if critical vulnerability found.
Scanner cannot log in Solution: Re-record login macro; check if CAPTCHA or 2FA is present (not supported). web vulnerability scanner acunetix
| Vulnerability | FP Cause | Fix | |---------------|----------|-----| | SQL Injection | Input echoed back but no DB execution | Manually verify with sleep() payload | | XSS | Application encodes output but scanner didn't detect encoding | Use AcuSensor or manual test | | Path Traversal | File read errors misinterpreted | Check if actual file contents exposed | | Host Header Injection | Scanner sees a reflected header | Verify if exploit can poison cache | if critical vulnerability found
if critical vulnerability found.
Scanner cannot log in Solution: Re-record login macro; check if CAPTCHA or 2FA is present (not supported).
| Vulnerability | FP Cause | Fix | |---------------|----------|-----| | SQL Injection | Input echoed back but no DB execution | Manually verify with sleep() payload | | XSS | Application encodes output but scanner didn't detect encoding | Use AcuSensor or manual test | | Path Traversal | File read errors misinterpreted | Check if actual file contents exposed | | Host Header Injection | Scanner sees a reflected header | Verify if exploit can poison cache |