Node.Security

Security Audit of Ui-grid

ISGroup SRL performed an automated Code Review (not a real Static Analysis, more a grep-on-steroid) of this NodeJS project in order to identify potential security vulnerabilities. We do not guarantee that all the findings are valid, and for sure there are plenty of false-positives and false-negatives (undetected issues) but it's free and your project could benefit from this security analisys. The following data is also available in JSON format!

Possible Security Issues
Issue Description Line File
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 83 test/unit/core/directives/ui-grid-row.spec.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 50 src/features/auto-resize-grid/test/auto-resize-grid.spec.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 80 src/features/auto-resize-grid/test/auto-resize-grid.spec.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 37 src/features/auto-resize-grid/js/auto-resize.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 563 src/features/edit/js/gridEdit.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 960 src/features/exporter/js/exporter.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 736 src/features/selection/js/selection.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 1403 src/js/core/services/ui-grid-util.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 240 src/js/core/directives/ui-grid.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 230 src/js/i18n/ui-i18n.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 6 misc/site/js/bootstrap.min.js
Server Side Injection(SSI) - setInterval() User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 6 misc/site/js/bootstrap.min.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 249 lib/test/jquery.simulate.js
Server Side Injection(SSI) - new Function() User controlled data in 'new Function()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 992 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 2725 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 2747 lib/test/angular/1.3.0/angular.js
Key Hardcoded A hardcoded key in plain text was identified. 4761 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 4945 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 5238 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 5248 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 6261 lib/test/angular/1.3.0/angular.js
Username Hardcoded A hardcoded username in plain text was identified. Store it properly in a config file. 9874 lib/test/angular/1.3.0/angular.js
Username Hardcoded A hardcoded username in plain text was identified. Store it properly in a config file. 9875 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - setInterval() User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 10208 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - new Function() User controlled data in 'new Function()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 12302 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 12631 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 12667 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 13939 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 14110 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 14111 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 14191 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 14204 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 14221 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 14258 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 20854 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 21137 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 21305 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 21643 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 21652 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 22366 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 23282 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 23311 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 23420 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 23640 lib/test/angular/1.3.0/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 23659 lib/test/angular/1.3.0/angular.js
Key Hardcoded A hardcoded key in plain text was identified. 1128 lib/test/angular/1.3.0/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1592 lib/test/angular/1.3.0/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1593 lib/test/angular/1.3.0/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1594 lib/test/angular/1.3.0/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1595 lib/test/angular/1.3.0/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1596 lib/test/angular/1.3.0/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1597 lib/test/angular/1.3.0/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1598 lib/test/angular/1.3.0/angular-animate.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 2346 lib/test/angular/1.2.8/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 4174 lib/test/angular/1.2.8/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 4400 lib/test/angular/1.2.8/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 4410 lib/test/angular/1.2.8/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 5089 lib/test/angular/1.2.8/angular.js
Server Side Injection(SSI) - setInterval() User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 8437 lib/test/angular/1.2.8/angular.js
Server Side Injection(SSI) - new Function() User controlled data in 'new Function()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 10490 lib/test/angular/1.2.8/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 10715 lib/test/angular/1.2.8/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 11775 lib/test/angular/1.2.8/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 11936 lib/test/angular/1.2.8/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 11937 lib/test/angular/1.2.8/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 12019 lib/test/angular/1.2.8/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 12032 lib/test/angular/1.2.8/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 12049 lib/test/angular/1.2.8/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 16107 lib/test/angular/1.2.8/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 16851 lib/test/angular/1.2.8/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 17029 lib/test/angular/1.2.8/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 17232 lib/test/angular/1.2.8/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 17241 lib/test/angular/1.2.8/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 18506 lib/test/angular/1.2.8/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 18533 lib/test/angular/1.2.8/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 18619 lib/test/angular/1.2.8/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 18836 lib/test/angular/1.2.8/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 18855 lib/test/angular/1.2.8/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 19755 lib/test/angular/1.2.8/angular.js
Key Hardcoded A hardcoded key in plain text was identified. 899 lib/test/angular/1.2.8/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 900 lib/test/angular/1.2.8/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 901 lib/test/angular/1.2.8/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 902 lib/test/angular/1.2.8/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 903 lib/test/angular/1.2.8/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 904 lib/test/angular/1.2.8/angular-animate.js
