Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-7943) CVE-2015-7943 CWE-601 CWE-601 Medium Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2016-9451) CVE-2016-9451 CWE-601 CWE-601 Medium Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-6932) CVE-2017-6932 CWE-601 CWE-601 Medium Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-13662) CVE-2020-13662 CWE-601 CWE-601 Medium Drupal Views module information disclosure vulnerability CWE-200 CWE-200 Medium DWR Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-5325) CVE-2014-5325 CWE-200 CWE-200 Medium DWR Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5326) CVE-2014-5326 CWE-707 CWE-707 Medium e107 Credentials Management Errors Vulnerability (CVE-2013-7305) CVE-2013-7305 Medium e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-5084) CVE-2010-5084 CWE-352 CWE-352 Medium e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-4947) CVE-2011-4947 CWE-352 CWE-352 Medium e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-6433) CVE-2012-6433 CWE-352 CWE-352 Medium e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-6434) CVE-2012-6434 CWE-352 CWE-352 Medium e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-8098) CVE-2017-8098 CWE-352 CWE-352 Medium e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-11127) CVE-2018-11127 CWE-352 CWE-352 Medium e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-17081) CVE-2018-17081 CWE-352 CWE-352 Medium e107 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3731) CVE-2011-3731 CWE-200 CWE-200 Medium e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2006-0857) CVE-2006-0857 CWE-707 CWE-707 Medium e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-6208) CVE-2008-6208 CWE-707 CWE-707 Medium e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3444) CVE-2009-3444 CWE-707 CWE-707 Medium e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4083) CVE-2009-4083 CWE-707 CWE-707 Medium e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4757) CVE-2010-4757 CWE-707 CWE-707 Medium e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0457) CVE-2011-0457 CWE-707 CWE-707 Medium e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4920) CVE-2011-4920 CWE-707 CWE-707 Medium e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3843) CVE-2012-3843 CWE-707 CWE-707 Medium e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2750) CVE-2013-2750 CWE-707 CWE-707 Medium e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1041) CVE-2015-1041 CWE-707 CWE-707 Medium e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1057) CVE-2015-1057 CWE-707 CWE-707 Medium e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-11734) CVE-2018-11734 CWE-707 CWE-707 Medium e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16381) CVE-2018-16381 CWE-707 CWE-707 Medium e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17423) CVE-2018-17423 CWE-707 CWE-707 Medium e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-36121) CVE-2023-36121 CWE-707 CWE-707 Medium e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2006-2416) CVE-2006-2416 CWE-138 CWE-138 Medium e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-5320) CVE-2008-5320 CWE-138 CWE-138 Medium e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-1409) CVE-2009-1409 CWE-138 CWE-138 Medium e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4921) CVE-2011-4921 CWE-138 CWE-138 Medium e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4946) CVE-2011-4946 CWE-138 CWE-138 Medium e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-16389) CVE-2018-16389 CWE-138 CWE-138 Medium e107 Other Vulnerability (CVE-2003-1191) CVE-2003-1191 Medium e107 Other Vulnerability (CVE-2004-2028) CVE-2004-2028 Medium e107 Other Vulnerability (CVE-2004-2031) CVE-2004-2031 Medium e107 Other Vulnerability (CVE-2004-2039) CVE-2004-2039 Medium e107 Other Vulnerability (CVE-2004-2040) CVE-2004-2040 Medium e107 Other Vulnerability (CVE-2004-2262) CVE-2004-2262 Medium e107 Other Vulnerability (CVE-2005-2327) CVE-2005-2327 Medium e107 Other Vulnerability (CVE-2005-2805) CVE-2005-2805 Medium e107 Other Vulnerability (CVE-2005-3594) CVE-2005-3594 Medium e107 Other Vulnerability (CVE-2005-4051) CVE-2005-4051 Medium e107 Other Vulnerability (CVE-2006-0682) CVE-2006-0682 Medium e107 Other Vulnerability (CVE-2006-2590) CVE-2006-2590 Medium e107 Other Vulnerability (CVE-2006-2591) CVE-2006-2591 Medium e107 Other Vulnerability (CVE-2006-3259) CVE-2006-3259 Medium e107 Other Vulnerability (CVE-2006-4757) CVE-2006-4757 Medium e107 Other Vulnerability (CVE-2006-4794) CVE-2006-4794 Medium e107 Other Vulnerability (CVE-2007-3429) CVE-2007-3429 Medium e107 Other Vulnerability (CVE-2010-0996) CVE-2010-0996 Medium e107 Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2020) CVE-2008-2020 CWE-264 CWE-264 Medium easyXDM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-5212) CVE-2013-5212 CWE-707 CWE-707 Medium easyXDM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-1403) CVE-2014-1403 CWE-707 CWE-707 Medium easyXDM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-27739) CVE-2023-27739 CWE-707 CWE-707 Medium Elgg Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-3964) CVE-2021-3964 CWE-639 CWE-639 Medium Elgg Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3733) CVE-2011-3733 CWE-200 CWE-200 Medium Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2935) CVE-2011-2935 CWE-707 CWE-707 Medium Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6561) CVE-2012-6561 CWE-707 CWE-707 Medium Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-0234) CVE-2013-0234 CWE-707 CWE-707 Medium Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4072) CVE-2021-4072 CWE-707 CWE-707 Medium Elgg Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6562) CVE-2012-6562 CWE-264 CWE-264 Medium Elgg Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6563) CVE-2012-6563 CWE-264 CWE-264 Medium Elgg URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-11016) CVE-2019-11016 CWE-601 CWE-601 Medium Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4170) CVE-2013-4170 CWE-707 CWE-707 Medium Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0013) CVE-2014-0013 CWE-707 CWE-707 Medium Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0014) CVE-2014-0014 CWE-707 CWE-707 Medium Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1866) CVE-2015-1866 CWE-707 CWE-707 Medium Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7565) CVE-2015-7565 CWE-707 CWE-707 Medium Envoy Proxy Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-27492) CVE-2023-27492 CWE-770 CWE-770 Medium Envoy Proxy Improper Certificate Validation Vulnerability (CVE-2022-21656) CVE-2022-21656 CWE-295 CWE-295 Medium 1...16171819...99 17 / 99
