Vulnerabilities - Acunetix

Vulnerability Name	CVE CWE	CWE	Severity
Plone CMS Improper Privilege Management Vulnerability (CVE-2020-7941)	CVE-2020-7941 CWE-269	CWE-269	Critical
Plone CMS Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2024-0669)	CVE-2024-0669 CWE-1021	CWE-1021	High
Plone CMS Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-28734)	CVE-2020-28734 CWE-611	CWE-611	High
Plone CMS Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-28736)	CVE-2020-28736 CWE-611	CWE-611	High
Plone CMS Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-33509)	CVE-2021-33509 CWE-732	CWE-732	Critical
Plone CMS Missing Authentication for Critical Function Vulnerability (CVE-2020-35190)	CVE-2020-35190 CWE-306	CWE-306	Critical
Plone CMS Other Vulnerability (CVE-2006-1711)	CVE-2006-1711		Medium
Plone CMS Other Vulnerability (CVE-2006-4247)	CVE-2006-4247		Medium
Plone CMS Other Vulnerability (CVE-2006-4249)	CVE-2006-4249		Medium
Plone CMS Other Vulnerability (CVE-2012-5486)	CVE-2012-5486		Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1950)	CVE-2011-1950 CWE-264	CWE-264	Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4030)	CVE-2011-4030 CWE-264	CWE-264	Critical
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5487)	CVE-2012-5487 CWE-264	CWE-264	High
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5489)	CVE-2012-5489 CWE-264	CWE-264	Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5498)	CVE-2012-5498 CWE-264	CWE-264	Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5501)	CVE-2012-5501 CWE-264	CWE-264	Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4191)	CVE-2013-4191 CWE-264	CWE-264	Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4193)	CVE-2013-4193 CWE-264	CWE-264	Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4196)	CVE-2013-4196 CWE-264	CWE-264	Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4198)	CVE-2013-4198 CWE-264	CWE-264	Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4200)	CVE-2013-4200 CWE-264	CWE-264	Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7061)	CVE-2013-7061 CWE-264	CWE-264	Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-7317)	CVE-2015-7317 CWE-264	CWE-264	Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-4041)	CVE-2016-4041 CWE-264	CWE-264	High
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-4043)	CVE-2016-4043 CWE-264	CWE-264	Medium
Plone CMS Resource Management Errors Vulnerability (CVE-2012-5496)	CVE-2012-5496		Medium
Plone CMS Resource Management Errors Vulnerability (CVE-2012-5499)	CVE-2012-5499		Medium
Plone CMS Resource Management Errors Vulnerability (CVE-2012-5506)	CVE-2012-5506		Medium
Plone CMS Resource Management Errors Vulnerability (CVE-2013-4188)	CVE-2013-4188		Medium
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-28735)	CVE-2020-28735 CWE-918	CWE-918	High
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-33510)	CVE-2021-33510 CWE-918	CWE-918	Medium
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-33511)	CVE-2021-33511 CWE-918	CWE-918	High
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-33926)	CVE-2021-33926 CWE-918	CWE-918	High
Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2016-7137)	CVE-2016-7137 CWE-601	CWE-601	Medium
Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-1000481)	CVE-2017-1000481 CWE-601	CWE-601	Medium
Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-1000484)	CVE-2017-1000484 CWE-601	CWE-601	Medium
Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-7936)	CVE-2020-7936 CWE-601	CWE-601	Medium
Plone CMS Use of Externally-Controlled Format String Vulnerability (CVE-2017-5524)	CVE-2017-5524 CWE-134	CWE-134	Medium
Plone CMS Weak Password Requirements Vulnerability (CVE-2020-7940)	CVE-2020-7940 CWE-521	CWE-521	High
Plupload Cross-site Scripting (XSS) Vulnerability (CVE-2016-4566)	CVE-2016-4566		Medium
PmWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-4453)	CVE-2011-4453 CWE-94	CWE-94	High
PmWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-1481)	CVE-2010-1481 CWE-707	CWE-707	Low
PmWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4662)	CVE-2010-4662 CWE-707	CWE-707	Medium
PmWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4748)	CVE-2010-4748 CWE-707	CWE-707	Medium
PmWiki Other Vulnerability (CVE-2005-3849)	CVE-2005-3849		Medium
PmWiki Other Vulnerability (CVE-2006-2840)	CVE-2006-2840		Medium
PmWiki Other Vulnerability (CVE-2006-4453)	CVE-2006-4453		Medium
Podcast Generator Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20121)	CVE-2018-20121 CWE-707	CWE-707	Medium
Polyfill.io Supply Chain Attack			High
Possible cross site scripting via Host header	CWE-79	CWE-79	High
Possible CSRF (Cross-site request forgery)	CWE-352	CWE-352	Low
Possible database backup	CWE-538	CWE-538	High
Possible sensitive directories	CWE-200	CWE-200	Low
Possible sensitive files	CWE-200	CWE-200	Low
Possible SQL Statement in comment	CWE-200	CWE-200	Low
Possible username or password disclosure	CWE-200	CWE-200	Low
Possible virtual host found	CWE-200	CWE-200	Low
PostgreSQL 7PK - Security Features Vulnerability (CVE-2016-2193)	CVE-2016-2193		High
PostgreSQL Arbitrary Code Execution Vulnerbality (CVE-2020-25696)	CVE-2020-25696		High
PostgreSQL Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2015-0241)	CVE-2015-0241 CWE-120	CWE-120	High
PostgreSQL Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2015-0243)	CVE-2015-0243 CWE-120	CWE-120	High
PostgreSQL Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2020-21469)	CVE-2020-21469 CWE-120	CWE-120	High
PostgreSQL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2014-0062)	CVE-2014-0062 CWE-362	CWE-362	Medium
PostgreSQL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2017-14798)	CVE-2017-14798 CWE-362	CWE-362	High
PostgreSQL Cryptographic Issues Vulnerability (CVE-2009-4034)	CVE-2009-4034		Medium
PostgreSQL Cryptographic Issues Vulnerability (CVE-2011-2483)	CVE-2011-2483		Medium
PostgreSQL Cryptographic Issues Vulnerability (CVE-2012-2143)	CVE-2012-2143		Medium
PostgreSQL CVE-2009-3229 Vulnerability (CVE-2009-3229)	CVE-2009-3229		Medium
PostgreSQL CVE-2017-7547 Vulnerability (CVE-2017-7547)	CVE-2017-7547		High
PostgreSQL CVE-2017-7548 Vulnerability (CVE-2017-7548)	CVE-2017-7548		High
PostgreSQL CVE-2018-1058 Vulnerability (CVE-2018-1058)	CVE-2018-1058		High
PostgreSQL CVE-2021-3677 Vulnerability (CVE-2021-3677)	CVE-2021-3677		Medium
PostgreSQL CVE-2021-32029 Vulnerability (CVE-2021-32029)	CVE-2021-32029		Medium
PostgreSQL CVE-2022-41862 Vulnerability (CVE-2022-41862)	CVE-2022-41862		Low
PostgreSQL CVE-2023-2454 Vulnerability (CVE-2023-2454)	CVE-2023-2454		High

