Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Node.js path validation vulnerability CVE-2017-14849 CWE-22 CWE-22 High Node.js Running in Development Mode CWE-215 CWE-215 Medium Node.js Web Application does not handle uncaughtException CWE-248 CWE-248 Medium Node.js Web Application does not handle unhandledRejection CWE-248 CWE-248 Medium NodeBB Arbitrary JSON File Read (CVE-2021-43788) CVE-2021-43788 CWE-22 CWE-22 Medium Nonce Usage Detected in Content Security Policy (CSP) Directive CWE-16 CWE-16 Informational No SAML Respose signature check CWE-16 CWE-16 High No Script Block Detected with the Hash Value Declared in Content Security Policy (CSP) CWE-16 CWE-16 Informational npm log file publicly accessible (npm-debug.log) CWE-200 CWE-200 Medium ntopng Authentication Bypass (CVE-2021-28073) CVE-2021-28073 CWE-287 CWE-287 High NuSOAP Improper Certificate Validation Vulnerability (CVE-2012-6071) CVE-2012-6071 CWE-295 CWE-295 High Nuxt.js Running in Development Mode CWE-200 CWE-200 Low OData feed accessible anonymously CWE-200 CWE-200 Low Odoo LFI (CVE-2019-14322) CVE-2019-14322 CWE-22 CWE-22 High Odoo XSS (CVE-2023-1434) CVE-2023-1434 CWE-79 CWE-79 Medium Omeka Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-5100) CVE-2014-5100 CWE-352 CWE-352 Medium Omeka Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-13423) CVE-2018-13423 CWE-707 CWE-707 Medium Omeka Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26799) CVE-2021-26799 CWE-707 CWE-707 Medium Omeka Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-3980) CVE-2023-3980 CWE-707 CWE-707 Medium Omeka Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-3982) CVE-2023-3982 CWE-707 CWE-707 Medium Omeka Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-3981) CVE-2023-3981 CWE-918 CWE-918 Medium Opencart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-1610) CVE-2010-1610 CWE-352 CWE-352 Medium Opencart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-13067) CVE-2018-13067 CWE-352 CWE-352 High Opencart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-28838) CVE-2020-28838 CWE-352 CWE-352 Low Opencart CVE-2024-21519 Vulnerability (CVE-2024-21519) CVE-2024-21519 High Opencart Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3763) CVE-2011-3763 CWE-200 CWE-200 Medium Opencart Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-47444) CVE-2023-47444 CWE-94 CWE-94 High Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2009-1621) CVE-2009-1621 CWE-22 CWE-22 Medium Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2013-1891) CVE-2013-1891 CWE-22 CWE-22 Medium Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-11494) CVE-2018-11494 CWE-22 CWE-22 High Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-11495) CVE-2018-11495 CWE-22 CWE-22 Medium Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-2315) CVE-2023-2315 CWE-22 CWE-22 High Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-21518) CVE-2024-21518 CWE-22 CWE-22 High Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-4671) CVE-2015-4671 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-15081) CVE-2019-15081 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-10596) CVE-2020-10596 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13980) CVE-2020-13980 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-29470) CVE-2020-29470 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-29471) CVE-2020-29471 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21515) CVE-2024-21515 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21516) CVE-2024-21516 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21517) CVE-2024-21517 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1746) CVE-2025-1746 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1747) CVE-2025-1747 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1748) CVE-2025-1748 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1749) CVE-2025-1749 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-1027) CVE-2009-1027 CWE-138 CWE-138 High Opencart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-0956) CVE-2010-0956 CWE-138 CWE-138 High Opencart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-20491) CVE-2020-20491 CWE-138 CWE-138 High Opencart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-37823) CVE-2021-37823 CWE-138 CWE-138 Medium Opencart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-21514) CVE-2024-21514 CWE-138 CWE-138 High Opencart Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-40834) CVE-2023-40834 CWE-307 CWE-307 Critical Opencart Improper Restriction of XML External Entity Reference Vulnerability (CVE-2014-3990) CVE-2014-3990 CWE-611 CWE-611 Critical OpenCms Chemistry Solr XML External Entity (XXE) vulnerability (CVE-2023-42346) CVE-2023-42346 CWE-611 CWE-611 High OpenCms Chemistry XML External Entity (XXE) vulnerability (CVE-2023-42344) CVE-2023-42344 CWE-611 CWE-611 High OpenCms Solr XML External Entity (XXE) vulnerability CWE-611 CWE-611 High Openfire Admin Console Full Read SSRF CVE-2019-18394 CWE-918 CWE-918 High Openfire Path Traversal (CVE-2023-32315) CVE-2023-32315 CWE-22 CWE-22 High OpenMetadata Authentication Bypass (CVE-2024-28255) CVE-2024-28255 CWE-287 CWE-287 Critical Open Redirection CWE-601 CWE-601 Medium Open Resty Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-9230) CVE-2018-9230 CWE-138 CWE-138 Critical Open Resty Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-11724) CVE-2020-11724 CWE-444 CWE-444 High Open Resty Off-by-one Error Vulnerability (CVE-2021-23017) CVE-2021-23017 CWE-193 CWE-193 High Open Resty Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487) CVE-2023-44487 CWE-400 CWE-400 High Open Silverlight Client Access Policy CWE-16 CWE-16 Medium OpenSSL 7PK - Security Features Vulnerability (CVE-2015-1793) CVE-2015-1793 Medium OpenSSL Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2023-0286) CVE-2023-0286 CWE-843 CWE-843 High OpenSSL Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-2650) CVE-2023-2650 CWE-770 CWE-770 Medium OpenSSL Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2021-3711) CVE-2021-3711 CWE-120 CWE-120 Critical OpenSSL Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2022-3786) CVE-2022-3786 CWE-120 CWE-120 High OpenSSL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2010-3864) CVE-2010-3864 CWE-362 CWE-362 High OpenSSL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2010-5298) CVE-2010-5298 CWE-362 CWE-362 Medium OpenSSL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2014-3509) CVE-2014-3509 CWE-362 CWE-362 Medium OpenSSL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2015-1791) CVE-2015-1791 CWE-362 CWE-362 Medium OpenSSL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2015-3196) CVE-2015-3196 CWE-362 CWE-362 Medium 1...106107108109...307 107 / 307
