Component Vulnerability Family for Web App Scanning

ID	Name	Severity
115083	FreeBPX < 16.0.92 Multiples Vulnerabilities	high
115082	Astro < 5.15.8 Reflected Cross-Site Scripting	medium
115081	Atlassian Jira 11.x < 11.2.0 XML External Entity Injection	critical
115080	Atlassian Jira 10.3.x < 10.3.13 XML External Entity Injection	critical
115078	Gladinet CentreStack / Triofox < 16.12.10420.56791 Hardcoded Credentials	high
115077	Gladinet CentreStack < 16.4.10315.56368 Insecure Deserialization	critical
115076	Gladinet Triofox < 16.7.10368.56560 Improper Access Control	critical
115075	GeoServer < 2.25.6 / 2.26.x < 2.26.2 XML External Entity	critical
115073	Apache Tika < 3.2.2 XML External Entity	critical
115071	Apache 2.4.x < 2.4.66 Multiple Vulnerabilities	high
115070	Adobe Experience Manager (AEM) < 6.5.23.0 XML External Entity	medium
115069	React Server Components 19.0 / 19.1.0 / 19.1.1 / 19.2.0 Remote Code Execution (React2Shell)	critical
115051	Sneeit Framework Plugin for WordPress < 8.4 Remote Code Execution	critical
115047	GFI KerioControl < 9.4.5 HTTP Response Splitting	high
115046	Liferay Portal GraphQL Schema Detected	info
115045	Oracle Identity Manager < 12.2.1.4.0 / < 14.1.2.1.0 Remote Code Execution	critical
115044	Liferay Portal License Manager Detected	medium
115043	Liferay Portal JSON Web Services Detected	info
115042	Wazuh 4.4x < 4.9.1 Remote Code Execution	critical
115041	Liferay Portal API Explorer Detected	info
115039	Lucee 5.4.x < 5.4.3.2 Remote Code Execution	critical
115038	Lucee < 5.3.12.1 Remote Code Execution	critical
115037	Telerik UI for ASP.NET AJAX Unsafe Reflection	high
115036	Drupal 8.0.x < 10.4.9 Multiple Vulnerabilities	high
115035	Drupal 10.5.x < 10.5.6 Multiple Vulnerabilities	high
115034	Drupal 11.0.x < 11.1.9 Multiple Vulnerabilities	high
115033	Drupal 11.2.x < 11.2.8 Multiple Vulnerabilities	high
115032	Lucee < 6.0.1.59 Remote Code Execution	critical
115040	Fortinet FortiWeb Authentication Bypass	critical
115031	DotNetNuke < 10.1.1 Unrestricted File Upload	critical
115030	Gladinet CentreStack/Triofox < 16.10.10408.56683 Local File Inclusion	high
115026	Apache Tomcat 9.0.0-M1 < 9.0.109 Multiple Vulnerabilities	high
115025	Apache Tomcat 10.1.0-M1 < 10.1.45 Multiple Vulnerabilities	high
115024	Apache Tomcat 11.0.0-M1 < 11.0.11 Multiple Vulnerabilities	high
115023	Apache Tomcat 9.0.0-M1 < 9.0.110 Denial of Service	medium
115022	Apache Tomcat 10.1.0-M1 < 10.1.47 Denial of Service	medium
115021	Apache Tomcat 11.0.0-M1 < 11.0.12 Denial of Service	medium
115020	Squid < 7.2 Information Disclosure	high
115019	Adobe Commerce / Magento Insecure Deserialization (SessionReaper)	critical
115018	Atlassian Confluence 10.x < 10.0.2 Denial of Service	high
115017	Atlassian Confluence 9.2.x < 9.2.7 Denial of Service	high
115016	Atlassian Confluence 2.x < 8.5.25 Denial of Service	high
115015	Atlassian Jira 11.x < 11.1.0 Path Traversal	high
115014	Atlassian Jira 10.3.x < 10.3.12 Path Traversal	high
115013	Atlassian Jira 9.12.x < 9.12.28 Path Traversal	high
115012	Authentik 2024.8.x < 2024.8.3 Authentication Bypass	critical
115011	Authentik < 2024.6.5 Authentication Bypass	critical
115009	Discourse < 3.3.3 Backup Disclosure	medium
115008	Jenkins Sidepanel Unauthorized Agent/Queue Exposure	medium
115005	Zimbra Collaboration 10.0.x < 10.0.13 Stored Cross-Site Scripting	medium

Detections

Analytics

Component Vulnerability Family for Web App Scanning

high

medium

critical

critical

high

critical

critical

critical

critical

high

medium

critical

critical

high

info

critical

medium

info

critical

info

critical

critical

high

high

high

high

high

critical

critical

critical

high

high

high

high

medium

medium

medium

high

critical

high

high

high

high

high

high

critical

critical

medium

medium

medium