Server Side Injection(SSI) - new Function() User controlled data in 'new Function()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 1064 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 2979 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 3001 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 5654 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 5664 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 6703 lib/test/angular/1.4.3/angular.js
Username Hardcoded A hardcoded username in plain text was identified. Store it properly in a config file. 10764 lib/test/angular/1.4.3/angular.js
Username Hardcoded A hardcoded username in plain text was identified. Store it properly in a config file. 10765 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - setInterval() User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 11075 lib/test/angular/1.4.3/angular.js
Key Hardcoded A hardcoded key in plain text was identified. 13122 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - new Function() User controlled data in 'new Function()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 13145 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 14286 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 14322 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 15657 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 15833 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 15834 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 15915 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 15928 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 15945 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 15982 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 22079 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 22370 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 22386 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 22395 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 23144 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 24063 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 24092 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 24201 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 25565 lib/test/angular/1.4.3/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 26634 lib/test/angular/1.4.3/angular.js
Key Hardcoded A hardcoded key in plain text was identified. 570 lib/test/angular/1.4.3/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 571 lib/test/angular/1.4.3/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 572 lib/test/angular/1.4.3/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 573 lib/test/angular/1.4.3/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 574 lib/test/angular/1.4.3/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 575 lib/test/angular/1.4.3/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 732 lib/test/angular/1.4.3/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 2629 lib/test/angular/1.4.3/angular-animate.js
Server Side Injection(SSI) - new Function() User controlled data in 'new Function()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 1027 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 2578 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 4465 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 4693 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 4703 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 5551 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - setInterval() User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 9039 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - new Function() User controlled data in 'new Function()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 11125 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 11348 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 12514 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 12689 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 12690 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 12770 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 12783 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 12800 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 17121 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 17976 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 18164 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 18385 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 18394 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 19881 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 19908 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 20002 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 20222 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 20241 lib/test/angular/1.2.26/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 21185 lib/test/angular/1.2.26/angular.js
Key Hardcoded A hardcoded key in plain text was identified. 1150 lib/test/angular/1.2.26/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1151 lib/test/angular/1.2.26/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1152 lib/test/angular/1.2.26/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1153 lib/test/angular/1.2.26/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1154 lib/test/angular/1.2.26/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1155 lib/test/angular/1.2.26/angular-animate.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 2407 lib/test/angular/1.2.14/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 4261 lib/test/angular/1.2.14/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 4482 lib/test/angular/1.2.14/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 4492 lib/test/angular/1.2.14/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 5175 lib/test/angular/1.2.14/angular.js
Server Side Injection(SSI) - setInterval() User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 8555 lib/test/angular/1.2.14/angular.js
Server Side Injection(SSI) - new Function() User controlled data in 'new Function()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 10594 lib/test/angular/1.2.14/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 10817 lib/test/angular/1.2.14/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 11903 lib/test/angular/1.2.14/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 12062 lib/test/angular/1.2.14/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 12063 lib/test/angular/1.2.14/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 12143 lib/test/angular/1.2.14/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 12156 lib/test/angular/1.2.14/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 12173 lib/test/angular/1.2.14/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 16352 lib/test/angular/1.2.14/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 17191 lib/test/angular/1.2.14/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 17377 lib/test/angular/1.2.14/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 17583 lib/test/angular/1.2.14/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 17592 lib/test/angular/1.2.14/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 18943 lib/test/angular/1.2.14/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 18970 lib/test/angular/1.2.14/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 19063 lib/test/angular/1.2.14/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 19282 lib/test/angular/1.2.14/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 19301 lib/test/angular/1.2.14/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 20248 lib/test/angular/1.2.14/angular.js
Key Hardcoded A hardcoded key in plain text was identified. 1075 lib/test/angular/1.2.14/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1076 lib/test/angular/1.2.14/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1077 lib/test/angular/1.2.14/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1078 lib/test/angular/1.2.14/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1079 lib/test/angular/1.2.14/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1080 lib/test/angular/1.2.14/angular-animate.js
