Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity PHP Use of Externally-Controlled Format String Vulnerability (CVE-2009-3294) CVE-2009-3294 CWE-134 CWE-134 Medium PHP Use of Externally-Controlled Format String Vulnerability (CVE-2010-2094) CVE-2010-2094 CWE-134 CWE-134 Medium PHP Use of Externally-Controlled Format String Vulnerability (CVE-2010-2950) CVE-2010-2950 CWE-134 CWE-134 Medium PHP Use of Externally-Controlled Format String Vulnerability (CVE-2011-1153) CVE-2011-1153 CWE-134 CWE-134 High PHP Use of Externally-Controlled Format String Vulnerability (CVE-2015-8617) CVE-2015-8617 CWE-134 CWE-134 Critical PHP Use of Insufficiently Random Values Vulnerability (CVE-2023-3247) CVE-2023-3247 CWE-330 CWE-330 Medium PHP Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2023-0567) CVE-2023-0567 CWE-916 CWE-916 Medium PHP Use of Uninitialized Resource Vulnerability (CVE-2015-3414) CVE-2015-3414 CWE-908 CWE-908 High PHP Use of Uninitialized Resource Vulnerability (CVE-2015-8390) CVE-2015-8390 CWE-908 CWE-908 Critical PHP Use of Uninitialized Resource Vulnerability (CVE-2019-11038) CVE-2019-11038 CWE-908 CWE-908 Medium PHP X Prober publicly accessible CWE-200 CWE-200 Medium Phusion Passenger Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2018-12029) CVE-2018-12029 CWE-362 CWE-362 High Phusion Passenger Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-16355) CVE-2017-16355 CWE-200 CWE-200 Medium Phusion Passenger Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-12027) CVE-2018-12027 CWE-200 CWE-200 High Phusion Passenger Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2013-4136) CVE-2013-4136 CWE-59 CWE-59 Medium Phusion Passenger Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2018-12026) CVE-2018-12026 CWE-59 CWE-59 Critical Phusion Passenger Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2018-12028) CVE-2018-12028 CWE-732 CWE-732 High Phusion Passenger Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2018-12615) CVE-2018-12615 CWE-732 CWE-732 Medium Phusion Passenger Other Vulnerability (CVE-2014-1831) CVE-2014-1831 Low Phusion Passenger Other Vulnerability (CVE-2014-1832) CVE-2014-1832 Low Phusion Passenger Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2119) CVE-2013-2119 CWE-264 CWE-264 Medium Phusion Passenger Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-10345) CVE-2016-10345 CWE-264 CWE-264 High Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-1468) CVE-2013-1468 CWE-352 CWE-352 High Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-4613) CVE-2014-4613 CWE-352 CWE-352 Medium Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-4614) CVE-2014-4614 CWE-352 CWE-352 Medium Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-10678) CVE-2017-10678 CWE-352 CWE-352 High Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-10680) CVE-2017-10680 CWE-352 CWE-352 High Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-10681) CVE-2017-10681 CWE-352 CWE-352 High Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-17774) CVE-2017-17774 CWE-352 CWE-352 High Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-17827) CVE-2017-17827 CWE-352 CWE-352 High Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-7724) CVE-2018-7724 CWE-352 CWE-352 Medium Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-13363) CVE-2019-13363 CWE-352 CWE-352 Critical Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-33359) CVE-2023-33359 CWE-352 CWE-352 Medium Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26450) CVE-2024-26450 CWE-352 CWE-352 Medium Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-48311) CVE-2024-48311 CWE-352 CWE-352 High Piwigo CVE-2014-4648 Vulnerability (CVE-2014-4648) CVE-2014-4648 Critical Piwigo Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-26267) CVE-2022-26267 CWE-668 CWE-668 High Piwigo Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3790) CVE-2011-3790 CWE-200 CWE-200 Medium Piwigo Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-10679) CVE-2017-10679 CWE-200 CWE-200 High Piwigo Improper Access Control Vulnerability (CVE-2016-10084) CVE-2016-10084 CWE-284 CWE-284 High Piwigo Improper Access Control Vulnerability (CVE-2016-10085) CVE-2016-10085 CWE-284 CWE-284 High Piwigo Improper Access Control Vulnerability (CVE-2016-10105) CVE-2016-10105 CWE-284 CWE-284 Critical Piwigo Improper Access Control Vulnerability (CVE-2016-10514) CVE-2016-10514 CWE-284 CWE-284 Medium Piwigo Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2012-2208) CVE-2012-2208 CWE-22 CWE-22 High Piwigo Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2013-1469) CVE-2013-1469 CWE-22 CWE-22 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4039) CVE-2009-4039 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-1707) CVE-2010-1707 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2209) CVE-2012-2209 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4525) CVE-2012-4525 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4526) CVE-2012-4526 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-1980) CVE-2014-1980 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3900) CVE-2014-3900 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-2034) CVE-2015-2034 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-9751) CVE-2016-9751 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10083) CVE-2016-10083 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10513) CVE-2016-10513 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5608) CVE-2017-5608 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9452) CVE-2017-9452 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9836) CVE-2017-9836 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-17775) CVE-2017-17775 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-17825) CVE-2017-17825 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-17826) CVE-2017-17826 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5692) CVE-2018-5692 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7722) CVE-2018-7722 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7723) CVE-2018-7723 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-13364) CVE-2019-13364 CWE-707 CWE-707 Critical Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-8089) CVE-2020-8089 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-9467) CVE-2020-9467 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-22148) CVE-2020-22148 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-22150) CVE-2020-22150 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-40678) CVE-2021-40678 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-40882) CVE-2021-40882 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-45357) CVE-2021-45357 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-24620) CVE-2022-24620 CWE-707 CWE-707 Medium Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37183) CVE-2022-37183 CWE-707 CWE-707 Medium 1...163164165166...327 164 / 327
