Severity High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity (Possible) Cross site scripting CWE-79 CWE-79 Informational .htaccess file readable CWE-443 CWE-443 Medium .NET HTTP Remoting publicly exposed CWE-502 CWE-502 High .NET JSON.NET Deserialization RCE CWE-502 CWE-502 High Access-Control-Allow-Origin header with wildcard (*) value CWE-284 CWE-284 Informational Access database found CWE-538 CWE-538 Medium ACME mini_httpd arbitrary file read CVE-2018-18778 CWE-23 CWE-23 High Adminer 4.6.2 file disclosure vulnerability CWE-22 CWE-22 High Adminer Server Side Request Forgery (SSRF) CVE-2021-21311 CWE-918 CWE-918 Medium Adobe Coldfusion 8 multiple linked XSS vulnerabilies CVE-2009-1872 CWE-79 CWE-79 High Adobe ColdFusion 9 administrative login bypass CVE-2013-0625 CVE-2013-0629 CVE-2013-0631 CVE-2013-0632 CWE-287 CWE-287 High Adobe ColdFusion directory traversal CVE-2013-3336 CWE-22 CWE-22 High Adobe Experience Manager Information Disclosure via Apache Sling v2.3.6 vulnerability CVE-2016-0956 CWE-668 CWE-668 Medium Adobe Experience Manager Misconfiguration CVE-2016-0957 CWE-693 CWE-693 High Adobe Flex 3 DOM-based XSS vulnerability CVE-2008-2640 CWE-79 CWE-79 High Agentejo Cockpit CMS resetpassword NoSQLi (CVE-2020-35847) CVE-2020-35847 CWE-89 CWE-89 High AjaxControlToolkit directory traversal CVE-2015-4670 CWE-434 CWE-434 High AjaxPro.NET Professional Deserialization RCE (CVE-2021-23758) CWE-502 CWE-502 High Akeeba backup access control bypass CWE-287 CWE-287 High Alibaba Nacos Authentication Bypass (CVE-2021-29441) CWE-287 CWE-287 High Amazon S3 public bucket CWE-264 CWE-264 Medium Amazon S3 publicly writable bucket CWE-264 CWE-264 High AngularJS client-side template injection CWE-79 CWE-79 High Apache 2.2.14 mod_isapi Dangling Pointer CVE-2010-0425 CWE-20 CWE-20 High Apache 2.x version equal to 2.0.51 CVE-2004-0811 CWE-264 CWE-264 Medium Apache 2.x version older than 2.0.43 CVE-2002-0840 CVE-2002-1156 CWE-538 CWE-538 Medium Apache 2.x version older than 2.0.45 CVE-2003-0132 CWE-400 CWE-400 Medium Apache 2.x version older than 2.0.46 CVE-2003-0083 CVE-2003-0134 CVE-2003-0189 CVE-2003-0245 CWE-20 CWE-20 Medium Apache 2.x version older than 2.0.47 CVE-2003-0192 CVE-2003-0253 CVE-2003-0254 CWE-20 CWE-20 Medium Apache 2.x version older than 2.0.48 CVE-2003-0542 CVE-2003-0789 CWE-119 CWE-119 Medium Apache 2.x version older than 2.0.49 CVE-2003-0020 CVE-2004-0113 CVE-2004-0174 CWE-20 CWE-20 Medium Apache 2.x version older than 2.0.51 CVE-2004-0747 CVE-2004-0748 CVE-2004-0751 CVE-2004-0786 CVE-2004-0809 CWE-119 CWE-119 Medium Apache 2.x version older than 2.0.55 CVE-2005-1268 CVE-2005-2088 CVE-2005-2491 CVE-2005-2700 CVE-2005-2728 CVE-2005-2970 CWE-119 CWE-119 Medium Apache 2.x version older than 2.0.61 CVE-2006-5752 CVE-2007-1863 CVE-2007-3304 CVE-2007-3847 CWE-701 CWE-701 Medium Apache 2.x version older than 2.0.63 CVE-2007-5000 CVE-2007-6388 CVE-2008-0005 CWE-79 CWE-79 Medium Apache 2.x version older than 2.2.3 CVE-2006-3747 CWE-189 CWE-189 Medium Apache 2.x version older than 2.2.6 CVE-2006-5752 