Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Amazon S3 publicly writable bucket CWE-264 CWE-264 High Arbitrary File Creation CWE-20 CWE-20 High Arbitrary File Deletion CWE-20 CWE-20 High ColdFusion 8 FCKEditor file upload vulnerability CVE-2009-2265 CWE-22 CWE-22 High Cross-site Scripting via File Upload CWE-79 CWE-79 High Dragonfly Arbitrary File Read/Write (CVE-2021-33564) CVE-2021-33564 CWE-20 CWE-20 High FCKeditor arbitrary file upload CVE-2009-2265 CWE-22 CWE-22 Medium File creation via HTTP method PUT CWE-669 CWE-669 High File upload XSS (Java applet) CWE-79 CWE-79 High Fortinet FortiNAC RCE via arbitrary file upload CVE-2022-39952 CWE-610 CWE-610 High JIRA Security Advisory 2013-02-21 CWE-22 CWE-22 High Joomla! JCE arbitrary file upload CWE-20 CWE-20 High jQuery File Upload unauthenticated arbitrary file upload CVE-2018-9206 CWE-434 CWE-434 High Lucee Server Arbitrary File Creation CVE-2021-21307 CWE-22 CWE-22 High Multiple vulnerabilities reported in Parallels Plesk Sitebuilder CWE-94 CWE-94 High Nginx PHP code execution via FastCGI CWE-94 CWE-94 High OpenX arbitrary file upload CVE-2009-4140 CWE-434 CWE-434 High Oracle E-Business Suite Unauthenticated Remote Code Execution CVE-2022-21587 CWE-94 CWE-94 High PHP unspecified remote arbitrary file upload vulnerability CVE-2004-0959 CWE-20 CWE-20 Medium Telerik Web UI Insecure Direct Object Reference CVE-2017-11357 CWE-78 CWE-78 High Telerik Web UI Unrestricted File Upload (CVE-2014-2217) CVE-2014-2217 CWE-78 CWE-78 High Telerik Web UI Unrestricted File Upload (CVE-2017-11317) CVE-2017-11317 CWE-78 CWE-78 High Unrestricted File Upload CWE-434 CWE-434 High Unrestricted file upload vulnerability in ofc_upload_image.php CVE-2009-4140 CWE-434 CWE-434 High Uploadify arbitrary file upload CWE-434 CWE-434 High webadmin.php script CWE-552 CWE-552 High WebDAV Directory Has Write Permissions CWE-264 CWE-264 High WordPress OptimizePress unrestricted file upload CVE-2013-7102 CWE-20 CWE-20 High WordPress pingback scanner CVE-2013-0235 CWE-918 CWE-918 Medium WordPress plugin WPtouch insecure nonce generation CWE-287 CWE-287 High
