Component Vulnerability Family for Web App Scanning

IDNameSeverity
115296Ninja Forms - File Uploads Plugin for WordPress < 3.3.30 Unauthenticated Arbitrary File Read
high
115295Adobe ColdFusion Remote Development Service Path Traversal
critical
115294Joomla! 6.x < 6.1.2 Multiple Vulnerabilities
high
115293Joomla! 5.x < 5.4.7 Multiple Vulnerabilities
high
115292Joomla! SP Page Builder < 6.6.2 Arbitrary Files Upload
critical
115291PHP 8.5.x < 8.5.8 Multiple Vulnerabilities
medium
115290Microsoft SharePoint Server 2016 < 16.0.5552.1002 Insecure Deserialization
high
115289Microsoft SharePoint Server 2019 < 16.0.10417.20128 Insecure Deserialization
high
115288PHP 8.4.x < 8.4.23 Multiple Vulnerabilities
medium
115287PHP 8.3.x < 8.3.32 Multiple Vulnerabilities
medium
115286PHP 8.2.x < 8.2.32 Multiple Vulnerabilities
medium
115285Nginx < 1.30.3 Multiple Vulnerabilities
critical
115284Nginx 1.31.x < 1.31.2 Multiple Vulnerabilities
critical
115283Apache Tomcat 9.0.0-M1 < 9.0.119 Multiple Vulnerabilities
critical
115282Apache Tomcat 10.1.0-M1 < 10.1.56 Multiple Vulnerabilities
critical
115281Apache Tomcat 11.0.0-M1 < 11.0.23 Multiple Vulnerabilities
critical
115280Cacti Multiples Vulnerabilities
critical
115274Popup Maker Plugin for WordPress < 1.21.0 Stored Cross-Site Scripting
medium
115273RequireJS < 2.3.7 Prototype Pollution
critical
115272Lodash < 4.17.23 Prototype Pollution
high
115271Gravity SMTP Plugin for WordPress < 2.1.5 Sensitive Information Exposure
high
115270Joomla! JCE < 2.9.99.5 Unrestricted File Upload
critical
115269Product Slider Pro for WooCommerce Plugin for WordPress < 3.5.4 Backdoor
critical
115268FortiSandbox 4.4.x < 4.4.9 / 5.0.x < 5.0.6 Path Traversal
critical
115267Ivanti Sentry < 10.5.2 / 10.6.x < 10.6.2 / 10.7.x < 10.7.1 Remote Code Execution
critical
115266Splunk Enterprise < 10.0.7 / 10.2.x < 10.2.4 Remote Code Execution
critical
115265Oracle PeopleSoft 8.61 / 8.62 Remote Code Execution
critical
115264UpdraftPlus Backup Plugin for WordPress < 1.26.5 Unauthenticated Authentication Bypass
high
115263Apache 2.4.x < 2.4.68 Multiple Vulnerabilities
high
115262PHP 8.5.x < 8.5.7 Multiple Vulnerabilities
medium
115261Mirasvit Cache Warmer for Magento < 1.11.12 Remote Code Execution
critical
115260Palo Alto PAN-OS < 12.1.7 GlobalProtect Authentication Bypass
high
115259Roundcube Webmail 1.7.x < 1.7.1 SQL Injection
high
115258Roundcube Webmail 1.6.x < 1.6.16 SQL Injection
high
115257Joomla! 6.x < 6.1.1 Multiple Vulnerabilities
high
115256Joomla! 3.x < 5.4.6 Multiple Vulnerabilities
high
115255Nginx < 1.30.2 Buffer Overflow
critical
115254Nginx 1.31.0 Buffer Overflow
critical
115251Drupal JSONAPI SQL Injection
medium
115250Drupal < 10.4.10 SQL Injection
medium
115249Drupal 10.5.x < 10.5.10 SQL Injection
medium
115248Drupal 10.6.x < 10.6.9 SQL Injection
medium
115247Drupal 11.1.x < 11.1.10 SQL Injection
medium
115246Drupal 11.2.x < 11.2.12 SQL Injection
medium
115245Drupal 11.3.x < 11.3.10 SQL Injection
medium
115244Burst Statistics Plugin for WordPress 3.4.x < 3.4.2 Authentication Bypass
critical
115243Nginx < 1.30.1 Multiple Vulnerabilities
critical
115242Next.js 16.0.x < 16.2.5 Server-Side Request Forgery
high
115241Next.js 13.4.13 < 15.5.16 Server-Side Request Forgery
high
115240Apache Tomcat 9.0.0-M1 < 9.0.118 Multiple Vulnerabilities
critical