Vulnerability Name CVE Severity
e107 Other Vulnerability (CVE-2006-0682) CVE-2006-0682
e107 Other Vulnerability (CVE-2006-2590) CVE-2006-2590
e107 Other Vulnerability (CVE-2006-2591) CVE-2006-2591
e107 Other Vulnerability (CVE-2006-3259) CVE-2006-3259
e107 Other Vulnerability (CVE-2006-4757) CVE-2006-4757
e107 Other Vulnerability (CVE-2006-4794) CVE-2006-4794
e107 Other Vulnerability (CVE-2007-3429) CVE-2007-3429
e107 Other Vulnerability (CVE-2010-0996) CVE-2010-0996
e107 Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2020) CVE-2008-2020
easyXDM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-5212) CVE-2013-5212
easyXDM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-1403) CVE-2014-1403
easyXDM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-27739) CVE-2023-27739
Elgg Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-3964) CVE-2021-3964
Elgg Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3733) CVE-2011-3733
Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2935) CVE-2011-2935
Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6561) CVE-2012-6561
Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-0234) CVE-2013-0234
Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4072) CVE-2021-4072
Elgg Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6562) CVE-2012-6562
Elgg Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6563) CVE-2012-6563
Elgg URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-11016) CVE-2019-11016
Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4170) CVE-2013-4170
Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0013) CVE-2014-0013
Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0014) CVE-2014-0014
Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1866) CVE-2015-1866
Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7565) CVE-2015-7565
Envoy Proxy Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-27492) CVE-2023-27492
Envoy Proxy Improper Certificate Validation Vulnerability (CVE-2022-21656) CVE-2022-21656
Envoy Proxy Improper Certificate Validation Vulnerability (CVE-2022-21657) CVE-2022-21657
Envoy Proxy Improper Encoding or Escaping of Output Vulnerability (CVE-2024-45808) CVE-2024-45808
Envoy Proxy Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-35944) CVE-2023-35944
Envoy Proxy Insufficient Verification of Data Authenticity Vulnerability (CVE-2020-8660) CVE-2020-8660
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2022-29224) CVE-2022-29224
Envoy Proxy Origin Validation Error Vulnerability (CVE-2020-15104) CVE-2020-15104
Envoy Proxy Out-of-bounds Write Vulnerability (CVE-2024-34364) CVE-2024-34364
Envoy Proxy Uncontrolled Recursion Vulnerability (CVE-2022-23606) CVE-2022-23606
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2024-23323) CVE-2024-23323
Envoy Proxy Use After Free Vulnerability (CVE-2023-35942) CVE-2023-35942
Envoy Proxy Use After Free Vulnerability (CVE-2024-34362) CVE-2024-34362
EspoCRM Cleartext Transmission of Sensitive Information Vulnerability (CVE-2022-38846) CVE-2022-38846
EspoCRM Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2022-38845) CVE-2022-38845
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-7987) CVE-2014-7987
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17301) CVE-2018-17301
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17302) CVE-2018-17302
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-13643) CVE-2019-13643
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14329) CVE-2019-14329
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14330) CVE-2019-14330
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14331) CVE-2019-14331
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14349) CVE-2019-14349
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14350) CVE-2019-14350
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14546) CVE-2019-14546
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14547) CVE-2019-14547
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14548) CVE-2019-14548
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14549) CVE-2019-14549
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14550) CVE-2019-14550
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3539) CVE-2021-3539
EspoCRM Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7986) CVE-2014-7986
EspoCRM Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-46736) CVE-2023-46736
Express cookie-session weak secret key
Express Development Mode enabled
Ext JS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8046) CVE-2018-8046
Family Connections Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-5130) CVE-2011-5130
Family Connections Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-2901) CVE-2008-2901
Family Connections Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-2010) CVE-2009-2010
fancybox Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1494) CVE-2015-1494
FCKeditor arbitrary file upload CVE-2009-2265
File tampering
Firebase database accessible without authentication
Flask weak secret key
FluxBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-35240) CVE-2020-35240
FluxBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43677) CVE-2021-43677
FluxBB Other Vulnerability (CVE-2014-10030) CVE-2014-10030
Frontaccounting Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3740) CVE-2011-3740
Frontaccounting Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2007-5148) CVE-2007-5148
Frontaccounting Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-21244) CVE-2020-21244