Craft CMS Improper Authentication Vulnerability (CVE-2024-41800)
|
CVE-2024-41800
CWE-287
|
CWE-287
|
High
|
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-30130)
|
CVE-2023-30130
CWE-94
|
CWE-94
|
High
|
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-30179)
|
CVE-2023-30179
CWE-94
|
CWE-94
|
High
|
Craft CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-52291)
|
CVE-2024-52291
CWE-22
|
CWE-22
|
High
|
Craft CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-52293)
|
CVE-2024-52293
CWE-22
|
CWE-22
|
High
|
Craft CMS Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2021-41824)
|
CVE-2021-41824
CWE-1236
|
CWE-1236
|
High
|
Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-9757)
|
CVE-2020-9757
CWE-138
|
CWE-138
|
High
|
Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-32679)
|
CVE-2023-32679
CWE-138
|
CWE-138
|
High
|
Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-36260)
|
CVE-2023-36260
CWE-138
|
CWE-138
|
High
|
Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-40035)
|
CVE-2023-40035
CWE-138
|
CWE-138
|
High
|
Craft CMS Missing Encryption of Sensitive Data Vulnerability (CVE-2018-20465)
|
CVE-2018-20465
CWE-311
|
CWE-311
|
High
|
Craft CMS Missing Encryption of Sensitive Data Vulnerability (CVE-2022-37783)
|
CVE-2022-37783
CWE-311
|
CWE-311
|
High
|
Craft CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-3814)
|
CVE-2018-3814
CWE-434
|
CWE-434
|
High
|
Craft CMS Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2022-29933)
|
CVE-2022-29933
CWE-640
|
CWE-640
|
High
|
CRMEB SQL Injection (CVE-2024-36837)
|
CVE-2024-36837
CWE-89
|
CWE-89
|
High
|
Cross-site Scripting
|
CWE-79
|
CWE-79
|
High
|
Cross-site Scripting (DOM based)
|
CWE-79
|
CWE-79
|
High
|
Cross-site Scripting via File Upload
|
CWE-79
|
CWE-79
|
High
|
Cross-site Scripting via Remote File Inclusion
|
CWE-79
|
CWE-79
|
High
|
Cross-site scripting vulnerability in Google Web Toolkit
|
CVE-2012-4563
CWE-80
|
CWE-80
|
High
|
Cross-site scripting vulnerability in Google Web Toolkit (CVE-2012-5920)
|
CVE-2012-5920
CWE-80
|
CWE-80
|
High
|
Cross site scripting (XSS) in ASP.NET via ResolveUrl
|
CWE-79
|
CWE-79
|
High
|
Cross site scripting in HTTP-01 ACME challenge implementation
|
CWE-79
|
CWE-79
|
High
|
Cross site scripting via Bootstrap
|
CWE-79
|
CWE-79
|
High
|
CubeCart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-38130)
|
CVE-2023-38130
CWE-352
|
CWE-352
|
High
|
CubeCart Improper Input Validation Vulnerability (CVE-2013-1465)
|
CVE-2013-1465
CWE-20
|
CWE-20
|
High
|
CubeCart Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-47675)
|
CVE-2023-47675
CWE-138
|
CWE-138
|
High
|
CubeCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4060)
|
CVE-2009-4060
CWE-138
|
CWE-138
|
High
|
CubeCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-1931)
|
CVE-2010-1931
CWE-138
|
CWE-138
|
High
|
CubeCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4903)
|
CVE-2010-4903
CWE-138
|
CWE-138
|
High
|
CubeCart Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-3904)
|
CVE-2009-3904
CWE-264
|
CWE-264
|
High
|
Custom Vulnerability Alert
|
CWE-0
|
CWE-0
|
High
|
D3.js Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-16044)
|
CVE-2017-16044
CWE-200
|
CWE-200
|
High
|
Database User Has Admin Privileges
|
CWE-267
|
CWE-267
|
High
|
Data Binding Expression Vulnerability in Spring Web Flow
|
CVE-2017-4971
CWE-78
|
CWE-78
|
High
|
DataTables Prototype Pollution Vulnerability (CVE-2020-28458)
|
CVE-2020-28458
|
|
High
|
Delve Debugger Unauthorized Access Vulnerability
|
CWE-200
|
CWE-200
|
High
|
Deserialization of Untrusted Data (.NET BinaryFormatter Object Deserialization)
|
CWE-502
|
CWE-502
|
High
|
Deserialization of Untrusted Data (Java JSON Deserialization) Fastjson
