Vulnerability Name CVE Severity
Atlassian Confluence Access Restriction Bypass CVE-2017-9505
Atlassian Confluence information disclosure CVE-2017-7415
Atlassian Confluence Stored Cross Site Scripting CVE-2016-6283
Atlassian Crowd Remote Code Execution CVE-2019-11580
Atlassian Jira DOM-based cross-site scripting vulnerability
Atlassian Jira insecure REST permissions
Atlassian Jira Manage Filters information disclosure
Atlassian OAuth Plugin IconUriServlet SSRF CVE-2017-9506
Auxiliary systems SSRF
AWStats script
Backup files
Barracuda networks products multiple directory traversal vulnerabilities
Bash code injection vulnerability CVE-2014-6271
Basic authentication over HTTP
Bazaar repository found
BigIP iRule Tcl code injection
Bitrix server test script publicly accessible
Blind XSS
Bonjour service running
BottlePy weak secret key
BREACH attack CVE-2013-3587
Broken links
CakePHP 1.3.5 / 1.2.8 unserialize() vulnerability CVE-2010-4335
Chargen service running
Check for apache versions up to 1.3.25, 2.0.38 CVE-2002-0392
Chrome Logger information disclosure
Cisco Adaptive Security Appliance (ASA) Path Traversal CVE-2018-0296
Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability CVE-2018-15440
Citrix ADC/Gateway Unauthenticated Remote Code Execution CVE-2019-19781
CKEditor 4.0.1 cross-site scripting vulnerability
Clickjacking: CSP frame-ancestors missing
Clickjacking: X-Frame-Options header missing
Code execution
CodeIgniter 2.1.3 xss_clean() filter bypass CVE-2013-4891
CodeIgniter session decoding vulnerability
CodeIgniter weak encryption key
ColdFusion 8 FCKEditor file upload vulnerability CVE-2009-2265
ColdFusion 9 solr service exposed CVE-2010-0185
ColdFusion administrator login page publicly available
ColdFusion AMF Deserialization RCE CVE-2017-3066
ColdFusion Arbitrary File Upload CVE-2018-15961
ColdFusion directory traversal CVE-2010-2861
ColdFusion FlashGateway Deserialization RCE CVE-2019-7091 CVE-2019-7091
ColdFusion JNDI injection RCE CVE-2018-15957
ColdFusion path disclosure
ColdFusion RDS Service enabled
ColdFusion Request Debugging information disclosure
ColdFusion Robust Exception enabled
ColdFusion User-Agent cross-site scripting CVE-2007-0817
Configuration file disclosure
Configuration file source code disclosure
Confluence Widget Connector SSTI CVE-2019-3396
Content Security Policy (CSP) not implemented
Content type is not specified
Cookie(s) without HttpOnly flag set
Cookie(s) without Secure flag set
Cookie signed with weak secret key
Core dump checker PHP script
Core dump file
CORS (Cross-Origin Resource Sharing) origin validation failure
CouchDB REST API publicly accessible
Credit card number disclosed
CRIME SSL/TLS attack CVE-2012-4929
CRLF injection/HTTP response splitting
CRLF injection/HTTP response splitting (Web Server)
Cross-Site Request Forgery (CSRF) (CMS Made Simple) CVE-2016-7904
Cross-site scripting vulnerability in Google Web Toolkit CVE-2012-4563
Cross-site scripting vulnerability in Google Web Toolkit (CVE-2012-5920) CVE-2012-5920
Cross-site scripting vulnerability in Open Flash Chart CVE-2013-1636
Cross domain data hijacking
Cross frame scripting
Cross site scripting
Cross Site Scripting (Category Description) (CMS Made Simple) CVE-2017-6555
Cross site scripting (content-sniffing)
Cross Site Scripting (globalmetadata) (CMS Made Simple) CVE-2017-6556