Vulnerability Definitions

This listing contains the definitions of all issues that can be detected by ZOFixer.

Vuln CatSpecific Vulnerability NameAffected FunctionReferences
Very HighServer Security MisconfigurationUsing Default CredentialsClick here
Very HighServer-Side InjectionFile InclusionClick here
Very HighServer-Side InjectionRemote Code Execution (RCE)Click here
Very HighServer-Side InjectionSQL InjectionClick here
Very HighServer-Side InjectionXML External Entity Injection (XXE)Click here
Very HighBroken Authentication and Session ManagementAuthentication BypassClick here
Very HighSensitive Data ExposureDisclosure of SecretsClick here
Very HighInsecure OS/FirmwareCommand InjectionClick here
Very HighInsecure OS/FirmwareHardcoded PasswordClick here
Very HighBroken CryptographyCryptographic FlawClick here
HighServer Security Misconfiguration
Misconfigured DNS - High Impact Subdomain Takeover

Click here
HighServer Security Misconfiguration
OAuth Misconfiguration - Account Takeover

Click here
HighSensitive Data Exposure
Weak Password Reset Implementation - Token Leakage via Host Header Poisoning

Click here
HighCross-Site Scripting (XSS)
Stored - Non-Privileged User to Anyone

Click here
HighBroken Access Control (BAC)
Server-Side Request Forgery (SSRF) - Internal High Impact

Click here
HighCross-Site Request Forgery (CSRF)
Application-Wide
Click here
HighApplication-Level Denial-of-Service (DoS)
Critical Impact and/or Easy Difficulty
Click here
HighInsecure OS/Firmware
Hardcoded Password - Non-Privileged User

Click here
Medium Server Security Misconfiguration
Misconfigured DNS - Basic Subdomain Takeover

Click here
Medium Server Security Misconfiguration
Mail Server Misconfiguration - No Spoofing Protection on Email Domain

Click here
Medium Server-Side Injection
HTTP Response Manipulation - Response Splitting (CRLF)

Click here
Medium Server-Side Injection
Content Spoofing - iframe Injection
Click here
Medium Broken Authentication and Session Management
Second Factor Authentication (2FA) Bypass
Click here
Medium Broken Authentication and Session Management
Session Fixation - Remote Attack Vector

Click here
Medium Sensitive Data Exposure
Disclosure of Secrets - For Internal Asset

Click here
Medium Sensitive Data Exposure
EXIF Geolocation Data Not Stripped From Uploaded Images - Automatic User Enumeration

Click here
Medium Cross-Site Scripting (XSS)
Stored - Privileged User to Privilege Elevation
Click here
Medium Cross-Site Scripting (XSS)
Stored - CSRF/URL-Based
Click here
Medium Cross-Site Scripting (XSS)
Reflected
Click here
Medium Broken Access Control (BAC)
Server-Side Request Forgery (SSRF)
Click here
Medium Application-Level Denial-of-Service (DoS)
High Impact and/or Medium Difficulty
Click here
Medium Client-Side Injection
Binary Planting - Default Folder Privilege Escalation
Click here
LowServer Security Misconfiguration
Misconfigured DNS - Zone Transfer
Click here
LowServer Security Misconfiguration
Mail Server Misconfiguration - Email Spoofing to Inbox due to Missing or Misconfigured DMARC on Email Domain
Click here
LowServer Security Misconfiguration
Database Management System (DBMS) Misconfiguration
- Excessively Privileged User / DBA
Click here
LowServer Security Misconfiguration
Lack of Password Confirmation - Delete Account
Click here
LowServer Security Misconfiguration
No Rate Limiting on Form - Registration
Click here
LowServer Security Misconfiguration
No Rate Limiting on Form - Login
Click here
LowServer Security Misconfiguration
No Rate Limiting on Form - Email-Triggering
Click here
LowServer Security Misconfiguration
No Rate Limiting on Form - SMS-Triggering
Click here
LowServer Security Misconfiguration
Missing Secure or HTTPOnly Cookie Flag - Session Token
Click here
LowServer Security Misconfiguration
Clickjacking - Sensitive Click-Based Action
Click here
LowServer Security Misconfiguration
OAuth Misconfiguration - Account Squatting
Click here
LowServer Security Misconfiguration
CAPTCHA - Implementation VulnerabilityClick here
LowServer Security Misconfiguration
Lack of Security Headers - Cache-Control for a Sensitive Page
Click here
LowServer Security Misconfiguration
Web Application Firewall (WAF) Bypass - Direct Server Access
Click here
LowServer-Side Injection
Content Spoofing - Impersonation via Broken Link Hijacking

