Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Owasp Api Bfla Owasp Api Bola Owasp Api Broken Auth Owasp Api Broken Object Prop Auth Owasp Api Dos Owasp Api Improper Inventory Management Owasp Api Misconfiguration Owasp Api Ssrf Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Vanilla Forums Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-1000432) CVE-2017-1000432 CWE-352 CWE-352 High Vanilla Forums CVE-2013-3528 Vulnerability (CVE-2013-3528) CVE-2013-3528 High Vanilla Forums Deserialization of Untrusted Data Vulnerability (CVE-2018-19499) CVE-2018-19499 CWE-502 CWE-502 High Vanilla Forums Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3613) CVE-2011-3613 CWE-200 CWE-200 High Vanilla Forums Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3812) CVE-2011-3812 CWE-200 CWE-200 Medium Vanilla Forums Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-10073) CVE-2016-10073 CWE-200 CWE-200 High Vanilla Forums Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-18903) CVE-2018-18903 CWE-94 CWE-94 Critical Vanilla Forums Improper Input Validation Vulnerability (CVE-2011-0908) CVE-2011-0908 CWE-20 CWE-20 Medium Vanilla Forums Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-9889) CVE-2019-9889 CWE-22 CWE-22 Low Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0526) CVE-2011-0526 CWE-707 CWE-707 Medium Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0909) CVE-2011-0909 CWE-707 CWE-707 Medium Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1009) CVE-2011-1009 CWE-707 CWE-707 Medium Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9685) CVE-2014-9685 CWE-707 CWE-707 Medium Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17571) CVE-2018-17571 CWE-707 CWE-707 Medium Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8279) CVE-2019-8279 CWE-707 CWE-707 Medium Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-8825) CVE-2020-8825 CWE-707 CWE-707 Medium Vanilla Forums Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-3527) CVE-2013-3527 CWE-138 CWE-138 High Vanilla Forums Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-16410) CVE-2018-16410 CWE-138 CWE-138 Medium Vanilla Forums Other Vulnerability (CVE-2011-0910) CVE-2011-0910 Medium Vanilla Forums Other Vulnerability (CVE-2011-3614) CVE-2011-3614 Critical Vanilla Forums Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4954) CVE-2012-4954 CWE-264 CWE-264 Low Varnish Cache Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2013-4484) CVE-2013-4484 CWE-119 CWE-119 Medium Varnish Cache Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-8807) CVE-2017-8807 CWE-119 CWE-119 Critical Varnish Cache Integer Overflow or Wraparound Vulnerability (CVE-2017-12425) CVE-2017-12425 CWE-190 CWE-190 High Varnish Cache Other Vulnerability (CVE-2013-4090) CVE-2013-4090 High Varnish Cache Other Vulnerability (CVE-2015-8852) CVE-2015-8852 High Varnish Cache Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0345) CVE-2013-0345 CWE-264 CWE-264 Low Varnish Cache Reachable Assertion Vulnerability (CVE-2019-15892) CVE-2019-15892 CWE-617 CWE-617 High vBSEO 3.6.0 PHP code injection CVE-2012-5223 CWE-94 CWE-94 High vBulletin 4 (up to 4.1.2) search.php SQL injection CWE-89 CWE-89 High vBulletin 5 CONNECT remote code execution CWE-94 CWE-94 High vBulletin 5.1.2 SQL injection CVE-2014-5102 CWE-89 CWE-89 High vBulletin 5.6.1 nodeId SQL injection CVE-2020-12720 CWE-94 CWE-94 High vBulletin 5.x 0day pre-auth RCE CWE-94 CWE-94 High vBulletin customer number disclosure CVE-2013-6129 CWE-264 CWE-264 High vBulletin PHP object injection vulnerability CWE-915 CWE-915 High vBulletin Pre-Auth RCE Vulnerability CVE-2020-17496 CWE-94 CWE-94 High vBulletin routestring Local File Inclusion CWE-98 CWE-98 High Verb tampering via misconfigured security constraint CWE-16 CWE-16 Medium Version Disclosure (ASP.NET) CWE-200 CWE-200 Low Version Disclosure (ASP.NET MVC) CWE-200 CWE-200 Low Version Disclosure (IIS) CWE-200 CWE-200 Low Version Disclosure (PHP) Low Vertical Broken Function Level Authorization (BFLA) CWE-639 CWE-639 High Vertical IDOR/BOLA (Broken Object Level Authorization) CWE-639 CWE-639 High VideoJS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-23414) CVE-2021-23414 CWE-707 CWE-707 Medium ViewsState is not Encrypted CWE-200 CWE-200 Low ViewState MAC Disabled CWE-642 CWE-642 Medium ViewStateMac is Not Enabled CWE-16 CWE-16 Medium Virtual host directory listing CWE-538 CWE-538 Medium Virtual Host locations misconfiguration CWE-200 CWE-200 High VirtueMart access control bypass CWE-287 CWE-287 High Vite Arbitrary File Read (CVE-2025-30208, CVE-2025-31125) CVE-2025-30208 CVE-2025-31125 CWE-200 CWE-200 High VMware Aria Operations for Networks RCE (CVE-2023-20887) CVE-2023-20887 CWE-77 CWE-77 Critical VMware directory traversal and privilege escalation vulnerabilities CVE-2009-2267 CVE-2009-3733 CWE-22 CWE-22 High VMware Horizon Log4Shell RCE CVE-2021-44228 CWE-78 CWE-78 High VMware vCenter Log4Shell RCE CVE-2021-44228 CWE-78 CWE-78 High VMware vCenter Server Unauthorized Remote Code Execution CVE-2021-21972 CWE-78 CWE-78 High VMware vCenter vcavbootstrap Arbitrary File Read High VMware vRealize Operations Server Side Request Forgery (SSRF) vulnerability CVE-2021-21975 CWE-918 CWE-918 High VMware Workspace ONE Access SSTI (CVE-2022-22954) CVE-2022-22954 CWE-94 CWE-94 High Vulnerabilities in SharePoint could allow elevation of privilege CVE-2012-1859 CWE-79 CWE-79 High Vulnerable JavaScript libraries CWE-937 CWE-937 Medium Vulnerable package dependencies [high] CWE-1104 CWE-1104 High Vulnerable package dependencies [low] CWE-1104 CWE-1104 Low Vulnerable package dependencies [medium] CWE-1104 CWE-1104 Medium Vulnerable project dependencies CWE-937 CWE-937 High W3 Total Cache CVE-2019-6715 Vulnerability (CVE-2019-6715) CVE-2019-6715 High W3 total cache debug mode CWE-489 CWE-489 Medium Weak Nonce Detected in Content Security Policy (CSP) Declaration CWE-16 CWE-16 Informational Weak password CWE-200 CWE-200 High Weak Secret is Used to Sign JWT CWE-345 CWE-345 High Weak WordPress security key CWE-16 CWE-16 High web.xml configuration file disclosure CWE-538 CWE-538 High Web2py weak secret key CWE-693 CWE-693 Medium 1...178179180181...307 179 / 307
