02 Jul 2018
Generic Map Nomatch
02 Jul 2018
OWASP 2013-A5 OWASP 2017-A6 OWASP 2021-A5 OWASP PC-C3 CWE-119 WASC-13
Generic Map Nomatch is an identifier used by many products, services and databases to specify if a vulnerable doesn’t map to its CVE. This can be due to:-
- Non-existing public CVE
- The element might not match criteria for CVE
- The developer has not mapped the bug yet
Virtual Programming’s VP-ASP Shopping Cart Default Configuration May Disclose Internal Database to Remote Users. This information includes user details, credit card details etc.
Impact
The impact include:-
- Possible data breach
- Possible leakage and/or manipulation of sensitive information
Mitigation / Precaution
This vulnerability can be fixed by:-
- Making sure that the web server does not send out response headers that reveal information about the backend technology type or version.
- Making sure that all the services running on the server’s open ports do not reveal information about their builds and versions.
Latest Articles
Zero-Day Vulnerabilities in Web Applications
July 18 2022
8 Login Tips to Stay Safe Online
June 16 2022
Popular in Injection
Union Query SQL Injection (SQLi)
July 4 2018
Stacked Queries SQL Injection (SQLi)
July 4 2018
SQL injection(SQLi)
July 4 2018
Inline Queries SQL Injection (SQLi)
July 4 2018
Error based SQL Injection (SQLi)
July 4 2018
Categories
Client Side URL Redirect HSTS Cookies Attributes IBM SQL injection injection Time Based Blind SQL Injection SSL Injection CRLF Content Security Policy CSRF CORS Information Leakage status code SRI metadata X-XSS-Protection owasp Clickjacking XSS Cookies Directory traversal DOM XSS RFI SQL Injection Blind SQL Injection XML Injection blog Web server TLS WordPress web security SMB Cyber attacks AI Wordpress Data Security DOMECTF2020 Container security CMS Security Code Execution Content security policy Htaccess Bypass DOMECTF2021 Press Webinar DevSecOps Web Security
Latest Articles
