Overview This page provides a complete list of all Common Vulnerabilities and Exposures (CVEs) that scan4all can detect and exploit through its built-in POC database.
All Supported CVEs
Spring Framework 2 CVEs including Spring4Shell
Oracle Weblogic 10 CVEs from 2014-2021
Apache Products Log4j, Tomcat, Shiro, ZooKeeper, CouchDB
Jenkins 5 CVEs and unauthorized access
Other Systems VMware, Confluence, GitLab, F5, ThinkPHP, and more
CVE Database Summary By Severity Category CVE Count Primary Impact Remote Code Execution 30+ Critical Arbitrary File Read/Upload 5+ High SSRF & Authentication Bypass 8+ High SQL Injection 3+ High
Complete CVE List by System Spring Framework CVE ID Description Affected Versions CVE-2022-22965 Spring4Shell - RCE via Data Binding on JDK 9+ Spring Framework CVE-2022-22947 Spring Cloud Gateway RCE 3.1.1+ and 3.0.7+
Oracle Weblogic CVE ID Description Affected Versions CVE-2014-4210 SSRF Vulnerability 10.0.2 - 10.3.6 CVE-2017-3506 WLS-WSAT RCE 10.3.6.0, 12.1.3.0, 12.2.1.0-2 CVE-2017-10271 WLS-WSAT RCE 10.3.6.0, 12.1.3.0, 12.2.1.1-2 CVE-2018-2894 Deserialization File Upload 12.1.3.0, 12.2.1.2-3 CVE-2019-2725 WLS9-Async Deserialization RCE 10.3.6.0, 12.1.3.0 CVE-2019-2729 WLS9-Async Deserialization RCE 10.3.6.0, 12.1.3.0 CVE-2020-2883 IIOP/T3 Deserialization RCE 10.3.6.0, 12.1.3.0, 12.2.1.3-4 CVE-2020-14882 Console RCE 10.3.6.0, 12.1.3.0, 12.2.1.3-4, 14.1.1.0 CVE-2020-14883 Console RCE 10.3.6.0, 12.1.3.0, 12.2.1.3-4, 14.1.1.0 CVE-2021-2109 Unauthorized JNDI 10.3.6.0, 12.1.3.0, 12.2.1.3-4, 14.1.1.0 CNVD-C-2019-48814 Oracle Weblogic Vulnerability Various
Apache Products Apache Log4j CVE ID Description Affected Versions CVE-2021-44228 Log4Shell RCE 2.0 - 2.14.1
Apache Tomcat CVE ID Description Affected Versions CVE-2017-12615 PUT Method File Upload 7.0.0 - 7.0.81 CVE-2020-1938 Ghostcat - Arbitrary File Read 6.x, 7.x < 7.0.100, 8.x < 8.5.51, 9.x < 9.0.31
Apache Shiro CVE ID Description Affected Versions CVE-2016-4437 Shiro-550 Deserialization RCE 1.2.4 and earlier
Apache ZooKeeper CVE ID Description Affected Versions N/A Unauthorized Access Various
Apache CouchDB CVE ID Description Affected Versions CVE-2022-24706 Erlang Cookie RCE Various CVE-2020-13935 WebSocket DoS Various
Jenkins CVE ID Description Affected Versions CVE-2016-0792 Jenkins Vulnerability Various CVE-2018-1000110 User Search Various CVE-2018-1000861 Groovy Script RCE ≤ 2.153, LTS ≤ 2.138.3 CVE-2019-1003000 Groovy Script Security RCE Groovy ≤ 2.61, Script Security ≤ 1.49 N/A Unauthorized Groovy Script RCE Various
Atlassian Confluence CVE ID Description Affected Versions CVE-2021-26084 OGNL Injection RCE Various CVE-2021-26085 Confluence Vulnerability Various CVE-2022-26134 OGNL Injection RCE Various CVE-2022-26318 Confluence Vulnerability Various
VMware vCenter CVE ID Description Affected Versions CVE-2021-21985 vCenter RCE Various CVE-2022-22954 VMware Workspace ONE RCE Various CVE-2022-22972 Authentication Bypass Various
GitLab CVE ID Description Affected Versions CVE-2021-22205 RCE via ExifTool Various CVE-2022-2185 GitLab Vulnerability Various
F5 BIG-IP CVE ID Description Affected Versions CVE-2020-5902 TMUI RCE Various CVE-2021-22986 iControl REST RCE Various CVE-2022-1388 Authentication Bypass RCE Various
Fastjson CVE ID Description Affected Versions VER-1262 Autotype RCE ≤ 1.2.62
JBoss CVE ID Description Affected Versions CVE-2017-12149 Deserialization RCE JBoss AS 5.x/6.x
PHPUnit CVE ID Description Affected Versions CVE-2017-9841 RCE 4.x < 4.8.28, 5.x < 5.6.3
ThinkPHP CVE ID Description Affected Versions CVE-2019-9082 RCE < 3.2.4 CVE-2018-20062 RCE ≤ 5.0.23, 5.1.31
Microsoft Products CVE ID Description Affected Versions CVE-2020-0796 SMBGhost Windows 10 CVE-2021-26855 ProxyLogon Exchange RCE Exchange Server CVE-2018-14847 MikroTik RouterOS Various
Other Systems CVE ID Description System CVE-2018-13380 FortiOS SSL VPN Fortinet CVE-2021-38647 OMI RCE Open Management Infrastructure CVE-2022-23131 Zabbix Authentication Zabbix
All POCs are implemented in Go and available in the pocs_go/ directory of the scan4all source code.
POC Types
Detection POCs - Check if a system is vulnerableExploitation POCs - Demonstrate exploitability (used responsibly)Verification POCs - Verify successful exploitation
Usage All POCs are automatically invoked when scan4all detects the corresponding service or application:
# Scan a target for all vulnerabilities scan4all -h target.example.com # Enable POC scanning explicitly scan4all -h target.example.com -poc
References These POCs are provided for security testing and research purposes only. Always obtain proper authorization before testing systems you do not own.