Acunetix Web Vulnerabilities Index

Vulnerability Name CVE CWE Severity
Apache Tomcat version older than 5.5.27 CVE-2008-1232 CVE-2008-1947 CVE-2008-2370 CWE-22 Medium
Apache Tomcat version older than 6.0.6 CVE-2007-1358 CWE-79 Low
Apache Tomcat version older than 6.0.9 CVE-2008-0128 CWE-16 Medium
Apache Tomcat version older than 6.0.10 CVE-2007-0450 CWE-22 Medium
Apache Tomcat version older than 6.0.11 CVE-2005-2090 CVE-2007-1355 CWE-79 Medium
Apache Tomcat version older than 6.0.14 CVE-2007-2449 CVE-2007-2450 CVE-2007-3382 CVE-2007-3385 CVE-2007-3386 CWE-79 Medium
Apache Tomcat version older than 6.0.16 CVE-2007-5333 CVE-2007-5342 CVE-2007-5461 CVE-2007-6286 CVE-2008-0002 CWE-264 Medium
Apache Tomcat version older than 6.0.18 CVE-2008-1232 CVE-2008-1947 CVE-2008-2370 CWE-79 Medium
Apache Tomcat version older than 6.0.35 CVE-2011-3190 CVE-2011-3375 CVE-2012-0022 CWE-264 High
Apache Tomcat version older than 6.0.36 CVE-2012-2733 CVE-2012-3439 CVE-2012-3546 CVE-2012-4431 CVE-2012-4534 CWE-20 High
Apache Tomcat version older than 7.0.21 CVE-2011-3190 CWE-264 High
Apache Tomcat version older than 7.0.23 CVE-2012-0022 CWE-189 High
Apache Tomcat version older than 7.0.28 CVE-2012-2733 CVE-2012-4534 CWE-20 High
Apache Tomcat version older than 7.0.30 CVE-2012-3439 CVE-2012-3544 CVE-2012-3546 CWE-20 High
Apache Tomcat version older than 7.0.32 CVE-2012-4431 CWE-264 High
Apache Tomcat WAR file directory traversal vulnerability CVE-2009-2693 CVE-2009-2901 CWE-22 Medium
Apache version older than 1.3.27 CVE-2002-0839 CVE-2002-0840 CVE-2002-0843 CWE-119 Medium
Apache version older than 1.3.28 CVE-2003-0460 CWE-20 Medium
Apache version older than 1.3.29 CVE-2003-0542 CWE-119 Medium
Apache version older than 1.3.31 CVE-2003-0020 CVE-2003-0987 CVE-2003-0993 CVE-2004-0174 CWE-264 Medium
Apache version older than 1.3.34 CVE-2005-2088 CWE-20 Medium
Apache version older than 1.3.37 CVE-2006-3747 CWE-189 Medium
Apache version older than 1.3.39 CVE-2006-5752 CVE-2007-3304 CWE-79 Medium
Apache version older than 1.3.41 CVE-2007-6388 CWE-79 Medium
Apache version up to 1.3.33 htpasswd local overflow CVE-2006-1078 CWE-119 Low
Apache Win32 batch file remote command execution vulnerability CVE-2002-0061 CWE-20 High
apc.php page found CWE-538 Medium
Application error message CWE-200 Medium
Arbitrary EL Evaluation in RichFaces CWE-917 High
Arbitrary file creation CWE-20 High
Arbitrary file deletion CWE-20 High
Arbitrary file existence disclosure in Action Pack CVE-2014-7829 CWE-200 Medium
Arbitrary local file read via file upload CWE-200 High
ASP.NET: failure to require SSL for authentication cookies (AcuSensor) CWE-16 Medium
ASP.NET application-level tracing enabled (AcuSensor) CWE-16 Medium
ASP.NET application trace enabled CWE-16 Medium
ASP.NET ASPX debugging enabled (AcuSensor) CWE-16 Medium
ASP.NET cookieless authentication enabled (AcuSensor) CWE-16 Medium
ASP.NET Cookieless session state enabled (AcuSensor) CWE-16 Medium
ASP.NET cookies accessible from client-side scripts (AcuSensor) CWE-16 Medium
ASP.NET custom errors disabled (AcuSensor) CWE-16 Medium
ASP.NET debugging enabled CWE-16 Low
ASP.NET diagnostic page CWE-200 Medium
ASP.NET EnableViewStateMac turned off (AcuSensor) CWE-16 Medium
ASP.NET error message CWE-16 Medium
ASP.NET login credentials stored in plain text (AcuSensor) CWE-16 Medium
ASP.NET MVC version disclosure CWE-200 Low
ASP.NET padding oracle vulnerability CVE-2010-3332 CWE-310 High
ASP.NET path disclosure CWE-200 Low
ASP.NET ValidateRequest globally disabled (AcuSensor) CWE-16 Medium
ASP.NET version disclosure CWE-200 Low
ASP.NET ViewStateUserKey not set (AcuSensor) CWE-16 Low
ASP code injection CWE-95 High
Aspect Low
Atlassian Confluence Access Restriction Bypass CVE-2017-9505 Medium
Atlassian Confluence information disclosure CVE-2017-7415 High
Atlassian Confluence Stored Cross Site Scripting CVE-2016-6283 Medium
Atlassian Jira DOM-based cross-site scripting vulnerability CWE-79 High
Atlassian Jira insecure REST permissions High
Atlassian Jira Manage Filters information disclosure CWE-200 Low
Atlassian OAuth Plugin IconUriServlet SSRF CVE-2017-9506 CWE-918 High
Auxiliary systems SSRF CWE-918 High
AWStats script CWE-538 Medium
Backup files CWE-538 Medium
Backup files CWE-538 Medium
Barracuda networks products multiple directory traversal vulnerabilities CWE-22 High
Bash code injection vulnerability CVE-2014-6271 CWE-78 High
Basic authentication over HTTP CWE-16 Medium
Bazaar repository found CWE-538 High
Blind SQL Injection CWE-89 High
Blind XSS CWE-80 High
Bonjour service running CWE-16 Low
BREACH attack CVE-2013-3587 CWE-310 Medium
Broken links CWE-16 Informational
CakePHP 1.3.5 / 1.2.8 unserialize() vulnerability CVE-2010-4335 CWE-20 High