Acunetix Web Vulnerabilities Index

Vulnerability Name CVE CWE Severity
Adobe Coldfusion 8 multiple linked XSS vulnerabilies CVE-2009-1872 CWE-79 High
Adobe ColdFusion 9 administrative login bypass CVE-2013-0625 CVE-2013-0629 CVE-2013-0631 CVE-2013-0632 CWE-287 High
Adobe ColdFusion directory traversal CVE-2013-3336 CWE-22 High
Adobe Flex 3 DOM-based XSS vulnerability CVE-2008-2640 CWE-79 High
AjaxControlToolkit directory traversal CVE-2015-4670 CWE-434 High
Akeeba backup access control bypass CWE-287 High
Amazon S3 publicly writable bucket CWE-264 High
AmCharts SWF XSS vulnerability CVE-2012-1303 CWE-79 High
AngularJS client-side template injection CWE-79 High
Apache 2.0.39 Win32 directory traversal CVE-2002-0661 CWE-22 High
Apache 2.0.43 Win32 file reading vulnerability CVE-2003-0017 CWE-20 High
Apache 2.2.14 mod_isapi Dangling Pointer CVE-2010-0425 CWE-20 High
Apache Axis2 administration console weak password CWE-200 High
Apache Axis2 xsd local file inclusion CWE-22 High
Apache Geronimo default administrative credentials CWE-16 High
Apache mod_rewrite off-by-one buffer overflow vulnerability CVE-2006-3747 CWE-189 High
Apache Roller OGNL injection CVE-2013-4212 CWE-20 High
Apache Shiro Deserialization RCE CWE-78 High
Apache solr service exposed CWE-16 High
Apache Struts 2 ClassLoader manipulation and denial of service CVE-2014-0112 CWE-701 High
Apache Struts 2 ClassLoader manipulation and denial of service (S2-020) CVE-2014-0094 CWE-701 High
Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution CVE-2013-2251 CWE-20 High
Apache Struts2 remote code execution vulnerability CVE-2016-0785 CWE-78 High
Apache Struts2 remote command execution (S2-045) CVE-2017-5638 CWE-94 High
Apache Struts2 Remote Command Execution (S2-048) CVE-2017-9791 CWE-94 High
Apache Struts2 Remote Command Execution (S2-052) CVE-2017-9805 CWE-94 High
Apache Struts2 Remote Command Execution (S2-053) CVE-2017-12611 CWE-94 High
Apache Struts Remote Code Execution (S2-057) CVE-2018-11776 CWE-917 High
Apache Tomcat "allowLinking" on Case Insensitive Filesystems CWE-538 High
Apache Tomcat Information Disclosure CVE-2017-12616 CWE-200 High
Apache Tomcat insecure default administrative password CWE-284 High
Apache Tomcat JK connector security bypass CVE-2007-1860 CWE-16 High
Apache Tomcat version older than 6.0.35 CVE-2011-3190 CVE-2011-3375 CVE-2012-0022 CWE-264 High
Apache Tomcat version older than 6.0.36 CVE-2012-2733 CVE-2012-3439 CVE-2012-3546 CVE-2012-4431 CVE-2012-4534 CWE-20 High
Apache Tomcat version older than 7.0.21 CVE-2011-3190 CWE-264 High
Apache Tomcat version older than 7.0.23 CVE-2012-0022 CWE-189 High
Apache Tomcat version older than 7.0.28 CVE-2012-2733 CVE-2012-4534 CWE-20 High
Apache Tomcat version older than 7.0.30 CVE-2012-3439 CVE-2012-3544 CVE-2012-3546 CWE-20 High
Apache Tomcat version older than 7.0.32 CVE-2012-4431 CWE-264 High
Apache Win32 batch file remote command execution vulnerability CVE-2002-0061 CWE-20 High
Arbitrary EL Evaluation in RichFaces CWE-917 High
Arbitrary file creation CWE-20 High
Arbitrary file deletion CWE-20 High
Arbitrary local file read via file upload CWE-200 High
ASP.NET padding oracle vulnerability CVE-2010-3332 CWE-310 High
ASP code injection CWE-95 High
Atlassian Confluence information disclosure CVE-2017-7415 High
Atlassian Jira DOM-based cross-site scripting vulnerability CWE-79 High
Atlassian Jira insecure REST permissions High
Atlassian OAuth Plugin IconUriServlet SSRF CVE-2017-9506 CWE-918 High
Auxiliary systems SSRF CWE-918 High
Barracuda networks products multiple directory traversal vulnerabilities CWE-22 High
Bash code injection vulnerability CVE-2014-6271 CWE-78 High
Bazaar repository found CWE-538 High
Blind SQL Injection CWE-89 High
Blind XSS CWE-80 High
CakePHP 1.3.5 / 1.2.8 unserialize() vulnerability CVE-2010-4335 CWE-20 High
Check for apache versions up to 1.3.25, 2.0.38 CVE-2002-0392 CWE-119 High
Cisco Adaptive Security Appliance (ASA) Path Traversal CVE-2018-0296 CWE-22 High
CKEditor 4.0.1 cross-site scripting vulnerability CWE-79 High
Code execution CWE-94 High
CodeIgniter 2.1.3 xss_clean() filter bypass CVE-2013-4891 CWE-80 High
CodeIgniter session decoding vulnerability CWE-16 High
CodeIgniter weak encryption key CWE-200 High
ColdFusion 8 FCKEditor file upload vulnerability CVE-2009-2265 CWE-22 High
ColdFusion 9 solr service exposed CVE-2010-0185 CWE-264 High
ColdFusion directory traversal CVE-2010-2861 CWE-22 High
ColdFusion User-Agent cross-site scripting CVE-2007-0817 CWE-79 High
Configuration file disclosure CWE-538 High
Configuration file source code disclosure CWE-538 High
Core dump file CWE-200 High
CORS (Cross-Origin Resource Sharing) origin validation failure High
Cross-site scripting vulnerability in Google Web Toolkit CVE-2012-4563 CWE-80 High
Cross-site scripting vulnerability in Google Web Toolkit (CVE-2012-5920) CVE-2012-5920 CWE-80 High
Cross-site scripting vulnerability in Open Flash Chart CVE-2013-1636 CWE-79 High