Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity PHP Use of Externally-Controlled Format String Vulnerability (CVE-2009-0754) CVE-2009-0754 CWE-134 CWE-134 Low Phusion Passenger Other Vulnerability (CVE-2014-1831) CVE-2014-1831 Low Phusion Passenger Other Vulnerability (CVE-2014-1832) CVE-2014-1832 Low Play Framework Data Amplification Vulnerability (CVE-2020-28923) CVE-2020-28923 Low Plone CMS Improper Input Validation Vulnerability (CVE-2013-4199) CVE-2013-4199 CWE-20 CWE-20 Low Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1949) CVE-2011-1949 CWE-707 CWE-707 Low Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-5502) CVE-2012-5502 CWE-707 CWE-707 Low PmWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-1481) CVE-2010-1481 CWE-707 CWE-707 Low Possible CSRF (Cross-site request forgery) CWE-352 CWE-352 Low Possible Database Name Disclosure CWE-200 CWE-200 Low Possible sensitive directories CWE-200 CWE-200 Low Possible sensitive files CWE-200 CWE-200 Low Possible SQL Statement in comment CWE-200 CWE-200 Low Possible username or password disclosure CWE-200 CWE-200 Low Possible virtual host found CWE-200 CWE-200 Low PostgreSQL CVE-2022-41862 Vulnerability (CVE-2022-41862) CVE-2022-41862 Low PostgreSQL Insufficient Verification of Data Authenticity Vulnerability (CVE-2024-10977) CVE-2024-10977 CWE-345 CWE-345 Low PostgreSQL Numeric Errors Vulnerability (CVE-2010-0733) CVE-2010-0733 Low PostgreSQL Other Vulnerability (CVE-1999-0862) CVE-1999-0862 Low PostgreSQL Other Vulnerability (CVE-2004-0977) CVE-2004-0977 Low PostgreSQL Other Vulnerability (CVE-2005-1410) CVE-2005-1410 Low PostgreSQL Other Vulnerability (CVE-2006-0678) CVE-2006-0678 Low PostgreSQL Out-of-bounds Read Vulnerability (CVE-2019-10209) CVE-2019-10209 CWE-125 CWE-125 Low Programming Error Messages CWE-209 CWE-209 Low Python Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2014-2667) CVE-2014-2667 CWE-362 CWE-362 Low Python Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4940) CVE-2011-4940 CWE-707 CWE-707 Low Python Other Vulnerability (CVE-2006-1542) CVE-2006-1542 Low Python Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4944) CVE-2011-4944 CWE-264 CWE-264 Low Python Use After Free Vulnerability (CVE-2018-1000030) CVE-2018-1000030 CWE-416 CWE-416 Low ReviveAdserver Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-7368) CVE-2015-7368 CWE-200 CWE-200 Low ReviveAdserver Other Vulnerability (CVE-2016-9471) CVE-2016-9471 Low Roundcube Cross-site Scripting (XSS) Vulnerability (CVE-2015-8105) CVE-2015-8105 Low Roundcube Improper Input Validation Vulnerability (CVE-2011-1491) CVE-2011-1491 CWE-20 CWE-20 Low Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1253) CVE-2012-1253 CWE-707 CWE-707 Low Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3507) CVE-2012-3507 CWE-707 CWE-707 Low Ruby on Rails 7PK - Security Features Vulnerability (CVE-2015-7576) CVE-2015-7576 Low Ruby on Rails CookieStore session cookie persistence CWE-284 CWE-284 Low Sensitive pages could be cached CWE-200 CWE-200 Low Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-2957) CVE-2010-2957 CWE-707 CWE-707 Low Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-2289) CVE-2015-2289 CWE-707 CWE-707 Low Session cookies scoped to parent domain CWE-284 CWE-284 Low Session ID in URL CWE-200 CWE-200 Low SharePoint CVE-2021-34519 Vulnerability (CVE-2021-34519) CVE-2021-34519 Low SharePoint CVE-2021-38651 Vulnerability (CVE-2021-38651) CVE-2021-38651 Low SharePoint CVE-2021-40483 Vulnerability (CVE-2021-40483) CVE-2021-40483 Low SharePoint CVE-2021-40484 Vulnerability (CVE-2021-40484) CVE-2021-40484 Low SharePoint CVE-2023-23395 Vulnerability (CVE-2023-23395) CVE-2023-23395 Low SharePoint CVE-2024-26251 Vulnerability (CVE-2024-26251) CVE-2024-26251 Low SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-5026) CVE-2008-5026 CWE-707 CWE-707 Low SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-0716) CVE-2010-0716 CWE-707 CWE-707 Low SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1633) CVE-2015-1633 CWE-707 CWE-707 Low SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1636) CVE-2015-1636 CWE-707 CWE-707 Low SharePoint Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-1290) CVE-2013-1290 CWE-264 CWE-264 Low Snoop Servlet information disclosure CWE-200 CWE-200 Low Spring Boot Misconfiguration: Spring Boot Actuator shutdown endpoint is web exposed CWE-16 CWE-16 Low Squid Improper Input Validation Vulnerability (CVE-2015-3455) CVE-2015-3455 CWE-20 CWE-20 Low Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4053) CVE-2016-4053 CWE-119 CWE-119 Low Stack Trace Disclosure (Apache MyFaces) CWE-209 CWE-209 Low Stack Trace Disclosure (ASP.NET) CWE-209 CWE-209 Low Stack Trace Disclosure (CakePHP) CWE-209 CWE-209 Low Stack Trace Disclosure (CherryPy) CWE-209 CWE-209 Low Stack Trace Disclosure (Grails) CWE-209 CWE-209 Low Stack Trace Disclosure (GWT) CWE-209 CWE-209 Low Stack Trace Disclosure (NodeJS) CWE-209 CWE-209 Low Stack Trace Disclosure (Ruby-Sinatra Framework) CWE-209 CWE-209 Low Stack Trace Disclosure (Tomcat) CWE-209 CWE-209 Low Symfony debug mode enabled CWE-200 CWE-200 Low Symfony ESI (Edge-Side Includes) enabled CWE-16 CWE-16 Low TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4238) CVE-2012-4238 CWE-707 CWE-707 Low Tomcat status page CWE-200 CWE-200 Low TRACE Method enabled CWE-489 CWE-489 Low TRACK Method enabled CWE-489 CWE-489 Low Typo3 debug mode enabled CWE-200 CWE-200 Low TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-3529) CVE-2012-3529 CWE-200 CWE-200 Low TYPO3 Improper Authentication Vulnerability (CVE-2015-2047) CVE-2015-2047 CWE-287 CWE-287 Low 1...91011 10 / 11
