Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-3715) CVE-2020-3715 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-3758) CVE-2020-3758 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-9577) CVE-2020-9577 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-9581) CVE-2020-9581 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-9584) CVE-2020-9584 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-9665) CVE-2020-9665 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-24408) CVE-2020-24408 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21023) CVE-2021-21023 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21029) CVE-2021-21029 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-28556) CVE-2021-28556 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-34257) CVE-2022-34257 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-34258) CVE-2022-34258 CWE-707 CWE-707 Medium Magento Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-7889) CVE-2019-7889 CWE-138 CWE-138 Medium Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-1397) CVE-2015-1397 CWE-138 CWE-138 Medium Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-8143) CVE-2019-8143 CWE-138 CWE-138 Medium Magento Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') Vulnerability (CVE-2019-8126) CVE-2019-8126 CWE-776 CWE-776 Medium Magento Incorrect Authorization Vulnerability (CVE-2020-9692) CVE-2020-9692 CWE-863 CWE-863 Medium Magento Incorrect Authorization Vulnerability (CVE-2020-24401) CVE-2020-24401 CWE-863 CWE-863 Medium Magento Incorrect Authorization Vulnerability (CVE-2021-28567) CVE-2021-28567 CWE-863 CWE-863 Medium Magento Insufficient Session Expiration Vulnerability (CVE-2021-21031) CVE-2021-21031 CWE-613 CWE-613 Medium Magento Insufficient Session Expiration Vulnerability (CVE-2021-21032) CVE-2021-21032 CWE-613 CWE-613 Medium Magento Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-9690) CVE-2020-9690 Medium Magento Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-3458) CVE-2015-3458 CWE-264 CWE-264 Medium Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-8140) CVE-2019-8140 CWE-434 CWE-434 Medium Magento Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2019-8113) CVE-2019-8113 CWE-338 CWE-338 Medium Magento Violation of Secure Design Principles Vulnerability (CVE-2021-28583) CVE-2021-28583 CWE-657 CWE-657 Medium Mailman CVE-2006-2941 Vulnerability (CVE-2006-2941) CVE-2006-2941 Medium Mailman Improper Input Validation Vulnerability (CVE-2018-13796) CVE-2018-13796 CWE-20 CWE-20 Medium Mailman Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0707) CVE-2011-0707 CWE-707 CWE-707 Medium Mailman Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-5024) CVE-2011-5024 CWE-707 CWE-707 Medium Mailman Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-0618) CVE-2018-0618 CWE-707 CWE-707 Medium Mailman Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5950) CVE-2018-5950 CWE-707 CWE-707 Medium Mailman Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12137) CVE-2020-12137 CWE-707 CWE-707 Medium Mailman Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43331) CVE-2021-43331 CWE-707 CWE-707 Medium Mailman Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-12108) CVE-2020-12108 CWE-138 CWE-138 Medium Mailman Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-15011) CVE-2020-15011 CWE-138 CWE-138 Medium Mailman Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2021-42096) CVE-2021-42096 CWE-307 CWE-307 Medium Mailman Insufficiently Protected Credentials Vulnerability (CVE-2021-43332) CVE-2021-43332 CWE-522 CWE-522 Medium Mailman Other Vulnerability (CVE-2001-0290) CVE-2001-0290 Medium Mailman Other Vulnerability (CVE-2001-0884) CVE-2001-0884 Medium Mailman Other Vulnerability (CVE-2003-0038) CVE-2003-0038 Medium Mailman Other Vulnerability (CVE-2003-0965) CVE-2003-0965 Medium Mailman Other Vulnerability (CVE-2003-0991) CVE-2003-0991 Medium Mailman Other Vulnerability (CVE-2003-0992) CVE-2003-0992 Medium Mailman Other Vulnerability (CVE-2004-0182) CVE-2004-0182 Medium Mailman Other Vulnerability (CVE-2004-0412) CVE-2004-0412 Medium Mailman Other Vulnerability (CVE-2004-1177) CVE-2004-1177 Medium Mailman Other Vulnerability (CVE-2005-0080) CVE-2005-0080 Medium Mailman Other Vulnerability (CVE-2005-0202) CVE-2005-0202 Medium Mailman Other Vulnerability (CVE-2005-3573) CVE-2005-3573 Medium Mailman Other Vulnerability (CVE-2006-0052) CVE-2006-0052 Medium Mailman Other Vulnerability (CVE-2006-3636) CVE-2006-3636 Medium markdown-it Improper Access Control Vulnerability (CVE-2015-3295) CVE-2015-3295 CWE-284 CWE-284 Medium markdown-it Inefficient Regular Expression Complexity Vulnerability (CVE-2022-21670) CVE-2022-21670 CWE-1333 CWE-1333 Medium MathJax Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1999024) CVE-2018-1999024 CWE-707 CWE-707 Medium MediaWiki Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-41800) CVE-2021-41800 CWE-770 CWE-770 Medium MediaWiki Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2014-2243) CVE-2014-2243 CWE-362 CWE-362 Medium MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-5252) CVE-2008-5252 CWE-352 CWE-352 Medium MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-1150) CVE-2010-1150 CWE-352 CWE-352 Medium MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-1648) CVE-2010-1648 CWE-352 CWE-352 Medium MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-1578) CVE-2012-1578 CWE-352 CWE-352 Medium MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-1580) CVE-2012-1580 CWE-352 CWE-352 Medium MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-5394) CVE-2012-5394 CWE-352 CWE-352 Medium MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-4306) CVE-2013-4306 CWE-352 CWE-352 Medium MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-3454) CVE-2014-3454 CWE-352 CWE-352 Medium MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-3455) CVE-2014-3455 CWE-352 CWE-352 Medium MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-5241) CVE-2014-5241 CWE-352 CWE-352 Medium MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-9276) CVE-2014-9276 CWE-352 CWE-352 Medium MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-29903) CVE-2022-29903 CWE-352 CWE-352 Medium MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-29905) CVE-2022-29905 CWE-352 CWE-352 Medium MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-40601) CVE-2024-40601 CWE-352 CWE-352 Medium MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-40603) CVE-2024-40603 CWE-352 CWE-352 Medium MediaWiki CVE-2012-4885 Vulnerability (CVE-2012-4885) CVE-2012-4885 Medium MediaWiki CVE-2017-8812 Vulnerability (CVE-2017-8812) CVE-2017-8812 Medium MediaWiki CVE-2019-12467 Vulnerability (CVE-2019-12467) CVE-2019-12467 Medium 1...35363738...107 36 / 107
