Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Citrix Gateway Open Redirect And XSS Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Apache Axis2 administration console weak password CWE-200 CWE-200 High Apache Tapestry weak secret key CWE-693 CWE-693 High Application is Vulnerable to the JWT Alg None Attack CWE-345 CWE-345 High BottlePy weak secret key CWE-693 CWE-693 High Cookie signed with weak secret key CWE-693 CWE-693 Medium Devise weak password CWE-200 CWE-200 High Django weak secret key CWE-693 CWE-693 Medium Express cookie-session weak secret key CWE-693 CWE-693 Medium Express express-session weak secret key CWE-693 CWE-693 Informational Flask weak secret key CWE-693 CWE-693 Medium GlassFish admin console weak credentials CWE-693 CWE-693 High IBM WebSphere administration console weak password CWE-200 CWE-200 High Jenkins weak password CWE-200 CWE-200 High Jira Projects accessible anonymously CWE-200 CWE-200 Low Laravel framework weak secret key CWE-693 CWE-693 Medium Mojolicious weak secret key CWE-693 CWE-693 Medium Oracle PeopleSoft SSO weak secret key CWE-693 CWE-693 High phpLiteAdmin default password CWE-200 CWE-200 High Play framework weak secret key CWE-693 CWE-693 Medium PrimeFaces 5.x Expression Language injection CVE-2017-1000486 High Pyramid framework weak secret key CWE-693 CWE-693 Medium Ruby framework weak secret key CWE-693 CWE-693 High Ruby on Rails weak/known secret token CVE-2013-0156 CWE-200 CWE-200 High SAP weak/predictable user credentials CWE-200 CWE-200 High SonarQube default credentials CWE-798 CWE-798 High Symfony RCE via weak/predictable APP_SECRET CWE-94 CWE-94 High Symfony weak application secret CWE-94 CWE-94 High Tornado weak secret key CWE-693 CWE-693 Medium Unrestricted access to Haproxy Data Plane API CWE-200 CWE-200 High Weak password CWE-200 CWE-200 High Weak Secret is Used to Sign JWT CWE-345 CWE-345 Critical Weak WordPress security key CWE-16 CWE-16 High Web2py weak secret key CWE-693 CWE-693 Medium Web application default/weak credentials CWE-200 CWE-200 High WebLogic admin console weak credentials CWE-693 CWE-693 High Webmail weak password CWE-200 CWE-200 High Yii2 weak secret key CWE-693 CWE-693 Medium
