Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Citrix Gateway Open Redirect And XSS Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Apache Axis2 web services enumeration CWE-200 CWE-200 Low Apache mod_negotiation filename bruteforcing CWE-538 CWE-538 Low Apache Solr endpoint CWE-200 CWE-200 Low Apache stronghold-info enabled CWE-200 CWE-200 Low Apache stronghold-status enabled CWE-200 CWE-200 Low Arbitrary File Read on Nuxt.js Development Server CWE-200 CWE-200 Low ASP.NET debugging enabled CWE-11 CWE-11 Low ASP.NET path disclosure CWE-200 CWE-200 Low Atlassian Jira Manage Filters information disclosure CWE-200 CWE-200 Low ColdFusion path disclosures CWE-200 CWE-200 Low Composer installed.json publicly accessible CWE-200 CWE-200 Low Documentation files CWE-538 CWE-538 Low Envoy Metadata disclosure CWE-200 CWE-200 Low Error messages CWE-209 CWE-209 Low Error page path disclosure CWE-200 CWE-200 Low F5 BIG-IP Cookie Information Disclosure CWE-200 CWE-200 Low FrontPage Identified CWE-16 CWE-16 Low Gitlab user disclosure CWE-200 CWE-200 Low HTML Form found in redirect page CWE-287 CWE-287 Low IIS Path disclosure CWE-200 CWE-200 Low Information Disclosure (Microsoft Office) CWE-200 CWE-200 Low Insecure transition from HTTPS to HTTP in form post CWE-200 CWE-200 Low Internet Information Server returns IP address in HTTP header (Content-Location) CWE-200 CWE-200 Low JBoss web service console CWE-200 CWE-200 Low Jenkins open people list CWE-200 CWE-200 Low Jenkins user enumeration CWE-200 CWE-200 Low Jira Unauthorized User Enumeration via UserPickerBrowser CWE-200 CWE-200 Low Joe Editor DEADJOE file CWE-538 CWE-538 Low Microsoft IIS Server service.cnf file found CWE-538 CWE-538 Low MySQL username disclosure CWE-538 CWE-538 Low Nuxt.js Running in Development Mode CWE-200 CWE-200 Low OData feed accessible anonymously CWE-200 CWE-200 Low Oracle Reports Services RWServlet environment variables disclosure CWE-200 CWE-200 Low PHP display_errors Is Enabled CWE-209 CWE-209 Low Possible sensitive directories CWE-200 CWE-200 Low Possible sensitive files CWE-200 CWE-200 Low Possible SQL Statement in comment CWE-200 CWE-200 Low Possible username or password disclosure CWE-200 CWE-200 Low Possible virtual host found CWE-200 CWE-200 Low Programming Error Messages CWE-209 CWE-209 Low Sensitive pages could be cached CWE-200 CWE-200 Low Session ID in URL CWE-200 CWE-200 Low Snoop Servlet information disclosure CWE-200 CWE-200 Low Stack Trace Disclosure (Apache MyFaces) CWE-209 CWE-209 Low Stack Trace Disclosure (ASP.NET) CWE-209 CWE-209 Low Stack Trace Disclosure (CakePHP) CWE-209 CWE-209 Low Stack Trace Disclosure (CherryPy) CWE-209 CWE-209 Low Stack Trace Disclosure (Grails) CWE-209 CWE-209 Low Stack Trace Disclosure (GWT) CWE-209 CWE-209 Low Stack Trace Disclosure (NodeJS) CWE-209 CWE-209 Low Stack Trace Disclosure (Ruby-Sinatra Framework) CWE-209 CWE-209 Low Stack Trace Disclosure (Tomcat) CWE-209 CWE-209 Low Symfony debug mode enabled CWE-200 CWE-200 Low Tomcat status page CWE-200 CWE-200 Low TRACE/TRACK Method Detected CWE-489 CWE-489 Low Typo3 debug mode enabled CWE-200 CWE-200 Low Typo3 sensitive files CWE-200 CWE-200 Low Unrestricted access to a monitoring system CWE-200 CWE-200 Low Unrestricted access to NGINX+ Status module CWE-200 CWE-200 Low Unrestricted access to Prometheus CWE-200 CWE-200 Low Unrestricted access to Prometheus Metrics CWE-200 CWE-200 Low Version Disclosure (ASP.NET) CWE-200 CWE-200 Low Version Disclosure (ASP.NET MVC) CWE-200 CWE-200 Low Version Disclosure (PHP) Low Whoops error handler component detected CWE-200 CWE-200 Low WordPress full path disclosure CWE-200 CWE-200 Low WordPress REST API User Enumeration CWE-200 CWE-200 Low [Possible] Internal IP Address Disclosure CWE-200 CWE-200 Low