Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Nginx Out-of-bounds Write Vulnerability (CVE-2013-2028) CVE-2013-2028 CWE-787 CWE-787 High Nginx Out-of-bounds Write Vulnerability (CVE-2014-0133) CVE-2014-0133 CWE-787 CWE-787 High Nginx Out-of-bounds Write Vulnerability (CVE-2022-41741) CVE-2022-41741 CWE-787 CWE-787 High Nginx Out-of-bounds Write Vulnerability (CVE-2022-41742) CVE-2022-41742 CWE-787 CWE-787 High Nginx Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0337) CVE-2013-0337 CWE-264 CWE-264 High Nginx PHP code execution via FastCGI CWE-94 CWE-94 High nginx range filter integer overflow CVE-2017-7529 CWE-200 CWE-200 Medium Nginx Redirect Header Injection CWE-93 CWE-93 Medium Nginx Resource Management Errors Vulnerability (CVE-2016-0747) CVE-2016-0747 Medium Nginx UI Information Disclosure (CVE-2026-27944) CVE-2026-27944 CWE-306 CWE-311 CWE-306 CWE-311 Critical Nginx Uncontrolled Resource Consumption Vulnerability (CVE-2018-16843) CVE-2018-16843 CWE-400 CWE-400 High Nginx Uncontrolled Resource Consumption Vulnerability (CVE-2018-16844) CVE-2018-16844 CWE-400 CWE-400 High Nginx Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487) CVE-2023-44487 CWE-400 CWE-400 High Nginx Use After Free Vulnerability (CVE-2012-1180) CVE-2012-1180 CWE-416 CWE-416 Medium Nginx Use After Free Vulnerability (CVE-2022-31307) CVE-2022-31307 CWE-416 CWE-416 Medium Nginx Use After Free Vulnerability (CVE-2022-32414) CVE-2022-32414 CWE-416 CWE-416 Medium node-serialize Insecure Deserialization CVE-2017-5941 CWE-502 CWE-502 High Node.js Debugger Unauthorized Access Vulnerability CWE-200 CWE-200 High Node.js Inspector Unauthorized Access Vulnerability CWE-200 CWE-200 High Node.js MySQL Prepared Statement Object Injection CWE-89 CWE-89 High Node.js path validation vulnerability CVE-2017-14849 CWE-22 CWE-22 High Node.js Running in Development Mode CWE-215 CWE-215 Medium Node.js Web Application does not handle uncaughtException CWE-248 CWE-248 Medium Node.js Web Application does not handle unhandledRejection CWE-248 CWE-248 Medium NodeBB Arbitrary JSON File Read (CVE-2021-43788) CVE-2021-43788 CWE-22 CWE-22 Medium Nonce Usage Detected in Content Security Policy (CSP) Directive CWE-358 CWE-358 Informational No SAML Respose signature check CWE-347 CWE-347 High No Script Block Detected with the Hash Value Declared in Content Security Policy (CSP) CWE-942 CWE-942 Informational npm log file publicly accessible (npm-debug.log) CWE-200 CWE-200 Medium ntopng Authentication Bypass (CVE-2021-28073) CVE-2021-28073 CWE-287 CWE-287 High NuSOAP Improper Certificate Validation Vulnerability (CVE-2012-6071) CVE-2012-6071 CWE-295 CWE-295 High Nuxt.js Running in Development Mode CWE-200 CWE-200 Low OData feed accessible anonymously CWE-200 CWE-200 Low Odoo LFI (CVE-2019-14322) CVE-2019-14322 CWE-22 CWE-22 High Odoo XSS (CVE-2023-1434) CVE-2023-1434 CWE-79 CWE-79 Medium Old API Version Exposed CWE-693 CWE-693 Medium Omeka Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-5100) CVE-2014-5100 CWE-352 CWE-352 Medium Omeka Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-13423) CVE-2018-13423 CWE-707 CWE-707 Medium Omeka Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26799) CVE-2021-26799 CWE-707 CWE-707 Medium Omeka Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-3980) CVE-2023-3980 CWE-707 CWE-707 Medium Omeka Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-3982) CVE-2023-3982 CWE-707 CWE-707 Medium Omeka Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-3981) CVE-2023-3981 CWE-918 CWE-918 Medium Opencart Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2025-15116) CVE-2025-15116 CWE-362 CWE-362 Medium Opencart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-1610) CVE-2010-1610 CWE-352 CWE-352 Medium Opencart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-13067) CVE-2018-13067 CWE-352 CWE-352 High Opencart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-28838) CVE-2020-28838 CWE-352 CWE-352 Low Opencart CVE-2024-21519 Vulnerability (CVE-2024-21519) CVE-2024-21519 High Opencart Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3763) CVE-2011-3763 CWE-200 CWE-200 Medium Opencart Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-47444) CVE-2023-47444 CWE-94 CWE-94 High Opencart Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-36694) CVE-2024-36694 CWE-94 CWE-94 High Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2009-1621) CVE-2009-1621 CWE-22 CWE-22 Medium Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2013-1891) CVE-2013-1891 CWE-22 CWE-22 Medium Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-11494) CVE-2018-11494 CWE-22 CWE-22 High Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-11495) CVE-2018-11495 CWE-22 CWE-22 Medium Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-2315) CVE-2023-2315 CWE-22 CWE-22 High Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-21518) CVE-2024-21518 CWE-22 CWE-22 High Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-4671) CVE-2015-4671 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-15081) CVE-2019-15081 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-10596) CVE-2020-10596 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13980) CVE-2020-13980 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-29470) CVE-2020-29470 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-29471) CVE-2020-29471 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21515) CVE-2024-21515 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21516) CVE-2024-21516 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21517) CVE-2024-21517 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1746) CVE-2025-1746 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1747) CVE-2025-1747 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1748) CVE-2025-1748 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1749) CVE-2025-1749 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-45892) CVE-2025-45892 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-45893) CVE-2025-45893 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-1027) CVE-2009-1027 CWE-138 CWE-138 High Opencart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-0956) CVE-2010-0956 CWE-138 CWE-138 High Opencart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-20491) CVE-2020-20491 CWE-138 CWE-138 High Opencart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-37823) CVE-2021-37823 CWE-138 CWE-138 Medium 1...119120121122...327 120 / 327
