Cross-site ScriptingXSS is a type of web application security vulnerability, which allows code injection by malicious web users into the web pages viewed by other users.
Directory Listing Enabled
Directory listings may disclose information about the web application and it's environment that was not intended to be public.
Reflected Cross-site Scripting
XSS is a type of web application security vulnerability, which allows code injection by malicious web users into the web pages viewed by other users.
Reflected Cross-site Scripting is a type of XSS where the injected code is reflected off the web server. This kind of XSS is short-lived and requires a phishing vector to be delivered to the victim.
HTTP Banner Disclosure
This information is stored in http headers, and sent along with every web page request made by a user visiting your page. As a result, it is very easy for anyone to find out what kind of settings such a server is using.
By itself, this information is harmless, although it does give away some information about your website setup. A dedicated attacker can use this information to find and craft attacks specific to your system, or automated attacks may search for specific configurations to attack. Although it is difficult to prevent someone from finding this information using other methods, disabling server headers reduces the likelihood of attacks on the site.
The most common use of this kind of information is automated attacks which search on Google for specific server configurations known to be vulnerable, or to automate attacks known to work against setups similar to what is found on the site. Removing these values form the server header will prevent these types of automated attacks from occurring.
Common website functions, such as search results or account logins, frequently use redirects or forwards to send visitors to another destination. The web address often references the destination, which is displayed after url=.
If the website doesn't verify the destination, redirects or forwards might be vulnerable to modification. An attacker can change the destination address to send visitors to a malicious site that appears to be part of the original location. Phishing schemes often exploit unvalidated redirects and forwards, because an attacker can hide a malicious URL behind the original address.
The easiest way to prevent vulnerabilities with redirects and forwards is not to use them on your website. If that's not possible, set up a whitelist for "safe" destinations, and consider disallowing off-site redirects.
Potentially Insecure Direct Object References
Through a vulnerability targeting insecure direct object references, the hacker is effectively redirected to an object through a modified parameter value, granting access to an area he or she was once prohibited from.
Reflected Cross-Site Scripting
Reflected Cross-site Scripting (XSS) occur when an attacker injects browser executable code within a single HTTP response. The injected attack is not stored within the application itself; it is non-persistent and only impacts users who open a maliciously crafted link or third-party web page. The attack string is included as part of the crafted URI or HTTP parameters, improperly processed by the application, and returned to the victim.
Broken Authentication using SQL Injection
Authentication and session management includes all aspects of handling user authentication and managing active sessions. Authentication is a critical aspect of this process, but even solid authentication mechanisms can be undermined by flawed credential management functions, including password change, forgot my password, remember my password, account update, and other related functions. Because "walk by" attacks are likely for many web applications, all account management functions should require reauthentication even if the user has a valid session id.
Autocomplete Enabled on Password Fields
Browsers will sometimes ask a user if they wish to remember the password that they just entered. The browser will then store the password, and automatically enter it whenever the same authentication portal is visited. This is a convenience for the user. Autocomplete is a HTML tag attribute used to disable the form auto completion mechanism of the browser.