Vulnerability Name CVE Severity
ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-4848) CVE-2016-4848
ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-1000307) CVE-2016-1000307
ClipBucket Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2018-7664) CVE-2018-7664
ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-5849) CVE-2012-5849
ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-6643) CVE-2012-6643
ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-7666) CVE-2018-7666
ClipBucket Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-7665) CVE-2018-7665
Clockwork PHP dev tool enabled
Cloud metadata publicly exposed
CloudPanel file-manager Auth bypass (CVE-2023-35885) CVE-2023-35885
Cmd hijack vulnerability
Code Evaluation (Apache Struts) S2-016 CVE-2013-2251
Code Evaluation (Apache Struts) S2-045 CVE-2017-5638
Code Evaluation (Apache Struts) S2-046 CVE-2017-5638
Code Evaluation (ASP)
Code Evaluation (Perl)
Code Evaluation (PHP)
Code Evaluation (Python)
Code Evaluation (Ruby)
Code Execution via WebDav
CodeIgniter 2.1.3 xss_clean() filter bypass CVE-2013-4891
CodeIgniter development mode enabled
CodeIgniter session decoding vulnerability
CodeIgniter weak encryption key
ColdFusion 8 FCKEditor file upload vulnerability CVE-2009-2265
ColdFusion 9 solr service exposed CVE-2010-0185
ColdFusion Access Control bypass (CVE-2023-29298/CVE-2023-38205) CVE-2023-29298 CVE-2023-38205
ColdFusion administrator login page publicly available
ColdFusion AMF Deserialization RCE CVE-2017-3066
ColdFusion Arbitrary File Upload CVE-2018-15961
ColdFusion CFC Deserialization RCE (CVE-2023-26359/CVE-2023-26360) CVE-2023-26359 CVE-2023-26360
ColdFusion directory traversal CVE-2010-2861
ColdFusion FlashGateway Deserialization RCE CVE-2019-7091 CVE-2019-7091
ColdFusion JNDI injection RCE CVE-2018-15957
ColdFusion path disclosures
ColdFusion PMS Arbitrary File Read (CVE-2024-20767) CVE-2024-20767
ColdFusion RDS Service enabled
ColdFusion Request Debugging information disclosure
ColdFusion Robust Exception enabled
ColdFusion User-Agent cross-site scripting CVE-2007-0817
ColdFusion WDDX Deserialization RCE (CVE-2023-29300/CVE-2023-38203/CVE-2023-38204) CVE-2023-29300 CVE-2023-38203 CVE-2023-38204
ColdFusion WDDX Deserialization RCE (CVE-2023-44353) CVE-2023-44353
ColdFusion XSS (CVE-2023-44352) CVE-2023-44352
Collabtive Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-5285) CVE-2010-5285
Collabtive Improper Input Validation Vulnerability (CVE-2012-2670) CVE-2012-2670
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5284) CVE-2010-5284
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3247) CVE-2014-3247
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8935) CVE-2019-8935
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13655) CVE-2020-13655
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3298) CVE-2021-3298
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-46240) CVE-2024-46240
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-48706) CVE-2024-48706
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-48707) CVE-2024-48707
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-48708) CVE-2024-48708
Collabtive Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4269) CVE-2010-4269
Collabtive Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-6872) CVE-2013-6872
Collabtive Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3246) CVE-2014-3246
Collabtive Improper Privilege Management Vulnerability (CVE-2013-5027) CVE-2013-5027
Collabtive Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2015-0258) CVE-2015-0258
Command Injection
Composer installed.json publicly accessible
concrete5 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-8082) CVE-2017-8082
concrete5 CVE-2020-14961 Vulnerability (CVE-2020-14961) CVE-2020-14961
concrete5 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-5107) CVE-2014-5107
concrete5 Improper Input Validation Vulnerability (CVE-2017-18195) CVE-2017-18195
concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-5181) CVE-2012-5181
concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5108) CVE-2014-5108
concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9526) CVE-2014-9526
concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-2250) CVE-2015-2250
concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-3989) CVE-2015-3989
concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-4721) CVE-2015-4721
concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-6905) CVE-2017-6905
concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-6908) CVE-2017-6908
concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7725) CVE-2017-7725
concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19146) CVE-2018-19146