Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Apache Log4j2 JNDI Remote Code Execution (404 page handler) CVE-2021-44228 CWE-78 CWE-78 Critical ASP.NET Core Development Mode enabled CWE-200 CWE-200 Medium ASP.NET CustomErrors Is Disabled CWE-12 CWE-12 Medium ASP.NET error message CWE-12 CWE-12 Low ASP.NET path disclosure CWE-200 CWE-200 Low ASP.NET WCF service include exception details CWE-209 CWE-209 Medium Clockwork PHP dev tool enabled CWE-200 CWE-200 Medium CodeIgniter development mode enabled CWE-200 CWE-489 CWE-200 CWE-489 Medium ColdFusion path disclosures CWE-200 CWE-200 Low ColdFusion Robust Exception enabled CWE-200 CWE-200 Medium Craft CMS Development Mode enabled CWE-200 CWE-200 Medium Custom Error Pages Are Not Configured in WEB-INF/web.xml CWE-209 CWE-209 Medium Django Debug Mode Enabled CWE-200 CWE-200 Medium Elmah.axd / Errorlog.axd Detected CWE-209 CWE-209 High Error page path disclosure CWE-200 CWE-200 Low Error page web server version disclosure CWE-200 CWE-200 Informational Flask debug mode CWE-489 CWE-489 High GraphQL Unhandled Error Leakage CWE-209 CWE-209 Medium Joomla Debug Console enabled CWE-200 CWE-200 Medium Laravel debug mode enabled CWE-200 CWE-200 Medium Lucee Stacktrace Information Disclosure CWE-200 CWE-200 Medium Node.js Running in Development Mode CWE-215 CWE-215 Medium Node.js Web Application does not handle uncaughtException CWE-248 CWE-248 Medium Node.js Web Application does not handle unhandledRejection CWE-248 CWE-248 Medium Padding oracle attack CWE-209 CWE-209 High PHP Console addon enabled CWE-200 CWE-200 Medium PHP Debug Bar enabled CWE-200 CWE-200 Medium PHP display_errors Is Enabled CWE-209 CWE-209 Low PHP errors enabled CWE-209 CWE-209 Medium Programming Error Messages CWE-209 CWE-209 Low Pyramid debug mode CWE-489 CWE-489 Medium Pyramid DebugToolbar enabled CWE-200 CWE-200 Medium RoR Development Mode enabled CWE-200 CWE-200 Medium Spring Boot Whitelabel Error Page SpEL CWE-94 CWE-94 High Stack Trace Disclosure (Apache MyFaces) CWE-209 CWE-209 Low Stack Trace Disclosure (ASP.NET) CWE-209 CWE-209 Low Stack Trace Disclosure (CakePHP) CWE-209 CWE-209 Low Stack Trace Disclosure (CherryPy) CWE-209 CWE-209 Low Stack Trace Disclosure (ColdFusion) CWE-209 CWE-209 Medium Stack Trace Disclosure (Grails) CWE-209 CWE-209 Low Stack Trace Disclosure (GWT) CWE-209 CWE-209 Low Stack Trace Disclosure (Java) CWE-209 CWE-209 Medium Stack Trace Disclosure (Laravel) CWE-209 CWE-209 Medium Stack Trace Disclosure (NodeJS) CWE-209 CWE-209 Low Stack Trace Disclosure (Python) CWE-209 CWE-209 Medium Stack Trace Disclosure (RoR) CWE-209 CWE-209 Medium Stack Trace Disclosure (Ruby-Sinatra Framework) CWE-209 CWE-209 Low Stack Trace Disclosure (Tomcat) CWE-209 CWE-209 Low Symfony debug mode enabled CWE-200 CWE-200 Low Symfony debug mode enabled (Invicti IAST) CWE-489 CWE-489 Medium Symfony running in dev mode CWE-200 CWE-489 CWE-200 CWE-489 Medium Tornado debug mode CWE-489 CWE-489 Medium Tracy debugging tool enabled CWE-200 CWE-200 Medium Typo3 debug mode enabled CWE-200 CWE-200 Low Unrestricted access to ImageResizer Diagnotics plugin CWE-200 CWE-200 Low Whoops error handler component detected CWE-200 CWE-200 Low WordPress debug mode CWE-200 CWE-200 High
