Comodo Help
Find the desired product help
Xcitium SIEM

Xcitium SIEM

cWatch Web Security - Domain Administrator Guide

English

Print Help Download Help
Website Data And Settings > Security Scans > Vulnerability Scans > CMS Vulnerability Scans
  • Introduction To Comodo CWatch Web Security
    • Purchase A License
    • License Types
    • Login To The Admin Console
    • Add Websites
  • The Main Interface
  • The Dashboard
  • Website Data And Settings
    • Website Overview
    • Security Scans
      • Website Scans
      • Website Files Security Scans
        • Malware Scan Settings
          • Automatic Configuration
          • Manual Configuration
        • Run A Scan And View Results
        • Notifications, Malware Removal And Scheduled Scans
      • Vulnerability Scans
        • CMS Vulnerability Scans
        • OWASP Top 10 Vulnerability Scans
    • Content Delivery Network
      • Activate CDN For A Website
      • CDN Settings
      • View CDN Metrics
    • Firewall
      • WAF Statistics
      • WAF Events
      • Configure WAF Policies
      • Manage Custom Firewall Rules
    • SSL Configuration
    • DNS Configuration
    • Add Trust Seal To Your Websites
    • Back Up Your Website
      • Purchase A Backup License
      • Backup Settings
      • On-Demand Backup
      • View Backup Records And File Statistics
      • Restore And Download Website Files
      • Delete Backups
  • View And Upgrade Licenses For Domains
  • Manage Your Profile
  • Get Support
  • About Comodo Security Solutions

CMS Vulnerability Scans


  • Select a website from the drop-down at top-left
  • Click 'Scan' > 'Vulnerability Scan’

The content management system (CMS) scanner inspects your core site, plugins and themes to identify vulnerabilities in your current version.


The scanner supports the following types of CMS:

  • WordPress
  • Joomla
  • Drupal
  • ModX
  • Typo3

See the following for more help:

  • The scan interface
  • Run an on-demand scan
  • View detailed results of the last scan
  • View the results of previous scans

The scan interface

  • Open the cWatch dashboard
  • Select the target website from the menu at top-left
  • Click the 'Scan' tab then 'Vulnerability Scan’




The last scan area on the right shows the results of the most recent scan.

  • Scan Date - When the most recent discovery was run.
  • Version - The version number of the CMS that was scanned. This is the CMS version that your site runs on.
  • Status - Whether the website has vulnerabilities or not.
  • Not Vulnerable - No weaknesses detected.
  • Vulnerable - Security threats found. Click on the row to view more details and fix advice.
  • Failed - Scan did not run for some reason.
  • CMS format not identified - Shown if the site doesn't use a supported CMS, or because cWatch couldn't detect the CMS type for other reasons.
  • Click the 'Refresh' icon at top-right to reload the results of the latest scan.
The pane lets you:
  • Run an on-demand scan
  • View detailed results of the last scan
  • View the results of previous scans
Start an on-demand CMS scan


You can manually start a CMS scan at anytime:

  • Open the cWatch dashboard
  • Select the target website from the menu at top-left
  • Click the 'Scan' tab then 'Vulnerability Scan’




  • cWatch will begin scanning the domain for CMS vulnerabilities
  • Scan results are shown in the 'Last Scan' box on the right
  • Click the 'Refresh' icon at top-right to reload the results of the scan
  • Alerts will be generated if any vulnerabilities are found.
  • Click 'View Full Report' for a comprehensive overview of discovered vulnerabilities
  • See View detailed results of the last scan for more details

View detailed results

  • Select the target website from the menu at top-left
  • Click the 'Scan' tab then 'Vulnerability'
  • Click 'View Full Report' under 'Last Scan' in the CMS scan pane as shown below:




Vulnerability information is available for the following CMS components:

  • Core
  • Plugins
  • Theme
  • Select a tab to view a list of vulnerabilities in the component
  • Click the '+' icon at the left of an item to view its details:




CMS Vulnerabilities - Column Descriptions

Column Header

Description

Vulnerability

A short description of the weakness.

Patch Fix

The version of the CMS in which the vulnerability was fixed. Update your CMS to this version to remove the vulnerability from your site.

Reference

Links to detailed information about the vulnerability and guidance to fix the issue.

  • Click 'See More' to view a list of reference pages

Found in

The version of the CMS in which the vulnerability was discovered.

  • Click 'See More' to view a list of versions in which the vulnerability is found

Latest Version

The most recent version of the CMS available. We advise customers to upgrade to the latest version if possible.


View results of previous scans


You can view the results of the 10 most recent CMS scans on your site.

  • Select the target website from the menu at top-left
  • Click the 'Scan' tab then 'Vulnerability'
  • Click 'View Scan History' in the 'CMS Scan' pane




The dates of the previous scans are shown at the top of the history window.

  • Select a date to view detailed results from the scan run on that day

See View detailed results of the last scan if you need more help with this.

Our Products
  • Free Antivirus
  • Free Internet Security
  • Website Malware Removal
  • Free Anti-Malware
  • Anti-Spam (Free Trial)
  • Windows Antivirus
  • Antivirus for Windows 7
  • Antivirus for Windows 8
  • Antivirus for Windows 10
  • Antivirus for MAC
  • Antivirus for Linux
  • Free Endpoint Security
  • Free ModSecurity
  • Free RMM
  • Free Website Malware Scanner
  • Free Device Manager for Android
  • Free Demo
  • Network Security
  • Endpoint Protection
  • Antivirus for Android
  • Comodo Antivirus
  • Wordpress Security
Cheap CDN
  • Bootstrap CDN
  • Semantic UI CDN
  • Jquery CDN
  • CDN Plans
  • CDN
  • Free CDN
Enterprise
  • Patch Management Software
  • Patch Manager
  • Service Desk
  • Website Down
  • Endpoint Protection Solutions
  • Website Security Check
  • Remote Monitoring and Management
  • Website Security
  • Device Manager
  • ITSM
  • CRM
  • MSP
  • Android Device Manager
  • MDR Services
  • Ransomware Prevention
  • Managed IT Support Services
  • Free EDR
Free SSL Certificate
Support Partners Terms and Conditions Privacy Policy

© Comodo Group, Inc. 2023. All rights reserved.