You can get the {APPLICATION_SECRET_KEY} from each application under dashboard: https://vulert.com/dashboard/applications/
\n","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","toc":[],"owner":"22810145","collectionId":"d6ee9c32-e776-4876-bc09-a26fa65a8166","publishedId":"2s9YCBv9oa","public":true,"customColor":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"FF6C37"},"publishDate":"2023-09-22T14:51:36.000Z"},"item":[{"name":"Get Application Stats","id":"c4cbfe3f-d1c8-4042-8c43-812b91af0d72","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"url":"https://vulert.com/api/application/{APPLICATION_SECRET_KEY}","urlObject":{"path":["{APPLICATION_SECRET_KEY}"],"host":["https://vulert.com/api/application"],"query":[],"variable":[]}},"response":[{"id":"1208fe3e-225e-45ae-8c4e-1e66a635551b","name":"Get Application Stats","originalRequest":{"method":"GET","header":[],"url":"https://vulert.com/api/application/{APPLICATION_SECRET_KEY}"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"Server","value":"nginx"},{"key":"Content-Type","value":"application/json"},{"key":"Transfer-Encoding","value":"chunked"},{"key":"Connection","value":"keep-alive"},{"key":"Vary","value":"Accept-Encoding"},{"key":"X-Powered-By","value":"PHP/8.2.9"},{"key":"Cache-Control","value":"no-cache, private"},{"key":"Date","value":"Tue, 26 Sep 2023 18:19:38 GMT"},{"key":"X-RateLimit-Limit","value":"60"},{"key":"X-RateLimit-Remaining","value":"59"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"X-Frame-Options","value":"SAMEORIGIN"},{"key":"X-XSS-Protection","value":"1; mode=block"},{"key":"X-Content-Type-Options","value":"nosniff"},{"key":"Content-Encoding","value":"gzip"}],"cookie":[],"responseTime":null,"body":"{\n \"success\": true,\n \"data\": {\n \"message\": \"Application Stats Retrieved\",\n \"data\": {\n \"riskLevel\": \"Critical\",\n \"isApplicationVulnerable\": true,\n \"scanCount\": 3,\n \"currentScanVulnerabilities\": [\n {\n \"no_of_vulnerabilities\": 12,\n \"no_of_critical_vulnerabilities\": 2,\n \"no_of_high_vulnerabilities\": 7,\n \"no_of_moderate_vulnerabilities\": 3,\n \"no_of_low_vulnerabilities\": null\n }\n ],\n \"uniqueVulnerabilities\": {\n \"total\": 99,\n \"bySeverity\": {\n \"CRITICAL\": 15,\n \"HIGH\": 43,\n \"MODERATE\": 35,\n \"LOW\": 6\n }\n },\n \"scans\": [\n {\n \"id\": \"79d908ef-da62-4563-85b7-ea10d1221f0f\",\n \"created_at\": \"2023-09-26 17:51 UTC\",\n \"status\": \"Completed\",\n \"scan_count\": 2,\n \"last_scanned_at\": \"2023-09-26 17:53 UTC\",\n \"risk_level\": \"Critical\",\n \"no_of_vulnerabilities\": 12,\n \"no_of_critical_vulnerabilities\": 2,\n \"no_of_high_vulnerabilities\": 7,\n \"no_of_moderate_vulnerabilities\": 3,\n \"no_of_low_vulnerabilities\": null\n },\n {\n \"id\": \"bf080207-5290-42be-a7ee-b37404064851\",\n \"created_at\": \"2023-09-26 17:54 UTC\",\n \"status\": \"Completed\",\n \"scan_count\": 1,\n \"last_scanned_at\": \"2023-09-26 17:54 UTC\",\n \"risk_level\": \"Critical\",\n \"no_of_vulnerabilities\": 77,\n \"no_of_critical_vulnerabilities\": 12,\n \"no_of_high_vulnerabilities\": 33,\n \"no_of_moderate_vulnerabilities\": 30,\n \"no_of_low_vulnerabilities\": 2\n },\n {\n \"id\": \"012b68a1-3b3f-42ce-99d4-2257c5243e15\",\n \"created_at\": \"2023-09-26 18:01 UTC\",\n \"status\": \"Completed\",\n \"scan_count\": 5,\n \"last_scanned_at\": \"2023-09-26 18:11 UTC\",\n \"risk_level\": \"Critical\",\n \"no_of_vulnerabilities\": 18,\n \"no_of_critical_vulnerabilities\": 1,\n \"no_of_high_vulnerabilities\": 6,\n \"no_of_moderate_vulnerabilities\": 7,\n \"no_of_low_vulnerabilities\": 4\n }\n ]\n }\n }\n}"}],"_postman_id":"c4cbfe3f-d1c8-4042-8c43-812b91af0d72"},{"name":"Get Specific Scan","id":"d37d7d07-3a43-4a07-ac29-b74f3494501d","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"url":"https://vulert.com/api/application/{APPLICATION_SECRET_KEY}/scan/{SCAN_ID}","description":"{SCAN_ID} is the id of the scan of an application. You can get the scan ids from the response of \"Get Application Stats\" API.