Click here
LowServer-Side Injection
Content Spoofing - External Authentication Injection

Click here
LowServer-Side Injection
Server-Side Template Injection (SSTI) - Basic
Click here
LowBroken Authentication and Session Management
Cleartext Transmission of Session Token
Click here
LowBroken Authentication and Session Management
Weak Login Function - Other Plaintext Protocol with no Secure Alternative
Click here
LowBroken Authentication and Session Management
Weak Login Function - Over HTTP
Click here
LowBroken Authentication and Session Management
Failure to Invalidate Session - On Logout (Client and Server-Side)
Click here
LowBroken Authentication and Session Management
Failure to Invalidate Session - On Password Reset and/or Change
Click here
LowSensitive Data Exposure
EXIF Geolocation Data Not Stripped From Uploaded Images - Manual User Enumeration
Click here
LowSensitive Data Exposure
Visible Detailed Error/Debug Page - Detailed Server Configuration
Click here
LowSensitive Data Exposure
Token Leakage via Referer - Untrusted 3rd Party
Click here
LowSensitive Data Exposure
Sensitive Token in URL - User Facing
Click here
LowSensitive Data Exposure
Via localStorage/sessionStorage - Sensitive Token
Click here
LowCross-Site Scripting (XSS)
Stored- Privileged User to No Privilege Elevation
Click here
LowCross-Site Scripting (XSS)
Universal (UXSS)
Click here
LowCross-Site Scripting (XSS)
Off-Domain - Data URI
Click here
LowBroken Access Control (BAC)
Server-Side Request Forgery (SSRF) - ExternalClick here
LowBroken Access Control (BAC)
Username/Email Enumeration - Non-Brute Force
Click here
LowUnvalidated Redirects and Forwards
Open Redirect - GET-Based
Click here
LowInsufficient Security Configurability
No Password Policy
Click here
LowInsufficient Security Configurability
Weak Password Reset Implementation - Token is Not Invalidated After Use
Click here
LowInsufficient Security Configurability
Weak 2FA Implementation - 2FA Secret Cannot be Rotated
Click here
LowInsecure Data Storage
Sensitive Application Data Stored Unencrypted - On External Storage
Click here
LowInsecure Data Storage
Server-Side Credentials Storage - Plaintext
Click here
LowInsecure Data Transport
Executable Download - No Secure Integrity Check
Click here
InformationalServer Security Misconfiguration
Directory Listing Enabled Non-Sensitive Data Exposure
Click here
InformationalServer Security Misconfiguration
Same-Site Scripting
Click here
InformationalServer Security Misconfiguration
Misconfigured DNS Missing Certification Authority Authorization (CAA) Record
Click here
InformationalServer Security Misconfiguration
Mail Server Misconfiguration Email Spoofing to Spam Folder
Click here
InformationalServer Security Misconfiguration
Lack of Password Confirmation Change Email Address
Click here
InformationalServer Security Misconfiguration
No Rate Limiting on Form Change Password
Click here
InformationalServer Security Misconfiguration
Unsafe File Upload No Antivirus
Click here
InformationalServer Security Misconfiguration
Unsafe File Upload File Extension Filter Bypass
Click here
InformationalServer Security Misconfiguration
Cookie Scoped to Parent Domain
Click here
InformationalServer Security Misconfiguration
Missing Secure or HTTPOnly Cookie Flag Non-Session Cookie
Click here
InformationalServer Security Misconfiguration
Clickjacking Form Input
Click here
InformationalServer Security Misconfiguration
Exposed Admin Portal To Internet
Click here
InformationalServer Security Misconfiguration
Missing DNSSEC
Click here
InformationalServer Security Misconfiguration
Fingerprinting/Banner Disclosure
Click here
InformationalServer Security Misconfiguration
Potentially Unsafe HTTP Method Enabled OPTIONS
