Vulnerability Name CVE Severity
Bazaar repository found
Blind SQL Injection
Blind XSS
Bonjour service running
BREACH attack CVE-2013-3587
Broken links
CakePHP 1.3.5 / 1.2.8 unserialize() vulnerability CVE-2010-4335
Chargen service running
Check for apache versions up to 1.3.25, 2.0.38 CVE-2002-0392
Chrome Logger information disclosure
Cisco Adaptive Security Appliance (ASA) Path Traversal CVE-2018-0296
CKEditor 4.0.1 cross-site scripting vulnerability
Clickjacking: X-Frame-Options header missing
Code execution
CodeIgniter 2.1.3 xss_clean() filter bypass CVE-2013-4891
CodeIgniter session decoding vulnerability
CodeIgniter weak encryption key
ColdFusion 8 FCKEditor file upload vulnerability CVE-2009-2265
ColdFusion 9 solr service exposed CVE-2010-0185
ColdFusion administrator login page publicly available
ColdFusion AMF Deserialization RCE CVE-2017-3066
ColdFusion Arbitrary File Upload CVE-2018-15961
ColdFusion directory traversal CVE-2010-2861
ColdFusion JNDI injection RCE CVE-2018-15957
ColdFusion path disclosure
ColdFusion RDS Service enabled
ColdFusion Request Debugging information disclosure
ColdFusion Robust Exception enabled
ColdFusion User-Agent cross-site scripting CVE-2007-0817
Configuration file disclosure
Configuration file source code disclosure
Content Security Policy (CSP) not implemented
Content type is not specified
Cookie(s) without HttpOnly flag set
Cookie(s) without Secure flag set
Core dump checker PHP script
Core dump file
CORS (Cross-Origin Resource Sharing) origin validation failure
CouchDB REST API publicly accessible
Credit card number disclosed
CRIME SSL/TLS attack CVE-2012-4929
CRLF injection/HTTP response splitting
CRLF injection/HTTP response splitting (Web Server)
Cross-Site Request Forgery (CSRF) (CMS Made Simple) CVE-2016-7904
Cross-site scripting vulnerability in Google Web Toolkit CVE-2012-4563
Cross-site scripting vulnerability in Google Web Toolkit (CVE-2012-5920) CVE-2012-5920
Cross-site scripting vulnerability in Open Flash Chart CVE-2013-1636
Cross domain data hijacking
Cross frame scripting
Cross site scripting
Cross Site Scripting (Category Description) (CMS Made Simple) CVE-2017-6555
Cross site scripting (content-sniffing)
Cross Site Scripting (globalmetadata) (CMS Made Simple) CVE-2017-6556
Cross site scripting in HTTP-01 ACME challenge implementation
Cross site scripting vulnerability in clipboard.swf
Cross site scripting vulnerability in flowplayer SWF CVE-2013-7342
Cross site scripting vulnerability in jPlayer SWF CVE-2013-2023
Cross site scripting vulnerability in JW Player SWF CVE-2012-3351
Cross site scripting vulnerability in SimpleViewer
Cross site scripting vulnerability in Uploadify SWF
Cross site scripting vulnerability in ZeroClipboard.swf
CVS web repository
Database connection string disclosure
Data Binding Expression Vulnerability in Spring Web Flow CVE-2017-4971
Daytime service running
Debian OpenSSL predictable random number generator (SSH) CVE-2008-0166
Debian OpenSSL predictable random number generator (SSL) CVE-2008-0166
Deserialization of Untrusted Data (Java JSON Deserialization)
Deserialization of Untrusted Data (Java JSON Deserialization)
Deserialization of Untrusted Data (Java JSON Deserialization)
Deserialization of Untrusted Data (Java JSON Deserialization)
Deserialization of Untrusted Data (Java Object Deserialization)
Development configuration file
Devise weak password
Directory listing