Low Severity Vulnerabilities

Vulnerability Name CVE CWE Severity
ASP.NET MVC version disclosure CWE-200  Low
ASP.NET debugging enabled CWE-16  Low
ASP.NET path disclosure CWE-200  Low
ASP.NET version disclosure CWE-200  Low
Apache 2.x version older than 2.2.10 CVE-2008-2939  CVE-2010-2791  CWE-79  Low
Apache Axis2 web services enumeration CWE-200  Low
Apache Solr endpoint CWE-16  Low
Apache Tomcat hello.jsp XSS CVE-2007-1355  CWE-79  Low
Apache Tomcat version older than 6.0.6 CVE-2007-1358  CWE-79  Low
Apache mod_negotiation filename bruteforcing CWE-538  Low
Apache stronghold-info enabled CWE-200  Low
Apache stronghold-status enabled CWE-200  Low
Apache version up to 1.3.33 htpasswd local overflow CVE-2006-1078  CWE-119  Low
Aspect Low
Bonjour service running CWE-16  Low
Clickjacking: X-Frame-Options header missing CWE-693  Low
ColdFusion administrator login page publicly available CWE-16  Low
ColdFusion path disclosure CWE-200  Low
Cookie without HttpOnly flag set CWE-16  Low
Cookie without Secure flag set CWE-16  Low
Documentation file CWE-538  Low
Environment variable information disclosure CWE-200  Low
Error page path disclosure CWE-200  Low
FTP anonymous logins CWE-16  Low
File upload CWE-16  Low
Frontpage extensions enabled CWE-16  Low
HTML Form found in redirect page CWE-287  Low
Hidden form input named price was found CWE-16  Low
Insecure Flash embed parameter CWE-284  Low
Insecure response with wildcard '*' in Access-Control-Allow-Origin CWE-16  Low
Insecure transition from HTTPS to HTTP in form post CWE-200  Low
Internet Information Server returns IP address in HTTP header (Content-Location) CWE-200  Low
JBoss web service console CWE-200  Low
JVM version leakage CWE-200  Low
Login page password-guessing attack CWE-307  Low
Microsoft IIS Server service.cnf file found CWE-538  Low
MySQL Community Server 5.0 to 5.0.45 multiple vulnerabilities CVE-2007-2691  CVE-2007-2692  CVE-2007-3780  CVE-2007-3781  CVE-2007-3782  CWE-264  Low
MySQL username disclosure CWE-538  Low
OPTIONS method is enabled CWE-200  Low
PHP.exe Windows CGI for Apache may let remote users view files on the server CVE-2002-2029  CWE-16  Low
Possible SQL Statement in comment CWE-200  Low
Possible relative path overwrite CWE-20  Low
Possible sensitive directories CWE-200  Low
Possible sensitive files CWE-200  Low
Possible virtual host found CWE-200  Low
Public key certificate CWE-200  Low
Rlogin service running CWE-16  Low
Rsh service running CWE-16  Low
Ruby on Rails CookieStore session cookie persistence CWE-284  Low
SMB list shares CWE-16  Low
SMB null session CWE-16  Low
Sensitive data not encrypted CWE-200  Low
Sensitive page could be cached CWE-200  Low
Session Cookie scoped to parent domain CWE-16  Low
Session token in URL CWE-200  Low
Slow response time CWE-400  Low
TRACE method is enabled CWE-16  Low
TRACK method is enabled CWE-16  Low
Telnet service running CWE-16  Low
Tomcat status page CWE-200  Low
WebDAV enabled CWE-16  Low
WordPress admin accessible without HTTP authentication CWE-16  Low
WordPress default administrator account CWE-16  Low
WordPress full path disclosure CWE-200  Low
XDMCP service running CWE-16  Low
Your SSL certificate is about to expire CWE-298  Low