Supported Tests by SmartScanner

365 tests found
Vulnerability Name Severity

Apache 2.4.49 Path Traversal and RCE

High

Apache Expect Header Cross Site Scripting

High

Apache mod_jk Access Control Bypass

High

Apache mod_proxy 2.4.48 SSRF

Medium

Apache server-info enabled

Medium

Apache server-status enabled

Medium

Apache Struts 2 Forced double OGNL evaluation S2-059

High

Apache Struts 2 RCE S2-045

High

Apache Struts 2 REST plugin XStream RCE S2-052

High

Apache Struts OGNL expression RCE S2-057

High

Apache Tomcat JSP Upload RCE

High

Apache Tomcat Manager Login Found

Medium

Apache Version Disclosure

Informational

Application and Database Error

Medium

Application Error

Medium

Arbitrary Source Code Disclosure

High

ASP.NET Version Disclosure

Informational

Auto Complete Enabled Password Input

Low

Basic Authentication Over HTTP

Medium

Blind OS Command Execution

High

Blind SQL Injection

High

BREACH attack

Low

Broken Link

Informational

Brute Force Prevention Bypassed

Medium

Buffer Overflow

Medium

Content Character Encoding is not Defined

Informational

Content-Security-Policy Header is Missing

Low

Cookie Accessible for Subdomains

Informational

Cookie without HttpOnly Flag

Low

Cookie without SameSite Flag

Low

Cookie without Secure Flag

Low

CRIME (SPDY) attack

Low

CRIME (SSL/TLS) attack

Low

CRLF Injection in URL

High

Cross-Origin Resource Sharing Allowed

Informational

Cross Site Scripting

High

Database Error

Medium

Detailed Application and Database Error

Medium

Detailed Application Error

Medium

Directory Listing of Sensitive Files

Low

Directory Listing

Low

Drupal 4.1/4.2 XSS

High

Drupal 'Drupalgeddon2' Remote Code Execution

High

Drupal Module Cumulus Cross Site Scripting

High

Drupal7 Pre Auth SQLI

High

Email Address Disclosure

Informational

Expression Language Injection

High

File Upload Functionality

Informational

Hidden Resource in Robots.txt

Medium

Host Header Injection

Medium

HTTP Protocol Stack Remote Code Execution Vulnerability (DOS)

