Detections
Analytics

was Plugin Feed 202409030646

Sep 3, 2024, 6:46 AM
Modified Detection
  • 112290Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities
  • 112353ASP.NET DEBUG Method Enabled
  • 112526Missing 'X-XSS-Protection' Header (deprecated)
  • 112544HTTP to HTTPS Redirect Not Enabled
  • 112550Full Path Disclosure
  • 112686JSON Web Token Detected
  • 112719Client-Side Prototype Pollution
  • 112726Apache Struts 2.3.5 < 2.3.32 / 2.5.x < 2.5.10.1 Remote Code Execution (S2-045 / S2-046)
  • 112727Apache Struts 2.0.4 < 2.3.35 / 2.5.x < 2.5.17 Remote Code Execution (S2-057)
  • 112741Apache Struts 2.x < 2.3.15.1 Remote Code Execution (S2-016)
  • 112742Apache Struts 2 < 2.3.29 DevMode Remote Code Execution
  • 112760Apache Struts 2 Demo Application Detected
  • 112762Apache Struts 2 < 2.3.33 Remote Code Execution (S2-048)
  • 112763Apache Struts 2.1.6 < 2.3.34 / 2.5 < 2.5.13 Remote Code Execution (S2-052)
  • 112907GraphQL Interface Detected
  • 112920GraphQL Cross-Site Request Forgery
  • 113059OPcache UI Detected
  • 113158Package Dependencies Detected
  • 113162MySQLjs SQL Injection Authentication Bypass
  • 113217Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell)
  • 113219Insecure Redirect Chain
  • 113310Blind XPath Injection (differential analysis)
  • 113337NoSQL Injection Authentication Bypass
  • 113393Performance Telemetry
  • 113420Nginx < 1.22.1 Multiple Vulnerabilities
  • 113421Nginx 1.23.x < 1.23.2 Multiple Vulnerabilities
  • 113838WooCommerce Payments Plugin for WordPress 5.6.x < 5.6.2 Authentication Bypass
  • 113897HTML Comments Detected
  • 113943Disclosed Hong Kong Identity Number
  • 114006Web Cache Poisoning Denial of Service
  • 114029Well-Known URIs Detected
  • 114031WooCommerce Payments Plugin for WordPress 6.3.x < 6.3.2 Authentication Bypass
  • 114032WooCommerce Payments Plugin for WordPress 6.2.x < 6.2.2 Authentication Bypass
  • 114033WooCommerce Payments Plugin for WordPress 5.5.x < 5.5.2 Authentication Bypass
  • 114034WooCommerce Payments Plugin for WordPress 5.4.x < 5.4.1 Authentication Bypass
  • 114035WooCommerce Payments Plugin for WordPress 5.3.x < 5.3.1 Authentication Bypass
  • 114036WooCommerce Payments Plugin for WordPress 5.2.x < 5.2.2 Authentication Bypass
  • 114037WooCommerce Payments Plugin for WordPress 5.1.x < 5.1.3 Authentication Bypass
  • 114038WooCommerce Payments Plugin for WordPress 5.0.x < 5.0.4 Authentication Bypass
  • 114039WooCommerce Payments Plugin for WordPress 4.9.x < 4.9.1 Authentication Bypass
  • 114040WooCommerce Payments Plugin for WordPress 4.8.x < 4.8.2 Authentication Bypass
  • 114129Secret Data Disclosure
  • 114143Node-config Configuration File Detected
  • 114146Subdomain Takeover
  • 114220Atlassian Confluence < 7.19.18 Cross-Site Scripting
  • 114221Atlassian Confluence 8.7.x < 8.7.2 Cross-Site Scripting
  • 114222Atlassian Confluence 7.20.x < 8.5.5 Cross-Site Scripting
  • 114223HTTP Request Smuggling
  • 114238Atlassian Confluence < 7.19.20 Path Traversal
  • 114239Atlassian Confluence 7.20.x < 8.5.7 Path Traversal
  • 114240Atlassian Confluence 8.6.x < 8.8.1 Path Traversal
  • 114247Authentication Check Pattern Found in Unauthenticated Browser
  • 114258LayerSlider Plugin for WordPress 7.9.11 < 7.10.1 SQL Injection
  • 114283Unrestricted File Upload
  • 114373Joomla! 5.x < 5.1.2 Multiple Vulnerabilities
  • 114374Joomla! 4.x < 4.4.6 Multiple Vulnerabilities
  • 114375Joomla! 3.x < 3.10.16 Multiple Vulnerabilities
  • 114377Atlassian Confluence < 7.19.22 Cross-Site Scripting
  • 114378Atlassian Confluence 7.20.x < 8.5.9 Cross-Site Scripting
  • 114379Atlassian Confluence 8.6.x < 8.9.1 Cross-Site Scripting
  • 114386External Broken Resources Detected
  • 114400Apache OFBiz < 18.12.11 Server-Side Request Forgery
  • 98067Insecure Cross-Domain Policy (allow-access-from)
  • 98068Insecure Cross-Domain Policy (allow-http-request-headers-from)
  • 98070Common Administration Interfaces Detection
  • 98071Common Files Detection
  • 98077Private IP Address Disclosure
  • 98084Directory Listing
  • 98100Path Traversal
  • 98107Cross-Site Scripting (XSS) in path
  • 98109DOM-based Cross-Site Scripting (XSS)
  • 98110DOM-based Cross-Site Scripting (XSS) in attribute context
  • 98114XPath Injection
  • 98115SQL Injection
  • 98117Blind SQL Injection (differential analysis)
  • 98119Blind NoSQL Injection (differential analysis)
  • 98146Password Submitted Using GET Method
  • 98228Drupal Unsupported Version
  • 98538Environment Configuration File Detected
  • 98611Error Message
  • 98623Host Header Injection
  • 98950Nginx < 1.4.1 ngx_http_proxy_module.c Multiple Vulnerabilities
  • 98951Nginx < 1.2.9 ngx_http_proxy_module.c Multiple Vulnerabilities
New
  • 114395WebSocket Detected
  • 114396Apache OFBiz < 18.12.15 Remote Code Execution
  • 114397AI Engine Plugin for WordPress < 2.4.8 Server-Side Request Forgery
  • 114398Edge Side Includes Injection
  • 114399Apache OFBiz < 18.12.13 Path Traversal
  • 114401Nginx+ Dashboard Unrestricted Access
  • 114402Nginx HTTP API Module Unrestricted Access
  • 114403Laravel Pulse Unrestricted Access
  • 114404Laravel Horizon Unrestricted Access
  • 114405Laravel Telescope Unrestricted Access
  • 114406LiteSpeed Cache Plugin for WordPress < 6.4 Privilege Escalation
  • 114407Gradio Detected
  • 114408Gradio Unauthenticated Access
  • 114409Gradio 4.3 < 4.13 Local File Read
  • 114410FCKEditor Unsupported Version
  • 114411Ivanti Virtual Traffic Manager Authentication Bypass