Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Sensitive Information Disclosure Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Active Mixed Content over HTTPS CWE-284 CWE-284 Medium ASP.NET: Failure To Require SSL For Authentication Cookies CWE-319 CWE-319 Medium Basic authentication over HTTP CWE-522 CWE-522 High Insecure HTTP Usage CWE-16 CWE-16 Medium Insecure transition from HTTPS to HTTP in form post CWE-200 CWE-200 Low Insecure transition from HTTP to HTTPS in form post CWE-200 CWE-200 Medium Passive Mixed Content over HTTPS CWE-284 CWE-284 Low Password transmitted over HTTP CWE-523 CWE-523 Medium SSL/TLS Not Implemented CWE-319 CWE-319 Medium
