Vulnerability Name CVE Severity
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-17496) CVE-2019-17496
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-19626) CVE-2020-19626
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-27902) CVE-2021-27902
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32470) CVE-2021-32470
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28378) CVE-2022-28378
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37246) CVE-2022-37246
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37247) CVE-2022-37247
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37248) CVE-2022-37248
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37250) CVE-2022-37250
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37251) CVE-2022-37251
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-2817) CVE-2023-2817
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-23927) CVE-2023-23927
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-30177) CVE-2023-30177
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31144) CVE-2023-31144
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33194) CVE-2023-33194
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33195) CVE-2023-33195
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33196) CVE-2023-33196
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33197) CVE-2023-33197
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33495) CVE-2023-33495
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-36259) CVE-2023-36259
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-45406) CVE-2024-45406
Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-9757) CVE-2020-9757
Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-32679) CVE-2023-32679
Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-36260) CVE-2023-36260
Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-40035) CVE-2023-40035
Craft CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-37843) CVE-2024-37843
Craft CMS Missing Encryption of Sensitive Data Vulnerability (CVE-2018-20465) CVE-2018-20465
Craft CMS Missing Encryption of Sensitive Data Vulnerability (CVE-2022-37783) CVE-2022-37783
Craft CMS RCE (CVE-2023-41892) CVE-2023-41892
Craft CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-3814) CVE-2018-3814
Craft CMS Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2017-8385) CVE-2017-8385
Craft CMS Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2019-15929) CVE-2019-15929
Craft CMS Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2022-29933) CVE-2022-29933
Credit card number disclosed
CRIME SSL/TLS attack CVE-2012-4929
CRLF injection/HTTP response splitting (Web Server)
CRMEB SQL Injection (CVE-2024-36837) CVE-2024-36837
Cross-Site Request Forgery (CSRF) (CMS Made Simple) CVE-2016-7904
Cross-site Scripting
Cross-site Scripting (DOM based)
Cross-site Scripting via File Upload
Cross-site Scripting via Remote File Inclusion
Cross-site scripting vulnerability in Google Web Toolkit CVE-2012-4563
Cross-site scripting vulnerability in Google Web Toolkit (CVE-2012-5920) CVE-2012-5920
Cross frame scripting
Cross Site Scripting (Category Description) (CMS Made Simple) CVE-2017-6555
Cross Site Scripting (globalmetadata) (CMS Made Simple) CVE-2017-6556
Cross site scripting (requiring unencoded quote)
Cross site scripting (XSS) in ASP.NET via ResolveUrl
Cross site scripting in HTTP-01 ACME challenge implementation
Cross site scripting via Bootstrap
CrushFTP Server Deserialization of Untrusted Data Vulnerability (CVE-2017-14035) CVE-2017-14035
CrushFTP Server Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2023-43177) CVE-2023-43177
CrushFTP Server Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-4040) CVE-2024-4040
CrushFTP Server Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability (CVE-2017-14037) CVE-2017-14037
CrushFTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14036) CVE-2017-14036
CrushFTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-44076) CVE-2021-44076
CrushFTP Server Improper Validation of Integrity Check Value Vulnerability (CVE-2023-48795) CVE-2023-48795
CrushFTP Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-14038) CVE-2017-14038
CrushFTP Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-18288) CVE-2018-18288
CrushFTP SSTI (CVE-2024-4040) CVE-2024-4040
CubeCart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-38130) CVE-2023-38130
CubeCart Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3724) CVE-2011-3724
CubeCart Improper Access Control Vulnerability (CVE-2015-6928) CVE-2015-6928
CubeCart Improper Authentication Vulnerability (CVE-2014-2341) CVE-2014-2341
CubeCart Improper Input Validation Vulnerability (CVE-2012-0865) CVE-2012-0865
CubeCart Improper Input Validation Vulnerability (CVE-2013-1465) CVE-2013-1465
CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-2090) CVE-2017-2090
CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-2098) CVE-2017-2098
CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-2117) CVE-2017-2117
CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-42428) CVE-2023-42428
CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-47283) CVE-2023-47283
CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-34832) CVE-2024-34832
CubeCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1550) CVE-2008-1550
CubeCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20703) CVE-2018-20703