CVE-2007-1862 CVE-2007-1863 CVE-2007-3304 CVE-2007-3847 CWE-20 CWE-20 Medium Apache 2.x version older than 2.2.8 CVE-2007-5000 CVE-2007-6388 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 CWE-79 CWE-79 Medium Apache 2.x version older than 2.2.9 CVE-2007-6420 CVE-2008-2364 CWE-399 CWE-399 Medium Apache 2.x version older than 2.2.10 CVE-2008-2939 CVE-2010-2791 CWE-79 CWE-79 Low Apache ActiveMQ default administrative credentials High Apache Airflow default credentials CWE-798 CWE-798 High Apache Airflow Experimental API Auth Bypass CVE-2020-13927 CVE-2020-13927 CWE-200 CWE-200 High Apache Airflow Exposed configuration CWE-200 CWE-200 Medium Apache Airflow Unauthorized Access Vulnerability CWE-200 CWE-200 High Apache APISIX default token (CVE-2020-13945/CVE-2022-24112) CVE-2020-13945 CWE-259 CWE-259 Medium Apache Axis2 administration console weak password CWE-200 CWE-200 High Apache Axis2 information disclosure CWE-200 CWE-200 Medium Apache Axis2 web services enumeration CWE-200 CWE-200 Low Apache Axis2 xsd local file inclusion CWE-22 CWE-22 High Apache balancer-manager application publicly accessible CWE-200 CWE-200 Medium Apache Cassandra Unauthorized Access Vulnerability CWE-200 CWE-200 Medium Apache configured to run as proxy CWE-441 CWE-441 Medium Apache CouchDB JSON Remote Privilege Escalation Vulnerability CVE-2017-12635 CWE-285 CWE-285 High Apache error log escape sequence injection vulnerability CVE-2003-0020 CWE-20 CWE-20 Medium Apache Flink jobmanager/logs Path Traversal CVE-2020-17519 CWE-22 CWE-22 High Apache Geronimo default administrative credentials CWE-693 CWE-693 High Apache httpd remote denial of service CVE-2011-3192 CWE-399 CWE-399 Medium Apache httpOnly cookie disclosure CVE-2012-0053 CWE-264 CWE-264 Medium Apache HTTP Server Insecure Path Normalization (CVE-2021-41773, CVE-2021-42013) CVE-2021-42013 CWE-22 CWE-22 High Apache HTTP Server mod_proxy SSRF (CVE-2021-40438) CVE-2021-40438 CWE-918 CWE-918 High Apache HTTP Server Source Code Disclosure CWE-540 CWE-540 Medium Apache JServ protocol service CWE-200 CWE-200 Medium Apache Kafka Unauthorized Access Vulnerability CWE-200 CWE-200 Medium Apache Log4j2 JNDI Remote Code Execution CVE-2021-44228 CWE-78 CWE-78 High Apache Log4j2 JNDI Remote Code Execution (404 page handler) CVE-2021-44228 CWE-78 CWE-78 High Apache Log4j2 JNDI Remote Code Execution (delayed) CVE-2021-44228 CWE-78 CWE-78 High Apache Log4j2 JNDI Remote Code Execution (per folder) CVE-2021-44228 CWE-78 CWE-78 High Apache Log4j socket receiver deserialization vulnerability CVE-2017-5645 CWE-502 CWE-502 High Apache mod_jk access control bypass CVE-2018-11759 CWE-918 CWE-918 Medium Apache mod_negotiation filename bruteforcing CWE-538 CWE-538 Low Apache mod_rewrite off-by-one buffer overflow vulnerability CVE-2006-3747 CWE-189 CWE-189 High Apache mod_rewrite open redirect CVE-2019-10098 CWE-601 CWE-601 Medium Apache OFBiz Log4Shell RCE CVE-2021-44228 CWE-78 CWE-78 High Apache OFBiz SOAPService Deserialization RCE CVE-2021-26295 CWE-502 CWE-502 High 12345...127 1 / 127
