Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity e107 Other Vulnerability (CVE-2006-3259) CVE-2006-3259 Medium e107 Other Vulnerability (CVE-2006-4548) CVE-2006-4548 High e107 Other Vulnerability (CVE-2006-4757) CVE-2006-4757 Medium e107 Other Vulnerability (CVE-2006-4794) CVE-2006-4794 Medium e107 Other Vulnerability (CVE-2006-5786) CVE-2006-5786 High e107 Other Vulnerability (CVE-2007-3429) CVE-2007-3429 Medium e107 Other Vulnerability (CVE-2010-0996) CVE-2010-0996 Medium e107 Other Vulnerability (CVE-2010-2098) CVE-2010-2098 High e107 Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2020) CVE-2008-2020 CWE-264 CWE-264 Medium e107 Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-2099) CVE-2010-2099 CWE-264 CWE-264 High e107 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-16388) CVE-2018-16388 CWE-434 CWE-434 High easyXDM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-5212) CVE-2013-5212 CWE-707 CWE-707 Medium easyXDM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-1403) CVE-2014-1403 CWE-707 CWE-707 Medium easyXDM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-27739) CVE-2023-27739 CWE-707 CWE-707 Medium Edge Side Include injection CWE-918 CWE-918 High Ektron CMS400.NET ContentRatingGraph.aspx SQL injection CVE-2008-5122 CWE-89 CWE-89 High Ektron CMS Account Hijack CWE-264 CWE-264 High Ektron CMS authentication bypass CVE-2018-12596 CWE-285 CWE-285 High Ektron CMS multiple vulnerabilities CWE-434 CWE-434 High EktronCMS Saxon XSLT parser remote code execution CVE-2015-0931 CWE-78 CWE-78 High Ektron CMS unauthenticated code execution and Local File Read CVE-2012-5357 CVE-2012-5358 CWE-20 CWE-20 High Elasticsearch remote code execution CVE-2014-3120 CWE-78 CWE-78 High Elasticsearch service accessible CWE-200 CWE-200 High elFinder RCE (CVE-2021-32682) CVE-2021-32682 CWE-22 CWE-22 High Elgg Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-3964) CVE-2021-3964 CWE-639 CWE-639 Medium Elgg Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2021-3980) CVE-2021-3980 CWE-359 CWE-359 High Elgg Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3733) CVE-2011-3733 CWE-200 CWE-200 Medium Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2935) CVE-2011-2935 CWE-707 CWE-707 Medium Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6561) CVE-2012-6561 CWE-707 CWE-707 Medium Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-0234) CVE-2013-0234 CWE-707 CWE-707 Medium Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4072) CVE-2021-4072 CWE-707 CWE-707 Medium Elgg Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-2936) CVE-2011-2936 CWE-138 CWE-138 Critical Elgg Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6562) CVE-2012-6562 CWE-264 CWE-264 Medium Elgg Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6563) CVE-2012-6563 CWE-264 CWE-264 Medium Elgg URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-11016) CVE-2019-11016 CWE-601 CWE-601 Medium Elmah.axd / Errorlog.axd Detected CWE-209 CWE-209 High Email Header Injection CWE-20 CWE-20 High Email Header Injection (AcuSensor) CWE-20 CWE-20 High Email injection CWE-20 CWE-20 High Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4170) CVE-2013-4170 CWE-707 CWE-707 Medium Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0013) CVE-2014-0013 CWE-707 CWE-707 Medium Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0014) CVE-2014-0014 CWE-707 CWE-707 Medium Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0046) CVE-2014-0046 CWE-707 CWE-707 Low Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1866) CVE-2015-1866 CWE-707 CWE-707 Medium Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7565) CVE-2015-7565 CWE-707 CWE-707 Medium Envoy Metadata disclosure CWE-200 CWE-200 Low Envoy mishandles dropped and truncated datagrams Issue (CVE-2020-35471) CVE-2020-35471 High Envoy Proxy Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-15225) CVE-2019-15225 CWE-770 CWE-770 High Envoy Proxy Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-27492) CVE-2023-27492 CWE-770 CWE-770 Medium Envoy Proxy Always-Incorrect Control Flow Implementation Vulnerability (CVE-2022-21655) CVE-2022-21655 CWE-670 CWE-670 High Envoy Proxy Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-45806) CVE-2024-45806 CWE-639 CWE-639 Critical Envoy Proxy CVE-2019-18802 Vulnerability (CVE-2019-18802) CVE-2019-18802 Critical Envoy Proxy CVE-2020-25018 Vulnerability (CVE-2020-25018) CVE-2020-25018 High Envoy Proxy CVE-2023-27487 Vulnerability (CVE-2023-27487) CVE-2023-27487 Critical Envoy Proxy CVE-2023-27488 Vulnerability (CVE-2023-27488) CVE-2023-27488 Critical Envoy Proxy CVE-2023-27496 Vulnerability (CVE-2023-27496) CVE-2023-27496 High Envoy Proxy CVE-2024-7207 Vulnerability (CVE-2024-7207) CVE-2024-7207 Critical Envoy Proxy CVE-2024-23324 Vulnerability (CVE-2024-23324) CVE-2024-23324 High Envoy Proxy CVE-2024-45807 Vulnerability (CVE-2024-45807) CVE-2024-45807 High Envoy Proxy CVE-2024-45810 Vulnerability (CVE-2024-45810) CVE-2024-45810 High Envoy Proxy Excessive Iteration Vulnerability (CVE-2021-32778) CVE-2021-32778 CWE-834 CWE-834 High Envoy Proxy Excessive Iteration Vulnerability (CVE-2021-39204) CVE-2021-39204 CWE-834 CWE-834 High Envoy Proxy Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-11767) CVE-2020-11767 CWE-200 CWE-200 Low Envoy Proxy Improper Authentication Vulnerability (CVE-2021-21378) CVE-2021-21378 CWE-287 CWE-287 High Envoy Proxy Improper Certificate Validation Vulnerability (CVE-2022-21654) CVE-2022-21654 CWE-295 CWE-295 Critical Envoy Proxy Improper Certificate Validation Vulnerability (CVE-2022-21656) CVE-2022-21656 CWE-295 CWE-295 Medium Envoy Proxy Improper Certificate Validation Vulnerability (CVE-2022-21657) CVE-2022-21657 CWE-295 CWE-295 Medium Envoy Proxy Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2021-32780) CVE-2021-32780 CWE-754 CWE-754 High Envoy Proxy Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2021-39162) CVE-2021-39162 CWE-754 CWE-754 High Envoy Proxy Improper Encoding or Escaping of Output Vulnerability (CVE-2023-35941) CVE-2023-35941 CWE-116 CWE-116 Critical Envoy Proxy Improper Encoding or Escaping of Output Vulnerability (CVE-2024-45808) CVE-2024-45808 CWE-116 CWE-116 Medium Envoy Proxy Improper Handling of Exceptional Conditions Vulnerability (CVE-2024-23325) CVE-2024-23325 CWE-755 CWE-755 High Envoy Proxy Improper Handling of Highly Compressed Data (Data Amplification) Vulnerability (CVE-2022-29225) CVE-2022-29225 CWE-409 CWE-409 High Envoy Proxy Improper Input Validation Vulnerability (CVE-2019-9900) CVE-2019-9900 CWE-20 CWE-20 High Envoy Proxy Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-29492) CVE-2021-29492 CWE-22 CWE-22 Critical 1...34353637...303 35 / 303
