| Logo | Scanner | Version | Build | Vendor |
 | Acunetix WVS Free Edition | 8.0 | 20120509 | Acunetix |
| Tested Against WAVSEP Version: |
| Detection Accuracy | Chart | ||||
| 100.00% Detection Rate 0.00% False Positives | (66/66) (0/7) |
| Response Type | Input Vector | Detection Rate | Details |
| Reflected XSS | HTTP GET (Query String Parameters) | 33 out of 33 | Detected: 1-30(1st&2nd),31,32 RXSS-Experimental-GET: 1,3 |
| Reflected XSS | HTTP POST (Body Parameters) | 33 out of 33 | Detected: 1-30(1st&2nd),31,32 RXSS-Experimental-POST: 1,3 |
| False Positive RXSS Test Cases | HTTP GET (Query String Parameters) | 0 out of 7 | None |
| The test was initiated in front of each individual directory using the default configuration, a disabled port scanner feature, and without any optimizations. |
| Detection Accuracy | Chart | ||
| 92.0% Detection Rate |
| Initialized WIVET's session, selected the default scan policy (you can only do an XSS scan anyway), limited the parallel connection threads to 1 single thread,
disabled the "ignore parameters on file extensions like js, css,etc", defined a valid session identifier and excluded the logout URL (100.php) by manually removing it from WIVET's menu. I verified the results twice, and they came out the same. |