Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Dot CMS Other Vulnerability (CVE-2016-4803) CVE-2016-4803 High Dot CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8600) CVE-2016-8600 CWE-264 CWE-264 High DotCMS unrestricted file upload (CVE-2022-26352) CVE-2022-26352 CWE-434 CWE-434 High Dot CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-3189) CVE-2017-3189 CWE-434 CWE-434 High Dot CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-11466) CVE-2017-11466 CWE-434 CWE-434 High Dot CMS Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2022-45782) CVE-2022-45782 CWE-338 CWE-338 High Dotenv .env file CWE-538 CWE-538 High DotNetNuke multiple vulnerabilities CVE-2012-1030 CWE-79 CWE-79 High Dragonfly Arbitrary File Read/Write (CVE-2021-33564) CVE-2021-33564 CWE-20 CWE-20 High Drupal 7 arbitrary PHP code execution and information disclosure CVE-2012-4553 CVE-2012-4554 CWE-264 CWE-264 High Drupal 7PK - Security Features Vulnerability (CVE-2016-3163) CVE-2016-3163 High Drupal Backup Migrate directory publicly accessible CWE-538 CWE-538 High Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.1) CVE-2005-0682 CWE-79 CWE-79 High Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.5) CVE-2005-3973 CWE-79 CWE-79 High Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.7) CVE-2006-1226 CWE-79 CWE-79 High Drupal Core 4.5.x Mail Header Injection (4.5.0 - 4.5.7) CWE-20 CWE-20 High Drupal Core 4.5.x Multiple Vulnerabilities (4.5.0 - 4.5.5) CWE-79 CWE-113 CWE-79 CWE-113 High Drupal Core 4.5.x Security Bypass (4.5.0 - 4.5.7) CWE-264 CWE-264 High Drupal Core 4.5.x Session Fixation (4.5.0 - 4.5.7) CWE-384 CWE-384 High Drupal Core 4.6.x Arbitrary Code Execution (4.6.0 - 4.6.6) CVE-2006-2743 CWE-95 CWE-95 High Drupal Core 4.6.x Arbitrary Code Execution (4.6.0 - 4.6.7) CVE-2006-2831 CWE-95 CWE-95 High Drupal Core 4.6.x Cross-Site Request Forgery (4.6.0 - 4.6.9) CVE-2006-5476 CWE-352 CWE-352 High Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.3) CVE-2005-3973 CWE-79 CWE-79 High Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.5) CVE-2006-1226 CWE-79 CWE-79 High Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.7) CVE-2006-2833 CWE-79 CWE-79 High Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.8) CVE-2006-4002 CWE-79 CWE-79 High Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.10) CVE-2007-0136 CWE-79 CWE-79 High Drupal Core 4.6.x Denial of Service (4.6.0 - 4.6.10) CVE-2007-0124 CWE-400 CWE-400 High Drupal Core 4.6.x Form Action Attribute Injection (4.6.0 - 4.6.9) CVE-2006-5477 CWE-20 CWE-20 High Drupal Core 4.6.x Mail Header Injection (4.6.0 - 4.6.5) CWE-20 CWE-20 High Drupal Core 4.6.x Multiple Cross-Site Scripting Vulnerabilities (4.6.0 - 4.6.9) CVE-2006-5475 CWE-79 CWE-79 High Drupal Core 4.6.x Multiple Vulnerabilities (4.6.0 - 4.6.3) CWE-79 CWE-113 CWE-79 CWE-113 High Drupal Core 4.6.x Security Bypass (4.6.0 - 4.6.3) CVE-2005-3974 CWE-264 CWE-264 High Drupal Core 4.6.x Security Bypass (4.6.0 - 4.6.5) CWE-264 CWE-264 High Drupal Core 4.6.x Session Fixation (4.6.0 - 4.6.5) CWE-384 CWE-384 High Drupal Core 4.6.x SQL Injection (4.6.0 - 4.6.6) CVE-2006-2742 CWE-89 CWE-89 High Drupal Core 4.7.x Arbitrary Code Execution (4.7.0 - 4.7.5) CVE-2007-0626 CWE-95 CWE-95 High Drupal Core 4.7.x Arbitrary Code Execution (4.7.0) CVE-2006-2743 CWE-95 CWE-95 High Drupal Core 4.7.x Cross-Site Request Forgery (4.7.0 - 4.7.3) CVE-2006-5476 CWE-352 CWE-352 High Drupal Core 4.7.x Cross-Site Request Forgery (4.7.0 - 