Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-42029) CVE-2022-42029 CWE-434 CWE-434 High Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4223) CVE-2023-4223 CWE-434 CWE-434 High Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4224) CVE-2023-4224 CWE-434 CWE-434 High Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4225) CVE-2023-4225 CWE-434 CWE-434 High Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4226) CVE-2023-4226 CWE-434 CWE-434 High Chart.js Improper Input Validation Vulnerability (CVE-2020-7746) CVE-2020-7746 CWE-20 CWE-20 High Check for apache versions up to 1.3.25, 2.0.38 CVE-2002-0392 CWE-119 CWE-119 High Cherokee Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20798) CVE-2019-20798 CWE-707 CWE-707 High Cherokee Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-20799) CVE-2019-20799 CWE-119 CWE-119 High Cherokee NULL Pointer Dereference Vulnerability (CVE-2020-12845) CVE-2020-12845 CWE-476 CWE-476 High CherryPy Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-0252) CVE-2008-0252 CWE-22 CWE-22 High Cisco Adaptive Security Appliance (ASA) Path Traversal (CVE-2018-0296) CVE-2018-0296 CWE-22 CWE-22 High Cisco Adaptive Security Appliance (ASA) Path Traversal CVE-2020-3452 CVE-2020-3452 CWE-20 CWE-20 High Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability CVE-2018-15440 CWE-80 CWE-80 High Citrix ADC/Gateway Unauthenticated Remote Code Execution CVE-2019-19781 CWE-22 CWE-22 High Citrix Gateway Open Redirect and XSS CVE-2023-24488 CVE-2023-24487 CWE-79 CWE-79 High Citrix XenMobile Server Path Traversal CVE-2020-8209 CWE-22 CWE-22 High CKEditor 4.0.1 cross-site scripting vulnerability CWE-79 CWE-79 High CKEditor Other Vulnerability (CVE-2022-24729) CVE-2022-24729 High Claroline Other Vulnerability (CVE-2005-1375) CVE-2005-1375 High Claroline Other Vulnerability (CVE-2005-1376) CVE-2005-1376 High Claroline Other Vulnerability (CVE-2005-1377) CVE-2005-1377 High Claroline Other Vulnerability (CVE-2006-1594) CVE-2006-1594 High Claroline Other Vulnerability (CVE-2006-1596) CVE-2006-1596 High Claroline Other Vulnerability (CVE-2006-5256) CVE-2006-5256 High Claroline Other Vulnerability (CVE-2006-7048) CVE-2006-7048 High Client-Side Prototype Pollution High Client Side Template Injection CWE-116 CWE-116 High ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-5849) CVE-2012-5849 CWE-138 CWE-138 High ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-6643) CVE-2012-6643 CWE-138 CWE-138 High Cloud metadata publicly exposed CWE-918 CWE-918 High Cmd hijack vulnerability CWE-94 CWE-94 High Code Evaluation (Apache Struts) S2-046 CVE-2017-5638 CWE-94 CWE-94 High CodeIgniter 2.1.3 xss_clean() filter bypass CVE-2013-4891 CWE-80 CWE-80 High CodeIgniter session decoding vulnerability CWE-327 CWE-327 High CodeIgniter weak encryption key CWE-200 CWE-200 High ColdFusion 8 FCKEditor file upload vulnerability CVE-2009-2265 CWE-22 CWE-22 High ColdFusion 9 solr service exposed CVE-2010-0185 CWE-264 CWE-264 High ColdFusion Access Control bypass (CVE-2023-29298/CVE-2023-38205) CVE-2023-29298 CVE-2023-38205 CWE-284 CWE-284 High ColdFusion AMF Deserialization RCE CVE-2017-3066 CWE-502 CWE-502 High ColdFusion Arbitrary File Upload CVE-2018-15961 CWE-434 CWE-434 High ColdFusion CFC Deserialization RCE (CVE-2023-26359/CVE-2023-26360) CVE-2023-26359 CVE-2023-26360 CWE-502 CWE-502 High ColdFusion directory traversal CVE-2010-2861 CWE-22 CWE-22 High ColdFusion FlashGateway Deserialization RCE CVE-2019-7091 CVE-2019-7091 CWE-502 CWE-502 High ColdFusion JNDI injection RCE CVE-2018-15957 CWE-502 CWE-502 High ColdFusion PMS Arbitrary File Read (CVE-2024-20767) CVE-2024-20767 CWE-284 CWE-284 High ColdFusion User-Agent cross-site scripting CVE-2007-0817 CWE-79 CWE-79 High Collabtive Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4269) CVE-2010-4269 CWE-138 CWE-138 High Collabtive Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2015-0258) CVE-2015-0258 CWE-434 CWE-434 High concrete5 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-4724) CVE-2015-4724 CWE-138 CWE-138 High concrete5 Server-Side Request Forgery (SSRF) Vulnerability (CVE-2018-13790) CVE-2018-13790 CWE-918 CWE-918 High concrete5 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-11476) CVE-2020-11476 CWE-434 CWE-434 High concrete5 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-24986) CVE-2020-24986 CWE-434 CWE-434 High Configuration file disclosure CWE-538 CWE-538 High Configuration file source code disclosure CWE-538 CWE-538 High Confluence Widget Connector SSTI CVE-2019-3396 CWE-22 CWE-22 High Consul API publicly exposed CWE-200 CWE-200 High Contao Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10642) CVE-2019-10642 CWE-352 CWE-352 High Contao Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-37626) CVE-2021-37626 CWE-94 CWE-94 High Contao Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-10993) CVE-2017-10993 CWE-22 CWE-22 High Contao Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-4383) CVE-2012-4383 CWE-138 CWE-138 High Contao Improper Privilege Management Vulnerability (CVE-2021-37627) CVE-2021-37627 CWE-269 CWE-269 High Contao Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-19745) CVE-2019-19745 CWE-434 CWE-434 High Coppermine Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3481) CVE-2008-3481 CWE-94 CWE-94 High Coppermine Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-3486) CVE-2008-3486 CWE-22 CWE-22 High Core dump file CWE-200 CWE-200 High CouchDB REST API publicly accessible CWE-285 CWE-285 High Craft CMS CVE-2024-21622 Vulnerability (CVE-2024-21622) CVE-2024-21622 High Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-30130) CVE-2023-30130 CWE-94 CWE-94 High Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-30179) CVE-2023-30179 CWE-94 CWE-94 High Craft CMS Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2021-41824) CVE-2021-41824 CWE-1236 CWE-1236 High Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-9757) CVE-2020-9757 CWE-138 CWE-138 High Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-32679) CVE-2023-32679 CWE-138 CWE-138 High Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-36260) CVE-2023-36260 CWE-138 CWE-138 High Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-40035) CVE-2023-40035 CWE-138 CWE-138 High 1...5678...165 6 / 165
