Severity High Medium Low Informational Vulnerability Categories 200 Abuse Of Functionality Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF Code Execution Configuration Crlf Injection Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities Ldap Injection Malware Missing Update Needless Service Network Alert Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Apache Struts 2 ClassLoader manipulation and denial of service CVE-2014-0112 CVE-2014-0113 CVE-2014-0114 CWE-701 CWE-701 High Apache Struts 2 ClassLoader manipulation and denial of service (S2-020) CVE-2014-0094 CVE-2014-0050 CWE-701 CWE-701 High Apache Tomcat version older than 6.0.35 CVE-2011-3190 CVE-2011-3375 CVE-2012-0022 CWE-264 CWE-264 High Apache Tomcat version older than 6.0.36 CVE-2012-2733 CVE-2012-3439 CVE-2012-3546 CVE-2012-4431 CVE-2012-4534 CWE-20 CWE-20 High Apache Tomcat version older than 7.0.23 CVE-2012-0022 CWE-189 CWE-189 High Apache Tomcat version older than 7.0.28 CVE-2012-2733 CVE-2012-4534 CWE-20 CWE-20 High Cisco Adaptive Security Appliance (ASA) Path Traversal CVE-2018-0296 CWE-22 CWE-22 High Drupal Core 4.6.x Denial of Service (4.6.0 - 4.6.10) CVE-2007-0124 CWE-400 CWE-400 High Drupal Core 4.7.x Denial of Service (4.7.0 - 4.7.4) CVE-2007-0124 CWE-400 CWE-400 High Drupal Core 6.x Denial of Service (6.0 - 6.32) CVE-2014-5265 CVE-2014-5266 CVE-2014-5267 CWE-400 CWE-400 High Drupal Core 7.x Denial of Service (7.0 - 7.19) CVE-2013-0316 CWE-400 CWE-400 High Drupal Core 7.x Denial of Service (7.0 - 7.30) CVE-2014-5265 CVE-2014-5266 CVE-2014-5267 CWE-400 CWE-400 High Drupal Core 8.7.x Denial of Service (8.7.0 - 8.7.10) CWE-400 CWE-400 High Drupal Core 8.8.0 Denial of Service (8.8.0 - 8.8.0) CWE-400 CWE-400 High Drupal Core 8.x.x Denial of Service (8.0.0 - 8.6.18) CWE-400 CWE-400 High Edge Side Include injection CWE-918 CWE-918 High Joomla! Core 2.5.x Denial of Service (2.5.0 - 2.5.9) CVE-2013-3242 CWE-400 CWE-400 High Joomla! Core 2.5.x Denial of Service (2.5.4 - 2.5.25) CVE-2014-7229 CWE-400 CWE-400 High Joomla! Core 3.0.x Denial of Service (3.0.0 - 3.0.3) CVE-2013-3242 CWE-400 CWE-400 High Joomla! Core 3.3.x Denial of Service (3.3.0 - 3.3.4) CVE-2014-7229 CWE-400 CWE-400 High Joomla! Core 3.x.x Denial of Service (3.0.0 - 3.2.5) CVE-2014-7229 CWE-400 CWE-400 High Long password denial of service CWE-400 CWE-400 High PHP-CGI remote code execution CVE-2012-1823 CVE-2012-2311 CWE-20 CWE-20 High PHP Hash Collision denial of service vulnerability CVE-2011-4885 CWE-20 CWE-20 High PHP HTML entity encoder heap overflow vulnerability CVE-2006-5465 CWE-119 CWE-119 High WordPress 2.0.1 Denial of Service Vulnerability (0.6.2 - 2.0.1) CWE-400 CWE-400 High WordPress 2.8.4 Denial of Service Vulnerability (0.6.2 - 2.8.4) CVE-2009-3622 CWE-310 CWE-310 High WordPress 3.7.x Denial of Service Vulnerability (3.7 - 3.7.25) CVE-2018-6389 CWE-400 CWE-400 High WordPress 3.8.x Denial of Service Vulnerability (3.8 - 3.8.25) CVE-2018-6389 CWE-400 CWE-400 High WordPress 3.9.x Denial of Service Vulnerability (3.9 - 3.9.23) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.0.x Denial of Service Vulnerability (4.0 - 4.0.22) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.1.x Denial of Service Vulnerability (4.1 - 4.1.22) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.2.x Denial of Service Vulnerability (4.2 - 4.2.19) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.3.x Denial of Service Vulnerability (4.3 - 4.3.15) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.4.x Denial of Service Vulnerability (4.4 - 4.4.14) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.5.x Denial of Service Vulnerability (4.5 - 4.5.13) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.6.x Denial of Service Vulnerability (4.6 - 4.6.10) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.7.x Denial of Service Vulnerability (4.7 - 4.7.9) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.8.x Denial of Service Vulnerability (4.8 - 4.8.5) CVE-2018-6389 CWE-400 CWE-400 High WordPress 4.9.x Denial of Service Vulnerability (4.9 - 4.9.4) CVE-2018-6389 CWE-400 CWE-400 High WordPress Denial of Service Vulnerability (0.70 - 3.6.1) CVE-2018-6389 CWE-400 CWE-400 High WordPress Denial of Service Vulnerability (3.5 - 3.6.1) CVE-2014-5265 CWE-399 CWE-399 High WordPress Pingback Source URI Denial of Service and Information Disclosure Vulnerabilities (0.6.2 - 2.1.3) CVE-2007-0540 CWE-200 CWE-400 CWE-200 CWE-400 High WordPress Plugin Cimy User Extra Fields Denial of Service (2.6.3) CWE-400 CWE-400 High WordPress Plugin PS PHPCaptcha WP Denial of Service (1.1.0) CVE-2019-7412 CWE-400 CWE-400 High WordPress Plugin Safe SVG Denial of Service (1.9.4) CVE-2019-18854 CVE-2019-18855 CWE-400 CWE-400 High WordPress Plugin Simple Ads Manager Denial of Service (2.9.3.114) CWE-400 CWE-400 High WordPress Plugin WP Image Zoom Denial of Service (1.23) CWE-400 CWE-400 High XML entity injection CWE-611 CWE-611 High XML external entity injection CWE-611 CWE-611 High XML external entity injection and XML injection CWE-611 CWE-611 High XML external entity injection via external file CWE-611 CWE-611 High XML external entity injection via File Upload CWE-611 CWE-611 High XML quadratic blowup denial of service attack CWE-400 CWE-400 High
