Information Disclosure - Vulnerabilities

Vulnerability Name	CVE CWE	CWE	Severity
Apache Axis2 web services enumeration	CWE-200	CWE-200	Low
Apache mod_negotiation filename bruteforcing	CWE-538	CWE-538	Low
Apache Solr endpoint	CWE-200	CWE-200	Low
Apache stronghold-info enabled	CWE-200	CWE-200	Low
Apache stronghold-status enabled	CWE-200	CWE-200	Low
Arbitrary File Read on Nuxt.js Development Server	CWE-200	CWE-200	Low
ASP.NET debugging enabled	CWE-11	CWE-11	Low
ASP.NET path disclosure	CWE-200	CWE-200	Low
Atlassian Jira Manage Filters information disclosure	CWE-200	CWE-200	Low
ColdFusion path disclosures	CWE-200	CWE-200	Low
Composer installed.json publicly accessible	CWE-200	CWE-200	Low
Documentation files	CWE-538	CWE-538	Low
Envoy Metadata disclosure	CWE-200	CWE-200	Low
Error messages	CWE-209	CWE-209	Low
Error page path disclosure	CWE-200	CWE-200	Low
F5 BIG-IP Cookie Information Disclosure	CWE-200	CWE-200	Low
FrontPage Identified	CWE-16	CWE-16	Low
Gitlab user disclosure	CWE-200	CWE-200	Low
HTML Form found in redirect page	CWE-287	CWE-287	Low
IIS Path disclosure	CWE-200	CWE-200	Low
Information Disclosure (Microsoft Office)	CWE-200	CWE-200	Low
Insecure transition from HTTPS to HTTP in form post	CWE-200	CWE-200	Low
Internet Information Server returns IP address in HTTP header (Content-Location)	CWE-200	CWE-200	Low
JBoss web service console	CWE-200	CWE-200	Low
Jenkins open people list	CWE-200	CWE-200	Low
Jenkins user enumeration	CWE-200	CWE-200	Low
Jira Unauthorized User Enumeration via UserPickerBrowser	CWE-200	CWE-200	Low
Joe Editor DEADJOE file	CWE-538	CWE-538	Low
Microsoft IIS Server service.cnf file found	CWE-538	CWE-538	Low
MySQL username disclosure	CWE-538	CWE-538	Low
Nuxt.js Running in Development Mode	CWE-200	CWE-200	Low
OData feed accessible anonymously	CWE-200	CWE-200	Low
Oracle Reports Services RWServlet environment variables disclosure	CWE-200	CWE-200	Low
PHP display_errors Is Enabled	CWE-209	CWE-209	Low
Possible sensitive directories	CWE-200	CWE-200	Low
Possible sensitive files	CWE-200	CWE-200	Low
Possible SQL Statement in comment	CWE-200	CWE-200	Low
Possible username or password disclosure	CWE-200	CWE-200	Low
Possible virtual host found	CWE-200	CWE-200	Low
Programming Error Messages	CWE-209	CWE-209	Low
Sensitive pages could be cached	CWE-200	CWE-200	Low
Session ID in URL	CWE-200	CWE-200	Low
Snoop Servlet information disclosure	CWE-200	CWE-200	Low
Stack Trace Disclosure (Apache MyFaces)	CWE-209	CWE-209	Low
Stack Trace Disclosure (ASP.NET)	CWE-209	CWE-209	Low
Stack Trace Disclosure (CakePHP)	CWE-209	CWE-209	Low
Stack Trace Disclosure (CherryPy)	CWE-209	CWE-209	Low
Stack Trace Disclosure (Grails)	CWE-209	CWE-209	Low
Stack Trace Disclosure (GWT)	CWE-209	CWE-209	Low
Stack Trace Disclosure (NodeJS)	CWE-209	CWE-209	Low
Stack Trace Disclosure (Ruby-Sinatra Framework)	CWE-209	CWE-209	Low
Stack Trace Disclosure (Tomcat)	CWE-209	CWE-209	Low
Symfony debug mode enabled	CWE-200	CWE-200	Low
Tomcat status page	CWE-200	CWE-200	Low
TRACE/TRACK Method Detected	CWE-489	CWE-489	Low
Typo3 debug mode enabled	CWE-200	CWE-200	Low
Typo3 sensitive files	CWE-200	CWE-200	Low
Unrestricted access to a monitoring system	CWE-200	CWE-200	Low
Unrestricted access to NGINX+ Status module	CWE-200	CWE-200	Low
Unrestricted access to Prometheus	CWE-200	CWE-200	Low
Unrestricted access to Prometheus Metrics	CWE-200	CWE-200	Low
Version Disclosure (ASP.NET)	CWE-200	CWE-200	Low
Version Disclosure (ASP.NET MVC)	CWE-200	CWE-200	Low
Version Disclosure (PHP)			Low
Whoops error handler component detected	CWE-200	CWE-200	Low
WordPress full path disclosure	CWE-200	CWE-200	Low
WordPress REST API User Enumeration	CWE-200	CWE-200	Low
[Possible] Internal IP Address Disclosure	CWE-200	CWE-200	Low