Vulnerabilities Index

This page lists all vulnerabilities that can be detected by Rapplex.

Vulnerability Severity
Bash Command Injection (Shellshock) Critical
Code Execution via File Upload Critical
Code Injection Critical
Code Injection (Apache Struts) Critical
Code Injection (ASP) Critical
Code Injection (Node.js) Critical
Code Injection (Perl) Critical
Code Injection (PHP) Critical
Code Injection (Python) Critical
Code Injection (Ruby) Critical
Command Injection Critical
Command Injection (Blind) Critical
Oracle WebLogic Server Administration Console Critical
Out of Band Critical
Out of Band (Command Injection) Critical
Out of Band (SQL Injection) Critical
Possible Authentication Bypass Critical
Remote File Inclusion Critical
Server Side Template Injection Critical
Server Side Template Injection (doT) Critical
Server Side Template Injection (EJS) Critical
Server Side Template Injection (ERB) Critical
Server Side Template Injection (Freemarker) Critical
Server Side Template Injection (Jinja) Critical
Server Side Template Injection (Mako) Critical
Server Side Template Injection (Marko) Critical
Server Side Template Injection (Nunjucks) Critical
Server Side Template Injection (Pug) Critical
Server Side Template Injection (Slim) Critical
Server Side Template Injection (Smarty) Critical
Server Side Template Injection (Tornado) Critical
Server Side Template Injection (Twig) Critical
Server Side Template Injection (Velocity) Critical
SQL Injection Critical
SQL Injection (Blind) Critical
SQL Injection (Boolean) Critical
Code Evaluation via Local File Inclusion High
Code Repository High
Code Repository (CVS) High
Code Repository (Git) High
Code Repository (SVN) High
Cross-site Scripting High
Cross-site Scripting (DOM based) High
Cross-site Scripting (Reflected) High
elmah.axd Detected High
File Inclusion High
Local File Inclusion High
Macromedia Dreamweaver database scripts High
Misconfigured CORS High
Second Order Injection High
Sensitive Data over HTTP High
trace.axd Detected High
Unrestricted File Upload High
XML External Entity Injection High
XPath Injection High
Apache perl-status Enabled Medium
Apache server-info Enabled Medium
Apache server-status Enabled Medium
apc.php page Medium
AWStats script Medium
Backup File Medium
Backup Folder Medium
Base Tag Hijacking Medium
Basic Authentication over HTTP Medium
Configuration File Medium
Configuration File (Grunt) Medium
Configuration File (Laravel) Medium
Configuration File (Rails Database) Medium
Configuration File (Rake) Medium
Configuration File (Ruby Gem) Medium
Configuration File (Travis CI) Medium
Configuration File (Vagrant) Medium
Configuration File (Wordpress) Medium
Core dump checker PHP script Medium
Directory Listing Medium
External Script Injection Medium
Form Hijacking Medium
Frame Injection Medium
HTML Injection Medium
JetBrains .idea project directory Medium
Laravel log file Medium
Mixed Content Medium
Mixed Content (Active) Medium
phpinfo page Medium
Possible Cross-site Scripting (DOM based) Medium
Readable .htaccess file Medium
Sensitive Data in Query String Medium
Short File Naming Enabled Medium
Source Code Disclosure Medium
URL Redirection to Untrusted Site Medium
Webalizer script Medium
.DS_Store file Low
Apache MultiViews Enabled Low
Autocomplete Enabled Low
Error Message Low
Error Message (ASP.NET) Low
Error Message (MySQL) Low
Error Message (PHP) Low
Error Message (SQLite) Low
External CSS Injection Low
External Object Injection Low
Forbidden Resource Low
HTTP Response Splitting Low
Image Injection Low
Insecure iFrame Low
Internal Server Error Low
Long Redirect Response Low
Missing X-Frame-Options Header Low
Mixed Content (Passive) Low
Multiple Choices Enabled Low
Not Http-Only Cookie Low
Not Secure Cookie Low
OPTIONS Method Enabled Low
Predictable Resource Location Low
Server Error Low
Stack Trace Low
Stack Trace (ASP.NET) Low
Stack Trace (Java) Low
Stack Trace (Node.js) Low
Stack Trace (PHP) Low
Stack Trace (Python) Low
Undefined Content-Type Header Low
Administration page Information
Administration page (JBoss JMX) Information
