Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-35740) CVE-2022-35740 CWE-707 CWE-707 Medium Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37431) CVE-2022-37431 CWE-707 CWE-707 Medium Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-3042) CVE-2023-3042 CWE-707 CWE-707 Medium Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-3938) CVE-2024-3938 CWE-707 CWE-707 Medium Dot CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1826) CVE-2012-1826 CWE-264 CWE-264 Medium Dot CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-37033) CVE-2022-37033 CWE-918 CWE-918 Medium Dot CMS Uncontrolled Recursion Vulnerability (CVE-2022-37034) CVE-2022-37034 CWE-674 CWE-674 Medium Dot CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-17422) CVE-2018-17422 CWE-601 CWE-601 Medium Drupal 7PK - Security Features Vulnerability (CVE-2016-3168) CVE-2016-3168 Medium Drupal configuration file weak file permissions CWE-16 CWE-16 Medium Drupal Credentials Management Errors Vulnerability (CVE-2009-2374) CVE-2009-2374 Medium Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-5594) CVE-2007-5594 CWE-352 CWE-352 Medium Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-6752) CVE-2007-6752 CWE-352 CWE-352 Medium Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-0272) CVE-2008-0272 CWE-352 CWE-352 Medium Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3220) CVE-2008-3220 CWE-352 CWE-352 Medium Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3221) CVE-2008-3221 CWE-352 CWE-352 Medium Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3743) CVE-2008-3743 CWE-352 CWE-352 Medium Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3744) CVE-2008-3744 CWE-352 CWE-352 Medium Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-6532) CVE-2008-6532 CWE-352 CWE-352 Medium Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2009-4066) CVE-2009-4066 CWE-352 CWE-352 Medium Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-0826) CVE-2012-0826 CWE-352 CWE-352 Medium Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-6660) CVE-2015-6660 CWE-352 CWE-352 Medium Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-13674) CVE-2020-13674 CWE-352 CWE-352 Medium Drupal Cryptographic Issues Vulnerability (CVE-2013-6386) CVE-2013-6386 Medium Drupal CVE-2007-0626 Vulnerability (CVE-2007-0626) CVE-2007-0626 Medium Drupal CVE-2008-1729 Vulnerability (CVE-2008-1729) CVE-2008-1729 Medium Drupal CVE-2009-1576 Vulnerability (CVE-2009-1576) CVE-2009-1576 Medium Drupal CVE-2014-9016 Vulnerability (CVE-2014-9016) CVE-2014-9016 Medium Drupal CVE-2018-14773 Vulnerability (CVE-2018-14773) CVE-2018-14773 Medium Drupal CVE-2022-25278 Vulnerability (CVE-2022-25278) CVE-2022-25278 Medium Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3730) CVE-2011-3730 CWE-200 CWE-200 Medium Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-0825) CVE-2012-0825 CWE-200 CWE-200 Medium Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-2922) CVE-2012-2922 CWE-200 CWE-200 Medium Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-5652) CVE-2012-5652 CWE-200 CWE-200 Medium Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-2983) CVE-2014-2983 CWE-200 CWE-200 Medium Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-3231) CVE-2015-3231 CWE-200 CWE-200 Medium Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-6661) CVE-2015-6661 CWE-200 CWE-200 Medium Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-3170) CVE-2016-3170 CWE-200 CWE-200 Medium Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6212) CVE-2016-6212 CWE-200 CWE-200 Medium Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9449) CVE-2016-9449 CWE-200 CWE-200 Medium Drupal Files or Directories Accessible to External Parties Vulnerability (CVE-2017-6922) CVE-2017-6922 CWE-552 CWE-552 Medium Drupal Improper Authentication Vulnerability (CVE-2006-1228) CVE-2006-1228 CWE-287 CWE-287 Medium Drupal Improper Authentication Vulnerability (CVE-2010-3091) CVE-2010-3091 CWE-287 CWE-287 Medium Drupal Improper Authentication Vulnerability (CVE-2010-3685) CVE-2010-3685 CWE-287 CWE-287 Medium Drupal Improper Authentication Vulnerability (CVE-2010-3686) CVE-2010-3686 CWE-287 CWE-287 Medium Drupal Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2007-5593) CVE-2007-5593 CWE-94 CWE-94 Medium Drupal Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-2372) CVE-2009-2372 CWE-94 CWE-94 Medium Drupal Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-6385) CVE-2013-6385 CWE-94 CWE-94 Medium Drupal Improper Input Validation Vulnerability (CVE-2010-2473) CVE-2010-2473 CWE-20 CWE-20 Medium Drupal Improper Input Validation Vulnerability (CVE-2012-1589) CVE-2012-1589 CWE-20 CWE-20 Medium Drupal Improper Input Validation Vulnerability (CVE-2012-5653) CVE-2012-5653 CWE-20 CWE-20 Medium Drupal Improper Input Validation Vulnerability (CVE-2013-6389) CVE-2013-6389 CWE-20 CWE-20 Medium Drupal Improper Input Validation Vulnerability (CVE-2014-5019) CVE-2014-5019 CWE-20 CWE-20 Medium Drupal Improper Input Validation Vulnerability (CVE-2015-3234) CVE-2015-3234 CWE-20 CWE-20 Medium Drupal Improper Input Validation Vulnerability (CVE-2016-9452) CVE-2016-9452 CWE-20 CWE-20 Medium Drupal Improper Input Validation Vulnerability (CVE-2017-6921) CVE-2017-6921 CWE-20 CWE-20 Medium Drupal Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2019-11358) CVE-2019-11358 CWE-1321 CWE-1321 Medium Drupal Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') Vulnerability (CVE-2007-5595) CVE-2007-5595 CWE-113 CWE-113 Medium Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-0136) CVE-2007-0136 CWE-707 CWE-707 Medium Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-4064) CVE-2007-4064 CWE-707 CWE-707 Medium Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-5596) CVE-2007-5596 CWE-707 CWE-707 Medium Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0273) CVE-2008-0273 CWE-707 CWE-707 Medium Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0276) CVE-2008-0276 CWE-707 CWE-707 Medium Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0462) CVE-2008-0462 CWE-707 CWE-707 Medium Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1133) CVE-2008-1133 CWE-707 CWE-707 Medium Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3218) CVE-2008-3218 CWE-707 CWE-707 Medium Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3219) CVE-2008-3219 CWE-707 CWE-707 Medium Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3740) CVE-2008-3740 CWE-707 CWE-707 Medium Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-6533) CVE-2008-6533 CWE-707 CWE-707 Medium Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-1047) CVE-2009-1047 CWE-707 CWE-707 Medium Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-1575) CVE-2009-1575 CWE-707 CWE-707 Medium Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-2373) CVE-2009-2373 CWE-707 CWE-707 Medium Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3479) CVE-2009-3479 CWE-707 CWE-707 Medium Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-2250) CVE-2010-2250 CWE-707 CWE-707 Medium Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-2472) CVE-2010-2472 CWE-707 CWE-707 Medium 1...14151617...106 15 / 106
