Vulnerability Name CVE Severity
Atlassian Confluence Stored Cross Site Scripting CVE-2016-6283
Atlassian Crowd Remote Code Execution CVE-2019-11580
Atlassian Jira insecure REST permissions
Atlassian Jira Manage Filters information disclosure
Atlassian JIRA Servicedesk misconfiguration
Atlassian OAuth Plugin IconUriServlet SSRF CVE-2017-9506
Auxiliary systems SSRF
AWStats script
Backup files
Barracuda networks products multiple directory traversal vulnerabilities
Bash code injection vulnerability CVE-2014-6271
Basic authentication over HTTP
Bazaar repository found
BigIP iRule Tcl code injection
Bitrix server test script publicly accessible
Blind XSS
BottlePy weak secret key
Broken Link Hijacking
CakePHP 1.3.5 / 1.2.8 unserialize() vulnerability CVE-2010-4335
Check for apache versions up to 1.3.25, 2.0.38 CVE-2002-0392
Chrome Logger information disclosure
Cisco Adaptive Security Appliance (ASA) Path Traversal (CVE-2018-0296) CVE-2018-0296
Cisco Adaptive Security Appliance (ASA) Path Traversal CVE-2020-3452
Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability CVE-2018-15440
Citrix ADC/Gateway Unauthenticated Remote Code Execution CVE-2019-19781
Citrix XenMobile Server Path Traversal CVE-2020-8209
CKEditor 4.0.1 cross-site scripting vulnerability
Clickjacking: CSP frame-ancestors missing
Clickjacking: X-Frame-Options header missing
Client SidePrototype pollution
Clockwork PHP dev tool enabled
Cmd hijack vulnerability
Code execution
CodeIgniter 2.1.3 xss_clean() filter bypass CVE-2013-4891
CodeIgniter session decoding vulnerability
CodeIgniter weak encryption key
ColdFusion 8 FCKEditor file upload vulnerability CVE-2009-2265
ColdFusion 9 solr service exposed CVE-2010-0185
ColdFusion administrator login page publicly available
ColdFusion AMF Deserialization RCE CVE-2017-3066
ColdFusion Arbitrary File Upload CVE-2018-15961
ColdFusion directory traversal CVE-2010-2861
ColdFusion FlashGateway Deserialization RCE CVE-2019-7091 CVE-2019-7091
ColdFusion JNDI injection RCE CVE-2018-15957
ColdFusion path disclosures
ColdFusion RDS Service enabled
ColdFusion Request Debugging information disclosure
ColdFusion Robust Exception enabled
ColdFusion User-Agent cross-site scripting CVE-2007-0817
Composer installed.json publicly accessible
Configuration file disclosure
Configuration file source code disclosure
Confluence Widget Connector SSTI CVE-2019-3396
Content Security Policy (CSP) not implemented
Content type is not specified
Cookie signed with weak secret key
Cookies with missing, inconsistent or contradictory properties
Cookies without HttpOnly flag set
Cookies without Secure flag set
Cookies with Secure flag set over insecure connection
Core dump checker PHP script
Core dump file
CORS (Cross-Origin Resource Sharing) origin validation failure
CouchDB REST API publicly accessible
Credit card number disclosed
CRIME SSL/TLS attack CVE-2012-4929
CRLF injection/HTTP response splitting
CRLF injection/HTTP response splitting (Web Server)
Cross-Site Request Forgery (CSRF) (CMS Made Simple) CVE-2016-7904
Cross-site scripting vulnerability in Google Web Toolkit CVE-2012-4563
Cross-site scripting vulnerability in Google Web Toolkit (CVE-2012-5920) CVE-2012-5920
Cross-site scripting vulnerability in Open Flash Chart CVE-2013-1636
Cross domain data hijacking
Cross frame scripting
Cross site scripting