Administration page (phpMyAdmin) Information
Administration page (Tomcat Manager) Information
Administration page (Wordpress) Information
Application Disclosure Information
Application Fingerprinting Information
CDN Detected Information
CDN Detected (Akamai China CDN) Information
CDN Detected (Akamai) Information
CDN Detected (Alimama) Information
CDN Detected (Amazon CloudFront) Information
CDN Detected (Ananke) Information
CDN Detected (Aryaka) Information
CDN Detected (AT&T) Information
CDN Detected (Azion) Information
CDN Detected (BelugaCDN) Information
CDN Detected (Bison Grid) Information
CDN Detected (BitGravity) Information
CDN Detected (Blue Hat Network) Information
CDN Detected (BO.LT) Information
CDN Detected (BunnyCDN) Information
CDN Detected (Cachefly) Information
CDN Detected (Caspowa) Information
CDN Detected (CDN77) Information
CDN Detected (CDNetworks) Information
CDN Detected (CDNify) Information
CDN Detected (CDNsun) Information
CDN Detected (CDNvideo) Information
CDN Detected (ChinaCache) Information
CDN Detected (ChinaNetCenter) Information
CDN Detected (Cloudflare) Information
CDN Detected (Cotendo CDN) Information
CDN Detected (cubeCDN) Information
CDN Detected (EdgeCast) Information
CDN Detected (Facebook) Information
CDN Detected (Fastly) Information
CDN Detected (G-core) Information
CDN Detected (GoCache) Information
CDN Detected (Google) Information
CDN Detected (Hibernia) Information
CDN Detected (Highwinds) Information
CDN Detected (Hosting4CDN) Information
CDN Detected (Incapsula) Information
CDN Detected (Instart Logic) Information
CDN Detected (Internap) Information
CDN Detected (jsDelivr) Information
CDN Detected (KeyCDN) Information
CDN Detected (Kingsoft) Information
CDN Detected (LeaseWeb CDN) Information
CDN Detected (Level 3) Information
CDN Detected (Limelight) Information
CDN Detected (MediaCloud) Information
CDN Detected (Medianova) Information
CDN Detected (Microsoft Azure) Information
CDN Detected (Mirror Image) Information
CDN Detected (NetDNA) Information
CDN Detected (Netlify) Information
CDN Detected (NGENIX) Information
CDN Detected (NYI FTW) Information
CDN Detected (OnApp) Information
CDN Detected (Optimal CDN) Information
CDN Detected (PageRain) Information
CDN Detected (QUANTIL) Information
CDN Detected (Rackspace) Information
CDN Detected (Reapleaf) Information
CDN Detected (Reflected Networks) Information
CDN Detected (ReSRC.it) Information
CDN Detected (Rev Software) Information
CDN Detected (Roast.io) Information
CDN Detected (section.io) Information
CDN Detected (SFR) Information
CDN Detected (Simple CDN) Information
CDN Detected (StackPath) Information
CDN Detected (SwiftCDN) Information
CDN Detected (SwiftServe) Information
CDN Detected (Taobao) Information
CDN Detected (Tata communications) Information
CDN Detected (Telefonica) Information
CDN Detected (Telenor) Information
CDN Detected (TRBCDN) Information
CDN Detected (TurboBytes) Information
CDN Detected (Twitter) Information
CDN Detected (UnicornCDN) Information
CDN Detected (VoxCDN) Information
CDN Detected (WordPress) Information
CDN Detected (Yahoo) Information
CDN Detected (Yottaa) Information
CDN Detected (Zenedge) Information
Content Security Policy Information
crossdomain.xml Detected Information
Database Connection String Information
Email Disclosure Information
File Upload Input Detected Information
GraphQL Endpoint Detected Information
Help file Information
Information Leakage Information
Internal IP Address Disclosure Information
Internal Path Information
Internal Path (Linux) Information
Internal Path (Windows) Information
Joomla Detected Information
Out-of-date Version Information
Out-of-date Version (Joomla) Information
Out-of-date Version (WordPress) Information
Reflected Value in HTTP Header Information
Reflected-Filtered Inputs Information
robots.txt Detected Information
Silverlight Client Access Policy Information
Sitemap Detected Information
SSL/TLS Certificate Information
Username Disclosure Information
Web Backdoor Information
WordPress Detected Information

Search Vulnerability

Select Category