Vulnerability Name CVE Severity
silverstripeCMS CVE-2019-12617 Vulnerability (CVE-2019-12617) CVE-2019-12617
silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0976) CVE-2012-0976
Snoop Servlet information disclosure
Spring Boot Misconfiguration: Spring Boot Actuator shutdown endpoint is web exposed
Squid Improper Input Validation Vulnerability (CVE-2015-3455) CVE-2015-3455
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4053) CVE-2016-4053
Stack Trace Disclosure (Apache MyFaces)
Stack Trace Disclosure (ASP.NET)
Stack Trace Disclosure (CakePHP)
Stack Trace Disclosure (CherryPy)
Stack Trace Disclosure (Grails)
Stack Trace Disclosure (GWT)
Stack Trace Disclosure (NodeJS)
Stack Trace Disclosure (Ruby-Sinatra Framework)
Stack Trace Disclosure (Tomcat)
Symfony debug mode enabled
Symfony ESI (Edge-Side Includes) enabled
TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4238) CVE-2012-4238
Tomcat status page
TRACE Method enabled
TRACK Method enabled
Typo3 debug mode enabled
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-3529) CVE-2012-3529
TYPO3 Improper Authentication Vulnerability (CVE-2015-2047) CVE-2015-2047
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3629) CVE-2009-3629
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5097) CVE-2010-5097
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5098) CVE-2010-5098
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5100) CVE-2010-5100
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1606) CVE-2012-1606
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3528) CVE-2012-3528
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6145) CVE-2012-6145
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6147) CVE-2012-6147
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6148) CVE-2012-6148
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-7074) CVE-2013-7074
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-7078) CVE-2013-7078
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3943) CVE-2014-3943
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5956) CVE-2015-5956
TYPO3 Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-26229) CVE-2020-26229
TYPO3 Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-11063) CVE-2020-11063
TYPO3 Other Vulnerability (CVE-2006-5069) CVE-2006-5069
Typo3 sensitive files
Unfiltered header injection in Apache 1.3.34/2.0.57/2.2.1 CVE-2006-3918
Unrestricted access to a monitoring system
Unrestricted access to ImageResizer Diagnotics plugin
Unrestricted access to NGINX+ Status module
Unrestricted access to Prometheus
Unrestricted access to Prometheus Metrics
Vanilla Forums Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-9889) CVE-2019-9889
Vanilla Forums Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4954) CVE-2012-4954
Varnish Cache Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0345) CVE-2013-0345
Version Disclosure (ASP.NET)
Version Disclosure (ASP.NET MVC)
Version Disclosure (IIS)
Version Disclosure (PHP)
ViewsState is not Encrypted
Vulnerable package dependencies [low]
WebLogic CVE-2016-0688 Vulnerability (CVE-2016-0688) CVE-2016-0688
WebLogic CVE-2021-1996 Vulnerability (CVE-2021-1996) CVE-2021-1996
WebLogic Improper Certificate Validation Vulnerability (CVE-2020-9488) CVE-2020-9488
WebLogic Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2020-8908) CVE-2020-8908
Web Server Cache Poisoning (CMS Made Simple) v1.x CVE-2016-2784
Werkzeug WSGI CVE-2023-23934 Vulnerability (CVE-2023-23934) CVE-2023-23934
Whoops error handler component detected
WordPress admin accessible without HTTP authentication
WordPress Authentication Bypass Using an Alternate Path or Channel Vulnerability (CVE-2020-4050) CVE-2020-4050
WordPress default administrator account
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-5868) CVE-2012-5868
WordPress full path disclosure
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-1732) CVE-2007-1732
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-5710) CVE-2007-5710
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3891) CVE-2009-3891
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0700) CVE-2011-0700
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0287) CVE-2012-0287
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-5739) CVE-2013-5739
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5240) CVE-2014-5240