|
CWE-502
|
CWE-502
|
High
|
Deserialization of Untrusted Data (Java JSON Deserialization) Genson
|
CWE-502
|
CWE-502
|
High
|
Deserialization of Untrusted Data (Java JSON Deserialization) Jackson
|
CVE-2017-7525
CWE-502
|
CWE-502
|
High
|
Deserialization of Untrusted Data (Java JSON Deserialization) JsonIO
|
CWE-502
|
CWE-502
|
High
|
Deserialization of Untrusted Data (Java Object Deserialization)
|
CWE-502
|
CWE-502
|
High
|
Deserialization of Untrusted Data (XStream)
|
CVE-2013-7285
CVE-2020-26258
CVE-2020-26217
CWE-502
|
CWE-502
|
High
|
Devise weak password
|
CWE-200
|
CWE-200
|
High
|
Directory traversal
|
CWE-22
|
CWE-22
|
High
|
Directory Traversal (lib/translation.functions.php) (CMS Made Simple) v1.6.x
|
CVE-2010-2797
CWE-22
|
CWE-22
|
High
|
Directory Traversal (lib/translation.functions.php) (CMS Made Simple) v1.8.x
|
CVE-2010-2797
CWE-22
|
CWE-22
|
High
|
Directory Traversal with spring-cloud-config-server
|
CVE-2020-5410
CWE-22
|
CWE-22
|
High
|
Django 7PK - Security Features Vulnerability (CVE-2016-7401)
|
CVE-2016-7401
|
|
High
|
Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-6975)
|
CVE-2019-6975
CWE-770
|
CWE-770
|
High
|
Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-23969)
|
CVE-2023-23969
CWE-770
|
CWE-770
|
High
|
Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-46695)
|
CVE-2023-46695
CWE-770
|
CWE-770
|
High
|
Django CVE-2024-24680 Vulnerability (CVE-2024-24680)
|
CVE-2024-24680
|
|
High
|
Django CVE-2024-41989 Vulnerability (CVE-2024-41989)
|
CVE-2024-41989
|
|
High
|
Django CVE-2024-41990 Vulnerability (CVE-2024-41990)
|
CVE-2024-41990
|
|
High
|
Django CVE-2024-45230 Vulnerability (CVE-2024-45230)
|
CVE-2024-45230
|
|
High
|
Django Download of Code Without Integrity Check Vulnerability (CVE-2022-36359)
|
CVE-2022-36359
CWE-494
|
CWE-494
|
High
|
Django Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-45116)
|
CVE-2021-45116
CWE-668
|
CWE-668
|
High
|
Django Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-6188)
|
CVE-2018-6188
CWE-200
|
CWE-200
|
High
|
Django Improper Authentication Vulnerability (CVE-2021-44420)
|
CVE-2021-44420
CWE-287
|
CWE-287
|
High
|
Django Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2011-0698)
|
CVE-2011-0698
CWE-22
|
CWE-22
|
High
|
Django Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-33203)
|
CVE-2021-33203
CWE-22
|
CWE-22
|
High
|
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-2512)
|
CVE-2016-2512
CWE-707
|
CWE-707
|
High
|
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-9402)
|
CVE-2020-9402
CWE-138
|
CWE-138
|
High
|
Django Improper Validation of Specified Quantity in Input Vulnerability (CVE-2023-41164)
|
CVE-2023-41164
CWE-1284
|
CWE-1284
|
High
|
Django Improper Validation of Specified Quantity in Input Vulnerability (CVE-2023-43665)
|
CVE-2023-43665
CWE-1284
|
CWE-1284
|
High
|
Django Improper Validation of Specified Quantity in Input Vulnerability (CVE-2024-41991)
|
CVE-2024-41991
CWE-1284
|
CWE-1284
|
High
|
Django Incorrect Default Permissions Vulnerability (CVE-2020-24583)
|
CVE-2020-24583
CWE-276
|
CWE-276
|
High
|
Django Incorrect Default Permissions Vulnerability (CVE-2020-24584)
|
CVE-2020-24584
CWE-276
|
CWE-276
|
High
|
Django Inefficient Regular Expression Complexity Vulnerability (CVE-2023-36053)
|
CVE-2023-36053
CWE-1333
|
CWE-1333
|
High
|
Django Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2022-23833)
|
CVE-2022-23833
CWE-835
|
CWE-835
|
High
|
Django Other Vulnerability (CVE-2022-41323)
|
CVE-2022-41323
|
|
High
|
Django Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9014)
|
CVE-2016-9014
CWE-264
|
CWE-264
|
High
|
Django Resource Management Errors Vulnerability (CVE-2015-5143)
|
CVE-2015-5143
|
|
High
|