Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity PHP Use After Free Vulnerability (CVE-2016-9137) CVE-2016-9137 CWE-416 CWE-416 Critical PHP Use After Free Vulnerability (CVE-2016-9138) CVE-2016-9138 CWE-416 CWE-416 Critical PHP Use After Free Vulnerability (CVE-2016-9936) CVE-2016-9936 CWE-416 CWE-416 Critical PHP Use After Free Vulnerability (CVE-2017-12932) CVE-2017-12932 CWE-416 CWE-416 Critical PHP Use After Free Vulnerability (CVE-2017-12934) CVE-2017-12934 CWE-416 CWE-416 High PHP Use After Free Vulnerability (CVE-2018-12882) CVE-2018-12882 CWE-416 CWE-416 Critical PHP Use After Free Vulnerability (CVE-2019-9020) CVE-2019-9020 CWE-416 CWE-416 Critical PHP Use After Free Vulnerability (CVE-2019-13224) CVE-2019-13224 CWE-416 CWE-416 Critical PHP Use After Free Vulnerability (CVE-2020-7068) CVE-2020-7068 CWE-416 CWE-416 Low PHP Use After Free Vulnerability (CVE-2021-21708) CVE-2021-21708 CWE-416 CWE-416 Critical PHP Use of Externally-Controlled Format String Vulnerability (CVE-2006-0200) CVE-2006-0200 CWE-134 CWE-134 Critical PHP Use of Externally-Controlled Format String Vulnerability (CVE-2009-0754) CVE-2009-0754 CWE-134 CWE-134 Low PHP Use of Externally-Controlled Format String Vulnerability (CVE-2009-3294) CVE-2009-3294 CWE-134 CWE-134 Medium PHP Use of Externally-Controlled Format String Vulnerability (CVE-2010-2094) CVE-2010-2094 CWE-134 CWE-134 Medium PHP Use of Externally-Controlled Format String Vulnerability (CVE-2010-2950) CVE-2010-2950 CWE-134 CWE-134 Medium PHP Use of Externally-Controlled Format String Vulnerability (CVE-2011-1153) CVE-2011-1153 CWE-134 CWE-134 High PHP Use of Externally-Controlled Format String Vulnerability (CVE-2015-8617) CVE-2015-8617 CWE-134 CWE-134 Critical PHP Use of Insufficiently Random Values Vulnerability (CVE-2023-3247) CVE-2023-3247 CWE-330 CWE-330 Medium PHP Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2023-0567) CVE-2023-0567 CWE-916 CWE-916 Medium PHP Use of Uninitialized Resource Vulnerability (CVE-2015-3414) CVE-2015-3414 CWE-908 CWE-908 High PHP Use of Uninitialized Resource Vulnerability (CVE-2015-8390) CVE-2015-8390 CWE-908 CWE-908 Critical PHP Use of Uninitialized Resource Vulnerability (CVE-2019-11038) CVE-2019-11038 CWE-908 CWE-908 Medium PHP version older than 4.3.8 CVE-2004-0594 CVE-2004-0595 CWE-1104 CWE-1104 Medium PHP version older than 4.4.1 CVE-2005-3388 CVE-2006-0097 CWE-1104 CWE-1104 High PHP version older than 5.2.1 CVE-2007-1376 CVE-2007-1380 CVE-2007-1453 CVE-2007-1454 CWE-1104 CWE-1104 High PHP version older than 5.2.3 CVE-2007-1900 CVE-2007-2756 CVE-2007-2872 CWE-1104 CWE-1104 High PHP version older than 5.2.5 CVE-2007-4840 CVE-2007-4887 CVE-2007-5898 CVE-2007-5899 CVE-2007-5900 CWE-1104 CWE-1104 High PHP version older than 5.2.6 CVE-2007-4850 CVE-2008-0599 CVE-2008-0674 CVE-2008-1384 CVE-2008-2050 CVE-2008-2051 CWE-1104 CWE-1104 High PHP version older than 5.2.8 CVE-2008-2371 CVE-2008-2665 CVE-2008-2666 CVE-2008-2829 CVE-2008-3658 CVE-2008-3659 CVE-2008-3660 CWE-1104 CWE-1104 High PHP X Prober publicly accessible CWE-200 CWE-200 Medium PHP Zend_Hash_Del_Key_Or_Index vulnerability CVE-2006-3017 CWE-702 CWE-702 High Phusion Passenger Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2018-12029) CVE-2018-12029 CWE-362 CWE-362 High Phusion Passenger Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-16355) CVE-2017-16355 CWE-200 CWE-200 Medium Phusion Passenger Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-12027) CVE-2018-12027 CWE-200 CWE-200 High Phusion Passenger Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2013-4136) CVE-2013-4136 CWE-59 CWE-59 Medium Phusion