4.7.10) CVE-2008-0272 CWE-352 CWE-352 High Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.1) CVE-2006-2833 CWE-79 CWE-79 High Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.2) CVE-2006-4002 CWE-79 CWE-79 High Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.4) CVE-2007-0136 CWE-79 CWE-79 High Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.7) CVE-2007-5596 CWE-79 CWE-79 High Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.10) CVE-2008-0274 CWE-79 CWE-79 High Drupal Core 4.7.x Denial of Service (4.7.0 - 4.7.4) CVE-2007-0124 CWE-400 CWE-400 High Drupal Core 4.7.x Form Action Attribute Injection (4.7.0 - 4.7.3) CVE-2006-5477 CWE-20 CWE-20 High Drupal Core 4.7.x HTTP Response Splitting (4.7.0 - 4.7.7) CVE-2007-5595 CWE-113 CWE-113 High Drupal Core 4.7.x Multiple Cross-Site Scripting Vulnerabilities (4.7.0 - 4.7.3) CVE-2006-5475 CWE-79 CWE-79 High Drupal Core 4.7.x Multiple Cross-Site Scripting Vulnerabilities (4.7.0 - 4.7.6) CVE-2007-4064 CWE-79 CWE-79 High Drupal Core 4.7.x Multiple Vulnerabilities (4.7.0 - 4.7.1) CVE-2006-2831 CVE-2006-2832 CWE-79 CWE-95 CWE-79 CWE-95 High Drupal Core 4.7.x Security Bypass (4.7.0 - 4.7.7) CVE-2007-5597 CWE-702 CWE-702 High Drupal Core 4.7.x SQL Injection (4.7.0 - 4.7.8) CVE-2007-6299 CWE-89 CWE-89 High Drupal Core 4.7.x SQL Injection (4.7.0) CVE-2006-2742 CWE-89 CWE-89 High Drupal Core 5.x Arbitrary Code Execution (5.0 - 5.2) CVE-2007-5593 CWE-95 CWE-95 High Drupal Core 5.x Arbitrary Code Execution (5.0) CVE-2007-0626 CWE-95 CWE-95 High Drupal Core 5.x Cross-Site Request Forgery (5.0 - 5.2) CVE-2007-5594 CWE-352 CWE-352 High Drupal Core 5.x Cross-Site Request Forgery (5.0 - 5.5) CVE-2008-0272 CWE-352 CWE-352 High Drupal Core 5.x Cross-Site Scripting (5.0 - 5.2) CVE-2007-5596 CWE-79 CWE-79 High Drupal Core 5.x Cross-Site Scripting (5.0 - 5.5) CVE-2008-0273 CWE-79 CWE-79 High Drupal Core 5.x Cross-Site Scripting (5.0 - 5.16) CVE-2009-1575 CVE-2009-1576 CVE-2009-1844 CWE-79 CWE-79 High Drupal Core 5.x Cross-Site Scripting (5.0 - 5.17) CVE-2009-1844 CWE-79 CWE-79 High Drupal Core 5.x Cross-Site Scripting (5.0 - 5.20) CVE-2009-4369 CWE-79 CWE-79 High Drupal Core 5.x HTTP Response Splitting (5.0 - 5.2) CVE-2007-5595 CWE-113 CWE-113 High Drupal Core 5.x Information Disclosure (5.0 - 5.18) CVE-2009-2374 CWE-200 CWE-200 High Drupal Core 5.x Local File Inclusion (5.0 - 5.11) CVE-2008-6171 CWE-22 CWE-22 High Drupal Core 5.x Local File Inclusion (5.0 - 5.15) CWE-22 CWE-22 High Drupal Core 5.x Multiple Cross-Site Request Forgery Vulnerabilities (5.0 - 5.1) CVE-2007-4063 CWE-352 CWE-352 High Drupal Core 5.x Multiple Cross-Site Scripting Vulnerabilities (5.0 - 5.1) CVE-2007-4064 CWE-79 CWE-79 High Drupal Core 5.x Multiple Security Bypass Vulnerabilities (5.0 - 5.10) CVE-2008-4790 CVE-2008-4791 CVE-2008-4792 CVE-2008-4793 CWE-264 CWE-264 High Drupal Core 5.x Multiple Security Bypass Vulnerabilities (5.0 - 5.22) CVE-2010-3092 CVE-2010-3093 CWE-264 CWE-264 High Drupal Core 5.x Multiple Vulnerabilities (5.0 - 5.7) CVE-2008-3219 CVE-2008-3220 CVE-2008-3222 CWE-352 CWE-384 CWE-352 CWE-384 High Drupal Core 5.x Multiple Vulnerabilities (5.0 - 5.9) CVE-2008-3740 CVE-2008-3741 CVE-2008-3742 CVE-2008-3744 CWE-79 CWE-352 CWE-434 CWE-79 CWE-352 CWE-434 High Drupal Core 5.x Multiple Vulnerabilities (5.0 - 5.12) CVE-2008-6532 CVE-2008-6533 CWE-79 CWE-352 CWE-79 CWE-352 High Drupal Core 5.x Multiple Vulnerabilities (5.0 - 5.21) CWE-79 CWE-264 CWE-601 CWE-79 CWE-264 CWE-601 High 1...891011...169 9 / 169
