Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7937) CVE-2019-7937 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7938) CVE-2019-7938 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7939) CVE-2019-7939 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7940) CVE-2019-7940 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7944) CVE-2019-7944 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7945) CVE-2019-7945 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8092) CVE-2019-8092 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8115) CVE-2019-8115 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8117) CVE-2019-8117 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8120) CVE-2019-8120 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8128) CVE-2019-8128 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8129) CVE-2019-8129 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8131) CVE-2019-8131 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8132) CVE-2019-8132 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8138) CVE-2019-8138 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8139) CVE-2019-8139 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8142) CVE-2019-8142 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8145) CVE-2019-8145 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8146) CVE-2019-8146 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8147) CVE-2019-8147 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8148) CVE-2019-8148 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8152) CVE-2019-8152 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8153) CVE-2019-8153 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8157) CVE-2019-8157 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8227) CVE-2019-8227 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8228) CVE-2019-8228 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8233) CVE-2019-8233 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-3715) CVE-2020-3715 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-3758) CVE-2020-3758 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-9577) CVE-2020-9577 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-9581) CVE-2020-9581 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-9584) CVE-2020-9584 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-9665) CVE-2020-9665 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-24408) CVE-2020-24408 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21023) CVE-2021-21023 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21029) CVE-2021-21029 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-28556) CVE-2021-28556 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-34257) CVE-2022-34257 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-34258) CVE-2022-34258 CWE-707 CWE-707 Medium Magento Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-7889) CVE-2019-7889 CWE-138 CWE-138 Medium Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-1397) CVE-2015-1397 CWE-138 CWE-138 Medium Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-8143) CVE-2019-8143 CWE-138 CWE-138 Medium Magento Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') Vulnerability (CVE-2019-8126) CVE-2019-8126 CWE-776 CWE-776 Medium Magento Incorrect Authorization Vulnerability (CVE-2020-9692) CVE-2020-9692 CWE-863 CWE-863 Medium Magento Incorrect Authorization Vulnerability (CVE-2020-24401) CVE-2020-24401 CWE-863 CWE-863 Medium Magento Incorrect Authorization Vulnerability (CVE-2021-28567) CVE-2021-28567 CWE-863 CWE-863 Medium Magento Insufficient Session Expiration Vulnerability (CVE-2021-21031) CVE-2021-21031 CWE-613 CWE-613 Medium Magento Insufficient Session Expiration Vulnerability (CVE-2021-21032) CVE-2021-21032 CWE-613 CWE-613 Medium Magento Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-9690) CVE-2020-9690 Medium Magento Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-3458) CVE-2015-3458 CWE-264 CWE-264 Medium Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-8140) CVE-2019-8140 CWE-434 CWE-434 Medium Magento Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2019-8113) CVE-2019-8113 CWE-338 CWE-338 Medium Magento Violation of Secure Design Principles Vulnerability (CVE-2021-28583) CVE-2021-28583 CWE-657 CWE-657 Medium Mailman CVE-2006-2941 Vulnerability (CVE-2006-2941) CVE-2006-2941 Medium Mailman Improper Input Validation Vulnerability (CVE-2018-13796) CVE-2018-13796 CWE-20 CWE-20 Medium Mailman Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0707) CVE-2011-0707 CWE-707 CWE-707 Medium Mailman Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-5024) CVE-2011-5024 CWE-707 CWE-707 Medium Mailman Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-0618) CVE-2018-0618 CWE-707 CWE-707 Medium Mailman Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5950) CVE-2018-5950 CWE-707 CWE-707 Medium Mailman Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12137) CVE-2020-12137 CWE-707 CWE-707 Medium Mailman Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43331) CVE-2021-43331 CWE-707 CWE-707 Medium Mailman Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-12108) CVE-2020-12108 CWE-138 CWE-138 Medium Mailman Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-15011) CVE-2020-15011 CWE-138 CWE-138 Medium Mailman Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2021-42096) CVE-2021-42096 CWE-307 CWE-307 Medium Mailman Insufficiently Protected Credentials Vulnerability (CVE-2021-43332) CVE-2021-43332 CWE-522 CWE-522 Medium Mailman Other Vulnerability (CVE-2001-0290) CVE-2001-0290 Medium Mailman Other Vulnerability (CVE-2001-0884) CVE-2001-0884 Medium Mailman Other Vulnerability (CVE-2003-0038) CVE-2003-0038 Medium Mailman Other Vulnerability (CVE-2003-0965) CVE-2003-0965 Medium Mailman Other Vulnerability (CVE-2003-0991) CVE-2003-0991 Medium Mailman Other Vulnerability (CVE-2003-0992) CVE-2003-0992 Medium Mailman Other Vulnerability (CVE-2004-0182) CVE-2004-0182 Medium Mailman Other Vulnerability (CVE-2004-0412) CVE-2004-0412 Medium Mailman Other Vulnerability (CVE-2004-1177) CVE-2004-1177 Medium Mailman Other Vulnerability (CVE-2005-0080) CVE-2005-0080 Medium 1...34353637...106 35 / 106