High

HTTP Response Splitting

High

Insecure Deserialization Remote Code Execution

High

Insecure Deserialization

High

Insecure Inline Frame

Medium

Internal Server Error

Medium

Joomla! 1.5 < 3.4.5 RCE

High

Joomla! < 1.7.0 XSS

High

Joomla! 3.2.1 SQLI

High

Joomla! Component Advertisement Board 3.1.0 'catname' SQLI

High

Joomla! Component Aist 2.0 'id' SQLI

High

Joomla! Component AllVideos Reloaded 1.2.x 'divid' SQLI

High

Joomla! Component CcNewsletter 2.x.x 'id' SQLI

High

Joomla! Component Com_cbcontact 'contact_id' SQLI

High

Joomla! Component Com_contenthistory SQLI

High

Joomla! Component Com_fields 3.7 SQLI

High

Joomla! Component com_hdwplayer 4.2 SQLI

High

Joomla! Component Com_newsfeeds 1.0 SQLI

High

Joomla! Component Com_rsgallery2 2.0 'catid' SQLI

High

Joomla! Component Com_shop 'editid' SQLI

High

Joomla! Component Com_shop 'id' SQLI

High

Joomla! Component DT Register 3.2.7 'id' SQLI

High

Joomla! Component Fastball 2.5 'season' SQLI

High

Joomla! Component File Download Tracker 3.0 SQLI

High

Joomla! Component Form Maker 3.6.12 SQLI

High

Joomla! Component Google Map Landkarten 4.2.3 SQLI

High

Joomla! Component InviteX 3.0.5 'invite_type' SQLI

High

Joomla! Component JB Bus 2.3 'order_number' SQLI

High

Joomla! Component JCK Editor 6.4.4 'parent' SQLI

High

Joomla! Component JCK Editor 6.4.4 SQLI

High

Joomla! Component JEXTN Video Gallery 3.0.5 'id' SQLI

High

Joomla! Component JGive 2.0.9 SQLI

High

Joomla! Component Jobs Factory 2.0.4 SQLI

High

Joomla! Component JomEstate PRO 3.7 'id' SQLI

High

Joomla! Component JquickContact 1.3.2.2.1 SQLI

High

Joomla! Component Music Collection 3.0.3 SQLI

High

Joomla! Component NextGen Editor 2.1.0 'plname' SQLI

High

Joomla! Component Odudeprofile 2.8 'profession' SQLI

High

Joomla! Component Reverse Auction Factory 4.3.8 SQLI

High

Joomla! Component Timetable Responsive Schedule For Joomla! 1.5 'alias' SQLI

High

Joomla! 'J2Store < 3.3.7' SQL Injection

High

Joomla! Pinterest Clone Social Pinboard 2.0 SQLI

High

Local File Inclusion

High

Microsoft IIS Tilde Directory Enumeration

Medium

Missing or Insecure Cache-Control Header

Informational

Nginx Code Execution due to Misconfiguration

High

Nginx Integer Overflow

High

Nginx Null Byte Code Execution

High

Nginx Restriction Bypass via Space Character in URI

High

Nginx Version Disclosure

Informational

No HTTPS

Medium

No Redirection from HTTP to HTTPS

Medium

Old/Backup Resource Found

Low

Open Redirection In URL

High

OS Command Execution

High

Passive Mixed Content

Low

Password Input on HTTP

Medium

Password Sent in HTTP Query

Medium

Password Sent in Query

Low

Password Sent Over HTTP

Medium

Path Disclosure in Robots.txt

Informational

PHP Version Disclosure

Informational

phpinfo() Found

Medium

Possible SQL Injection

High

Private IPv4 Address Disclosure

Informational

Private IPv6 Address Disclosure

Informational

Profanity

Informational

Public-Key-Pins Header is Set

Informational

Redirection with Body

Low

Referrer-Policy Header is Missing

Informational

Remote File Disclosure

High

Remote File Inclusion

High

Remote URL Inclusion

High

Robots.txt Found

Informational

Secure Renegotiation is not supported

Low

Sensitive Old/Backup Resource Found

Medium

Sensitive Unreferenced Resource Found

Low

Serialized Object Found

High

Server Version Disclosure

Low

Session Cookie Accessible for Subdomains

Low

Session Cookie without HttpOnly Flag

Medium

Session Cookie without SameSite Flag

Medium

Session Cookie without Secure Flag

Medium

Source Code Disclosure

Medium

SQL Command Disclosure

Informational

SQL Injection

High

SSL 2 enabled

High

SSL 3 enabled

Medium

Strict-Transport-Security Header is Missing

Low

Subresource Integrity is Missing

Low

The Heartbleed Bug

