Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Atlassian Jira CVE-2019-8442 Vulnerability (CVE-2019-8442) CVE-2019-8442 High Atlassian Jira CVE-2019-20413 Vulnerability (CVE-2019-20413) CVE-2019-20413 High Atlassian Jira CVE-2019-20898 Vulnerability (CVE-2019-20898) CVE-2019-20898 High Atlassian Jira CVE-2020-14167 Vulnerability (CVE-2020-14167) CVE-2020-14167 High Atlassian Jira CVE-2020-14178 Vulnerability (CVE-2020-14178) CVE-2020-14178 High Atlassian Jira CVE-2021-39123 Vulnerability (CVE-2021-39123) CVE-2021-39123 High Atlassian Jira CVE-2021-43947 Vulnerability (CVE-2021-43947) CVE-2021-43947 High Atlassian Jira Improper Authentication Vulnerability (CVE-2019-8443) CVE-2019-8443 CWE-287 CWE-287 High Atlassian Jira Improper Authentication Vulnerability (CVE-2021-26070) CVE-2021-26070 CWE-287 CWE-287 High Atlassian Jira Improper Authentication Vulnerability (CVE-2021-41312) CVE-2021-41312 CWE-287 CWE-287 High Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-18113) CVE-2017-18113 CWE-94 CWE-94 High Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-15001) CVE-2019-15001 CWE-94 CWE-94 High Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-43944) CVE-2021-43944 CWE-94 CWE-94 High Atlassian Jira Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-39128) CVE-2021-39128 CWE-138 CWE-138 High Atlassian Jira insecure REST permissions High Atlassian Jira Insufficient Session Expiration Vulnerability (CVE-2021-39113) CVE-2021-39113 CWE-613 CWE-613 High Atlassian Jira Missing Authorization Vulnerability (CVE-2019-3399) CVE-2019-3399 CWE-862 CWE-862 High Atlassian Jira Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-6619) CVE-2007-6619 CWE-264 CWE-264 High Atlassian Jira Uncontrolled Search Path Element Vulnerability (CVE-2019-20400) CVE-2019-20400 CWE-427 CWE-427 High Atlassian Jira Uncontrolled Search Path Element Vulnerability (CVE-2019-20419) CVE-2019-20419 CWE-427 CWE-427 High Atlassian OAuth Plugin IconUriServlet SSRF CVE-2017-9506 CWE-918 CWE-918 High ATutor Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-1583) CVE-2015-1583 CWE-352 CWE-352 High ATutor Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-2539) CVE-2016-2539 CWE-352 CWE-352 High ATutor Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-10400) CVE-2016-10400 CWE-22 CWE-22 High ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-11446) CVE-2019-11446 CWE-434 CWE-434 High ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-12169) CVE-2019-12169 CWE-434 CWE-434 High ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-12170) CVE-2019-12170 CWE-434 CWE-434 High ATutor Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2021-43498) CVE-2021-43498 CWE-640 CWE-640 High Authentication Bypass in Ivanti Connect Secure and Policy Secure (CVE-2023-46805) CVE-2023-46805 CWE-287 CWE-287 High Authentication bypass via MongoDB operator injection CWE-943 CWE-943 High Auxiliary systems SSRF CWE-918 CWE-918 High axios Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-1214) CVE-2022-1214 CWE-200 CWE-200 High axios Improper Input Validation Vulnerability (CVE-2019-10742) CVE-2019-10742 CWE-20 CWE-20 High axios Uncontrolled Resource Consumption Vulnerability (CVE-2021-3749) CVE-2021-3749 CWE-400 CWE-400 High b2evolution Credentials Management Errors Vulnerability (CVE-2016-9479) CVE-2016-9479 High b2evolution Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-5480) CVE-2017-5480 CWE-22 CWE-22 High b2evolution Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2021-28242) CVE-2021-28242 CWE-138 CWE-138 High b2evolution Other Vulnerability (CVE-2006-6417) CVE-2006-6417 High b2evolution Other Vulnerability (CVE-2007-2358) CVE-2007-2358 High b2evolution Other Vulnerability (CVE-2007-2681) CVE-2007-2681 High Barracuda networks products multiple directory traversal vulnerabilities CWE-22 CWE-22 High Bazaar repository found CWE-538 CWE-538 High Beego Framework Improper Certificate Validation Vulnerability (CVE-2024-40464) CVE-2024-40464 CWE-295 CWE-295 High Beego Framework Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-27116) CVE-2021-27116 CWE-59 CWE-59 High Beego Framework Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-27117) CVE-2021-27117 CWE-59 CWE-59 High Beego Framework Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2024-40465) CVE-2024-40465 CWE-327 CWE-327 High BigIP iRule Tcl code injection CWE-78 CWE-78 High BillQuick Web Suite SQL injection (CVE-2021-42258) CVE-2021-42258 CWE-89 CWE-89 High Blind XSS CWE-80 CWE-80 High Bonita Authorization Bypass (CVE-2022-25237) CVE-2022-25237 CWE-863 CWE-863 High BottlePy weak secret key CWE-693 CWE-693 High BuddyPress REST API Privilege Escalation CVE-2021-21389 CWE-269 CWE-269 High Caddy Web Server Out-of-bounds Read Vulnerability (CVE-2022-34037) CVE-2022-34037 CWE-125 CWE-125 High Caddy Web Server Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487) CVE-2023-44487 CWE-400 CWE-400 High CakePHP 1.3.5 / 1.2.8 unserialize() vulnerability CVE-2010-4335 CWE-20 CWE-20 High CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-8379) CVE-2015-8379 CWE-352 CWE-352 High CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-35239) CVE-2020-35239 CWE-352 CWE-352 High CakePHP Deserialization of Untrusted Data Vulnerability (CVE-2019-11458) CVE-2019-11458 CWE-502 CWE-502 High CakePHP Improper Input Validation Vulnerability (CVE-2010-4335) CVE-2010-4335 CWE-20 CWE-20 High CakePHP Improper Input Validation Vulnerability (CVE-2016-4793) CVE-2016-4793 CWE-20 CWE-20 High Case-Insensitive Routing Bypass in Express.js Application CWE-287 CWE-287 High Certificate is Signed Using a Weak Signature Algorithm High Chamilo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-23127) CVE-2020-23127 CWE-352 CWE-352 High Chamilo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-40662) CVE-2021-40662 CWE-352 CWE-352 High Chamilo Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-27427) CVE-2022-27427 CWE-94 CWE-94 High Chamilo Improper Input Validation Vulnerability (CVE-2012-4030) CVE-2012-4030 CWE-20 CWE-20 High Chamilo Improper Input Validation Vulnerability (CVE-2021-31933) CVE-2021-31933 CWE-20 CWE-20 High Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35413) CVE-2021-35413 CWE-707 CWE-707 High Chamilo Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-4221) CVE-2023-4221 CWE-138 CWE-138 High Chamilo Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-4222) CVE-2023-4222 CWE-138 CWE-138 High Chamilo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-20329) CVE-2018-20329 CWE-138 CWE-138 High Chamilo Improper Privilege Management Vulnerability (CVE-2022-27421) CVE-2022-27421 CWE-269 CWE-269 High Chamilo Other Vulnerability (CVE-2023-34962) CVE-2023-34962 High Chamilo Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-27426) CVE-2022-27426 CWE-918 CWE-918 High Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-40407) CVE-2022-40407 CWE-434 CWE-434 High 1...4567...165 5 / 165
