Deutsche Version (DE_DE)
English version (EN_US)
Test Methods ( Detailed Overview )
Here is a list of every test performed by Web Scan Service.
Basic Auth EvasionRemediation Task
No task availableWASC ClassificationLogical Attacks: Abuse of FunctionalityAffected ProductsThis issue may affect different types of productsTechnical DescriptionIt is possible to bypass authentication by directly browsing to the page wanted. The URL can be manipulated by using traversal arguments like "//" or "/../" which makes it possible to jump to the contens wished for.Fix RecommendationThis is a general problem for some web servers like LilHTTP, Falcon and LocalWEB2000. Also some web applications, application platforms and application frameworks are containing this flaw. Therefore fixing this issue varies depending on the product you use.
Technical DescriptionIt is possible to bypass authentication by directly browsing to the page wanted. The URL can be manipulated by using traversal arguments like "//" or "/../" which makes it possible to jump to the contens wished for.Fix RecommendationThis is a general problem for some web servers like LilHTTP, Falcon and LocalWEB2000. Also some web applications, application platforms and application frameworks are containing this flaw. Therefore fixing this issue varies depending on the product you use.
This is a general problem for some web servers like LilHTTP, Falcon and LocalWEB2000. Also some web applications, application platforms and application frameworks are containing this flaw. Therefore fixing this issue varies depending on the product you use.