\n","urlObject":{"protocol":"https","path":["api","application","{APPLICATION_SECRET_KEY}","scan","{SCAN_ID}"],"host":["vulert","com"],"query":[],"variable":[]}},"response":[{"id":"4c6021c0-6ff2-4f4a-ba93-130f60f5ff52","name":"Get Specific Scan","originalRequest":{"method":"GET","header":[],"url":"https://vulert.com/api/application/dddd2091-f8c9-401d-99d8-9f5a4bab5ef0/scan/79d908ef-da62-4563-85b7-ea10d1221f0f"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"Server","value":"nginx"},{"key":"Content-Type","value":"application/json"},{"key":"Transfer-Encoding","value":"chunked"},{"key":"Connection","value":"keep-alive"},{"key":"Vary","value":"Accept-Encoding"},{"key":"X-Powered-By","value":"PHP/8.2.9"},{"key":"Cache-Control","value":"no-cache, private"},{"key":"Date","value":"Tue, 26 Sep 2023 19:09:56 GMT"},{"key":"X-RateLimit-Limit","value":"60"},{"key":"X-RateLimit-Remaining","value":"59"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"X-Frame-Options","value":"SAMEORIGIN"},{"key":"X-XSS-Protection","value":"1; mode=block"},{"key":"X-Content-Type-Options","value":"nosniff"},{"key":"Content-Encoding","value":"gzip"}],"cookie":[],"responseTime":null,"body":"{\n \"success\": true,\n \"data\": {\n \"message\": \"Scan Retrieved\",\n \"data\": {\n \"scan\": {\n \"id\": \"79d908ef-da62-4563-85b7-ea10d1221f0f\",\n \"created_at\": \"2023-09-26 17:51 UTC\",\n \"status\": \"Completed\",\n \"scan_count\": 2,\n \"last_scanned_at\": \"2023-09-26 17:53 UTC\",\n \"risk_level\": \"Critical\",\n \"no_of_vulnerabilities\": 12,\n \"no_of_critical_vulnerabilities\": 2,\n \"no_of_high_vulnerabilities\": 7,\n \"no_of_moderate_vulnerabilities\": 3,\n \"no_of_low_vulnerabilities\": null\n },\n \"scanVulnerabilitieslist\": [\n {\n \"title\": \"Query Binding Exploitation\",\n \"url\": \"https://vulert.com/vuln-db/CVE-2021-21263\",\n \"vulnerable_package\": \"laravel/framework\",\n \"vulnerable_version\": \"V5.5.45\",\n \"risk\": \"HIGH\",\n \"patched\": \"Yes\",\n \"published\": \"2 years ago\"\n },\n {\n \"title\": \"SQL Server LIMIT / OFFSET SQL Injection in laravel/framework and illuminate/database\",\n \"url\": null,\n \"vulnerable_package\": \"laravel/framework\",\n \"vulnerable_version\": \"V5.5.45\",\n \"risk\": \"HIGH\",\n \"patched\": \"Yes\",\n \"published\": \"2 years ago\"\n },\n {\n \"title\": \"Laravel Framework XSS in Blade templating engine\",\n \"url\": \"https://vulert.com/vuln-db/CVE-2021-43808\",\n \"vulnerable_package\": \"laravel/framework\",\n \"vulnerable_version\": \"V5.5.45\",\n \"risk\": \"MODERATE\",\n \"patched\": \"Yes\",\n \"published\": \"1 year ago\"\n },\n {\n \"title\": \"OS Command Injection in Laravel Framework\",\n \"url\": \"https://vulert.com/vuln-db/CVE-2020-19316\",\n \"vulnerable_package\": \"laravel/framework\",\n \"vulnerable_version\": \"V5.5.45\",\n \"risk\": \"HIGH\",\n \"patched\": \"Yes\",\n \"published\": \"1 year ago\"\n },\n {\n \"title\": \"Improper Input Validation in Laravel\",\n \"url\": \"https://vulert.com/vuln-db/CVE-2020-24941\",\n \"vulnerable_package\": \"laravel/framework\",\n \"vulnerable_version\": \"V5.5.45\",\n \"risk\": \"HIGH\",\n \"patched\": \"Yes\",\n \"published\": \"2 years ago\"\n },\n {\n \"title\": \"Unexpected database bindings\",\n \"url\": null,\n \"vulnerable_package\": \"laravel/framework\",\n \"vulnerable_version\": \"V5.5.45\",\n \"risk\": \"HIGH\",\n \"patched\": \"Yes\",\n \"published\": \"2 years ago\"\n },\n {\n \"title\": \"Time-of-check Time-of-use (TOCTOU) Race Condition in league/flysystem\",\n \"url\": \"https://vulert.com/vuln-db/CVE-2021-32708\",\n \"vulnerable_package\": \"league/flysystem\",\n \"vulnerable_version\": \"1.0.51\",\n \"risk\": \"CRITICAL\",\n \"patched\": \"Yes\",\n \"published\": \"2 years ago\"\n },\n {\n \"title\": \"Symfony HTTP Foundation web cache poisoning\",\n \"url\": \"https://vulert.com/vuln-db/CVE-2018-14773\",\n \"vulnerable_package\": \"symfony/http-foundation\",\n \"vulnerable_version\": \"V3.3.6\",\n \"risk\": \"MODERATE\",\n \"patched\": \"Yes\",\n \"published\": \"1 year ago\"\n },\n {\n \"title\": \"Invalid HTTP method overrides allow possible XSS or other attacks in Symfony\",\n \"url\": \"https://vulert.com/vuln-db/CVE-2019-10913\",\n \"vulnerable_package\": \"symfony/http-foundation\",\n \"vulnerable_version\": \"V3.3.6\",\n \"risk\": \"CRITICAL\",\n \"patched\": \"Yes\",\n \"published\": \"3 years ago\"\n },\n {\n \"title\": \"Argument injection in a MimeTypeGuesser in Symfony\",\n \"url\": \"https://vulert.com/vuln-db/CVE-2019-18888\",\n \"vulnerable_package\": \"symfony/http-foundation\",\n \"vulnerable_version\": \"V3.3.6\",\n \"risk\": \"HIGH\",\n \"patched\": \"Yes\",\n \"published\": \"3 years ago\"\n },\n {\n \"title\": \"Symfony storing cookie headers in HttpCache\",\n \"url\": \"https://vulert.com/vuln-db/CVE-2022-24894\",\n \"vulnerable_package\": \"symfony/http-kernel\",\n \"vulnerable_version\": \"V3.3.6\",\n \"risk\": \"MODERATE\",\n \"patched\": \"Yes\",\n \"published\": \"7 months ago\"\n },\n {\n \"title\": \"Symfony Http-Kernel has non-constant time comparison in UriSigner\",\n \"url\": \"https://vulert.com/vuln-db/CVE-2019-18887\",\n \"vulnerable_package\": \"symfony/http-kernel\",\n \"vulnerable_version\": \"V3.3.6\",\n \"risk\": \"HIGH\",\n \"patched\": \"Yes\",\n \"published\": \"1 year ago\"\n }\n ]\n }\n }\n}"}],"_postman_id":"d37d7d07-3a43-4a07-ac29-b74f3494501d"},{"name":"Update Application","id":"53a89601-597d-4f29-903c-a0a01a50c764","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"formdata","formdata":[{"key":"name","value":"Application Private Name","description":"The name field is optional it should be string
\n","type":"text"},{"key":"isScanEnable","value":"0","description":"The isScanEnable field is optional and it should be boolean value,\n0 = disable the application for scanning/monitoring\n1 = enable the application for scanning/monitoring
\n","type":"text"},{"key":"lock_file","description":"The lock_file field is optional it should be these files\n Cargo.lock\n package-lock.json\n yarn.lock\n pnpm-lock.yaml\n composer.lock\n Gemfile.lock\n go.mod\n mix.lock\n poetry.lock\n pubspec.lock\n pom.xml\n requirements.txt\n gradle.lockfile\n buildscript-gradle.lockfile\n sbom.json\n bom.json
\n","type":"file","value":null}]},"url":"https://vulert.com/api/update-application/dddd2091-f8c9-401d-99d8-9f5a4bab5ef0","description":"Using this api you can update the name of application, Enable or disable the Application, or update it's manifest file.