High

The POODLE attack

Medium

The ShellShock Bug

High

Time Based SQL Injection

High

TLS 1.0 enabled

Medium

TLS 1.1 enabled

Low

Tomcat Version Disclosure

Informational

TRACE Method Allowed

Low

TRACK Method Allowed

Low

Unicode Transformation Issue

High

Unix Path Disclosure

Informational

Unreferenced Repository Found

High

Unreferenced Resource Found

Informational

Unreferenced Source Code Disclosure

High

Unvalidated Redirection

High

User Controllable URL

Medium

User Enumeration

Medium

ViewState is not Encrypted

Informational

Vulnerable IIS Version

Medium

Weak Password

High

Web Server Path Traversal

High

Werkzeug Interactive Debugging is Active

Medium

Windows Path Disclosure

Informational

WordPress 4.6 Blind OS Command Execution

High

WordPress Plugin AdRotate 3.6.5 SQLI

High

WordPress Plugin AdRotate 3.6.6 SQLI

High

WordPress Plugin AdRotate 3.9.4 SQLI

High

WordPress Plugin All Video Gallery 1.1 SQLI

High

WordPress Plugin Bannerize 2.8.6 SQLI

High

WordPress Plugin Bannerize 2.8.7 SQLI

High

WordPress Plugin Business Intelligence SQLI

High

WordPress Plugin Chained Quiz 1.0.8 SQLI

High

WordPress Plugin Community Events 1.2.1 SQLI

High

WordPress Plugin CP Multi View Event Calendar 1.01 SQLI

High

WordPress Plugin CP Multi View Event Calendar 1.1.4 SQLI

High

WordPress Plugin CP Multi View Event Calendar 1.1.7 SQLI

High

WordPress Plugin DS FAQ 1.3.2 SQLI

High

WordPress Plugin Easy Contact Form Lite 1.0.7 SQLI

High

WordPress Plugin Event Registration 5.4.3 SQLI

High

WordPress Plugin Eventify Simple Events 1.7.f SQLI

High

WordPress Plugin Facebook Promotions 1.3.3 SQLI

High

WordPress Plugin File Groups 1.1.2 SQLI

High

WordPress Plugin FireStorm Professional Real Estate 2.06.01 SQLI

High

WordPress Plugin Forum Server 1.7 SQLI

High

WordPress Plugin Glossary SQLI

High

WordPress Plugin Google Document Embedder 2.5.14 SQLI

High

WordPress Plugin Google Document Embedder 2.5.16 SQLI

High

WordPress Plugin Hitasoft_player Ripe HD FLV Player 1.1 SQLI

High

WordPress Plugin Jetpack SQLI

High

WordPress Plugin JTRT Responsive Tables 4.1 SQLI

High

WordPress Plugin KNR Author List Widget 2.0.0 SQLI

High

WordPress Plugin LeagueManager 3.8 SQLI

High

WordPress Plugin Link Library 5.2.1 SQLI

High

WordPress Plugin NEX Forms 3.0 SQLI

High

WordPress Plugin Olimometer 2.56 SQLI

High

WordPress Plugin OQey Headers 0.3 SQLI

High

WordPress Plugin Paid Downloads 2.01 SQLI

High

WordPress Plugin Post Highlights 2.2 SQLI

High

WordPress Plugin SCORM Cloud 1.0.6.6 SQLI

High

WordPress Plugin SH Slideshow 3.1.4 SQLI

High

WordPress Plugin Smart Google Code Inserter 3.5 SQLI

High

WordPress Plugin Tune Library 2.17 SQLI

High

WordPress Plugin Users Ultra 1.5.50 Blind SQLI

High

WordPress Plugin VideoWhisper Video Presentation 1.1 SQLI

High

WordPress Plugin WP Fastest Cache 0.8.4.8 Blind SQLI

High

WordPress Plugin WP Statistics 13.0.7 Time Based SQLI

High

WordPress Plugin WP Support Plus Responsive Ticket System 7.1.3 SQLI

High

WordPress Plugin Wpfilemanager 6.8 RCE

High

WordPress Plugin Yolink Search 1.1.4 SQLI

High

WordPress Plugin Zotpress 4.4 SQLI

High

WordPress Theme Akal XSS

High

WordPress User Enumeration

Medium

X-Content-Type-Options Header is Missing

Informational

X-Frame-Options Header is Missing

Low

X-Powered-By Header Found

Informational

X-XSS-Protection Header is Set

Informational

Unreferenced Login Page Found

Medium

WordPress Login Page Found

Medium

PHP CGI Argument Injection RCE

High

Vulnerable Apache Version

Medium

Vulnerable Nginx Version

Medium

Vulnerable WordPress Version

High

Vulnerable OpenSSL Version

Medium

Vulnerable PHP Version

Medium

Vulnerable Tomcat Version

Medium

Download Free SmartScanner and test for vulnerabilities

Download