OWASP ZAP wavsep results

Generated: 2017-11-15 04:54

Total Score

                                                                                                                                                              61%

ZAP Version: D-2017-11-13
URLs found: 1901

Top Level Scores

Top LevelPassFailScoreChart
DOM-XSS050%
LFI40339550%                                                                                                                                    
Obsolete-Files10100%
Obsolete-Files#
PluginmsReqsQuality
Path Traversal0:03:17.65839308release
Remote File Inclusion0:03:18.75724939release
Server Side Include0:03:17.12810168release
Cross Site Scripting (Reflected)0:03:16.9657499release
Cross Site Scripting (Persistent) - Prime0:03:13.9432577release
Cross Site Scripting (Persistent) - Spider0:03:10.6991960release
Cross Site Scripting (Persistent)0:01:56.4440release
SQL Injection0:03:31.17762559release
Server Side Code Injection0:03:17.59020616release
Remote OS Command Injection0:03:20.49882461release
Directory Browsing0:03:11.5261960release
External Redirect0:03:17.42722715release
Buffer Overflow0:03:13.6292424release
Format String Error0:03:14.8887228release
CRLF Injection0:03:16.96718037release
Parameter Tampering0:03:17.00316152release
Script Active Scan Rules0:00:00.0010release
Source Code Disclosure - SVN0:03:01.8841867beta
Source Code Disclosure - /WEB-INF folder0:00:00.0114beta
Remote Code Execution - Shell Shock0:03:16.3645153beta
Anti CSRF Tokens Scanner0:01:12.117609beta
Heartbleed OpenSSL Vulnerability0:00:00.0143beta
Cross-Domain Misconfiguration0:00:00.0392beta
Source Code Disclosure - CVE-2012-18230:02:43.8421611beta
Remote Code Execution - CVE-2012-18230:03:16.0863920beta
Session Fixation0:00:01.8800beta
SQL Injection - MySQL0:25:00.40617411beta
SQL Injection - Hypersonic SQL0:03:17.02415461beta
SQL Injection - Oracle0:03:17.40415452beta
SQL Injection - PostgreSQL0:03:17.43115452beta
Advanced SQL Injection0:25:47.488591530beta
XPath Injection0:03:18.4007731beta
XML External Entity Attack0:00:01.5100beta
Generic Padding Oracle0:01:40.2122beta
Expression Language Injection0:03:13.6002542beta
Backup File Disclosure0:03:10.00866328beta
Integer Overflow Error0:03:15.5369512beta
Insecure HTTP Method0:03:10.3641960beta
HTTP Parameter Pollution scanner0:01:12.985560beta
Possible Username Enumeration0:00:00.0010beta
Source Code Disclosure - Git 0:00:14.1710alpha
Source Code Disclosure - File Inclusion0:35:12.3857784alpha
Httpoxy - Proxy Header Misuse0:03:17.1637840alpha
LDAP Injection2:29:19.86817248alpha
SQL Injection - SQLite0:03:57.485101076alpha
Cross Site Scripting (DOM Based)0:03:25.647133alpha
SQL Injection - MsSQL0:03:18.40912377alpha
Example Active Scanner: Denial of Service0:01:25.0540alpha
An example active scan rule which loads data from a file0:01:35.8160alpha
SOAP Action Spoofing0:00:01.3420alpha
SOAP XML Injection0:01:48.4950alpha
Relative Path Confusion0:03:06.0421886alpha
Apache Range Header DoS (CVE-2011-3192)0:03:12.4731968alpha
User Agent Fuzzer0:03:17.26413685alpha
HTTP Only Site0:00:00.0340alpha
Proxy Disclosure0:03:17.44615680alpha
ELMAH Information Leak0:00:00.0101alpha
Trace.axd Information Leak0:00:11.88170alpha
HTTPS Content Available via HTTP0:00:00.9490alpha
Cookie Slack Detector0:03:17.14113258alpha
Total6:04:25--