Vulnerability Intelligence Database
Browse our comprehensive library of security vulnerabilities, misconfigurations, and compliance failures. Find threat details, CWE definitions, and code-level remediation rules.
Server & Directory Exposures
Injection & Client-Side Attacks
CWE-89Critical
SQL Injection (SQLi)
Execution of malicious database queries.
Remediation Guide
CWE-79High
Stored Cross-Site Scripting (Stored XSS)
Malicious scripts stored on target databases.
Remediation Guide
CWE-79High
Reflected Cross-Site Scripting (Reflected XSS)
Direct reflection of script variables.
Remediation Guide
CWE-79High
DOM-based Cross-Site Scripting (DOM XSS)
Client-side javascript source/sink execution.
Remediation Guide
CWE-352High
Cross-Site Request Forgery (CSRF)
Unauthorized session command hijackings.
Remediation Guide
CWE-1021Medium
Clickjacking (UI Redress Attack)
Overlaying transparent frame interfaces.
Remediation Guide
CWE-601Medium
Open Redirect Vulnerability
Routing users to untrusted destinations.
Remediation Guide
HTTP Security Headers
CWE-1021Medium
Missing Content Security Policy (CSP)
No restrictions on script execution paths.
Remediation Guide
CWE-523Low
Missing HTTP Strict Transport Security (HSTS)
No SSL stripping protection policies.
Remediation Guide
CWE-1021Low
Missing X-Frame-Options Header
No clickjacking frame restrictions.
Remediation Guide
CWE-344Low
Missing X-Content-Type-Options Header
No protection against browser MIME-sniffing.
Remediation Guide