Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity CodeIgniter weak encryption key CWE-200 CWE-200 High CRIME SSL/TLS attack CVE-2012-4929 CWE-311 CWE-311 Medium HTTPS connection uses outdated TLS version CWE-327 CWE-327 Medium HTTPS connection with weak key length CWE-326 CWE-326 Medium Insecure Transportation Security Protocol Supported (SSLv2) CWE-326 CWE-326 High Insecure Transportation Security Protocol Supported (SSLv3) CWE-326 CWE-326 High Insecure Transportation Security Protocol Supported (TLS 1.0) CWE-326 CWE-326 High Insecure Transportation Security Protocol Supported (TLS 1.1) CWE-326 CWE-326 Low Insecure usage of Version 1 UUID/GUID CWE-328 CWE-328 Medium Oracle JavaServer Faces multiple vulnerabilities CVE-2013-3827 CWE-22 CWE-22 High Padding oracle attack CWE-209 CWE-209 High PrimeFaces 5.x Expression Language injection CVE-2017-1000486 High SSL/TLS Not Implemented CWE-319 CWE-319 Medium Telerik.Web.UI.dll Cryptographic Weakness CVE-2017-9248 CWE-338 CWE-338 High The DROWN attack (SSLv2 supported) CVE-2016-0800 CWE-327 CWE-327 High The FREAK attack CVE-2015-0204 CWE-326 CWE-327 CWE-326 CWE-327 Medium The Heartbleed Bug CVE-2014-0160 CWE-200 CWE-200 High The POODLE attack (SSLv3 with CBC cipher suites) CVE-2014-3566 CWE-326 CWE-326 Medium TLS/SSL (EC)DHE Key Reuse CWE-327 CWE-327 Informational TLS/SSL certificate key size too small CWE-326 CWE-326 Medium TLS/SSL LOGJAM attack CVE-2015-4000 CWE-326 CWE-326 Medium TLS/SSL Sweet32 attack CVE-2016-2183 CVE-2016-6329 CWE-327 CWE-327 Medium TLS/SSL Weak Cipher Suites CWE-327 CWE-327 Medium WordPress plugin WPtouch insecure nonce generation CWE-287 CWE-287 High