Vulnerability Analysis Report
Magento Zendframework1 vrelease-1.12.8
Scan ID: SCAN-MAGENTO-ZENDFRAMEWORK1-OOo6AW • Hash: 5f69e19e
Vulnerability Details
Dynamic Code Execution in MockAssertion.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.
Dynamic Code Execution in Upload.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.
Dynamic Code Execution in Acl.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.
Dynamic Code Execution in Interface.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.
Dynamic Code Execution in FunctionFrontendTest.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.
Dynamic Code Execution in ZendForm.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.
Dynamic Code Execution in PhpCode.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.
Dynamic Code Execution in AssertionZF7973.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.
Dynamic Code Execution in UserIsBlogPostOwnerAssertion.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.
Cross-Site Scripting (XSS) in amazon-search.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.
Cross-Site Scripting (XSS) in yahoo-multi-search.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.
Cross-Site Scripting (XSS) in testGetData.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.
Cross-Site Scripting (XSS) in flickr-composite.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.
Cross-Site Scripting (XSS) in testPostData.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.
Cross-Site Scripting (XSS) in ZF10645-PutContentType.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.
Cross-Site Scripting (XSS) in testResetParameters.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.
Cross-Site Scripting (XSS) in index.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.
Cross-Site Scripting (XSS) in testHttpAuth.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.
Insecure DOM Manipulation (XSS) in video_app.js
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Medium Confidence (Fuzzy matcher overlap - minor review required). Please apply remediation steps matching the recommended patch format below.
Insecure DOM Manipulation (XSS) in video_app.js
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Medium Confidence (Fuzzy matcher overlap - minor review required). Please apply remediation steps matching the recommended patch format below.
Insecure DOM Manipulation (XSS) in video_app.js
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Medium Confidence (Fuzzy matcher overlap - minor review required). Please apply remediation steps matching the recommended patch format below.
Insecure DOM Manipulation (XSS) in video_browser.js
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Medium Confidence (Fuzzy matcher overlap - minor review required). Please apply remediation steps matching the recommended patch format below.
Insecure DOM Manipulation (XSS) in video_app.js
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Medium Confidence (Fuzzy matcher overlap - minor review required). Please apply remediation steps matching the recommended patch format below.
Insecure DOM Manipulation (XSS) in video_browser.js
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Medium Confidence (Fuzzy matcher overlap - minor review required). Please apply remediation steps matching the recommended patch format below.
Insecure DOM Manipulation (XSS) in video_app.js
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Medium Confidence (Fuzzy matcher overlap - minor review required). Please apply remediation steps matching the recommended patch format below.
Insecure DOM Manipulation (XSS) in video_app.js
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Medium Confidence (Fuzzy matcher overlap - minor review required). Please apply remediation steps matching the recommended patch format below.
Insecure DOM Manipulation (XSS) in video_app.js
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Medium Confidence (Fuzzy matcher overlap - minor review required). Please apply remediation steps matching the recommended patch format below.
Weak Cryptographic Hash (MD5) in Openssl.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.
Weak Cryptographic Hash (MD5) in Attribute.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.
Weak Cryptographic Hash (MD5) in MailMergeTest.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.
Weak Cryptographic Hash (MD5) in Attribute.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.
Weak Cryptographic Hash (MD5) in Provider.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.
Weak Cryptographic Hash (MD5) in Mcrypt.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.
Weak Cryptographic Hash (MD5) in Font.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.
Weak Cryptographic Hash (MD5) in Files.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.
Weak Cryptographic Hash (MD5) in ProviderTest.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.
Weak Cryptographic Hash (MD5) in Subscriber.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.
Weak Cryptographic Hash (MD5) in AttributeTest.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.
Weak Cryptographic Hash (MD5) in OfflineClientTest.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.
Weak Cryptographic Hash (MD5) in Openssl.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.
Weak Cryptographic Hash (MD5) in MailMergeTest.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.
Weak Cryptographic Hash (MD5) in Hash.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.
Weak Cryptographic Hash (MD5) in Pop3.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.
Weak Cryptographic Hash (MD5) in Provider.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.
Weak Cryptographic Hash (MD5) in MailMergeTest.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.
Weak Cryptographic Hash (MD5) in Crammd5.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.
Weak Cryptographic Hash (MD5) in Delicious.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.
Weak Cryptographic Hash (MD5) in Digest.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.
Weak Cryptographic Hash (MD5) in Font.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.
Weak Cryptographic Hash (MD5) in AttributeTest.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.
Weak Cryptographic Hash (MD5) in MailMergeTest.php
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. Low Danger / False Positive Risk (Isolated non-interactive input loop). Please apply remediation steps matching the recommended patch format below.