Severity High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Arbitrary file creation CWE-20 CWE-20 High Arbitrary file deletion CWE-20 CWE-20 High ColdFusion 8 FCKEditor file upload vulnerability CVE-2009-2265 CWE-22 CWE-22 High FCKeditor arbitrary file upload CVE-2009-2265 CWE-22 CWE-22 Medium File creation via HTTP method PUT CWE-669 CWE-669 High File upload XSS CWE-79 CWE-79 High File upload XSS (Java applet) CWE-79 CWE-79 High Joomla! JCE arbitrary file upload CWE-20 CWE-20 High Lucee Server Arbitrary File Creation CWE-22 CWE-22 High Multiple vulnerabilities reported in Parallels Plesk Sitebuilder CWE-94 CWE-94 High Nginx PHP code execution via FastCGI CWE-94 CWE-94 High OpenX arbitrary file upload CVE-2009-4140 CWE-434 CWE-434 High Unrestricted file upload CWE-434 CWE-434 High Unrestricted file upload vulnerability in ofc_upload_image.php CVE-2009-4140 CWE-434 CWE-434 High Uploadify arbitrary file upload CWE-434 CWE-434 High WordPress OptimizePress unrestricted file upload CVE-2013-7102 CWE-20 CWE-20 High WordPress plugin WPtouch insecure nonce generation CWE-287 CWE-287 High