QA Full std-qa-full true OFF MEDIUM Directory Browsing true MEDIUM Path Traversal true MEDIUM Remote File Inclusion true MEDIUM Source Code Disclosure - Git true MEDIUM Source Code Disclosure - SVN true MEDIUM Source Code Disclosure - File Inclusion true MEDIUM Source Code Disclosure - /WEB-INF Folder true MEDIUM HTTPS Content Available via HTTP true MEDIUM Relative Path Confusion true MEDIUM GET for POST true MEDIUM Backup File Disclosure true MEDIUM HTTP Only Site true MEDIUM Httpoxy - Proxy Header Misuse true MEDIUM Anti-CSRF Tokens Check true MEDIUM Heartbleed OpenSSL Vulnerability true MEDIUM Cross-Domain Misconfiguration true MEDIUM Source Code Disclosure - CVE-2012-1823 true MEDIUM Remote Code Execution - CVE-2012-1823 true MEDIUM External Redirect true MEDIUM Format String Error true MEDIUM CRLF Injection true MEDIUM Parameter Tampering true MEDIUM Server Side Include true MEDIUM Cross Site Scripting (Reflected) true MEDIUM Cross Site Scripting (Persistent) true MEDIUM Cross Site Scripting (Persistent) - Prime true MEDIUM Cross Site Scripting (Persistent) - Spider true MEDIUM SQL Injection true MEDIUM SQL Injection - MySQL (Time Based) true MEDIUM SQL Injection - Hypersonic SQL (Time Based) true MEDIUM SQL Injection - Oracle (Time Based) true MEDIUM SQL Injection - PostgreSQL (Time Based) true MEDIUM SQL Injection - SQLite (Time Based) true MEDIUM Cross Site Scripting (DOM Based) true MEDIUM SQL Injection - MsSQL (Time Based) true MEDIUM ELMAH Information Leak true MEDIUM Trace.axd Information Leak true MEDIUM Out of Band XSS true MEDIUM .htaccess Information Leak true MEDIUM .env Information Leak true MEDIUM Hidden File Finder true MEDIUM Bypassing 403 true MEDIUM CORS Header true MEDIUM Spring Actuator Information Leak true MEDIUM Log4Shell true MEDIUM Exponential Entity Expansion (Billion Laughs Attack) true MEDIUM Spring4Shell true MEDIUM Server Side Request Forgery true MEDIUM Text4shell (CVE-2022-42889) true MEDIUM Script Active Scan Rules true MEDIUM XSLT Injection true MEDIUM Server Side Code Injection true MEDIUM Remote OS Command Injection true MEDIUM XPath Injection true MEDIUM XML External Entity Attack true MEDIUM Generic Padding Oracle true MEDIUM Expression Language Injection true MEDIUM SOAP Action Spoofing true MEDIUM Insecure HTTP Method true MEDIUM SOAP XML Injection true MEDIUM Cloud Metadata Potentially Exposed true MEDIUM Server Side Template Injection true MEDIUM Server Side Template Injection (Blind) true MEDIUM Remote OS Command Injection (Time Based) true MEDIUM