From: An automated black box approach for web vulnerability identification and attack scenario generation
   Vulnerability | |||||||||
---|---|---|---|---|---|---|---|---|---|
Type | CVE | Location | Skipfish | W3af | Wapiti | Wasapy | AppScan | WebInspect | Acunetix |
2008-7091 | login.php | ✗ | ✗ | ✗ | ✓ | ✗ | ✓ | ✗ | |
2008-7091 | story.php | ✓ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | |
NR | userrss.php | ✗ | ✗ | ✗ | ✗ | ✓ | ✓ | ✓ | |
2008-7091 | out.php | ✗ | ✗ | ✗ | ✗ | ✓ | ✗ | ✓ | |
2008-7091 | trackback.php | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | |
SQLi | 2008-7091 | cloud.php | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ |
2008-7091 | cvote.php | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | |
2008-7091 | recommend.php | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | |
2008-7091 | submit.php | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | |
2008-7091 | vote.php | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | |
2008-7091 | edit.php | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | |
   False positive | 0 | 0 | 0 | 2 | 1 | 1 | 0 |