Server Side Injection(SSI) - new Function() User controlled data in 'new Function()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 942 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 2711 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 2733 lib/test/angular/1.3.6/angular.js
Key Hardcoded A hardcoded key in plain text was identified. 4774 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 4962 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 5257 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 5267 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 6283 lib/test/angular/1.3.6/angular.js
Username Hardcoded A hardcoded username in plain text was identified. Store it properly in a config file. 10000 lib/test/angular/1.3.6/angular.js
Username Hardcoded A hardcoded username in plain text was identified. Store it properly in a config file. 10001 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - setInterval() User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 10335 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - new Function() User controlled data in 'new Function()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 12502 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 12858 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 12894 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 14169 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 14340 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 14341 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 14421 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 14434 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 14451 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 14488 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 21232 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 21521 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 21689 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 22026 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 22035 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 22749 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 23667 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 23696 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 23805 lib/test/angular/1.3.6/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 24027 lib/test/angular/1.3.6/angular.js
Key Hardcoded A hardcoded key in plain text was identified. 1153 lib/test/angular/1.3.6/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1617 lib/test/angular/1.3.6/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1618 lib/test/angular/1.3.6/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1619 lib/test/angular/1.3.6/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1620 lib/test/angular/1.3.6/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1621 lib/test/angular/1.3.6/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1622 lib/test/angular/1.3.6/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1623 lib/test/angular/1.3.6/angular-animate.js
Server Side Injection(SSI) - new Function() User controlled data in 'new Function()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 959 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 2756 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 2778 lib/test/angular/1.3.16/angular.js
Key Hardcoded A hardcoded key in plain text was identified. 4825 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 5013 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 5316 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 5326 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 6361 lib/test/angular/1.3.16/angular.js
Username Hardcoded A hardcoded username in plain text was identified. Store it properly in a config file. 10120 lib/test/angular/1.3.16/angular.js
Username Hardcoded A hardcoded username in plain text was identified. Store it properly in a config file. 10121 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - setInterval() User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 10455 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - new Function() User controlled data in 'new Function()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 12657 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 13013 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - setTimeout() User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 13049 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 14363 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 14534 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 14535 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 14616 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 14629 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 14646 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 14683 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 20492 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 20783 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 20799 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 20808 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 21519 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 22437 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 22466 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 22575 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 23925 lib/test/angular/1.3.16/angular.js
Server Side Injection(SSI) - eval() User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). 24264 lib/test/angular/1.3.16/angular.js
Key Hardcoded A hardcoded key in plain text was identified. 1156 lib/test/angular/1.3.16/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1619 lib/test/angular/1.3.16/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1620 lib/test/angular/1.3.16/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1621 lib/test/angular/1.3.16/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1622 lib/test/angular/1.3.16/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1623 lib/test/angular/1.3.16/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1624 lib/test/angular/1.3.16/angular-animate.js
Key Hardcoded A hardcoded key in plain text was identified. 1625 lib/test/angular/1.3.16/angular-animate.js
Missing Security Features
Issue Description
Missing Security Header - X-Frame-Options (XFO) X-Frame-Options (XFO) header provides protection against Clickjacking attacks.
Missing Security Header - Content-Security-Policy (CSP) Content Security Policy (CSP), a mechanism web applications can use to mitigate a broad class of content injection vulnerabilities, such as cross-site scripting (XSS). CSP Header was not found.
Missing Security Header - Strict-Transport-Security (HSTS) Strict-Transport-Security (HSTS) header enforces secure (HTTP over SSL/TLS) connections to the server.
Missing 'httpOnly' in Cookie JavaScript can access Cookies if they are not marked httpOnly.
Infromation Disclosure - X-Powered-By Remove the X-Powered-By header to prevent information gathering.
Missing Security Header - X-Content-Type-Options X-Content-Type-Options header prevents Internet Explorer and Google Chrome from MIME-sniffing a response away from the declared content-type.
Missing Security Header - X-Download-Options: noopen X-Download-Options header set to noopen prevents IE users from directly opening and executing downloads in your site's context.
Missing Security Header - X-XSS-Protection:1 X-XSS-Protection header set to 1 enables the Cross-site scripting (XSS) filter built into most recent web browsers.
Missing Security Header - Public-Key-Pins (HPKP) Public-Key-Pins (HPKP) ensures that certificate is Pinned.
Outdated Libraries
File Library Reference