Sanitized Real Vulnerability Data.xlsx
 Share
The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

 
View only
 
 
ABCDEFGHIJKLMNOPQRSTUVWXYZ
1
Name
Authenticated
ImpactChainedNotesUUID
2
Insecure Password ResetNoAuthentication Bypass
f642d27d-0d48-4462-93ee-c03d961e6f05
3
Predictable Session TokenYesPrivilege Escalation
c7ed3234-c37c-406c-b5e1-240b0d5dc4f2
4
Insecure Direct Object ReferenceYes
Unauthorized Access to Data
77b6eb42-2cc4-4353-99f4-38c867ed7fd4
5
Stored Cross-site ScriptingNo
Unauthorized Access to Data
Wormable via Social Media Platform
03a81687-00a3-42e5-bca8-6db8a2e02306
6
Insecurely Configured Application Server
No
Remote Command Execution
3a013639-1591-49db-879e-818de9ac136d
7
SQL InjectionNo
Unauthorized Access to Data
83e8bd36-5984-4b71-b1ba-37d8ec569b2b
8
SQL InjectionNo
Remote Command Execution
SQL User is SA
3dd279a7-d1ca-4d01-b49f-47f64e2e5e87
9
Unauthenticated ‘rsync’ ServiceNo
Unauthorized Access to Data
3171556a-67b9-4ac8-9b9c-7dc10e765325
10
SQL User is SANo
Remote Command Execution
SQL Injection
82f90a9e-b4b2-4da8-9d74-992e08650cab
11
Insecure Direct Object ReferenceYes
Unauthorized Access to Data
a3f681c4-d9ce-45b2-a757-89758f6f9fdc
12
Insecurely Configured Application Server
No
Remote Command Execution
JBOSS
668f39e3-7c26-48f6-8d5e-45a7e4b67550
13
Public Credential LeakageNo
Remote Command Execution
28382d37-ebb2-49c8-bae1-2fd048a9ac64
14
Default CredentialsNo
Remote Command Execution
Command Injection
d001db59-c634-4747-b3c3-0e234c9bf324
15
Command InjectionNo
Remote Command Execution
Default Credentials
a77cc833-39c7-4841-a611-97c5e26031fa
16
Guessed PasswordNoInternal Network AccessSingle Factor Authentication
c3450e6a-a0e6-45c8-8a55-bde5d32b93ce
17
Single Factor AuthenticationNoInternal Network AccessGuessed Password
37f1502e-5e1c-4c45-b41f-d497a394c1a8
18
XML External Entity InjectionNo
Unauthorized Access to Data
8d3bc759-a2eb-4eb4-a284-42611f06d424
19
Insecure Cryptographic ControlYes
Unauthorized Access to Data
9d020e06-35ef-463b-91cb-4e6f584d40c3
20
SQL InjectionYes
Unauthorized Access to Data
cb78d88e-b828-4015-b550-b0bf5bfb4468
21
Insecure Password ResetNoAuthentication Bypass
90ac40a4-3740-4e41-aeea-afa6d2080c31
22
Insecure Cryptographic ControlYesPrivilege Escalation
76c50b13-4c11-4879-be0b-73de9f7c12e6
23
Guessed PasswordNoInternal Network AccessSingle Factor Authentication
9ee6a3eb-cf3f-4931-be7b-4da5e2bb69ef
24
Single Factor AuthenticationNoInternal Network AccessGuessed Password
44c6a8f7-089f-4389-8438-5e340d18050a
25
Stored Cross-site ScriptingNo
Unauthorized Access to Data
Wormable via Chat
698d5724-76ff-42be-9b9b-4fe794e884ce
26
Insecure Direct Object ReferenceYesPrivilege Escalation
ee01fc32-345e-4059-9864-9b0f034125f5
27
Insecure AuthorizationYesPrivilege EscalationisAdmin = true parameter
52a4bc96-9a9f-4092-8404-554611199cae
28
Stored Cross-site ScriptingYesPrivilege Escalation
eed585b3-fcc1-44bd-9558-d3d9c0bf62ac
29
Insecure Password ResetNo
Unauthorized Access to Data
SQL Injection
a8ab3ca8-709b-4a5a-adb3-58fbbef7504c
30
SQL InjectionNo
Unauthorized Access to Data
Insecure Password Reset
17fc6007-fdfa-4d49-a698-84c2049539d4
31
SQL InjectionNo
Unauthorized Access to Data
770bd74b-04e3-4aff-9cc8-9e0460735a0c
32
Insecure AuthorizationYesPrivilege Escalation
c788499e-c571-4259-897a-f42013fb91db
33
Insecure Direct Object ReferenceYes
Unauthorized Access to Data
ccafc7ae-a3d6-4abc-981b-88f0a95d19cb
34
