Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.qaos.machdel.com/llms.txt

Use this file to discover all available pages before exploring further.

The QAOS Security Agent analyzes your web application for vulnerabilities that could be exploited by attackers to steal data, gain unauthorized access, or compromise user accounts.

Issue catalog

Issue IDCategorySeverity
unauthenticated-resource-accessAccess ControlCritical
privilege-escalationAccess ControlCritical
access-control-method-bypassAccess ControlCritical
forced-browsing-direct-url-accessAccess ControlCritical
default-accounts-presentAuthenticationCritical
default-credentials-in-domAuthenticationCritical
cookie-token-forgeryAuthenticationCritical
no-password-spraying-protectionAuthenticationHigh
no-login-rate-limitingAuthenticationHigh
compromised-credentials-acceptedAuthenticationHigh
weak-password-acceptedAuthenticationMedium
session-id-in-urlSession ManagementCritical
user-input-not-filteredInjectionHigh
hostile-data-used-in-queryInjectionHigh
untrusted-data-concatenation-dynamic-queryInjectionHigh
orm-parameter-extraction-in-urlInjectionHigh
orm-parameter-extraction-in-formInjectionHigh
misconfigured-security-headersCryptographyHigh
misconfigured-corsCryptographyHigh
exposed-sensitive-fileInfo DisclosureCritical
sensitive-data-loggedInfo DisclosureHigh
server-info-leakageInfo DisclosureMedium
detailed-error-messageInfo DisclosureMedium
detailed-error-pageInfo DisclosureMedium
local-log-storageInfo DisclosureMedium
log-event-exposureInfo DisclosureLow
user-input-not-validatedInput ValidationLow