Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-16192) CVE-2020-16192 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23710) CVE-2020-23710 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-25797) CVE-2020-25797 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-25798) CVE-2020-25798 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-25799) CVE-2020-25799 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42112) CVE-2021-42112 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-29710) CVE-2022-29710 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-48010) CVE-2022-48010 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-44796) CVE-2023-44796 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-4994) CVE-2012-4994 CWE-138 CWE-138 Medium LimeSurvey Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-4628) CVE-2015-4628 CWE-138 CWE-138 Medium LimeSurvey Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-5078) CVE-2015-5078 CWE-138 CWE-138 Medium LimeSurvey Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2019-16175) CVE-2019-16175 CWE-1021 CWE-1021 Medium LimeSurvey Other Vulnerability (CVE-2014-5018) CVE-2014-5018 Medium LimeSurvey Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-16397) CVE-2018-16397 CWE-434 CWE-434 Medium Limited Remote File Read/Include in Jira Software Server CVE-2021-26086 CWE-22 CWE-22 Medium LISTSERV XSS (CVE-2022-39195) CVE-2022-39195 CWE-79 CWE-79 Medium LiteSpeed Web Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-2333) CVE-2010-2333 CWE-200 CWE-200 Medium LiteSpeed Web Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4871) CVE-2012-4871 CWE-707 CWE-707 Medium LiteSpeed Web Server Out-of-bounds Read Vulnerability (CVE-2004-0112) CVE-2004-0112 CWE-125 CWE-125 Medium Local File Inclusion (CMS Made Simple) CWE-94 CWE-94 Medium Lodash Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-1010266) CVE-2019-1010266 CWE-770 CWE-770 Medium Lodash CVE-2018-3721 Vulnerability (CVE-2018-3721) CVE-2018-3721 Medium Lodash CVE-2018-16487 Vulnerability (CVE-2018-16487) CVE-2018-16487 Medium Lodash Other Vulnerability (CVE-2020-28500) CVE-2020-28500 Medium Lucee Stacktrace Information Disclosure CWE-200 CWE-200 Medium Magento Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2019-7864) CVE-2019-7864 CWE-639 CWE-639 Medium Magento Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2019-7872) CVE-2019-7872 CWE-639 CWE-639 Medium Magento Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2019-7925) CVE-2019-7925 CWE-639 CWE-639 Medium Magento Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2019-8235) CVE-2019-8235 CWE-639 CWE-639 Medium Magento Cleartext Storage of Sensitive Information Vulnerability (CVE-2019-8118) CVE-2019-8118 CWE-312 CWE-312 Medium Magento Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2019-8232) CVE-2019-8232 CWE-362 CWE-362 Medium Magento Config File Disclosure CWE-200 CWE-200 Medium Magento Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-5301) CVE-2018-5301 CWE-352 CWE-352 Medium Magento Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-7851) CVE-2019-7851 CWE-352 CWE-352 Medium Magento Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-7857) CVE-2019-7857 CWE-352 CWE-352 Medium Magento Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-7873) CVE-2019-7873 CWE-352 CWE-352 Medium Magento Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-7874) CVE-2019-7874 CWE-352 CWE-352 Medium Magento Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-7947) CVE-2019-7947 CWE-352 CWE-352 Medium Magento Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-21027) CVE-2021-21027 CWE-352 CWE-352 Medium Magento Cryptographic Issues Vulnerability (CVE-2019-7855) CVE-2019-7855 Medium Magento CVE-2019-7904 Vulnerability (CVE-2019-7904) CVE-2019-7904 Medium Magento CVE-2019-8090 Vulnerability (CVE-2019-8090) CVE-2019-8090 Medium Magento CVE-2019-8107 Vulnerability (CVE-2019-8107) CVE-2019-8107 Medium Magento CVE-2019-8123 Vulnerability (CVE-2019-8123) CVE-2019-8123 Medium Magento CVE-2019-8133 Vulnerability (CVE-2019-8133) CVE-2019-8133 Medium Magento CVE-2022-34259 Vulnerability (CVE-2022-34259) CVE-2022-34259 Medium Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2212) CVE-2016-2212 CWE-200 CWE-200 Medium Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-7852) CVE-2019-7852 CWE-200 CWE-200 Medium Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-7888) CVE-2019-7888 CWE-200 CWE-200 Medium Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-7929) CVE-2019-7929 CWE-200 CWE-200 Medium Magento Improper Access Control Vulnerability (CVE-2021-21020) CVE-2021-21020 CWE-284 CWE-284 Medium Magento Improper Authentication Vulnerability (CVE-2015-3457) CVE-2015-3457 CWE-287 CWE-287 Medium Magento Improper Authentication Vulnerability (CVE-2019-8108) CVE-2019-8108 CWE-287 CWE-287 Medium Magento Improper Authorization Vulnerability (CVE-2020-24402) CVE-2020-24402 CWE-285 CWE-285 Medium Magento Improper Authorization Vulnerability (CVE-2020-24405) CVE-2020-24405 CWE-285 CWE-285 Medium Magento Improper Authorization Vulnerability (CVE-2021-21022) CVE-2021-21022 CWE-285 CWE-285 Medium Magento Improper Authorization Vulnerability (CVE-2021-21026) CVE-2021-21026 CWE-285 CWE-285 Medium Magento Improper Authorization Vulnerability (CVE-2021-28563) CVE-2021-28563 CWE-285 CWE-285 Medium Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2015-1399) CVE-2015-1399 CWE-94 CWE-94 Medium Magento Improper Input Validation Vulnerability (CVE-2019-7898) CVE-2019-7898 CWE-20 CWE-20 Medium Magento Improper Input Validation Vulnerability (CVE-2019-7899) CVE-2019-7899 CWE-20 CWE-20 Medium Magento Improper Input Validation Vulnerability (CVE-2021-28585) CVE-2021-28585 CWE-20 CWE-20 Medium Magento Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-1398) CVE-2015-1398 CWE-22 CWE-22 Medium Magento Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-3717) CVE-2020-3717 CWE-22 CWE-22 Medium Magento Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-9689) CVE-2020-9689 CWE-22 CWE-22 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9758) CVE-2014-9758 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10704) CVE-2016-10704 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7853) CVE-2019-7853 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7862) CVE-2019-7862 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7863) CVE-2019-7863 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7866) CVE-2019-7866 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7867) CVE-2019-7867 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7868) CVE-2019-7868 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7869) CVE-2019-7869 CWE-707 CWE-707 Medium 1...32333435...99 33 / 99
