Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity CKEditor Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-26272) CVE-2021-26272 CWE-829 CWE-829 Medium CKEditor Other Vulnerability (CVE-2022-24729) CVE-2022-24729 High CKEditor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-31541) CVE-2023-31541 CWE-434 CWE-434 Critical Claroline Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3262) CVE-2008-3262 CWE-352 CWE-352 Medium Claroline Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3716) CVE-2011-3716 CWE-200 CWE-200 Medium Claroline Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2006-4844) CVE-2006-4844 CWE-94 CWE-94 Medium Claroline Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-3261) CVE-2008-3261 CWE-59 CWE-59 Medium Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3260) CVE-2008-3260 CWE-707 CWE-707 Medium Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3315) CVE-2008-3315 CWE-707 CWE-707 Medium Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-1907) CVE-2009-1907 CWE-707 CWE-707 Medium Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4753) CVE-2013-4753 CWE-707 CWE-707 Low Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6267) CVE-2013-6267 CWE-707 CWE-707 Medium Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37160) CVE-2022-37160 CWE-707 CWE-707 Medium Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37161) CVE-2022-37161 CWE-707 CWE-707 Medium Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37162) CVE-2022-37162 CWE-707 CWE-707 Medium Claroline Other Vulnerability (CVE-2005-1374) CVE-2005-1374 Medium Claroline Other Vulnerability (CVE-2005-1375) CVE-2005-1375 High Claroline Other Vulnerability (CVE-2005-1376) CVE-2005-1376 High Claroline Other Vulnerability (CVE-2005-1377) CVE-2005-1377 High Claroline Other Vulnerability (CVE-2006-0411) CVE-2006-0411 Critical Claroline Other Vulnerability (CVE-2006-1594) CVE-2006-1594 High Claroline Other Vulnerability (CVE-2006-1595) CVE-2006-1595 Medium Claroline Other Vulnerability (CVE-2006-1596) CVE-2006-1596 High Claroline Other Vulnerability (CVE-2006-2284) CVE-2006-2284 Medium Claroline Other Vulnerability (CVE-2006-2868) CVE-2006-2868 Medium Claroline Other Vulnerability (CVE-2006-3257) CVE-2006-3257 Medium Claroline Other Vulnerability (CVE-2006-5256) CVE-2006-5256 High Claroline Other Vulnerability (CVE-2006-7048) CVE-2006-7048 High Claroline Other Vulnerability (CVE-2007-3517) CVE-2007-3517 Medium Claroline Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-37159) CVE-2022-37159 CWE-434 CWE-434 Critical Clickjacking: CSP frame-ancestors missing CWE-1021 CWE-1021 Low Client-Side Prototype Pollution High Client Side Template Injection CWE-116 CWE-116 High ClipBucket Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3717) CVE-2011-3717 CWE-200 CWE-200 Medium ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6642) CVE-2012-6642 CWE-707 CWE-707 Medium ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6644) CVE-2012-6644 CWE-707 CWE-707 Medium ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-4673) CVE-2015-4673 CWE-707 CWE-707 Medium ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-4848) CVE-2016-4848 CWE-707 CWE-707 Medium ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-1000307) CVE-2016-1000307 CWE-707 CWE-707 Medium ClipBucket Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2018-7664) CVE-2018-7664 CWE-138 CWE-138 Critical ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-5849) CVE-2012-5849 CWE-138 CWE-138 High ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-6643) CVE-2012-6643 CWE-138 CWE-138 High ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-7666) CVE-2018-7666 CWE-138 CWE-138 Critical ClipBucket Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-7665) CVE-2018-7665 CWE-434 CWE-434 Critical Clockwork PHP dev tool enabled CWE-200 CWE-200 Medium Cloud metadata publicly exposed CWE-918 CWE-918 High CloudPanel file-manager Auth bypass (CVE-2023-35885) CVE-2023-35885 CWE-565 CWE-565 Critical Cmd hijack vulnerability CWE-94 CWE-94 High Code Evaluation (Apache Struts) S2-016 CVE-2013-2251 CWE-20 CWE-20 Critical Code Evaluation (Apache Struts) S2-045 CVE-2017-5638 CWE-94 CWE-94 Critical Code Evaluation (Apache Struts) S2-046 CVE-2017-5638 CWE-94 CWE-94 High Code Evaluation (ASP) CWE-95 CWE-95 Critical Code Evaluation (PHP) CWE-94 CWE-94 Critical Code Evaluation (Python) CWE-95 CWE-95 Critical Code Evaluation (Ruby) CWE-94 CWE-94 Critical CodeIgniter 2.1.3 xss_clean() filter bypass CVE-2013-4891 CWE-80 CWE-80 High CodeIgniter development mode enabled CWE-16 CWE-16 Medium CodeIgniter session decoding vulnerability CWE-327 CWE-327 High CodeIgniter weak encryption key CWE-200 CWE-200 High ColdFusion 8 FCKEditor file upload vulnerability CVE-2009-2265 CWE-22 CWE-22 High ColdFusion 9 solr service exposed CVE-2010-0185 CWE-264 CWE-264 High ColdFusion Access Control bypass (CVE-2023-29298/CVE-2023-38205) CVE-2023-29298 CVE-2023-38205 CWE-284 CWE-284 High ColdFusion administrator login page publicly available CWE-200 CWE-200 Low ColdFusion AMF Deserialization RCE CVE-2017-3066 CWE-502 CWE-502 High ColdFusion Arbitrary File Upload CVE-2018-15961 CWE-434 CWE-434 High ColdFusion CFC Deserialization RCE (CVE-2023-26359/CVE-2023-26360) CVE-2023-26359 CVE-2023-26360 CWE-502 CWE-502 High ColdFusion directory traversal CVE-2010-2861 CWE-22 CWE-22 High ColdFusion FlashGateway Deserialization RCE CVE-2019-7091 CVE-2019-7091 CWE-502 CWE-502 High ColdFusion JNDI injection RCE CVE-2018-15957 CWE-502 CWE-502 High ColdFusion path disclosures CWE-200 CWE-200 Low ColdFusion PMS Arbitrary File Read (CVE-2024-20767) CVE-2024-20767 CWE-284 CWE-284 High ColdFusion RDS Service enabled CWE-200 CWE-200 Low ColdFusion Request Debugging information disclosure CWE-200 CWE-200 Medium ColdFusion Robust Exception enabled CWE-200 CWE-200 Medium ColdFusion User-Agent cross-site scripting CVE-2007-0817 CWE-79 CWE-79 High 1...17181920...293 18 / 293
