Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-14041) CVE-2018-14041 CWE-707 CWE-707 Medium Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-14042) CVE-2018-14042 CWE-707 CWE-707 Medium Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20676) CVE-2018-20676 CWE-707 CWE-707 Medium Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20677) CVE-2018-20677 CWE-707 CWE-707 Medium Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8331) CVE-2019-8331 CWE-707 CWE-707 Medium Bootstrap Select Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20921) CVE-2019-20921 CWE-707 CWE-707 Medium Bootstrap Table Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2021-23472) CVE-2021-23472 CWE-843 CWE-843 Medium Bootstrap Table Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-1726) CVE-2022-1726 CWE-707 CWE-707 Medium BottlePy weak secret key CWE-693 CWE-693 High Broken access control in Confluence Server and Data Center (CVE-2023-22515) CVE-2023-22515 CWE-284 CWE-284 Critical Broken Link Hijacking CWE-610 CWE-610 Low BuddyPress REST API Privilege Escalation CVE-2021-21389 CWE-269 CWE-269 High Cacti Unauthenticated Command Injection (CVE-2022-46169) CVE-2022-46169 CWE-77 CWE-77 Critical Caddy Web Server Authentication Bypass by Spoofing Vulnerability (CVE-2023-50463) CVE-2023-50463 CWE-290 CWE-290 Medium Caddy Web Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-19148) CVE-2018-19148 CWE-200 CWE-200 Low Caddy Web Server Improper Authentication Vulnerability (CVE-2018-21246) CVE-2018-21246 CWE-287 CWE-287 Critical Caddy Web Server Out-of-bounds Read Vulnerability (CVE-2022-34037) CVE-2022-34037 CWE-125 CWE-125 High Caddy Web Server Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487) CVE-2023-44487 CWE-400 CWE-400 High Caddy Web Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-28923) CVE-2022-28923 CWE-601 CWE-601 Medium Caddy Web Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-29718) CVE-2022-29718 CWE-601 CWE-601 Medium CakePHP 1.3.5 / 1.2.8 unserialize() vulnerability CVE-2010-4335 CWE-20 CWE-20 High CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-8379) CVE-2015-8379 CWE-352 CWE-352 High CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-15400) CVE-2020-15400 CWE-352 CWE-352 Medium CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-35239) CVE-2020-35239 CWE-352 CWE-352 High CakePHP Deserialization of Untrusted Data Vulnerability (CVE-2019-11458) CVE-2019-11458 CWE-502 CWE-502 High CakePHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3712) CVE-2011-3712 CWE-200 CWE-200 Medium CakePHP Improper Input Validation Vulnerability (CVE-2010-4335) CVE-2010-4335 CWE-20 CWE-20 High CakePHP Improper Input Validation Vulnerability (CVE-2016-4793) CVE-2016-4793 CWE-20 CWE-20 High CakePHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2006-5031) CVE-2006-5031 CWE-22 CWE-22 Medium CakePHP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2006-4067) CVE-2006-4067 CWE-707 CWE-707 Medium CakePHP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-22727) CVE-2023-22727 CWE-138 CWE-138 Critical CakePHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4399) CVE-2012-4399 CWE-264 CWE-264 Medium Case-Insensitive Routing Bypass in Express.js Application CWE-287 CWE-287 High CData Jetty Path Traversal (CVE-2024-31848/CVE-2024-31849/CVE-2024-31850/CVE-2024-31851) CVE-2024-31848 CVE-2024-31849 CVE-2024-31850 CVE-2024-31851 CWE-22 CWE-22 Critical Certificate is Signed Using a Weak Signature Algorithm High Chamilo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-23127) CVE-2020-23127 CWE-352 CWE-352 High Chamilo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-40662) CVE-2021-40662 CWE-352 CWE-352 High Chamilo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-39061) CVE-2023-39061 CWE-352 CWE-352 Low Chamilo Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-32925) CVE-2021-32925 CWE-200 CWE-200 Medium Chamilo Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-1999019) CVE-2018-1999019 CWE-94 CWE-94 Critical Chamilo Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-38745) CVE-2021-38745 CWE-94 CWE-94 Medium Chamilo Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-27427) CVE-2022-27427 CWE-94 CWE-94 High Chamilo Improper Handling of Case Sensitivity Vulnerability (CVE-2023-3545) CVE-2023-3545 CWE-178 CWE-178 Critical Chamilo Improper Input Validation Vulnerability (CVE-2012-4030) CVE-2012-4030 CWE-20 CWE-20 High Chamilo Improper Input Validation Vulnerability (CVE-2021-31933) CVE-2021-31933 CWE-20 CWE-20 High Chamilo Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-3533) CVE-2023-3533 CWE-22 CWE-22 Critical Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4029) CVE-2012-4029 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-0738) CVE-2013-0738 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-0739) CVE-2013-0739 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20327) CVE-2018-20327 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20328) CVE-2018-20328 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1000015) CVE-2019-1000015 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23126) CVE-2020-23126 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26746) CVE-2021-26746 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35413) CVE-2021-35413 CWE-707 CWE-707 High Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35414) CVE-2021-35414 CWE-707 CWE-707 Critical Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35415) CVE-2021-35415 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-37389) CVE-2021-37389 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-37390) CVE-2021-37390 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-37391) CVE-2021-37391 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43687) CVE-2021-43687 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27422) CVE-2022-27422 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27425) CVE-2022-27425 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31799) CVE-2023-31799 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31800) CVE-2023-31800 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31801) CVE-2023-31801 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31802) CVE-2023-31802 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31803) CVE-2023-31803 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31804) CVE-2023-31804 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31805) CVE-2023-31805 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31806) CVE-2023-31806 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31807) CVE-2023-31807 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-34961) CVE-2023-34961 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37061) CVE-2023-37061 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37062) CVE-2023-37062 CWE-707 CWE-707 Medium 1...15161718...293 16 / 293
