Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Sensitive Information Disclosure Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Xss - Known Vulnerabilities Vulnerability Name CVE CWE CWE Severity TCExam Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-5743) CVE-2020-5743 CWE-200 CWE-200 Medium TCExam Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-20114) CVE-2021-20114 CWE-200 CWE-200 High TCExam Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-5744) CVE-2020-5744 CWE-22 CWE-22 Medium TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4238) CVE-2012-4238 CWE-707 CWE-707 Low TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4602) CVE-2012-4602 CWE-707 CWE-707 Medium TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-13422) CVE-2018-13422 CWE-707 CWE-707 Medium TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5745) CVE-2020-5745 CWE-707 CWE-707 High TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5746) CVE-2020-5746 CWE-707 CWE-707 Medium TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5747) CVE-2020-5747 CWE-707 CWE-707 Medium TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5748) CVE-2020-5748 CWE-707 CWE-707 Medium TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5749) CVE-2020-5749 CWE-707 CWE-707 Medium TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5750) CVE-2020-5750 CWE-707 CWE-707 Medium TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5751) CVE-2020-5751 CWE-707 CWE-707 Medium TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20111) CVE-2021-20111 CWE-707 CWE-707 Medium TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20112) CVE-2021-20112 CWE-707 CWE-707 Medium TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20115) CVE-2021-20115 CWE-707 CWE-707 Medium TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20116) CVE-2021-20116 CWE-707 CWE-707 Medium TCExam Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-4237) CVE-2012-4237 CWE-138 CWE-138 Medium TCExam Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-4601) CVE-2012-4601 CWE-138 CWE-138 Medium TCExam Missing Authorization Vulnerability (CVE-2023-6554) CVE-2023-6554 CWE-862 CWE-862 Medium TCExam Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2021-20113) CVE-2021-20113 Medium TCExam Other Vulnerability (CVE-2010-2153) CVE-2010-2153 Medium TCPDF arbitrary file read CWE-98 CWE-98 High TeamCity Authentication Bypass (CVE-2023-42793) CVE-2023-42793 CWE-287 CWE-287 Critical TeamCity Authentication Bypass (CVE-2024-27198) CVE-2024-27198 CWE-288 CWE-288 Critical TeamCity Authentication Bypass (CVE-2024-27199) CVE-2024-27199 CWE-288 CWE-288 High Telerik.Web.UI.dll Cryptographic Weakness CVE-2017-9248 CWE-338 CWE-338 High Telerik Report Server Authentication Bypass Vulnerability CVE-2024-4358 CWE-287 CWE-287 Critical Telerik Web UI Deserialization of Untrusted Data Vulnerability (CVE-2019-18935) CVE-2019-18935 CWE-502 CWE-502 Critical Telerik Web UI Improper Input Validation Vulnerability (CVE-2017-11357) CVE-2017-11357 CWE-20 CWE-20 Critical Telerik Web UI Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-2217) CVE-2014-2217 CWE-22 CWE-22 High Telerik Web UI Inadequate Encryption Strength Vulnerability (CVE-2017-11317) CVE-2017-11317 CWE-326 CWE-326 Critical Telerik Web UI Insecure Direct Object Reference CVE-2017-11357 CWE-78 CWE-78 High Telerik Web UI Insufficiently Protected Credentials Vulnerability (CVE-2017-9248) CVE-2017-9248 CWE-522 CWE-522 Critical Telerik Web UI Missing Authorization Vulnerability (CVE-2021-28141) CVE-2021-28141 CWE-862 CWE-862 Critical Telerik Web UI RadAsyncUpload Deserialization CVE-2019-18935 CWE-78 CWE-78 High Telerik Web UI Unrestricted File Upload (CVE-2014-2217) CVE-2014-2217 CWE-78 CWE-78 High Telerik Web UI Unrestricted File Upload (CVE-2017-11317) CVE-2017-11317 CWE-78 CWE-78 High Test CGI script leaking environment variables Medium TestRail Information Disclosure (CVE-2021-40875) CVE-2021-40875 CWE-425 CWE-425 Medium Text4shell: Apache Commons Text RCE via insecure interpolation CVE-2022-42889 CWE-94 CWE-94 Critical The DROWN attack (SSLv2 supported) CVE-2016-0800 CWE-310 CWE-310 High The FREAK attack CVE-2015-0204 CWE-310 CWE-310 Medium The GHOST Vulnerability CVE-2015-0235 CWE-119 CWE-119 High The Heartbleed Bug CVE-2014-0160 CWE-200 CWE-200 High The POODLE attack (SSLv3 with CBC cipher suites) CVE-2014-3566 CWE-326 CWE-326 Medium ThinkPHP v5.0.22/5.1.29 Remote Code Execution Vulnerability CWE-94 CWE-94 High Three.js Uncontrolled Resource Consumption Vulnerability (CVE-2020-28496) CVE-2020-28496 CWE-400 CWE-400 High Tiki Wiki CMS: Arbitrary Code Execution High Tiki Wiki CMS: Arbitrary File Download High Tiki Wiki CMS: Remote Code Execution via Calendar Module High timthumb.php remote code execution CVE-2011-4106 CWE-20 CWE-20 High TimThumb WebShot remote code execution CWE-94 CWE-94 High TinyMCE ajax_create_folder remote code execution vulnerability CWE-94 CWE-94 High TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1010091) CVE-2019-1010091 CWE-707 CWE-707 Medium TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12648) CVE-2020-12648 CWE-707 CWE-707 Medium TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-17480) CVE-2020-17480 CWE-707 CWE-707 Medium TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23066) CVE-2020-23066 CWE-707 CWE-707 Medium TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23494) CVE-2022-23494 CWE-707 CWE-707 Medium TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-45818) CVE-2023-45818 CWE-707 CWE-707 Medium TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-45819) CVE-2023-45819 CWE-707 CWE-707 Medium TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-48219) CVE-2023-48219 CWE-707 CWE-707 Medium TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21908) CVE-2024-21908 CWE-707 CWE-707 Medium TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21910) CVE-2024-21910 CWE-707 CWE-707 Medium TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21911) CVE-2024-21911 CWE-707 CWE-707 Medium TLS/SSL (EC)DHE Key Reuse CWE-310 CWE-310 Informational TLS/SSL certificate key size too small CWE-310 CWE-310 Medium TLS/SSL LOGJAM attack CVE-2015-4000 CWE-310 CWE-310 Medium TLS/SSL Sweet32 attack CVE-2016-2183 CVE-2016-6329 CWE-310 CWE-310 Medium TLS/SSL Weak Cipher Suites CWE-310 CWE-310 Medium Tomcat path traversal via reverse proxy mapping CWE-22 CWE-22 High Tomcat status page CWE-200 CWE-200 Low ToolsPack malware plugin CWE-95 CWE-95 High TorchServe Management API publicly exposed CVE-2023-43654 CWE-200 CWE-200 High TorchServe Management API SSRF (CVE-2023-43654) CVE-2023-43654 CWE-918 CWE-918 Critical 1...175176177178...309 176 / 309
