Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5284) CVE-2010-5284 CWE-707 CWE-707 Medium Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3247) CVE-2014-3247 CWE-707 CWE-707 Medium Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8935) CVE-2019-8935 CWE-707 CWE-707 Medium Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13655) CVE-2020-13655 CWE-707 CWE-707 Medium Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3298) CVE-2021-3298 CWE-707 CWE-707 Medium Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-46240) CVE-2024-46240 CWE-707 CWE-707 Medium Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-48706) CVE-2024-48706 CWE-707 CWE-707 Medium Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-48707) CVE-2024-48707 CWE-707 CWE-707 Medium Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-48708) CVE-2024-48708 CWE-707 CWE-707 Medium Collabtive Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-6872) CVE-2013-6872 CWE-138 CWE-138 Medium Collabtive Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3246) CVE-2014-3246 CWE-138 CWE-138 Medium concrete5 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-8082) CVE-2017-8082 CWE-352 CWE-352 Medium concrete5 CVE-2020-14961 Vulnerability (CVE-2020-14961) CVE-2020-14961 Medium concrete5 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-5107) CVE-2014-5107 CWE-200 CWE-200 Medium concrete5 Improper Input Validation Vulnerability (CVE-2017-18195) CVE-2017-18195 CWE-20 CWE-20 Medium concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-5181) CVE-2012-5181 CWE-707 CWE-707 Medium concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5108) CVE-2014-5108 CWE-707 CWE-707 Medium concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9526) CVE-2014-9526 CWE-707 CWE-707 Medium concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-2250) CVE-2015-2250 CWE-707 CWE-707 Medium concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-3989) CVE-2015-3989 CWE-707 CWE-707 Medium concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-4721) CVE-2015-4721 CWE-707 CWE-707 Medium concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-6905) CVE-2017-6905 CWE-707 CWE-707 Medium concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-6908) CVE-2017-6908 CWE-707 CWE-707 Medium concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7725) CVE-2017-7725 CWE-707 CWE-707 Medium concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19146) CVE-2018-19146 CWE-707 CWE-707 Medium Contao Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-1297) CVE-2012-1297 CWE-352 CWE-352 Medium Contao CVE-2018-20028 Vulnerability (CVE-2018-20028) CVE-2018-20028 Medium Contao Improper Encoding or Escaping of Output Vulnerability (CVE-2019-19714) CVE-2019-19714 CWE-116 CWE-116 Medium Contao Improper Input Validation Vulnerability (CVE-2020-25768) CVE-2020-25768 CWE-20 CWE-20 Medium Contao Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-0269) CVE-2015-0269 CWE-22 CWE-22 Medium Contao Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-29200) CVE-2023-29200 CWE-22 CWE-22 Medium Contao Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-45604) CVE-2024-45604 CWE-22 CWE-22 Medium Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0508) CVE-2011-0508 CWE-707 CWE-707 Medium Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4335) CVE-2011-4335 CWE-707 CWE-707 Medium Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5478) CVE-2018-5478 CWE-707 CWE-707 Medium Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-10125) CVE-2018-10125 CWE-707 CWE-707 Medium Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35210) CVE-2021-35210 CWE-707 CWE-707 Medium Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35955) CVE-2021-35955 CWE-707 CWE-707 Medium Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-24899) CVE-2022-24899 CWE-707 CWE-707 Medium Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-36806) CVE-2023-36806 CWE-707 CWE-707 Medium Contao Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2024-45612) CVE-2024-45612 CWE-138 CWE-138 Medium Contao Incorrect Default Permissions Vulnerability (CVE-2019-19712) CVE-2019-19712 CWE-276 CWE-276 Medium Cookie signed with weak secret key CWE-693 CWE-693 Medium Coppermine Cross-site Scripting (XSS) Vulnerability (CVE-2018-14478) CVE-2018-14478 Medium Coppermine Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-7187) CVE-2008-7187 CWE-200 CWE-200 Medium Coppermine Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3722) CVE-2011-3722 CWE-200 CWE-200 Medium Coppermine Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1614) CVE-2012-1614 CWE-200 CWE-200 Medium Coppermine Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-3923) CVE-2015-3923 CWE-200 CWE-200 Medium Coppermine Improper Authentication Vulnerability (CVE-2005-3979) CVE-2005-3979 CWE-287 CWE-287 Medium Coppermine Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4667) CVE-2010-4667 CWE-707 CWE-707 Medium Coppermine Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4693) CVE-2010-4693 CWE-707 CWE-707 Medium Coppermine Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2476) CVE-2011-2476 CWE-707 CWE-707 Medium Coppermine Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-4612) CVE-2014-4612 CWE-707 CWE-707 Medium Coppermine Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-0504) CVE-2008-0504 CWE-138 CWE-138 Medium Coppermine Multiple Cross-site Scripting (XSS) Vulnerabilities (CVE-2015-6528) CVE-2015-6528 Medium Coppermine Open Redirection Vulnerability (CVE-2015-3922) CVE-2015-3922 Medium Coppermine Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-7186) CVE-2008-7186 CWE-264 CWE-264 Medium Core dump checker PHP script CWE-200 CWE-200 Medium cPanel XSS (CVE-2023-29489) CVE-2023-29489 CWE-79 CWE-79 Medium Craft CMS CVE-2017-8383 Vulnerability (CVE-2017-8383) CVE-2017-8383 Medium Craft CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-14280) CVE-2019-14280 CWE-200 CWE-200 Medium Craft CMS Files or Directories Accessible to External Parties Vulnerability (CVE-2024-52292) CVE-2024-52292 CWE-552 CWE-552 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-8052) CVE-2017-8052 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-8384) CVE-2017-8384 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9516) CVE-2017-9516 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20418) CVE-2018-20418 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-9554) CVE-2019-9554 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12823) CVE-2019-12823 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-17496) CVE-2019-17496 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-19626) CVE-2020-19626 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-27902) CVE-2021-27902 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32470) CVE-2021-32470 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28378) CVE-2022-28378 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37246) CVE-2022-37246 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37247) CVE-2022-37247 CWE-707 CWE-707 Medium 1...10111213...106 11 / 106
