Defective IVIL import into database

[alirezakv]

some plugins in test tools will produce several outputs on the same port like "services" in OpenVAS.
for example:
services,127.0.0.1,3128, "a web server is running"
services,127.0.0.1,3128, "a web proxy is running"

when IVIL is imported into database, based on Findings.pm line 1140, if a match of "SearchTerm" (workspace_id, scan_id, host, port, plugin) exists, it will be updated in database which in this case will cause the results of the scan being overwritten. So you will have less results on seccubus than main openvas report.
This problem also exist in a much more severe way in ZAP (because zap produces lot's of results with the same combination of "SearchTerm"). For example if ZAP finds 5 different XSS points in a page, when importing to database, the first one will be imported, the second one will overwrite the first one, ... and only the last one will exist in database.

[lukaspj]

Running a Nikto scan against multiple hostnames, only shows a single issue per finding even if it makes the same finding for each hostname. Is this related, or would the SearchTerm not match in this case?