Plone CMS Improper Privilege Management Vulnerability (CVE-2020-7941)

CVE-2020-7941

CWE-269

Critical

Plone CMS Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2024-0669)

CVE-2024-0669

CWE-1021

High

Plone CMS Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-28734)

CVE-2020-28734

CWE-611

High

Plone CMS Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-28736)

CVE-2020-28736

CWE-611

High

Plone CMS Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-33509)

CVE-2021-33509

CWE-732

Critical

Plone CMS Missing Authentication for Critical Function Vulnerability (CVE-2020-35190)

CVE-2020-35190

CWE-306

Critical

Plone CMS Other Vulnerability (CVE-2006-1711)

CVE-2006-1711

Medium

Plone CMS Other Vulnerability (CVE-2006-4247)

CVE-2006-4247

Medium

Plone CMS Other Vulnerability (CVE-2006-4249)

CVE-2006-4249

Medium

Plone CMS Other Vulnerability (CVE-2012-5486)

CVE-2012-5486

Medium

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1950)

CVE-2011-1950

CWE-264

Medium

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4030)

CVE-2011-4030

CWE-264

Critical

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5487)

CVE-2012-5487

CWE-264

High

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5489)

CVE-2012-5489

CWE-264

Medium

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5498)

CVE-2012-5498

CWE-264

Medium

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5501)

CVE-2012-5501

CWE-264

Medium

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4191)

CVE-2013-4191

CWE-264

Medium

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4193)

CVE-2013-4193

CWE-264

Medium

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4196)

CVE-2013-4196

CWE-264

Medium

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4198)

CVE-2013-4198

CWE-264

Medium

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4200)

CVE-2013-4200

CWE-264

Medium

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7061)

CVE-2013-7061

CWE-264

Medium

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-7317)

CVE-2015-7317

CWE-264

Medium

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-4041)

CVE-2016-4041

CWE-264

High

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-4043)

CVE-2016-4043

CWE-264

Medium

Plone CMS Resource Management Errors Vulnerability (CVE-2012-5496)

