2.4.60 Source Code Disclosure
  • 98067Insecure Cross-Domain Policy (allow-access-from)
  • 98068Insecure Cross-Domain Policy (allow-http-request-headers-from)
  • 98070Common Administration Interfaces Detection
  • 98071Common Files Detection
  • 98077Private IP Address Disclosure
  • 98084Directory Listing
  • 98100Path Traversal
  • 98107Cross-Site Scripting (XSS) in path
  • 98109DOM-based Cross-Site Scripting (XSS)
  • 98110DOM-based Cross-Site Scripting (XSS) in attribute context
  • 98114XPath Injection
  • 98115SQL Injection
  • 98117Blind SQL Injection (differential analysis)
  • 98119Blind NoSQL Injection (differential analysis)
  • 98146Password Submitted Using GET Method
  • 98228Drupal Unsupported Version
  • 98538Environment Configuration File Detected
  • 98611Error Message
  • 98623Host Header Injection
  • 98950Nginx < 1.4.1 ngx_http_proxy_module.c Multiple Vulnerabilities
  • 98951Nginx < 1.2.9 ngx_http_proxy_module.c Multiple Vulnerabilities
New
  • 114358Malicious Third Party Domain Detected
  • 114359ZenML Detected
  • 114361Ray Detected
  • 114362ChatGPT Plugin Manifest Detected
  • 114364Apache Tomcat 11.0.0-M1 < 11.0.0-M21 Denial Of Service
  • 114365Apache Tomcat 10.1.0-M1 < 10.1.25 Denial Of Service
  • 114366Apache Tomcat 9.0.0-M1 < 9.0.90 Denial Of Service