Component Vulnerability Family for Web App Scanning

ID	Name	Severity
114548	Apache Tomcat 9.0.0-M1 < 9.0.98 Multiple Vulnerabilities	critical
114547	Apache Tomcat 10.1.0-M1 < 10.1.34 Multiple Vulnerabilities	critical
114546	Apache Tomcat 11.0.0-M1 < 11.0.2 Multiple Vulnerabilities	critical
114545	Hunk Companion Plugin for WordPress < 1.9.0 Arbitrary Plugin Installation	critical
114544	Cleo < 5.8.0.24 Unrestricted File Upload	critical
114542	Cleo < 5.8.0.21 Unrestricted File Read/Upload	high
114541	GeoServer 2.20.0 < 2.20.4 Insecure Deserialization	high
114540	GeoServer < 2.19.6 Insecure Deserialization	high
114539	GeoServer 2.23.0 < 2.23.1 Multiples Vulnerabilities	critical
114538	GeoServer < 2.22.5 Multiples Vulnerabilities	critical
114537	GeoServer < 2.23.3 Multiples Vulnerabilities	medium
114536	GeoServer < 2.23.4 Path Traversal	high
114535	GeoServer 2.24.0 < 2.24.1 Multiples Vulnerabilities	high
114534	GeoServer < 2.23.4 Multiples Vulnerabilities	high
114533	GeoServer 2.24.0 < 2.24.2 Path Traversal	medium
114532	GeoServer 2.24.0 < 2.24.3 Path Traversal	high
114531	GeoServer < 2.23.5 Path Traversal	high
114530	GeoServer 2.25.0 < 2.25.1 Sensitive Information Exposure	medium
114529	GeoServer 2.10.0 < 2.24.4 Sensitive Information Exposure	medium
114527	Spam protection, Anti-Spam, FireWall by CleanTalk Plugin for WordPress < 6.44 Authorization Bypass	critical
114526	Spam protection, Anti-Spam, FireWall by CleanTalk Plugin for WordPress < 6.45 Authorization Bypass	high
114525	Spring Eureka Detected	info
114524	Ivanti EPM XML External Entity	high
114523	Sitecore 8.x < 10.4 Arbitrary File Read	high
114522	Drupal 7.x < 7.102 Multiple Vulnerabilities	medium
114521	Drupal 10.2.x < 10.2.11 Multiple Vulnerabilities	medium
114520	Drupal 10.3.x < 10.3.9 Multiple Vulnerabilities	medium
114519	Drupal 11.0.x < 11.0.8 Multiple Vulnerabilities	medium
114518	PHP 8.1.x < 8.1.31 Multiple Vulnerabilities	critical
114517	PHP 8.2.x < 8.2.26 Multiple Vulnerabilities	critical
114516	PHP 8.3.x < 8.3.14 Multiple Vulnerabilities	critical
114515	Surecart Plugin for WordPress < 2.30.0 SQL Injection	critical
114514	Palo Alto PAN-OS GlobalProtect Authentication Bypass	medium
114513	Ivanti Cloud Services Appliance < 4.6 patch 519 Path Traversal	critical
114512	Really Simple Security Plugin for WordPress 9.x < 9.1.2 Authentication Bypass	critical
114511	Apache Tomcat 9.0.0-M1 < 9.0.96 Multiple Vulnerabilities	critical
114510	Apache Tomcat 10.1.0-M1 < 10.1.31 Multiple Vulnerabilities	critical
114509	Apache Tomcat 11.0.0-M1 < 11.0.0 Multiple Vulnerabilities	critical
114508	Apache Tomcat 9.0.96 Cross-Site Scripting	medium
114507	Apache Tomcat 10.1.31 Cross-Site Scripting	medium
114506	Apache Tomcat 11.0.0 Cross-Site Scripting	medium
114504	Opti Marketing Plugin for WordPress <= 2.0.9 SQL Injection	critical
114501	jQuery < 1.9.0 Cross-Site Scripting	medium
114500	Apache APISIX Dashboard Default Credentials	high
114499	Apache APISIX Dashboard < 2.10.1 Authentication Bypass	critical
114497	Symfony < 5.4.46 / 6.x < 6.4.14 / 7.x < 7.1.7 Improper Input Handling	high
114496	Apache Solr 5.3.0 < 8.11.4 / 9.x < 9.7.0 Authentication Bypass	critical
114495	Mastodon 4.1.x < 4.1.2 LDAP injection	medium
114494	Mastodon 4.0.x < 4.0.4 LDAP injection	medium
114493	Mastodon 2.5.0 < 3.5.8 LDAP injection	medium

Detections

Analytics

Component Vulnerability Family for Web App Scanning

critical

critical

critical

critical

critical

high

high

high

critical

critical

medium

high

high

high

medium

high

high

medium

medium

critical

high

info

high

high

medium

medium

medium

medium

critical

critical

critical

critical

medium

critical

critical

critical

critical

critical

medium

medium

medium

critical

medium

high

critical

high

critical

medium

medium

medium