SQL InjectionNo
Remote Command Execution
8ee7b508-6acb-4202-bcc4-a68566661fda
35
Insecure AuthorizationYesPrivilege Escalation
a4e972a7-6e25-43e7-b221-2e38534f36ca
36
Insecurely Configured Application Server
No
Remote Command Execution
Default CredentialsAxis2
b696fe13-45b6-46b4-8689-abfc43d73a63
37
Default CredentialsNo
Remote Command Execution
Insecurely Configured Application ServerAxis2
9ab400bd-a120-44d9-97e6-848fc566f692
38
Insecure AuthorizationYesPrivilege Escalation
7710d5ed-9b09-4438-8a90-48cd512416e9
39
Public Credential LeakageNoInternal Network AccessSingle Factor AuthenticationSalesforce Backdoor
09104093-d98c-41f0-8f90-6b9fbfdbaefc
40
Single Factor AuthenticationNoInternal Network AccessPublic Credential Leakage
7f24786d-be45-4ec0-9c7f-704ec56c2901
41
Guessed PasswordNo
Remote Command Execution
Guessed Password
guessed low priv -> user enum admin account name -> guessed admin password -> Upload php shell
52889705-4867-48d7-89ab-c5ba8263e562
42
Reflected Cross-site ScriptingNo
Remote Command Execution
Kiosk escape
7277eac7-f0bd-475f-8ce9-5e9e3d891a03
43
Insecurely Configured Application Server
No
Remote Command Execution
JBOSS
eddec727-5640-49f1-a9be-978d049ebada
44
SQL InjectionNo
Remote Command Execution
494414cb-9250-4348-864f-d13cf9489edf
45
XML External Entity InjectionNo
Unauthorized Access to Data
00af2722-3687-4af6-af64-4a8b9f54d48b
46
SQL InjectionYes
Unauthorized Access to Data
1c680aa3-d0e5-4ebb-94ed-1f705d944f1d
47
SQL InjectionNo
Remote Command Execution
SQL User is SA
9a3ce46c-4955-4b23-b3e0-bd0269667f32
48
SQL User is SANo
Remote Command Execution
SQL Injection
aafcd99c-599a-4b5f-a9b7-cfa94d646f2c
49
Outdated SoftwareNo
Remote Command Execution
Adobe Coldfusion Authentication Bypass
99a8b45a-3adb-4861-a410-9648a7a8edf4
50
Outdated SoftwareNo
Remote Command Execution
Apache Struts
16ad7eb6-00a7-4e4e-b1a5-7fa24e5110d2
51
SQL InjectionNo
Remote Command Execution
SQL User is SA
feb42689-085c-4afe-aca3-a497a31e9538
52
SQL User is SANo
Remote Command Execution
SQL Injection
57ef3b28-2d26-449a-a2b8-5dc38993254e
53
Directory ListingNo
Unauthorized Access to Data
Client data leakage; SQL Credentials in backups
701bd22c-e252-4cbd-b7ac-c4fa2c9d8eab
54
XML External Entity InjectionYes
Unauthorized Access to Data
f85b2111-1c72-40be-a2e0-b166942a952f
55
Default CredentialsNo
Remote Command Execution
Command Injection
66ac0ed7-e8fb-4349-a174-6d5b92a45149
56
Command InjectionNo
Remote Command Execution
Default Credentials
2566dd53-e1ae-42e0-9fe8-a7ac709b6418
57
Insecure Direct Object ReferenceYes
Unauthorized Access to Data
b61f9540-acf3-4c70-ae4a-d80cb6a17bed
58
Insecure AuthorizationYesPrivilege Escalation
05279446-eef8-4d82-a4e5-2dae7fff6067
59
Default CredentialsNoInternal Network Access
610e6056-a47e-4122-9666-f20b2bf0b3a6
60
SQL InjectionNo
Remote Command Execution
SQL User is SA
50db643d-a6f7-4a77-b557-b2ec51ab0642
61
Local File InclusionNo
Unauthorized Access to Data
e10d73ca-64ae-4841-b851-744d51967269
62
Anonymous FTP No
Unauthorized Access to Data
1bbf1d37-fed4-4203-b7c4-17e18d3e1b94
63
Anonymous FTP No
Unauthorized Access to Data
0ca4871a-686f-4986-b4bb-4db22da4ef79
64
SQL InjectionNo
Unauthorized Access to Data
ed44fe49-b1d6-48a7-af41-0af254f74d08
65
SQL InjectionNo
Remote Command Execution
SQL User is SA
ef173f05-d4b7-4ea6-90bc-a15b689293d2
66
SQL InjectionNo
Unauthorized Access to Data
91a66537-9d06-40ca-a912-9d326486705a
67
