Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-15882) CVE-2018-15882 CWE-434 CWE-434 Critical Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-5608) CVE-2015-5608 CWE-601 CWE-601 Medium Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-24598) CVE-2020-24598 CWE-601 CWE-601 Medium Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-23798) CVE-2022-23798 CWE-601 CWE-601 Medium Joomla Use of Insufficiently Random Values Vulnerability (CVE-2012-1562) CVE-2012-1562 CWE-330 CWE-330 High jPlayer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-1942) CVE-2013-1942 CWE-707 CWE-707 Medium jPlayer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2022) CVE-2013-2022 CWE-707 CWE-707 Medium jPlayer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2023) CVE-2013-2023 CWE-707 CWE-707 Medium jQuery File Upload unauthenticated arbitrary file upload CVE-2018-9206 CWE-434 CWE-434 High jQuery Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2019-11358) CVE-2019-11358 CWE-1321 CWE-1321 Medium jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4969) CVE-2011-4969 CWE-707 CWE-707 Medium jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6708) CVE-2012-6708 CWE-707 CWE-707 Medium jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-6071) CVE-2014-6071 CWE-707 CWE-707 Medium jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-9251) CVE-2015-9251 CWE-707 CWE-707 Medium jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18405) CVE-2018-18405 CWE-707 CWE-707 Medium jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-7656) CVE-2020-7656 CWE-707 CWE-707 Medium jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11022) CVE-2020-11022 CWE-707 CWE-707 Medium jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11023) CVE-2020-11023 CWE-707 CWE-707 Medium jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23064) CVE-2020-23064 CWE-707 CWE-707 Medium jQuery PrettyPhoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-9478) CVE-2015-9478 CWE-707 CWE-707 Medium jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5312) CVE-2010-5312 CWE-707 CWE-707 Medium jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182) CVE-2021-41182 CWE-707 CWE-707 Medium jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41183) CVE-2021-41183 CWE-707 CWE-707 Medium jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41184) CVE-2021-41184 CWE-707 CWE-707 Medium jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-31160) CVE-2022-31160 CWE-707 CWE-707 Medium JQuery UI Cross-site Scripting (XSS) Vulnerability (CVE-2016-7103) CVE-2016-7103 Medium jQuery UI Dialog Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5312) CVE-2010-5312 CWE-707 CWE-707 Medium jQuery UI Dialog Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182) CVE-2021-41182 CWE-707 CWE-707 Medium jQuery UI Dialog Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41183) CVE-2021-41183 CWE-707 CWE-707 Medium jQuery UI Dialog Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41184) CVE-2021-41184 CWE-707 CWE-707 Medium jQuery UI Dialog Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-31160) CVE-2022-31160 CWE-707 CWE-707 Medium jQuery UI Tooltip Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5312) CVE-2010-5312 CWE-707 CWE-707 Medium jQuery UI Tooltip Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182) CVE-2021-41182 CWE-707 CWE-707 Medium jQuery UI Tooltip Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41183) CVE-2021-41183 CWE-707 CWE-707 Medium jQuery UI Tooltip Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41184) CVE-2021-41184 CWE-707 CWE-707 Medium jQuery UI Tooltip Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-31160) CVE-2022-31160 CWE-707 CWE-707 Medium jQuery Validation Other Vulnerability (CVE-2021-43306) CVE-2021-43306 High jQuery Validation Other Vulnerability (CVE-2022-31147) CVE-2022-31147 High jQuery Validation Uncontrolled Resource Consumption Vulnerability (CVE-2021-21252) CVE-2021-21252 CWE-400 CWE-400 High JSF ViewState client side storage CWE-693 CWE-693 Medium JSONP enabled by default in MappingJackson2JsonView CVE-2018-11040 CWE-538 CWE-538 Medium JSP authentication bypass CWE-287 CWE-287 High Juniper Junos OS J-Web RCE (CVE-2023-36845/CVE-2023-36846) CVE-2023-36845 CVE-2023-36846 CWE-473 CWE-473 Critical Jupyter Notebook publicly accessible CWE-78 CWE-78 High JVM version leakage CWE-200 CWE-200 Informational Kayako Fusion v4.51.1891 - multiple web vulnerabilities CWE-79 CWE-79 High Kentico CMS Deserialization RCE CVE-2019-10068 CWE-502 CWE-502 High Kentico CMS RCE CVE-2017-17736 CVE-2017-17736 CWE-425 CWE-425 High Kentico Staging API publicly accessible CWE-200 CWE-200 Low Keycloak clients-registrations XSS (CVE-2021-20323) CVE-2021-20323 CWE-79 CWE-79 Medium KeyCloak Information Disclosure (CVE-2020-27838) CVE-2020-27838 CWE-287 CWE-287 Medium Keycloak request_uri SSRF (CVE-2020-10770) CVE-2020-10770 CWE-918 CWE-918 Medium Knockout.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14862) CVE-2019-14862 CWE-707 CWE-707 Medium Kong Server Incorrect Authorization Vulnerability (CVE-2021-27306) CVE-2021-27306 CWE-863 CWE-863 High Kong Server Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487) CVE-2023-44487 CWE-400 CWE-400 High Kramer VIAware RCE (CVE-2021-36356/CVE-2021-35064) CVE-2021-36356 CVE-2019-17124 CVE-2021-35064 CWE-434 CWE-434 Critical Laravel debug mode enabled CWE-200 CWE-200 Medium Laravel debug mode enabled (AcuSensor) CWE-16 CWE-16 Medium Laravel framework weak secret key CWE-693 CWE-693 Medium Laravel Health Monitor open CWE-200 CWE-200 Medium Laravel Horizon open CWE-200 CWE-200 Medium Laravel Ignition Reflected Cross-Site Scripting CWE-80 CWE-80 Medium Laravel log file publicly accessible CWE-538 CWE-538 Medium Laravel log viewer local file download (LFD) CVE-2018-8947 CWE-22 CWE-22 High Laravel LogViewer open CWE-200 CWE-200 Medium Laravel Telescope open CWE-200 CWE-200 Medium Laravel Terminal open CWE-200 CWE-200 High LDAP injection CWE-20 CWE-20 High Liferay DXP Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2022-42129) CVE-2022-42129 CWE-639 CWE-639 Medium Liferay DXP CVE-2021-29041 Vulnerability (CVE-2021-29041) CVE-2021-29041 Medium Liferay DXP CVE-2021-33330 Vulnerability (CVE-2021-33330) CVE-2021-33330 Medium Liferay DXP CVE-2021-38266 Vulnerability (CVE-2021-38266) CVE-2021-38266 High Liferay DXP CVE-2022-42126 Vulnerability (CVE-2022-42126) CVE-2022-42126 Medium Liferay DXP CVE-2024-25148 Vulnerability (CVE-2024-25148) CVE-2024-25148 High Liferay DXP Deserialization of Untrusted Data Vulnerability (CVE-2020-15842) CVE-2020-15842 CWE-502 CWE-502 High 1...59606162...293 60 / 293