\n","urlObject":{"path":["dddd2091-f8c9-401d-99d8-9f5a4bab5ef0"],"host":["https://vulert.com/api/update-application"],"query":[],"variable":[]}},"response":[{"id":"14b056a2-1676-4f4f-8589-4c3e80ddca60","name":"Update Application","originalRequest":{"method":"POST","header":[{"key":"X-Shopify-Access-Token","value":"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","type":"text","disabled":true},{"key":"name","value":"Usman Test","type":"text","disabled":true}],"body":{"mode":"formdata","formdata":[{"key":"name","value":"Application Private Name","description":"The name field is optional it should be string","type":"text"},{"key":"isScanEnable","value":"0","description":"The isScanEnable field is optional and it should be boolean value,\n0 = disable the application for scanning/monitoring\n1 = enable the application for scanning/monitoring","type":"text"},{"key":"lock_file","description":"The lock_file field is optional it should be these files\n Cargo.lock\n package-lock.json\n yarn.lock\n pnpm-lock.yaml\n composer.lock\n Gemfile.lock\n go.mod\n mix.lock\n poetry.lock\n pubspec.lock\n pom.xml\n requirements.txt\n gradle.lockfile\n buildscript-gradle.lockfile\n sbom.json\n bom.json","type":"file","value":null}]},"url":"https://vulert.com/api/update-application/{APPLICATION_SECRET_KEY}"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"Server","value":"nginx"},{"key":"Content-Type","value":"application/json"},{"key":"Transfer-Encoding","value":"chunked"},{"key":"Connection","value":"keep-alive"},{"key":"Vary","value":"Accept-Encoding"},{"key":"X-Powered-By","value":"PHP/8.2.9"},{"key":"Cache-Control","value":"no-cache, private"},{"key":"Date","value":"Tue, 26 Sep 2023 19:11:32 GMT"},{"key":"X-RateLimit-Limit","value":"60"},{"key":"X-RateLimit-Remaining","value":"59"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"X-Frame-Options","value":"SAMEORIGIN"},{"key":"X-XSS-Protection","value":"1; mode=block"},{"key":"X-Content-Type-Options","value":"nosniff"},{"key":"Content-Encoding","value":"gzip"}],"cookie":[],"responseTime":null,"body":"{\n \"success\": true,\n \"data\": {\n \"message\": \"Application updated successfully\"\n }\n}"}],"_postman_id":"53a89601-597d-4f29-903c-a0a01a50c764"},{"name":"Scan Application Manifest File","id":"bd1fedce-a9e9-46d7-ac11-abbcf0e0c424","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"formdata","formdata":[{"key":"lock_file","type":"file","description":"The lock_file field is optional it should be these files\n Cargo.lock\n package-lock.json\n yarn.lock\n pnpm-lock.yaml\n composer.lock\n Gemfile.lock\n go.mod\n mix.lock\n poetry.lock\n pubspec.lock\n pom.xml\n requirements.txt\n gradle.lockfile\n buildscript-gradle.lockfile\n sbom.json\n bom.json
\n","src":"/C:/Users/HP/Desktop/composer.lock"}]},"url":"https://vulert.com/api/scan-application/{APPLICATION_SECRET_KEY}","description":"We can utilize this API to perform a runtime scan of a manifest file, it will give also update the manifest file of your application and in response will provide the scan result of this manifest file.
