Vulnerability Name CVE Severity
(Possible) Cross site scripting
.htaccess File Detected
.NET HTTP Remoting publicly exposed
.NET JSON.NET Deserialization RCE
AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20141) CVE-2018-20141
AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42050) CVE-2021-42050
AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42051) CVE-2021-42051
AbanteCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-10755) CVE-2016-10755
AbanteCart Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-26521) CVE-2022-26521
Access-Control-Allow-Origin header with wildcard (*) value
ACME mini_httpd arbitrary file read CVE-2018-18778
Active Mixed Content over HTTPS
Adminer 4.6.2 file disclosure vulnerability
Adminer Server Side Request Forgery (SSRF) CVE-2021-21311
Adobe Coldfusion 8 multiple linked XSS vulnerabilies CVE-2009-1872
Adobe ColdFusion 9 administrative login bypass CVE-2013-0625 CVE-2013-0629 CVE-2013-0631 CVE-2013-0632
Adobe ColdFusion directory traversal CVE-2013-3336
Adobe Experience Manager Information Disclosure via Apache Sling v2.3.6 vulnerability CVE-2016-0956
Adobe Experience Manager Misconfiguration CVE-2016-0957
Adobe Flex 3 DOM-based XSS vulnerability CVE-2008-2640
Agentejo Cockpit CMS resetpassword NoSQLi (CVE-2020-35847) CVE-2020-35847
AjaxControlToolkit directory traversal CVE-2015-4670
AjaxPro.NET Professional Deserialization RCE (CVE-2021-23758)
Akeeba backup access control bypass
Alibaba Nacos Authentication Bypass (CVE-2021-29441)
Amazon S3 public bucket
Amazon S3 publicly writable bucket
Ampache Deserialization of Untrusted Data Vulnerability (CVE-2017-18375) CVE-2017-18375
Ampache Improper Access Control Vulnerability (CVE-2021-21399) CVE-2021-21399
Ampache Improper Authentication Vulnerability (CVE-2007-4438) CVE-2007-4438
Ampache Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-3929) CVE-2008-3929
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12386) CVE-2019-12386
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32644) CVE-2021-32644
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0606) CVE-2023-0606
Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-12385) CVE-2019-12385
Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-15153) CVE-2020-15153
Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-0771) CVE-2023-0771
Ampache Other Vulnerability (CVE-2006-5668) CVE-2006-5668
Ampache Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-4665) CVE-2022-4665
AngularJS client-side template injection
AngularJS Improper Input Validation Vulnerability (CVE-2019-10768) CVE-2019-10768
AngularJS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14863) CVE-2019-14863
AngularJS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-7676) CVE-2020-7676
Apache 2.2.14 mod_isapi Dangling Pointer CVE-2010-0425
Apache 2.x version equal to 2.0.51 CVE-2004-0811
Apache 2.x version older than 2.0.43 CVE-2002-0840 CVE-2002-1156
Apache 2.x version older than 2.0.45 CVE-2003-0132
Apache 2.x version older than 2.0.46 CVE-2003-0083 CVE-2003-0134 CVE-2003-0189 CVE-2003-0245
Apache 2.x version older than 2.0.47 CVE-2003-0192 CVE-2003-0253 CVE-2003-0254
Apache 2.x version older than 2.0.48 CVE-2003-0542 CVE-2003-0789
Apache 2.x version older than 2.0.49 CVE-2003-0020 CVE-2004-0113 CVE-2004-0174
Apache 2.x version older than 2.0.51 CVE-2004-0747 CVE-2004-0748 CVE-2004-0751 CVE-2004-0786 CVE-2004-0809
Apache 2.x version older than 2.0.55 CVE-2005-1268 CVE-2005-2088 CVE-2005-2491 CVE-2005-2700 CVE-2005-2728 CVE-2005-2970
Apache 2.x version older than 2.0.61 CVE-2006-5752 CVE-2007-1863 CVE-2007-3304 CVE-2007-3847
Apache 2.x version older than 2.0.63 CVE-2007-5000 CVE-2007-6388 CVE-2008-0005
Apache 2.x version older than 2.2.3 CVE-2006-3747
Apache 2.x version older than 2.2.6 CVE-2006-5752 CVE-2007-1862 CVE-2007-1863 CVE-2007-3304 CVE-2007-3847
Apache 2.x version older than 2.2.8 CVE-2007-5000 CVE-2007-6388 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005
Apache 2.x version older than 2.2.9 CVE-2007-6420 CVE-2008-2364
Apache 2.x version older than 2.2.10 CVE-2008-2939 CVE-2010-2791
Apache ActiveMQ default administrative credentials
Apache Airflow default credentials
Apache Airflow Experimental API Auth Bypass CVE-2020-13927 CVE-2020-13927
Apache Airflow Exposed configuration
Apache Airflow Unauthorized Access Vulnerability
Apache APISIX default token (CVE-2020-13945/CVE-2022-24112) CVE-2020-13945
Apache Axis2 administration console weak password
Apache Axis2 information disclosure
Apache Axis2 web services enumeration
Apache Axis2 xsd local file inclusion
Apache balancer-manager application publicly accessible
Apache Cassandra Unauthorized Access Vulnerability
Apache configured to run as proxy
Apache CouchDB JSON Remote Privilege Escalation Vulnerability CVE-2017-12635
Apache Denial of service in mod_lua r:parsebody Vulnerability (CVE-2022-29404) CVE-2022-29404