Passenger Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2018-12026) CVE-2018-12026 CWE-59 CWE-59 Critical Phusion Passenger Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2018-12028) CVE-2018-12028 CWE-732 CWE-732 High Phusion Passenger Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2018-12615) CVE-2018-12615 CWE-732 CWE-732 Medium Phusion Passenger Other Vulnerability (CVE-2014-1831) CVE-2014-1831 Low Phusion Passenger Other Vulnerability (CVE-2014-1832) CVE-2014-1832 Low Phusion Passenger Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2119) CVE-2013-2119 CWE-264 CWE-264 Medium Phusion Passenger Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-10345) CVE-2016-10345 CWE-264 CWE-264 High Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-1468) CVE-2013-1468 CWE-352 CWE-352 High Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-4613) CVE-2014-4613 CWE-352 CWE-352 Medium Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-4614) CVE-2014-4614 CWE-352 CWE-352 Medium Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-10678) CVE-2017-10678 CWE-352 CWE-352 High Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-10680) CVE-2017-10680 CWE-352 CWE-352 High Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-10681) CVE-2017-10681 CWE-352 CWE-352 High Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-17774) CVE-2017-17774 CWE-352 CWE-352 High Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-17827) CVE-2017-17827 CWE-352 CWE-352 High Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-7724) CVE-2018-7724 CWE-352 CWE-352 Medium Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-13363) CVE-2019-13363 CWE-352 CWE-352 Critical Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-33359) CVE-2023-33359 CWE-352 CWE-352 Medium Piwigo CVE-2014-4648 Vulnerability (CVE-2014-4648) CVE-2014-4648 Critical Piwigo Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-26267) CVE-2022-26267 CWE-668 CWE-668 High Piwigo Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3790) CVE-2011-3790 CWE-200 CWE-200 Medium Piwigo Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-10679) CVE-2017-10679 CWE-200 CWE-200 High Piwigo Improper Access Control Vulnerability (CVE-2016-10084) CVE-2016-10084 CWE-284 CWE-284 High Piwigo Improper Access Control Vulnerability (CVE-2016-10085) CVE-2016-10085 CWE-284 CWE-284 High Piwigo Improper Access Control Vulnerability (CVE-2016-10105) CVE-2016-10105 CWE-284 CWE-284 Critical Piwigo Improper Access Control Vulnerability (CVE-2016-10514) CVE-2016-10514 CWE-284 CWE-284 Medium Piwigo Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2012-2208) CVE-2012-2208 CWE-22 CWE-22 High Piwigo Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2013-1469) CVE-2013-1469 CWE-22 CWE-22 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4039) CVE-2009-4039 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-1707) CVE-2010-1707 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2209) CVE-2012-2209 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4525) CVE-2012-4525 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4526) CVE-2012-4526 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-1980) CVE-2014-1980 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3900) CVE-2014-3900 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-2034) CVE-2015-2034 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-9751) CVE-2016-9751 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10083) CVE-2016-10083 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10513) CVE-2016-10513 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5608) CVE-2017-5608 CWE-707 CWE-707 Medium 1...139140141142...293 140 / 293
