ZAP Scan Baseline Report

[github-actions]

• Site: http://testphp.vulnweb.com
  New Alerts
  • Content Security Policy (CSP) Header Not Set [10038] total: 20:
    • http://testphp.vulnweb.com/privacy.php
    • http://testphp.vulnweb.com/AJAX/index.php
    • http://testphp.vulnweb.com/Mod_Rewrite_Shop/Details/network-attached-storage-dlink/1/
    • http://testphp.vulnweb.com/product.php?pic=7
    • http://testphp.vulnweb.com/hpp/
    • ..
  • Server Leaks Version Information via "Server" HTTP Response Header Field [10036] total: 20:
    • http://testphp.vulnweb.com/showimage.php?file=./pictures/2.jpg&size=160
    • http://testphp.vulnweb.com/showimage.php?file=./pictures/1.jpg
    • http://testphp.vulnweb.com/showimage.php?file=./pictures/7.jpg&size=160
    • http://testphp.vulnweb.com/artists.php
    • http://testphp.vulnweb.com/login.php
    • ..
  • X-Content-Type-Options Header Missing [10021] total: 20:
    • http://testphp.vulnweb.com/product.php?pic=1
    • http://testphp.vulnweb.com/guestbook.php
    • http://testphp.vulnweb.com/showimage.php?file=./pictures/3.jpg&size=160
    • http://testphp.vulnweb.com/hpp/?pp=12
    • http://testphp.vulnweb.com/listproducts.php?artist=3
    • ..
  • Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) [10037] total: 20:
    • http://testphp.vulnweb.com/product.php?pic=3
    • http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-2/
    • http://testphp.vulnweb.com/Mod_Rewrite_Shop/RateProduct-3.html
    • http://testphp.vulnweb.com/search.php?test=query
    • http://testphp.vulnweb.com/showimage.php?file=./pictures/4.jpg
    • ..
  • Absence of Anti-CSRF Tokens [10202] total: 20:
    • http://testphp.vulnweb.com/categories.php
    • http://testphp.vulnweb.com/product.php?pic=5
    • http://testphp.vulnweb.com/product.php?pic=4
    • http://testphp.vulnweb.com/product.php?pic=4
    • http://testphp.vulnweb.com/product.php?pic=5
    • ..
  • Modern Web Application [10109] total: 9:
    • http://testphp.vulnweb.com/artists.php?artist=1
    • http://testphp.vulnweb.com/artists.php?artist=2
    • http://testphp.vulnweb.com/artists.php
    • http://testphp.vulnweb.com/listproducts.php?cat=1
    • http://testphp.vulnweb.com/artists.php?artist=3
    • ..
  • X-Frame-Options Header Not Set [10020] total: 20:
    • http://testphp.vulnweb.com/Mod_Rewrite_Shop/BuyProduct-2/
    • http://testphp.vulnweb.com/search.php?test=query
    • http://testphp.vulnweb.com/product.php?pic=3
    • http://testphp.vulnweb.com/product.php?pic=1
    • http://testphp.vulnweb.com/hpp/?pp=12
    • ..
  • User Controllable HTML Element Attribute (Potential XSS) [10031] total: 2:
    • http://testphp.vulnweb.com/search.php?test=query
    • http://testphp.vulnweb.com/search.php?test=query
  • Reverse Tabnabbing [10108] total: 1:
    • http://testphp.vulnweb.com/disclaimer.php
  • Information Disclosure - Suspicious Comments [10027] total: 1:
    • http://testphp.vulnweb.com/AJAX/index.php

View the following link to download the report.
RunnerID:346845877