Severity High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Apache 2.x version older than 2.0.48 CVE-2003-0542 CVE-2003-0789 CWE-119 CWE-119 Medium Apache 2.x version older than 2.0.49 CVE-2003-0020 CVE-2004-0113 CVE-2004-0174 CWE-20 CWE-20 Medium Apache 2.x version older than 2.0.61 CVE-2006-5752 CVE-2007-1863 CVE-2007-3304 CVE-2007-3847 CWE-701 CWE-701 Medium Apache 2.x version older than 2.2.6 CVE-2006-5752 CVE-2007-1862 CVE-2007-1863 CVE-2007-3304 CVE-2007-3847 CWE-20 CWE-20 Medium Apache 2.x version older than 2.2.8 CVE-2007-5000 CVE-2007-6388 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 CWE-79 CWE-79 Medium Apache 2.x version older than 2.2.9 CVE-2007-6420 CVE-2008-2364 CWE-399 CWE-399 Medium Apache balancer-manager application publicly accessible CWE-200 CWE-200 Medium Apache httpd remote denial of service CVE-2011-3192 CWE-399 CWE-399 Medium Apache mod_jk access control bypass CVE-2018-11759 CWE-918 CWE-918 Medium Apache Struts 2 ClassLoader manipulation and denial of service CVE-2014-0112 CVE-2014-0113 CVE-2014-0114 CWE-701 CWE-701 High Apache Struts 2 ClassLoader manipulation and denial of service (S2-020) CVE-2014-0094 CVE-2014-0050 CWE-701 CWE-701 High Apache Tomcat version older than 6.0.35 CVE-2011-3190 CVE-2011-3375 CVE-2012-0022 CWE-264 CWE-264 High Apache Tomcat version older than 6.0.36 CVE-2012-2733 CVE-2012-3439 CVE-2012-3546 CVE-2012-4431 CVE-2012-4534 CWE-20 CWE-20 High Apache Tomcat version older than 7.0.23 CVE-2012-0022 CWE-189 CWE-189 High Apache Tomcat version older than 7.0.28 CVE-2012-2733 CVE-2012-4534 CWE-20 CWE-20 High Apache version older than 1.3.39 CVE-2006-5752 CVE-2007-3304 CWE-79 CWE-79 Medium Cisco Adaptive Security Appliance (ASA) Path Traversal (CVE-2018-0296) CVE-2018-0296 CWE-22 CWE-22 High Drupal Core 4.6.x Denial of Service (4.6.0 - 4.6.10) CVE-2007-0124 CWE-400 CWE-400 High Drupal Core 4.7.x Denial of Service (4.7.0 - 4.7.4) CVE-2007-0124 CWE-400 CWE-400 High Drupal Core 6.x Denial of Service (6.0 - 6.32) CVE-2014-5265 CVE-2014-5266 CVE-2014-5267 CWE-400 CWE-400 High Drupal Core 7.x Denial of Service (7.0 - 7.19) CVE-2013-0316 CWE-400 CWE-400 High Drupal Core 7.x Denial of Service (7.0 - 7.30) CVE-2014-5265 CVE-2014-5266 CVE-2014-5267 CWE-400 CWE-400 High Drupal Core 8.7.x Denial of Service (8.7.0 - 8.7.10) CWE-400 CWE-400 High Drupal Core 8.8.0 Denial of Service (8.8.0 - 8.8.0) CWE-400 CWE-400 High Drupal Core 8.x.x Denial of Service (8.0.0 - 8.6.18) CWE-400 CWE-400 High Edge Side Include injection CWE-918 CWE-918 High GraphQL Alias Overloading Allowed: Potential Denial of Service Vulnerability CWE-400 CWE-400 Medium GraphQL Array-based Query Batching Allowed: Potential Batching Attack Vulnerability CWE-770 CWE-770 Medium GraphQL Circular-Query via Introspection Allowed: Potential DoS Vulnerability CWE-400 CWE-400 Medium Joomla! Core 2.5.x Denial of Service (2.5.0 - 2.5.9) CVE-2013-3242 CWE-400 CWE-400 High Joomla! Core 2.5.x Denial of Service (2.5.4 - 2.5.25) CVE-2014-7229 CWE-400 CWE-400 High Joomla! Core 3.0.x Denial of Service (3.0.0 - 3.0.3) CVE-2013-3242 CWE-400 CWE-400 High Joomla! Core 3.3.x Denial of Service (3.3.0 - 3.3.4) CVE-2014-7229 CWE-400 CWE-400 High Joomla! Core 3.x.x Denial of Service (3.0.0 - 3.2.5) CVE-2014-7229 CWE-400 CWE-400 High Joomla! Core Denial of Service (2.5.0 - 3.9.27) CVE-2021-26036 CWE-400 CWE-400 High Long password denial of service CWE-400 CWE-400 High Node.js Web Application does not handle uncaughtException CWE-248 CWE-248 Medium Node.js Web Application does not handle unhandledRejection CWE-248 CWE-248 Medium PHP-CGI remote code execution CVE-2012-1823 CVE-2012-2311 CWE-20 CWE-20 High PHP curl_exec() url is controlled by user