| Vulnerability Name |
CVE
CWE
|
CWE |
Severity |
|
Stack Trace Disclosure (NodeJS)
|
CWE-209
|
CWE-209
|
Low
|
|
Stack Trace Disclosure (Ruby-Sinatra Framework)
|
CWE-209
|
CWE-209
|
Low
|
|
Stack Trace Disclosure (Tomcat)
|
CWE-209
|
CWE-209
|
Low
|
|
Symfony debug mode enabled
|
CWE-200
|
CWE-200
|
Low
|
|
Symfony ESI (Edge-Side Includes) enabled
|
CWE-16
|
CWE-16
|
Low
|
|
TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4238)
|
CVE-2012-4238
CWE-707
|
CWE-707
|
Low
|
|
Tomcat status page
|
CWE-200
|
CWE-200
|
Low
|
|
TRACE/TRACK Method Detected
|
CWE-489
|
CWE-489
|
Low
|
|
TRACK method is enabled
|
CWE-489
|
CWE-489
|
Low
|
|
Typo3 debug mode enabled
|
CWE-200
|
CWE-200
|
Low
|
|
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-3529)
|
CVE-2012-3529
CWE-200
|
CWE-200
|
Low
|
|
TYPO3 Improper Authentication Vulnerability (CVE-2015-2047)
|
CVE-2015-2047
CWE-287
|
CWE-287
|
Low
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3629)
|
CVE-2009-3629
CWE-707
|
CWE-707
|
Low
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5097)
|
CVE-2010-5097
CWE-707
|
CWE-707
|
Low
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5098)
|
CVE-2010-5098
CWE-707
|
CWE-707
|
Low
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5100)
|
CVE-2010-5100
CWE-707
|
CWE-707
|
Low
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1606)
|
CVE-2012-1606
CWE-707
|
CWE-707
|
Low
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3528)
|
CVE-2012-3528
CWE-707
|
CWE-707
|
Low
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6145)
|
CVE-2012-6145
CWE-707
|
CWE-707
|
Low
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6147)
|
CVE-2012-6147
CWE-707
|
CWE-707
|
Low
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6148)
|
CVE-2012-6148
CWE-707
|
CWE-707
|
Low
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-7074)
|
CVE-2013-7074
CWE-707
|
CWE-707
|
Low
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-7078)
|
CVE-2013-7078
CWE-707
|
CWE-707
|
Low
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3943)
|
CVE-2014-3943
CWE-707
|
CWE-707
|
Low
|
|
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5956)
|
CVE-2015-5956
CWE-707
|
CWE-707
|
Low
|
|
TYPO3 Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-26229)
|
CVE-2020-26229
CWE-611
|
CWE-611
|
Low
|
|
TYPO3 Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-11063)
|
CVE-2020-11063
|
|
Low
|
|
TYPO3 Other Vulnerability (CVE-2006-5069)
|
CVE-2006-5069
|
|
Low
|
|
Typo3 sensitive files
|
CWE-200
|
CWE-200
|
Low
|
|
Unfiltered header injection in Apache 1.3.34/2.0.57/2.2.1
|
CVE-2006-3918
CWE-79
|
CWE-79
|
Low
|
|
Unrestricted access to a monitoring system
|
CWE-200
|
CWE-200
|
Low
|
|
Unrestricted access to ImageResizer Diagnotics plugin
|
CWE-200
|
CWE-200
|
Low
|
|
Unrestricted access to NGINX+ Status module
|
CWE-200
|
CWE-200
|
Low
|
|
Unrestricted access to Prometheus
|
CWE-200
|
CWE-200
|
Low
|
|
Unrestricted access to Prometheus Metrics
|
CWE-200
|
CWE-200
|
Low
|
|
Vanilla Forums Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-9889)
|
CVE-2019-9889
CWE-22
|
CWE-22
|
Low
|
|
Vanilla Forums Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4954)
|
CVE-2012-4954
CWE-264
|
CWE-264
|
Low
|
|
Varnish Cache Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0345)
|
CVE-2013-0345
CWE-264
|
CWE-264
|
Low
|
|
