Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37248) CVE-2022-37248 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37250) CVE-2022-37250 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37251) CVE-2022-37251 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-2817) CVE-2023-2817 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-23927) CVE-2023-23927 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-30177) CVE-2023-30177 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31144) CVE-2023-31144 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33194) CVE-2023-33194 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33195) CVE-2023-33195 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33196) CVE-2023-33196 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33197) CVE-2023-33197 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33495) CVE-2023-33495 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-36259) CVE-2023-36259 CWE-707 CWE-707 Medium Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-45406) CVE-2024-45406 CWE-707 CWE-707 Medium Craft CMS Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2017-8385) CVE-2017-8385 CWE-640 CWE-640 Medium Credit card number disclosed CWE-200 CWE-200 Medium CRIME SSL/TLS attack CVE-2012-4929 CWE-310 CWE-310 Medium CRLF injection/HTTP response splitting (Web Server) CWE-113 CWE-113 Medium Cross-Site Request Forgery (CSRF) (CMS Made Simple) CVE-2016-7904 CWE-352 CWE-352 Medium Cross frame scripting CWE-79 CWE-79 Medium Cross Site Scripting (Category Description) (CMS Made Simple) CVE-2017-6555 CWE-79 CWE-79 Medium Cross Site Scripting (globalmetadata) (CMS Made Simple) CVE-2017-6556 CWE-79 CWE-79 Medium CrushFTP Server Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability (CVE-2017-14037) CVE-2017-14037 CWE-707 CWE-707 Medium CrushFTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14036) CVE-2017-14036 CWE-707 CWE-707 Medium CrushFTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-44076) CVE-2021-44076 CWE-707 CWE-707 Medium CrushFTP Server Improper Validation of Integrity Check Value Vulnerability (CVE-2023-48795) CVE-2023-48795 CWE-354 CWE-354 Medium CrushFTP Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-14038) CVE-2017-14038 CWE-601 CWE-601 Medium CrushFTP Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-18288) CVE-2018-18288 CWE-601 CWE-601 Medium CubeCart Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3724) CVE-2011-3724 CWE-200 CWE-200 Medium CubeCart Improper Access Control Vulnerability (CVE-2015-6928) CVE-2015-6928 CWE-284 CWE-284 Medium CubeCart Improper Authentication Vulnerability (CVE-2014-2341) CVE-2014-2341 CWE-287 CWE-287 Medium CubeCart Improper Input Validation Vulnerability (CVE-2012-0865) CVE-2012-0865 CWE-20 CWE-20 Medium CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-2090) CVE-2017-2090 CWE-22 CWE-22 Medium CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-2098) CVE-2017-2098 CWE-22 CWE-22 Medium CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-2117) CVE-2017-2117 CWE-22 CWE-22 Medium CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-42428) CVE-2023-42428 CWE-22 CWE-22 Medium CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-47283) CVE-2023-47283 CWE-22 CWE-22 Medium CubeCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1550) CVE-2008-1550 CWE-707 CWE-707 Medium CubeCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20703) CVE-2018-20703 CWE-707 CWE-707 Medium CubeCart Session Fixation Vulnerability (CVE-2021-33394) CVE-2021-33394 CWE-384 CWE-384 Medium Custom Error Pages Are Not Configured in WEB-INF/web.xml CWE-16 CWE-16 Medium CVS Detected CWE-527 CWE-527 Medium datatables Cross-site Scripting (XSS) Vulnerability (CVE-2015-6584) CVE-2015-6584 Medium DataTables Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-23445) CVE-2021-23445 CWE-707 CWE-707 Medium DataTables Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-36713) CVE-2021-36713 CWE-707 CWE-707 Medium Development configuration files CWE-538 CWE-538 Medium Directory listings CWE-538 CWE-538 Medium Django Cleartext Transmission of Sensitive Information Vulnerability (CVE-2019-12781) CVE-2019-12781 CWE-319 CWE-319 Medium Django Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-0696) CVE-2011-0696 CWE-352 CWE-352 Medium Django Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-4140) CVE-2011-4140 CWE-352 CWE-352 Medium Django CVE-2014-1418 Vulnerability (CVE-2014-1418) CVE-2014-1418 Medium Django CVE-2024-45231 Vulnerability (CVE-2024-45231) CVE-2024-45231 Medium Django Debug Mode Enabled CWE-200 CWE-200 Medium Django Debug Toolbar CWE-200 CWE-200 Medium Django DEPRECATED: Code Vulnerability (CVE-2015-0219) CVE-2015-0219 Medium Django DEPRECATED: Code Vulnerability (CVE-2015-0222) CVE-2015-0222 Medium Django Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-0305) CVE-2013-0305 CWE-200 CWE-200 Medium Django Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8213) CVE-2015-8213 CWE-200 CWE-200 Medium Django Improper Access Control Vulnerability (CVE-2016-2048) CVE-2016-2048 CWE-284 CWE-284 Medium Django Improper Authentication Vulnerability (CVE-2013-1443) CVE-2013-1443 CWE-287 CWE-287 Medium Django Improper Authentication Vulnerability (CVE-2014-0482) CVE-2014-0482 CWE-287 CWE-287 Medium Django Improper Certificate Validation Vulnerability (CVE-2020-13254) CVE-2020-13254 CWE-295 CWE-295 Medium Django Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-0472) CVE-2014-0472 CWE-94 CWE-94 Medium Django Improper Input Validation Vulnerability (CVE-2010-4535) CVE-2010-4535 CWE-20 CWE-20 Medium Django Improper Input Validation Vulnerability (CVE-2011-4136) CVE-2011-4136 CWE-20 CWE-20 Medium Django Improper Input Validation Vulnerability (CVE-2011-4138) CVE-2011-4138 CWE-20 CWE-20 Medium Django Improper Input Validation Vulnerability (CVE-2011-4139) CVE-2011-4139 CWE-20 CWE-20 Medium Django Improper Input Validation Vulnerability (CVE-2012-3443) CVE-2012-3443 CWE-20 CWE-20 Medium Django Improper Input Validation Vulnerability (CVE-2012-4520) CVE-2012-4520 CWE-20 CWE-20 Medium Django Improper Input Validation Vulnerability (CVE-2014-0480) CVE-2014-0480 CWE-20 CWE-20 Medium Django Improper Input Validation Vulnerability (CVE-2014-3730) CVE-2014-3730 CWE-20 CWE-20 Medium Django Improper Input Validation Vulnerability (CVE-2015-5144) CVE-2015-5144 CWE-20 CWE-20 Medium Django Improper Input Validation Vulnerability (CVE-2019-3498) CVE-2019-3498 CWE-20 CWE-20 Medium Django Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2013-4315) CVE-2013-4315 CWE-22 CWE-22 Medium Django Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-3281) CVE-2021-3281 CWE-22 CWE-22 Medium 1...11121314...106 12 / 106
