Research Article
Performance-Based Comparative Assessment of Open Source Web Vulnerability Scanners
Table 7
Arachni’s reported vulnerabilities: a summary.
| Severity | Vulnerability | # of vulnerable URLs |
| High | CSRF | 53 | XSS | 30 | SQL | 21 | Source code Disclosure | 6 | Backdoor File | 5 | File Inclusion | 5 | X-Forwarded-For | 1 |
| Medium | Common directory | 68 | Unencrypted passwords | 43 | Backup files | 9 | Unvalidated redirect | 2 |
| Low | Common sensitive files | 77 | Password autocomplete | 42 | Directory listing | 4 |
| Informational | Interesting response | 123 | Insecure cookie | 90 | Email disclosure | 45 |
|
|