CVE-2009-0037 CWE-352 CWE-352 Medium PHP hangs on parsing particular strings as floating point number CVE-2010-4645 CWE-189 CWE-189 Medium PHP Hash Collision denial of service vulnerability CVE-2011-4885 CWE-20 CWE-20 High PHP HTML entity encoder heap overflow vulnerability CVE-2006-5465 CWE-119 CWE-119 High PHP HTTP POST incorrect MIME header parsing vulnerability CVE-2002-0717 CWE-20 CWE-20 Medium PHP multipart/form-data denial of service CVE-2009-4017 CWE-400 CWE-400 Medium PHP preg_replace used on user input CWE-20 CWE-20 Medium PHP unserialize() used on user input CWE-20 CWE-20 Medium WordPress 2.0.1 Denial of Service Vulnerability (0.6.2 - 2.0.1) CWE-400 CWE-400 High WordPress 2.8.4 Denial of Service Vulnerability (0.6.2 - 2.8.4) CVE-2009-3622 CWE-310 CWE-310 High WordPress 3.7.x Denial of Service Vulnerability (3.7 - 3.7.25) CVE-2018-6389 CWE-400 CWE-400 High WordPress 3.8.x Denial of Service Vulnerability (3.8 - 3.8.25) CVE-2018-6389 CWE-400 CWE-400 High WordPress 3.9.x Denial of Service Vulnerability (3.9 - 3.9.23) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.0.x Denial of Service Vulnerability (4.0 - 4.0.22) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.1.x Denial of Service Vulnerability (4.1 - 4.1.22) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.2.x Denial of Service Vulnerability (4.2 - 4.2.19) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.3.x Denial of Service Vulnerability (4.3 - 4.3.15) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.4.x Denial of Service Vulnerability (4.4 - 4.4.14) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.5.x Denial of Service Vulnerability (4.5 - 4.5.13) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.6.x Denial of Service Vulnerability (4.6 - 4.6.10) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.7.x Denial of Service Vulnerability (4.7 - 4.7.9) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.8.x Denial of Service Vulnerability (4.8 - 4.8.5) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.9.x Denial of Service Vulnerability (4.9 - 4.9.4) CVE-2018-6389 CWE-400 CWE-400 High WordPress Denial of Service Vulnerability (0.70 - 3.6.1) CVE-2018-6389 CWE-400 CWE-400 High WordPress Denial of Service Vulnerability (3.5 - 3.6.1) CVE-2014-5265 CWE-399 CWE-399 High WordPress Pingback Source URI Denial of Service and Information Disclosure Vulnerabilities (0.6.2 - 2.1.3) CVE-2007-0540 CWE-200 CWE-400 CWE-200 CWE-400 High WordPress Plugin Authenticator Denial of Service (1.3.0) CVE-2022-3994 CWE-400 CWE-400 High WordPress Plugin Cimy User Extra Fields Denial of Service (2.6.3) CWE-400 CWE-400 High WordPress Plugin EWWW Image Optimizer Denial of Service (6.0.1) CVE-2020-29384 CWE-400 CWE-400 High WordPress Plugin PS PHPCaptcha WP Denial of Service (1.1.0) CVE-2019-7412 CWE-400 CWE-400 High WordPress Plugin Reviews Plus Denial of Service (1.2.13) CVE-2021-24894 CWE-400 CWE-400 High WordPress Plugin Safe SVG Denial of Service (1.9.4) CVE-2019-18854 CVE-2019-18855 CWE-400 CWE-400 High WordPress Plugin Simple Ads Manager Denial of Service (2.9.3.114) CWE-400 CWE-400 High WordPress Plugin WPGraphQL Denial of Service (1.3.5) CVE-2021-31157 CWE-400 CWE-400 High WordPress Plugin WP Image Zoom Denial of Service (1.23) CWE-400 CWE-400 High XML entity injection CWE-611 CWE-611 High XML external entity injection CWE-611 CWE-611 High XML external entity injection (variant) CWE-611 CWE-611 High XML external entity injection and XML injection CWE-611 CWE-611 High XML external entity injection via external file CWE-611 CWE-611 High XML external entity injection via File Upload CWE-611 CWE-611 High XML quadratic blowup denial of service attack CWE-400 CWE-400 High
