Web Application Vulnerabilities Index

This page lists X vulnerabilities classified as CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H that can be detected by Invicti.

Select Category
Critical
High
Medium
Low
Best Practice
Information
Select Vulnerability
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Select Vulnerability
Vulnerability Name
Classification
Severity
CVE-2024-6297 WordPress Plugin Backdoor
CVE-2024-6297 WordPress Plugin Backdoor
CAPEC-443
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
, 
CWE-507
, 
HIPAA-164.308(a)
, 
ISO27001-A.12.2.1
, 
OWASP 2017-A10
, 
PCI v3.2-6.5.6
, 
Critical
Malware Identified
Malware Identified
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
, 
CWE-506
, 
Critical
Oracle WebLogic Remote Code Execution (CVE-2020-14882)
Oracle WebLogic Remote Code Execution (CVE-2020-14882)
CAPEC-242
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
, 
CWE-94
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
Remote Code Execution (Spring4Shell)
Remote Code Execution (Spring4Shell)
CAPEC-242
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
, 
CWE-94
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
Critical
Text4Shell Remote Code Execution - (CVE-2022-42889)
Text4Shell Remote Code Execution - (CVE-2022-42889)
CAPEC-242
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
, 
CWE-94
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A01
, 
PCI v3.2-6.5.1
, 
Critical
Web Backdoor Detected
Web Backdoor Detected
CAPEC-443
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
, 
CWE-507
, 
HIPAA-164.308(a)
, 
ISO27001-A.12.2.1
, 
OWASP 2017-A10
, 
PCI v3.2-6.5.6
, 
Critical