Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Citrix Gateway Open Redirect And XSS Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Apache ActiveMQ default administrative credentials High Apache Airflow default credentials CWE-798 CWE-798 High Apache Geronimo default administrative credentials CWE-693 CWE-693 High Apache Shiro Deserialization RCE CVE-2016-4437 CWE-78 CWE-78 High Apache Tapestry weak secret key CWE-693 CWE-693 High Apache Tomcat insecure default administrative password CWE-284 CWE-284 High BottlePy weak secret key CWE-693 CWE-693 High Oracle Business Intelligence default administrative credentials High Oracle PeopleSoft SSO weak secret key CWE-693 CWE-693 High OSGi Management Console Default Credentials CWE-521 CWE-521 High phpLiteAdmin default password CWE-200 CWE-200 High PrimeFaces 5.x Expression Language injection CVE-2017-1000486 High RethinkDB administrative interface publicly exposed CWE-200 CWE-200 High Ruby framework weak secret key CWE-693 CWE-693 High Ruby on Rails weak/known secret token CVE-2013-0156 CWE-200 CWE-200 High SonarQube default credentials CWE-798 CWE-798 High Unrestricted access to Haproxy Data Plane API CWE-200 CWE-200 High