Click here
InformationalServer Security Misconfiguration
Potentially Unsafe HTTP Method Enabled TRACE
Click here
InformationalServer Security Misconfiguration
Insecure SSL Lack of Forward Secrecy
Click here
InformationalServer Security Misconfiguration
Insecure SSL Insecure Cipher Suite
Click here
InformationalServer Security Misconfiguration
Insecure SSL Certificate Error
Click here
InformationalServer Security Misconfiguration
Reflected File Download (RFD)
Click here
InformationalServer Security Misconfiguration
Lack of Security Headers X-Frame-Options
Click here
InformationalServer Security Misconfiguration
Lack of Security Headers Cache-Control for a Non-Sensitive Page
Click here
InformationalServer Security Misconfiguration
Lack of Security Headers X-XSS-Protection
Click here
InformationalServer Security Misconfiguration
Lack of Security Headers Strict-Transport-Security
Click here
InformationalServer Security Misconfiguration
Lack of Security Headers X-Content-Type-Options
Click here
InformationalServer Security Misconfiguration
Lack of Security Headers Content-Security-Policy
Click here
InformationalServer Security Misconfiguration
Bitsquatting
Click here
InformationalServer-Side Injection
Parameter Pollution Social Media Sharing Buttons
Click here
InformationalServer-Side Injection
Content Spoofing Flash Based External Authentication Injection
Click here
InformationalServer-Side Injection
Content Spoofing Text Injection
Click here
InformationalServer-Side Injection
Content Spoofing Homograph/IDN-Based
Click here
InformationalServer-Side Injection
Content Spoofing Right-to-Left Override (RTLO)
Click here
InformationalBroken Authentication and Session Management
Session Fixation Local Attack Vector
Click here
InformationalBroken Authentication and Session Management
Failure to Invalidate Session On Logout (Server-Side Only)
Click here
InformationalBroken Authentication and Session Management
Concurrent Logins
Click here
InformationalSensitive Data Exposure
Visible Detailed Error/Debug Page Full Path Disclosure
Click here
InformationalSensitive Data Exposure
Sensitive Token in URL In the Background
Click here
InformationalSensitive Data Exposure
Mixed Content (HTTPS Sourcing HTTP)
Click here
InformationalSensitive Data Exposure
Sensitive Data Hardcoded OAuth Secret
Click here
InformationalSensitive Data Exposure
JSON Hijacking
Click here
InformationalCross-Site Scripting (XSS)
Stored Self
Click here
InformationalCross-Site Scripting (XSS)
Reflected Self
Click here
InformationalCross-Site Scripting (XSS)
Flash-Based
Click here
InformationalCross-Site Scripting (XSS)
Cookie-Based
Click here
InformationalCross-Site Scripting (XSS)
TRACE MethodClick here
InformationalApplication-Level Denial-of-Service (DoS)
App Crash Malformed Android Intents
Click here
InformationalUnvalidated Redirects and Forwards
Open Redirect
Click here
InformationalUnvalidated Redirects and Forwards
Reverse Tabnabbing
Click here
InformationalUnvalidated Redirects and Forwards
Lack of Security Speed Bump Page
Click here
InformationalExternal Behavior
Browser Feature Plaintext Password Field
#
InformationalExternal Behavior
Browser Feature Save Password
#
InformationalExternal Behavior
Browser Feature Autocomplete Enabled
#
InformationalExternal Behavior
Browser Feature Autocorrect Enabled
#
InformationalExternal Behavior
Browser Feature Aggressive Offline Caching
#
InformationalExternal Behavior
CSV Injection
Click here
InformationalExternal Behavior
Captcha Bypass Crowdsourcing
Click here
InformationalExternal Behavior
System Clipboard Leak Shared Links
Click here
InformationalExternal Behavior
User Password Persisted in Memory
Click here
Scroll to Top