\n","urlObject":{"path":["{APPLICATION_SECRET_KEY}"],"host":["https://vulert.com/api/scan-application"],"query":[],"variable":[]}},"response":[{"id":"d9548bb1-d3c8-498c-93b1-438747e2b11b","name":"Scan Application Manifest File","originalRequest":{"method":"POST","header":[],"body":{"mode":"formdata","formdata":[{"key":"lock_file","type":"file","description":"The lock_file field is optional it should be these files\n Cargo.lock\n package-lock.json\n yarn.lock\n pnpm-lock.yaml\n composer.lock\n Gemfile.lock\n go.mod\n mix.lock\n poetry.lock\n pubspec.lock\n pom.xml\n requirements.txt\n gradle.lockfile\n buildscript-gradle.lockfile\n sbom.json\n bom.json","src":"/C:/Users/HP/Desktop/composer.lock"}]},"url":"https://vulert.com/api/scan-application/{APPLICATION_SECRET_KEY}"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"Server","value":"nginx"},{"key":"Content-Type","value":"application/json"},{"key":"Transfer-Encoding","value":"chunked"},{"key":"Connection","value":"keep-alive"},{"key":"Vary","value":"Accept-Encoding"},{"key":"X-Powered-By","value":"PHP/8.2.9"},{"key":"Cache-Control","value":"no-cache, private"},{"key":"Date","value":"Tue, 26 Sep 2023 19:16:09 GMT"},{"key":"X-RateLimit-Limit","value":"60"},{"key":"X-RateLimit-Remaining","value":"59"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"X-Frame-Options","value":"SAMEORIGIN"},{"key":"X-XSS-Protection","value":"1; mode=block"},{"key":"X-Content-Type-Options","value":"nosniff"},{"key":"Content-Encoding","value":"gzip"}],"cookie":[],"responseTime":null,"body":"{\n \"success\": true,\n \"data\": {\n \"message\": \"Application Scan Completed\",\n \"data\": {\n \"riskLevel\": \"Critical\",\n \"isApplicationVulnerable\": true,\n \"scanCount\": 4,\n \"currentScanVulnerabilities\": [\n {\n \"no_of_vulnerabilities\": 12,\n \"no_of_critical_vulnerabilities\": 2,\n \"no_of_high_vulnerabilities\": 7,\n \"no_of_moderate_vulnerabilities\": 3,\n \"no_of_low_vulnerabilities\": null\n }\n ],\n \"uniqueVulnerabilities\": {\n \"total\": 99,\n \"bySeverity\": {\n \"CRITICAL\": 15,\n \"HIGH\": 43,\n \"MODERATE\": 35,\n \"LOW\": 6\n }\n },\n \"scans\": [\n {\n \"id\": \"79d908ef-da62-4563-85b7-ea10d1221f0f\",\n \"created_at\": \"2023-09-26 17:51 UTC\",\n \"status\": \"Completed\",\n \"scan_count\": 2,\n \"last_scanned_at\": \"2023-09-26 17:53 UTC\",\n \"risk_level\": \"Critical\",\n \"no_of_vulnerabilities\": 12,\n \"no_of_critical_vulnerabilities\": 2,\n \"no_of_high_vulnerabilities\": 7,\n \"no_of_moderate_vulnerabilities\": 3,\n \"no_of_low_vulnerabilities\": null\n },\n {\n \"id\": \"bf080207-5290-42be-a7ee-b37404064851\",\n \"created_at\": \"2023-09-26 17:54 UTC\",\n \"status\": \"Completed\",\n \"scan_count\": 1,\n \"last_scanned_at\": \"2023-09-26 17:54 UTC\",\n \"risk_level\": \"Critical\",\n \"no_of_vulnerabilities\": 77,\n \"no_of_critical_vulnerabilities\": 12,\n \"no_of_high_vulnerabilities\": 33,\n \"no_of_moderate_vulnerabilities\": 30,\n \"no_of_low_vulnerabilities\": 2\n },\n {\n \"id\": \"012b68a1-3b3f-42ce-99d4-2257c5243e15\",\n \"created_at\": \"2023-09-26 18:01 UTC\",\n \"status\": \"Completed\",\n \"scan_count\": 5,\n \"last_scanned_at\": \"2023-09-26 18:11 UTC\",\n \"risk_level\": \"Critical\",\n \"no_of_vulnerabilities\": 18,\n \"no_of_critical_vulnerabilities\": 1,\n \"no_of_high_vulnerabilities\": 6,\n \"no_of_moderate_vulnerabilities\": 7,\n \"no_of_low_vulnerabilities\": 4\n },\n {\n \"id\": \"8b5fd34c-216c-4b81-bd44-9847a2c377a5\",\n \"created_at\": \"2023-09-26 18:32 UTC\",\n \"status\": \"Completed\",\n \"scan_count\": 2,\n \"last_scanned_at\": \"2023-09-26 19:16 UTC\",\n \"risk_level\": \"Critical\",\n \"no_of_vulnerabilities\": 12,\n \"no_of_critical_vulnerabilities\": 2,\n \"no_of_high_vulnerabilities\": 7,\n \"no_of_moderate_vulnerabilities\": 3,\n \"no_of_low_vulnerabilities\": null\n }\n ]\n }\n }\n}"}],"_postman_id":"bd1fedce-a9e9-46d7-ac11-abbcf0e0c424"}],"variable":[{"key":"URL","value":"https://vulert.com/api/"}]}