Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Sensitive Information Disclosure Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Xss - Known Vulnerabilities Vulnerability Name CVE CWE CWE Severity Undertow Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-7816) CVE-2014-7816 CWE-22 CWE-22 Medium Undertow Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') Vulnerability (CVE-2018-1067) CVE-2018-1067 CWE-113 CWE-113 Medium Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-7559) CVE-2017-7559 CWE-444 CWE-444 Medium Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-10687) CVE-2020-10687 CWE-444 CWE-444 Medium Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-10719) CVE-2020-10719 CWE-444 CWE-444 Medium Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2021-20220) CVE-2021-20220 CWE-444 CWE-444 Medium Undertow Incorrect Authorization Vulnerability (CVE-2017-12196) CVE-2017-12196 CWE-863 CWE-863 Medium Unicode Transformation (Best-Fit Mapping) CWE-176 CWE-176 Medium Unprotected Apache NiFi API interface CWE-287 CWE-287 Medium Unprotected JSON file leaking secrets CWE-200 CWE-200 Medium Unprotected Kong Gateway Admin API interface CWE-287 CWE-287 Medium Unrestricted access to AnythingLLM API CVE-2024-6842 CWE-200 CWE-200 Medium Unrestricted access to MLflow CWE-200 CWE-200 Medium Unrestricted access to NGINX+ API interface (read only) CWE-200 CWE-200 Medium Unrestricted access to NGINX+ Dashboard CWE-200 CWE-200 Medium Unrestricted access to NGINX+ Upstream HTTP interface CWE-200 CWE-200 Medium Unsafe value for session tracking in WEB-INF/web.xml CWE-16 CWE-16 Medium URL rewrite vulnerability CVE-2018-14773 CWE-436 CWE-436 Medium User-controlled form action CWE-20 CWE-20 Medium User controllable charset CWE-20 CWE-20 Medium User controllable tag parameter CWE-79 CWE-79 Medium User controllable tag parameter (DOM-based) CWE-79 CWE-79 Medium Vanilla Forums Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2018-15833) CVE-2018-15833 CWE-639 CWE-639 Medium Vanilla Forums Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3812) CVE-2011-3812 CWE-200 CWE-200 Medium Vanilla Forums Improper Input Validation Vulnerability (CVE-2011-0908) CVE-2011-0908 CWE-20 CWE-20 Medium Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0526) CVE-2011-0526 CWE-707 CWE-707 Medium Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0909) CVE-2011-0909 CWE-707 CWE-707 Medium Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1009) CVE-2011-1009 CWE-707 CWE-707 Medium Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9685) CVE-2014-9685 CWE-707 CWE-707 Medium Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17571) CVE-2018-17571 CWE-707 CWE-707 Medium Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8279) CVE-2019-8279 CWE-707 CWE-707 Medium Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-8825) CVE-2020-8825 CWE-707 CWE-707 Medium Vanilla Forums Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-16410) CVE-2018-16410 CWE-138 CWE-138 Medium Vanilla Forums Other Vulnerability (CVE-2011-0910) CVE-2011-0910 Medium Varnish Cache Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2013-4484) CVE-2013-4484 CWE-119 CWE-119 Medium Verb tampering via misconfigured security constraint CWE-16 CWE-16 Medium VideoJS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-23414) CVE-2021-23414 CWE-707 CWE-707 Medium ViewState MAC Disabled CWE-642 CWE-642 Medium ViewStateMac is Not Enabled CWE-16 CWE-16 Medium Virtual host directory listing CWE-538 CWE-538 Medium Vulnerable JavaScript libraries CWE-937 CWE-937 Medium Vulnerable package dependencies [medium] CWE-1104 CWE-1104 Medium W3 total cache debug mode CWE-489 CWE-489 Medium Web2py weak secret key CWE-693 CWE-693 Medium Webalizer script CWE-538 CWE-538 Medium Web Cache Poisoning DoS CWE-400 CWE-400 Medium Web Cache Poisoning DoS (for javascript) CWE-400 CWE-400 Medium Web Cache Poisoning DoS through HTTP/2 headers CWE-400 CWE-400 Medium WebDAV directory listing CWE-538 CWE-538 Medium WebERP Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2018-20420) CVE-2018-20420 CWE-732 CWE-732 Medium WebERP Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2020-22474) CVE-2020-22474 CWE-732 CWE-732 Medium WeBid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3815) CVE-2011-3815 CWE-200 CWE-200 Medium WeBid Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5101) CVE-2014-5101 CWE-707 CWE-707 Medium WeBid Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1000868) CVE-2018-1000868 CWE-707 CWE-707 Medium WeBid Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11592) CVE-2019-11592 CWE-707 CWE-707 Medium WeBid Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-7117) CVE-2008-7117 CWE-264 CWE-264 Medium WeBid Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-7118) CVE-2008-7118 CWE-264 CWE-264 Medium WebLogic Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2018-10237) CVE-2018-10237 CWE-770 CWE-770 Medium WebLogic Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-5397) CVE-2020-5397 CWE-352 CWE-352 Medium WebLogic CVE-2008-2578 Vulnerability (CVE-2008-2578) CVE-2008-2578 Medium WebLogic CVE-2010-2375 Vulnerability (CVE-2010-2375) CVE-2010-2375 Medium WebLogic CVE-2010-4453 Vulnerability (CVE-2010-4453) CVE-2010-4453 Medium WebLogic CVE-2016-0675 Vulnerability (CVE-2016-0675) CVE-2016-0675 Medium WebLogic CVE-2016-0696 Vulnerability (CVE-2016-0696) CVE-2016-0696 Medium WebLogic CVE-2016-0700 Vulnerability (CVE-2016-0700) CVE-2016-0700 Medium WebLogic CVE-2016-3416 Vulnerability (CVE-2016-3416) CVE-2016-3416 Medium WebLogic CVE-2016-3445 Vulnerability (CVE-2016-3445) CVE-2016-3445 Medium WebLogic CVE-2016-5488 Vulnerability (CVE-2016-5488) CVE-2016-5488 Medium WebLogic CVE-2017-10063 Vulnerability (CVE-2017-10063) CVE-2017-10063 Medium WebLogic CVE-2017-10123 Vulnerability (CVE-2017-10123) CVE-2017-10123 Medium WebLogic CVE-2017-10148 Vulnerability (CVE-2017-10148) CVE-2017-10148 Medium WebLogic CVE-2017-10178 Vulnerability (CVE-2017-10178) CVE-2017-10178 Medium WebLogic CVE-2017-10336 Vulnerability (CVE-2017-10336) CVE-2017-10336 Medium WebLogic CVE-2018-1257 Vulnerability (CVE-2018-1257) CVE-2018-1257 Medium WebLogic CVE-2018-1313 Vulnerability (CVE-2018-1313) CVE-2018-1313 Medium 1...99100101102...109 100 / 109