CVE-2012-5496

Medium

Plone CMS Resource Management Errors Vulnerability (CVE-2012-5499)

CVE-2012-5499

Medium

Plone CMS Resource Management Errors Vulnerability (CVE-2012-5506)

CVE-2012-5506

Medium

Plone CMS Resource Management Errors Vulnerability (CVE-2013-4188)

CVE-2013-4188

Medium

Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-28735)

CVE-2020-28735

CWE-918

High

Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-33510)

CVE-2021-33510

CWE-918

Medium

Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-33511)

CVE-2021-33511

CWE-918

High

Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-33926)

CVE-2021-33926

CWE-918

High

Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2016-7137)

CVE-2016-7137

CWE-601

Medium

Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-1000481)

CVE-2017-1000481

CWE-601

Medium

Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-1000484)

CVE-2017-1000484

CWE-601

Medium

Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-7936)

CVE-2020-7936

CWE-601

Medium

Plone CMS Use of Externally-Controlled Format String Vulnerability (CVE-2017-5524)

CVE-2017-5524

CWE-134

Medium

Plone CMS Weak Password Requirements Vulnerability (CVE-2020-7940)

CVE-2020-7940

CWE-521

High

Plupload Cross-site Scripting (XSS) Vulnerability (CVE-2016-4566)

CVE-2016-4566

Medium

PmWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-4453)

CVE-2011-4453

CWE-94

High

PmWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-1481)

CVE-2010-1481

CWE-707

Low

PmWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4662)

CVE-2010-4662

CWE-707

Medium

PmWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4748)

CVE-2010-4748

CWE-707

Medium

PmWiki Other Vulnerability (CVE-2005-3849)

CVE-2005-3849

Medium

PmWiki Other Vulnerability (CVE-2006-2840)

CVE-2006-2840

Medium

PmWiki Other Vulnerability (CVE-2006-4453)

CVE-2006-4453

Medium

Podcast Generator Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20121)

CVE-2018-20121

CWE-707

Medium

Polyfill.io Supply Chain Attack

High

Possible cross site scripting via Host header

CWE-79

High

Possible CSRF (Cross-site request forgery)

CWE-352

Low

Possible database backup

CWE-538

High

Possible sensitive directories

CWE-200

Low

Possible sensitive files

CWE-200

Low

Possible SQL Statement in comment

CWE-200

Low

Possible username or password disclosure

CWE-200

Low

Possible virtual host found

CWE-200

Low

PostgreSQL 7PK - Security Features Vulnerability (CVE-2016-2193)

CVE-2016-2193

High

PostgreSQL Arbitrary Code Execution Vulnerbality (CVE-2020-25696)

CVE-2020-25696

High

PostgreSQL Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2015-0241)

CVE-2015-0241

CWE-120

High

PostgreSQL Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2015-0243)

CVE-2015-0243

CWE-120

High

PostgreSQL Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2020-21469)

CVE-2020-21469

CWE-120

High

PostgreSQL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2014-0062)

CVE-2014-0062

CWE-362

Medium

PostgreSQL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2017-14798)

CVE-2017-14798

CWE-362

High

PostgreSQL Cryptographic Issues Vulnerability (CVE-2009-4034)

CVE-2009-4034

Medium

PostgreSQL Cryptographic Issues Vulnerability (CVE-2011-2483)

CVE-2011-2483

Medium

PostgreSQL Cryptographic Issues Vulnerability (CVE-2012-2143)

CVE-2012-2143

Medium

PostgreSQL CVE-2009-3229 Vulnerability (CVE-2009-3229)

CVE-2009-3229

Medium

PostgreSQL CVE-2017-7547 Vulnerability (CVE-2017-7547)

CVE-2017-7547

High

PostgreSQL CVE-2017-7548 Vulnerability (CVE-2017-7548)

CVE-2017-7548

High

PostgreSQL CVE-2018-1058 Vulnerability (CVE-2018-1058)

CVE-2018-1058

High

PostgreSQL CVE-2021-3677 Vulnerability (CVE-2021-3677)

CVE-2021-3677

Medium

PostgreSQL CVE-2021-32029 Vulnerability (CVE-2021-32029)

CVE-2021-32029

Medium

PostgreSQL CVE-2022-41862 Vulnerability (CVE-2022-41862)

CVE-2022-41862

Low

PostgreSQL CVE-2023-2454 Vulnerability (CVE-2023-2454)

CVE-2023-2454

High

Standard & Premium

Severity

Vulnerability Categories

Still Have Questions?

Take action and discover your vulnerabilities