This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Joomla Vulnerability Scanner Limitations"
From OWASP
D0ubl3 h3lix (talk | contribs) (New page: ==Limitations== * The vulnerability database still lacks of unknown exploit checks (We need contributors for it) * There are dozens of vulnerability information left to be added * Scanner...) |
D0ubl3 h3lix (talk | contribs) (→Limitations on Current Release) |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| − | ==Limitations== | + | ==Limitations on Current Release== |
| − | * The vulnerability database still lacks of unknown exploit checks | + | * The vulnerability database still lacks of unknown exploit checks. If the exploit check is not available, the scanner verify based on deduced version. If deduced version is not available, it then cannot verify the vulnerability |
| − | + | * The Scanner lacks IDS evasion bypass | |
| − | * Scanner lacks IDS evasion bypass | + | * The Scanner lacks sophisticated fuzzing |
| + | * The Scanner is not a full fledged SQL Injection tool | ||
[[Category:OWASP_Joomla_Vulnerability_Scanner_Project]] | [[Category:OWASP_Joomla_Vulnerability_Scanner_Project]] | ||
Latest revision as of 17:58, 15 July 2009
Limitations on Current Release
- The vulnerability database still lacks of unknown exploit checks. If the exploit check is not available, the scanner verify based on deduced version. If deduced version is not available, it then cannot verify the vulnerability
- The Scanner lacks IDS evasion bypass
- The Scanner lacks sophisticated fuzzing
- The Scanner is not a full fledged SQL Injection tool
