Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Citrix Gateway Open Redirect And XSS Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity PHP Other Vulnerability (CVE-2005-3054) CVE-2005-3054 Low PHP Other Vulnerability (CVE-2005-3319) CVE-2005-3319 Low PHP Other Vulnerability (CVE-2006-1014) CVE-2006-1014 Low PHP Other Vulnerability (CVE-2006-1494) CVE-2006-1494 Low PHP Other Vulnerability (CVE-2006-1608) CVE-2006-1608 Low PHP Other Vulnerability (CVE-2006-2563) CVE-2006-2563 Low PHP Other Vulnerability (CVE-2006-2660) CVE-2006-2660 Low PHP Other Vulnerability (CVE-2006-4484) CVE-2006-4484 Low PHP Other Vulnerability (CVE-2006-4625) CVE-2006-4625 Low PHP Other Vulnerability (CVE-2006-7204) CVE-2006-7204 Low PHP Other Vulnerability (CVE-2007-2727) CVE-2007-2727 Low PHP Other Vulnerability (CVE-2012-3450) CVE-2012-3450 Low PHP Resource Management Errors Vulnerability (CVE-2006-1549) CVE-2006-1549 Low PHP Use After Free Vulnerability (CVE-2020-7068) CVE-2020-7068 CWE-416 CWE-416 Low PHP Use of Externally-Controlled Format String Vulnerability (CVE-2009-0754) CVE-2009-0754 CWE-134 CWE-134 Low Phusion Passenger Other Vulnerability (CVE-2014-1831) CVE-2014-1831 Low Phusion Passenger Other Vulnerability (CVE-2014-1832) CVE-2014-1832 Low Play Framework Data Amplification Vulnerability (CVE-2020-28923) CVE-2020-28923 Low Plone CMS Improper Input Validation Vulnerability (CVE-2013-4199) CVE-2013-4199 CWE-20 CWE-20 Low Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1949) CVE-2011-1949 CWE-707 CWE-707 Low Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-5502) CVE-2012-5502 CWE-707 CWE-707 Low PmWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-1481) CVE-2010-1481 CWE-707 CWE-707 Low Possible CSRF (Cross-site request forgery) CWE-352 CWE-352 Low Possible sensitive directories CWE-200 CWE-200 Low Possible sensitive files CWE-200 CWE-200 Low Possible SQL Statement in comment CWE-200 CWE-200 Low Possible username or password disclosure CWE-200 CWE-200 Low Possible virtual host found CWE-200 CWE-200 Low PostgreSQL CVE-2022-41862 Vulnerability (CVE-2022-41862) CVE-2022-41862 Low PostgreSQL Numeric Errors Vulnerability (CVE-2010-0733) CVE-2010-0733 Low PostgreSQL Other Vulnerability (CVE-1999-0862) CVE-1999-0862 Low PostgreSQL Other Vulnerability (CVE-2004-0977) CVE-2004-0977 Low PostgreSQL Other Vulnerability (CVE-2005-1410) CVE-2005-1410 Low PostgreSQL Other Vulnerability (CVE-2006-0678) CVE-2006-0678 Low PostgreSQL Out-of-bounds Read Vulnerability (CVE-2019-10209) CVE-2019-10209 CWE-125 CWE-125 Low Programming Error Messages CWE-209 CWE-209 Low Python Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2014-2667) CVE-2014-2667 CWE-362 CWE-362 Low Python Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4940) CVE-2011-4940 CWE-707 CWE-707 Low Python Other Vulnerability (CVE-2006-1542) CVE-2006-1542 Low Python Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4944) CVE-2011-4944 CWE-264 CWE-264 Low Python Use After Free Vulnerability (CVE-2018-1000030) CVE-2018-1000030 CWE-416 CWE-416 Low ReviveAdserver Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-7368) CVE-2015-7368 CWE-200 CWE-200 Low ReviveAdserver Other Vulnerability (CVE-2016-9471) CVE-2016-9471 Low Roundcube Cross-site Scripting (XSS) Vulnerability (CVE-2015-8105) CVE-2015-8105 Low Roundcube Improper Input Validation Vulnerability (CVE-2011-1491) CVE-2011-1491 CWE-20 CWE-20 Low Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1253) CVE-2012-1253 CWE-707 CWE-707 Low Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3507) CVE-2012-3507 CWE-707 CWE-707 Low Ruby on Rails 7PK - Security Features Vulnerability (CVE-2015-7576) CVE-2015-7576 Low Ruby on Rails CookieStore session cookie persistence CWE-284 CWE-284 Low Sensitive pages could be cached CWE-200 CWE-200 Low Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-2957) CVE-2010-2957 CWE-707 CWE-707 Low Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-2289) CVE-2015-2289 CWE-707 CWE-707 Low Session cookies scoped to parent domain CWE-284 CWE-284 Low Session ID in URL CWE-200 CWE-200 Low Snoop Servlet information disclosure CWE-200 CWE-200 Low Spring Boot Misconfiguration: Spring Boot Actuator shutdown endpoint is web exposed CWE-16 CWE-16 Low Squid Improper Input Validation Vulnerability (CVE-2015-3455) CVE-2015-3455 CWE-20 CWE-20 Low Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4053) CVE-2016-4053 CWE-119 CWE-119 Low Stack Trace Disclosure (Apache MyFaces) CWE-209 CWE-209 Low Stack Trace Disclosure (ASP.NET) CWE-209 CWE-209 Low Stack Trace Disclosure (CakePHP) CWE-209 CWE-209 Low Stack Trace Disclosure (CherryPy) CWE-209 CWE-209 Low Stack Trace Disclosure (Grails) CWE-209 CWE-209 Low Stack Trace Disclosure (GWT) CWE-209 CWE-209 Low Stack Trace Disclosure (NodeJS) CWE-209 CWE-209 Low Stack Trace Disclosure (Ruby-Sinatra Framework) CWE-209 CWE-209 Low Stack Trace Disclosure (Tomcat) CWE-209 CWE-209 Low Symfony debug mode enabled CWE-200 CWE-200 Low Symfony ESI (Edge-Side Includes) enabled CWE-16 CWE-16 Low TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4238) CVE-2012-4238 CWE-707 CWE-707 Low Tomcat status page CWE-200 CWE-200 Low TRACE/TRACK Method Detected CWE-489 CWE-489 Low TRACK method is enabled CWE-489 CWE-489 Low Typo3 debug mode enabled CWE-200 CWE-200 Low TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-3529) CVE-2012-3529 CWE-200 CWE-200 Low 1...8910 9 / 10