Version Disclosure (ASP.NET)
|
CWE-200
|
CWE-200
|
Low
|
|
Version Disclosure (ASP.NET MVC)
|
CWE-200
|
CWE-200
|
Low
|
|
Version Disclosure (PHP)
|
|
|
Low
|
|
Vulnerable package dependencies [low]
|
CWE-1104
|
CWE-1104
|
Low
|
|
WebLogic CVE-2016-0688 Vulnerability (CVE-2016-0688)
|
CVE-2016-0688
|
|
Low
|
|
WebLogic CVE-2021-1996 Vulnerability (CVE-2021-1996)
|
CVE-2021-1996
|
|
Low
|
|
WebLogic Improper Certificate Validation Vulnerability (CVE-2020-9488)
|
CVE-2020-9488
CWE-295
|
CWE-295
|
Low
|
|
WebLogic Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2020-8908)
|
CVE-2020-8908
CWE-732
|
CWE-732
|
Low
|
|
Web Server Cache Poisoning (CMS Made Simple) v1.x
|
CVE-2016-2784
CWE-20
|
CWE-20
|
Low
|
|
Werkzeug WSGI CVE-2023-23934 Vulnerability (CVE-2023-23934)
|
CVE-2023-23934
|
|
Low
|
|
Whoops error handler component detected
|
CWE-200
|
CWE-200
|
Low
|
|
WordPress admin accessible without HTTP authentication
|
CWE-16
|
CWE-16
|
Low
|
|
WordPress Authentication Bypass Using an Alternate Path or Channel Vulnerability (CVE-2020-4050)
|
CVE-2020-4050
CWE-288
|
CWE-288
|
Low
|
|
WordPress default administrator account
|
CWE-16
|
CWE-16
|
Low
|
|
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-5868)
|
CVE-2012-5868
CWE-200
|
CWE-200
|
Low
|
|
WordPress full path disclosure
|
CWE-200
|
CWE-200
|
Low
|
|
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-1732)
|
CVE-2007-1732
CWE-707
|
CWE-707
|
Low
|
|
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-5710)
|
CVE-2007-5710
CWE-707
|
CWE-707
|
Low
|
|
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3891)
|
CVE-2009-3891
CWE-707
|
CWE-707
|
Low
|
|
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0700)
|
CVE-2011-0700
CWE-707
|
CWE-707
|
Low
|
|
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0287)
|
CVE-2012-0287
CWE-707
|
CWE-707
|
Low
|
|
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-5739)
|
CVE-2013-5739
CWE-707
|
CWE-707
|
Low
|
|
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5240)
|
CVE-2014-5240
CWE-707
|
CWE-707
|
Low
|
|
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5622)
|
CVE-2015-5622
CWE-707
|
CWE-707
|
Low
|
|
WordPress Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Vulnerability (CVE-2020-4049)
|
CVE-2020-4049
CWE-707
|
CWE-707
|
Low
|
|
WordPress Other Vulnerability (CVE-2006-0733)
|
CVE-2006-0733
|
|
Low
|
|
WordPress Other Vulnerability (CVE-2007-4153)
|
CVE-2007-4153
|
|
Low
|
|
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5297)
|
CVE-2010-5297
CWE-264
|
CWE-264
|
Low
|
|
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3383)
|
CVE-2012-3383
CWE-264
|
CWE-264
|
Low
|
|
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4422)
|
CVE-2012-4422
CWE-264
|
CWE-264
|
Low
|
|
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4340)
|
CVE-2013-4340
CWE-264
|
CWE-264
|
Low
|
|
WordPress REST API User Enumeration
|
CWE-200
|
CWE-200
|
Low
|
|
XWiki CVE-2007-4898 Vulnerability (CVE-2007-4898)
|
CVE-2007-4898
|
|
Low
|
|
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43841)
|
CVE-2021-43841
CWE-707
|
CWE-707
|
Low
|
|
XWiki Other Vulnerability (CVE-2007-4888)
|
CVE-2007-4888
|
|
Low
|
|
ZenCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1413)
|
CVE-2012-1413
CWE-707
|
CWE-707
|
Low
|
|
Zope Web Application Server Other Vulnerability (CVE-2006-3458)
|
CVE-2006-3458
|
|
Low
|
