Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Sensitive Information Disclosure Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Apache 2.x version equal to 2.0.51 CVE-2004-0811 CWE-264 CWE-264 Medium Apache Airflow Exposed configuration CWE-200 CWE-200 Medium Apache APISIX default token (CVE-2020-13945/CVE-2022-24112) CVE-2020-13945 CVE-2022-24112 CWE-259 CWE-259 Medium Apache balancer-manager application publicly accessible CWE-200 CWE-200 Medium Typo3 Install Tool publicly accessible CWE-200 CWE-200 Medium Unauthorized Access to a web app installer CWE-200 CWE-200 Medium Unprotected Apache NiFi API interface CWE-287 CWE-287 Medium Unprotected Kong Gateway Admin API interface CWE-287 CWE-287 Medium