Single Factor AuthenticationNoInternal Network AccessGuessed Password
6a54c79a-c64f-48a4-88a9-79f11eb0439a
68
Guessed PasswordNoInternal Network AccessSingle Factor Authentication
6e892f7b-6d55-46c5-b12a-cff660e74891
69
Insecure AuthorizationYes
Unauthorized Access to Data
6d344f52-6173-4052-9c5b-7e528e76ef96
70
Insecure Credential HandlingYesPrivilege Escalation
05de8618-3bce-428f-b468-499bad819204
71
Insecure Direct Object ReferenceYes
Unauthorized Access to Data
04b87d32-a0e4-432e-b5bd-1ccb5f167bbc
72
Stored Cross-site ScriptingYesPrivilege Escalation
1c707e75-b5f8-4520-8c8b-0fceb0d7f3dc
73
Insecure AuthorizationYes
Unauthorized Access to Data
06ad8492-8274-4674-9846-e554802c9d9e
74
Insecure AuthorizationYesPrivilege Escalation
a117b983-7f0c-4ae5-9124-4587fb9745a8
75
SQL InjectionYes
Unauthorized Access to Data
7e32241b-3bce-414a-a5bc-93647afdcdf6
76
XML External Entity InjectionYes
Unauthorized Access to Data
559423d6-0d12-41c9-9820-e8836e312c19
77
SQL InjectionYes
Unauthorized Access to Data
f8e0d66b-14bb-44b5-8487-514b7f1dcd8a
78
Guessed PasswordNo
Remote Command Execution
SQL Injection, SQL User is SA
affc3187-3dc7-48f5-a0ab-8c0aa370ad70
79
SQL InjectionNo
Remote Command Execution
Guessed Password, SQL User is SA
e67dd77f-798c-4f5e-a4f8-07b065d1932d
80
SQL User is SANo
Remote Command Execution
Guessed Password, SQL Injection
f0627b39-4617-4f5d-930c-f72a49e87919
81
Directory TraversalNo
Unauthorized Access to Data
852bb830-b93c-4fdc-acee-47883dc84ba7
82
Insecure AuthorizationYesPrivilege EscalationDelete cookie that says you are external to become considered internal
c018fe8e-d0f1-4f14-8e12-682110a0d638
83
SQL InjectionYes
Unauthorized Access to Data
a928b8a7-5ce7-4bb2-bcbc-f6b60dbab978
84
Insecure Direct Object ReferenceNo
Unauthorized Access to Data
Authentication BypassAccess to returned password data via IDOR in userid=
6faef0f3-fd35-444c-bd2c-55da0c90b237
85
Insecure AuthenticationNoAuthentication BypassInsecure Direct Object ReferenceAuthentication via referer
b832fa7d-f52f-4502-8240-b4143c7fbc24
86
Directory ListingNo
Unauthorized Access to Data
Access to customer policy data
d2c2a91b-c089-438f-93fb-ec60dcda5121
87
Misconfigured Domino ServerNo
Unauthorized Access to Data
5a3ff504-15b2-4938-8a32-19061e8a8901
88
Insecure AuthenticationYesPrivilege Escalation
ebea8a53-978b-49f9-bb70-a8786a705e0a
89
SQL InjectionYes
Unauthorized Access to Data
9446ac56-03b5-4d01-96a3-9cf367424632
90
Insecure Password ResetNoAuthentication Bypass
c82b7526-74f3-4085-a8bb-65a238ee0fed
91
Insecure AuthenticationYesAuthentication Bypass
91931b3a-8594-43b3-81f8-a150b42a8ae3
92
SQL InjectionYes
Unauthorized Access to Data
60e4df4c-9686-4de3-9e71-71b291797256
93
Insecure Password ResetNoAuthentication Bypass
c9bad0b3-5166-4e52-93d0-f617e6225987
94
SQL InjectionYes
Unauthorized Access to Data
a0f9e798-373d-4b77-8826-18e88ca6cbfa
95
Insecure AuthenticationYesAuthentication Bypass
d27b1584-62b3-445b-a027-7d3c8281b05e
96
Insecure Password ResetNoAuthentication Bypass
69d8b17b-e06e-4ba2-b080-47aab0ae3cb9
97
Insecure AuthorizationYesPrivilege EscalationisAdmin = true cookie
aa4f0a2f-1f5f-43e2-8085-da1d4bf41d5c
98
Insecure AuthenticationYesAuthentication Bypass
e432ed5e-9814-4cf8-8fe5-4aae4c7edb5d
99
Insecure Password ResetNoAuthentication Bypass
a1e87fc5-1a9b-41e5-b903-d0f462c1757e
100
Insecure AuthorizationNoAuthentication Bypass
bbb0f2cb-0041-4b1e-8a2f-fb650e3deda4
Loading...
Main menu