Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Owasp Api Bfla Owasp Api Bola Owasp Api Broken Auth Owasp Api Broken Object Prop Auth Owasp Api Dos Owasp Api Improper Inventory Management Owasp Api Misconfiguration Owasp Api Ssrf Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-9251) CVE-2015-9251 CWE-707 CWE-707 Medium WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-7103) CVE-2016-7103 CWE-707 CWE-707 Medium WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-10219) CVE-2019-10219 CWE-707 CWE-707 Medium WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11022) CVE-2020-11022 CWE-707 CWE-707 Medium WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11023) CVE-2020-11023 CWE-707 CWE-707 Medium WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-14572) CVE-2020-14572 CWE-707 CWE-707 Medium WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182) CVE-2021-41182 CWE-707 CWE-707 Medium WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41183) CVE-2021-41183 CWE-707 CWE-707 Medium WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41184) CVE-2021-41184 CWE-707 CWE-707 Medium WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-29577) CVE-2022-29577 CWE-707 CWE-707 Medium WebLogic Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-2725) CVE-2019-2725 CWE-138 CWE-138 Critical WebLogic Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression La Vulnerability (CVE-2021-28170) CVE-2021-28170 CWE-138 CWE-138 Medium WebLogic Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-23305) CVE-2022-23305 CWE-138 CWE-138 Critical WebLogic Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2008-3257) CVE-2008-3257 CWE-119 CWE-119 Critical WebLogic Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2018-11040) CVE-2018-11040 CWE-829 CWE-829 High WebLogic Incorrect Authorization Vulnerability (CVE-2018-1258) CVE-2018-1258 CWE-863 CWE-863 High WebLogic Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2020-8908) CVE-2020-8908 CWE-732 CWE-732 Low WebLogic Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1324) CVE-2018-1324 CWE-835 CWE-835 Medium WebLogic Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-11771) CVE-2018-11771 CWE-835 CWE-835 Medium WebLogic Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2022-23437) CVE-2022-23437 CWE-835 CWE-835 Medium WebLogic Missing Authentication for Critical Function Vulnerability (CVE-2024-21007) CVE-2024-21007 CWE-306 CWE-306 High WebLogic Observable Discrepancy Vulnerability (CVE-2019-3739) CVE-2019-3739 CWE-203 CWE-203 Medium WebLogic Observable Discrepancy Vulnerability (CVE-2019-3740) CVE-2019-3740 CWE-203 CWE-203 Medium WebLogic Other Vulnerability (CVE-2020-10672) CVE-2020-10672 High WebLogic Other Vulnerability (CVE-2020-10673) CVE-2020-10673 High WebLogic Other Vulnerability (CVE-2022-24891) CVE-2022-24891 Medium WebLogic Out-of-bounds Write Vulnerability (CVE-2020-36518) CVE-2020-36518 CWE-787 CWE-787 High WebLogic Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-11987) CVE-2020-11987 CWE-918 CWE-918 High WebLogic Server Side Request Forgery CVE-2014-4241 CVE-2014-4210 CVE-2014-4242 CWE-918 CWE-918 High WebLogic Uncontrolled Resource Consumption Vulnerability (CVE-2016-8610) CVE-2016-8610 CWE-400 CWE-400 High WebLogic Uncontrolled Resource Consumption Vulnerability (CVE-2022-24839) CVE-2022-24839 CWE-400 CWE-400 Medium WebLogic Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-21347) CVE-2021-21347 CWE-434 CWE-434 Critical WebLogic Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2018-1000180) CVE-2018-1000180 CWE-327 CWE-327 High WebLogic Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2021-2351) CVE-2021-2351 CWE-327 CWE-327 High WebLogic Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') Vulnerability (CVE-2018-1000613) CVE-2018-1000613 CWE-470 CWE-470 Critical Webmail weak password CWE-200 CWE-200 High Webmin v1.920 Unauhenticated