Acunetix Web Vulnerabilities Index

Vulnerability Name CVE CWE Severity
.htaccess file readable CWE-16 Medium
Access database found CWE-538 Medium
Adobe Coldfusion 8 multiple linked XSS vulnerabilies CVE-2009-1872 CWE-79 High
Adobe ColdFusion 9 administrative login bypass CVE-2013-0625 CVE-2013-0629 CVE-2013-0631 CVE-2013-0632 CWE-287 High
Adobe ColdFusion directory traversal CVE-2013-3336 CWE-22 High
Adobe Flex 3 DOM-based XSS vulnerability CVE-2008-2640 CWE-79 High
AjaxControlToolkit directory traversal CVE-2015-4670 CWE-434 High
Akeeba backup access control bypass CWE-287 High
Amazon S3 public bucket CWE-264 Medium
Amazon S3 publicly writable bucket CWE-264 High
AmCharts SWF XSS vulnerability CVE-2012-1303 CWE-79 High
AngularJS client-side template injection CWE-79 High
Apache 2.0.39 Win32 directory traversal CVE-2002-0661 CWE-22 High
Apache 2.0.43 Win32 file reading vulnerability CVE-2003-0017 CWE-20 High
Apache 2.2.14 mod_isapi Dangling Pointer CVE-2010-0425 CWE-20 High
Apache 2.x version equal to 2.0.51 CVE-2004-0811 CWE-264 Medium
Apache 2.x version older than 2.0.43 CVE-2002-0840 CVE-2002-1156 CWE-538 Medium
Apache 2.x version older than 2.0.45 CVE-2003-0132 CWE-400 Medium
Apache 2.x version older than 2.0.46 CVE-2003-0083 CVE-2003-0134 CVE-2003-0189 CVE-2003-0245 CWE-20 Medium
Apache 2.x version older than 2.0.47 CVE-2003-0192 CVE-2003-0253 CVE-2003-0254 CWE-20 Medium
Apache 2.x version older than 2.0.48 CVE-2003-0542 CVE-2003-0789 CWE-119 Medium
Apache 2.x version older than 2.0.49 CVE-2003-0020 CVE-2004-0113 CVE-2004-0174 CWE-20 Medium
Apache 2.x version older than 2.0.51 CVE-2004-0747 CVE-2004-0748 CVE-2004-0751 CVE-2004-0786 CVE-2004-0809 CWE-119 Medium
Apache 2.x version older than 2.0.55 CVE-2005-1268 CVE-2005-2088 CVE-2005-2491 CVE-2005-2700 CVE-2005-2728 CVE-2005-2970 CWE-119 Medium
Apache 2.x version older than 2.0.61 CVE-2006-5752 CVE-2007-1863 CVE-2007-3304 CVE-2007-3847 CWE-701 Medium
Apache 2.x version older than 2.0.63 CVE-2007-5000 CVE-2007-6388 CVE-2008-0005 CWE-79 Medium
Apache 2.x version older than 2.2.3 CVE-2006-3747 CWE-189 Medium
Apache 2.x version older than 2.2.6 CVE-2006-5752 CVE-2007-1862 CVE-2007-1863 CVE-2007-3304 CVE-2007-3847 CWE-20 Medium
Apache 2.x version older than 2.2.8 CVE-2007-5000 CVE-2007-6388 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 CWE-79 Medium
Apache 2.x version older than 2.2.9 CVE-2007-6420 CVE-2008-2364 CWE-399 Medium
Apache 2.x version older than 2.2.10 CVE-2008-2939 CVE-2010-2791 CWE-79 Low
Apache Axis2 administration console weak password CWE-200 High
Apache Axis2 information disclosure CWE-200 Medium
Apache Axis2 web services enumeration CWE-200 Low
Apache Axis2 xsd local file inclusion CWE-22 High
Apache configured to run as proxy CWE-16 Medium
Apache error log escape sequence injection vulnerability CVE-2003-0020 CWE-20 Medium
Apache Geronimo default administrative credentials CWE-16 High
Apache httpd remote denial of service CVE-2011-3192 CWE-399 Medium
Apache httpOnly cookie disclosure CVE-2012-0053 CWE-264 Medium
Apache JServ protocol service CWE-16 Medium
Apache mod_negotiation filename bruteforcing CWE-538 Low
Apache mod_rewrite off-by-one buffer overflow vulnerability CVE-2006-3747 CWE-189 High
Apache perl-status enabled CWE-200 Medium
Apache Proxy HTTP CONNECT method enabled CWE-16 Medium
Apache Roller OGNL injection CVE-2013-4212 CWE-20 High
Apache server-info enabled CWE-200 Medium
Apache server-status enabled CWE-200 Medium
Apache Shiro Deserialization RCE CWE-78 High
Apache Solr endpoint CWE-16 Low
Apache solr service exposed CWE-16 High
Apache stronghold-info enabled CWE-200 Low
Apache stronghold-status enabled CWE-200 Low
Apache Struts 2 ClassLoader manipulation and denial of service CVE-2014-0112 CWE-701 High
Apache Struts 2 ClassLoader manipulation and denial of service (S2-020) CVE-2014-0094 CWE-701 High
Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution CVE-2013-2251 CWE-20 High
Apache Struts2 remote code execution vulnerability CVE-2016-0785 CWE-78 High
Apache Struts2 remote command execution (S2-045) CVE-2017-5638 CWE-94 High
Apache Struts2 Remote Command Execution (S2-048) CVE-2017-9791 CWE-94 High
Apache Struts2 Remote Command Execution (S2-052) CVE-2017-9805 CWE-94 High
Apache Struts2 Remote Command Execution (S2-053) CVE-2017-12611 CWE-94 High
Apache Struts Remote Code Execution (S2-057) CVE-2018-11776 CWE-917 High
Apache Tomcat "allowLinking" on Case Insensitive Filesystems CWE-538 High
Apache Tomcat directory host Appbase authentication bypass vulnerability CVE-2009-2901 CWE-264 Medium
Apache Tomcat directory traversal CVE-2007-0450 CWE-22 Medium
Apache Tomcat examples directory vulnerabilities CWE-264 Medium
Apache Tomcat hello.jsp XSS CVE-2007-1355 CWE-79 Low
Apache Tomcat Information Disclosure CVE-2017-12616 CWE-200 High
Apache Tomcat insecure default administrative password CWE-284 High
Apache Tomcat JK connector security bypass CVE-2007-1860 CWE-16 High
Apache Tomcat sample files CWE-538 Medium
Apache Tomcat version older than 4.1.37 CVE-2005-3164 CVE-2007-1355 CVE-2007-2449 CVE-2007-2450 CVE-2007-3382 CVE-2007-3383 CVE-2007-3385 CVE-2007-5333 CVE-2007-5461 CWE-79 Medium
Apache Tomcat version older than 4.1.39 CVE-2008-0128 CVE-2008-1232 CVE-2008-2370 CWE-22 Medium
Apache Tomcat version older than 5.5.25 CVE-2007-2449 CVE-2007-2450 CVE-2007-3382 CVE-2007-3385 CVE-2007-3386 CWE-79 Medium
Apache Tomcat version older than 5.5.26 CVE-2007-5333 CVE-2007-5342 CVE-2007-5461 CVE-2007-6286 CWE-264 Medium