Remote Command Execution CVE-2019-15107 CWE-94 CWE-94 High WebPageTest Unauthorized Access Vulnerability CWE-200 CWE-200 Medium WEBrick v.1.3 directory traversal CVE-2008-1145 CWE-22 CWE-22 High Web Server Cache Poisoning (CMS Made Simple) v1.x CVE-2016-2784 CWE-20 CWE-20 Low Web Server Cache Poisoning (CMS Made Simple) v2.x CVE-2016-2784 CWE-20 CWE-20 High Web server default welcome page CWE-200 CWE-200 Informational Werkzeug WSGI Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-25577) CVE-2023-25577 CWE-770 CWE-770 High Werkzeug WSGI Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-49767) CVE-2024-49767 CWE-770 CWE-770 High Werkzeug WSGI CVE-2023-23934 Vulnerability (CVE-2023-23934) CVE-2023-23934 Low Werkzeug WSGI Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-14322) CVE-2019-14322 CWE-22 CWE-22 High Werkzeug WSGI Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10516) CVE-2016-10516 CWE-707 CWE-707 Medium Werkzeug WSGI Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2022-29361) CVE-2022-29361 Critical Werkzeug WSGI Insufficient Entropy Vulnerability (CVE-2019-14806) CVE-2019-14806 CWE-331 CWE-331 High Werkzeug WSGI Out-of-bounds Write Vulnerability (CVE-2023-46136) CVE-2023-46136 CWE-787 CWE-787 High Werkzeug WSGI URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-28724) CVE-2020-28724 CWE-601 CWE-601 Medium Whoops error handler component detected CWE-200 CWE-200 Low Wildcard Detected in Domain Portion of Content Security Policy (CSP) Directive CWE-16 CWE-16 Informational Wildcard Detected in Port Portion of Content Security Policy (CSP) Directive CWE-16 CWE-16 Informational Wildcard Detected in Scheme Portion of Content Security Policy (CSP) Directive CWE-16 CWE-16 Informational WildFly Application Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0793) CVE-2016-0793 CWE-200 CWE-200 High WildFly Application Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1047) CVE-2018-1047 CWE-22 CWE-22 Medium WildFly Application Server Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') Vulnerability (CVE-2016-4993) CVE-2016-4993 CWE-113 CWE-113 Medium WildFly Application Server Uncontrolled Resource Consumption Vulnerability (CVE-2016-9589) CVE-2016-9589 CWE-400 CWE-400 High WooCommerce Payments Authentication Bypass and Privilege Escalation CVE-2023-28121 CWE-287 CWE-287 High WooFramework shortcode exploit CWE-95 CWE-95 High WordPress 'admin-ajax.php' SQL Injection Vulnerability (2.1.3) CVE-2007-2821 CWE-89 CWE-89 High WordPress 'blog.header.php' Multiple SQL Injection Vulnerabilities (0.6.2 - 0.71) CWE-89 CWE-89 High WordPress 'cat' Parameter SQL Injection Vulnerability (1.5 - 1.5.1.1) CVE-2005-1810 CWE-89 CWE-89 High WordPress 'comment_post_ID' Parameter SQL Injection Vulnerability (3.0.4) CWE-89 CWE-89 High WordPress 'edit.php' Cross-Site Scripting Vulnerability (1.5) CWE-79 CWE-79 High WordPress 'get_edit_post_link()' and 'get_edit_comment_link()' Multiple Eavesdropping Vulnerabilities (0.6.2 - 2.6) CVE-2008-3747 CWE-264 CWE-264 High WordPress 'index.php' Cross-Site Scripting Vulnerability (1.5) CWE-79 CWE-79 High WordPress 'paged' Parameter SQL Injection Vulnerability (2.0.2 - 2.0.5) CVE-2006-3389 CWE-89 CWE-89 High WordPress 'post.php' Cross-Site Scripting Vulnerability (1.5) CWE-79 CWE-79 High WordPress 'press-this.php' Multiple Cross-Site Scripting Vulnerabilities (2.0 - 2.5.1) CVE-2008-3233 CWE-79 CWE-79 High WordPress 'press-this.php' Remote Security Bypass Vulnerability (0.7 - 3.1.1) CVE-2011-5270 CWE-264 CWE-264 High WordPress 'swfupload.swf' Cross-Site Scripting Vulnerability (2.5 - 3.3.1) CVE-2012-3414 CWE-79 CWE-79 High WordPress 'templates.php' Cross-Site Scripting Vulnerability (0.6.2 - 2.1) CVE-2007-1049 CWE-79 CWE-79 High WordPress 'wp-admin/admin.php' Module Configuration Security Bypass Vulnerability (0.6.2 - 2.8) CVE-2009-2334 CWE-287 CWE-287 High 1...183184185186...307 184 / 307
