Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Squid Stack-based Buffer Overflow Vulnerability (CVE-2025-59362) CVE-2025-59362 CWE-121 CWE-121 Medium Squid Uncontrolled Recursion Vulnerability (CVE-2023-50269) CVE-2023-50269 CWE-674 CWE-674 High Squid Uncontrolled Recursion Vulnerability (CVE-2024-25111) CVE-2024-25111 CWE-674 CWE-674 High Squid Uncontrolled Resource Consumption Vulnerability (CVE-2021-28651) CVE-2021-28651 CWE-400 CWE-400 High Squid Uncontrolled Resource Consumption Vulnerability (CVE-2021-46784) CVE-2021-46784 CWE-400 CWE-400 Medium Squid Use After Free Vulnerability (CVE-2023-49288) CVE-2023-49288 CWE-416 CWE-416 High Squid Use After Free Vulnerability (CVE-2026-33526) CVE-2026-33526 CWE-416 CWE-416 High SSL/TLS Not Implemented CWE-319 CWE-319 Medium SSL Certificate Is About To Expire CWE-298 CWE-298 Medium SSL Certificate Name Hostname Mismatch CWE-295 CWE-295 Medium SSL Secure renegotiation is not supported CVE-2009-3555 CWE-295 CWE-295 Medium SSL Untrusted Root Certificate CWE-295 CWE-295 Medium SSRF in Ivanti Connect Secure, Policy Secure and Neurons (CVE-2024-21893) CVE-2024-21893 CWE-918 CWE-918 High SSRF in Server-Side Rendering CWE-918 CWE-918 High SSRF via logo_uri in MITREid Connect CVE-2021-26715 CWE-918 CWE-918 High Stack Trace Disclosure (Apache MyFaces) CWE-209 CWE-209 Low Stack Trace Disclosure (ASP.NET) CWE-209 CWE-209 Low Stack Trace Disclosure (CakePHP) CWE-209 CWE-209 Low Stack Trace Disclosure (CherryPy) CWE-209 CWE-209 Low Stack Trace Disclosure (ColdFusion) CWE-209 CWE-209 Medium Stack Trace Disclosure (Grails) CWE-209 CWE-209 Low Stack Trace Disclosure (GWT) CWE-209 CWE-209 Low Stack Trace Disclosure (Java) CWE-209 CWE-209 Medium Stack Trace Disclosure (Laravel) CWE-209 CWE-209 Medium Stack Trace Disclosure (NodeJS) CWE-209 CWE-209 Low Stack Trace Disclosure (Python) CWE-209 CWE-209 Medium Stack Trace Disclosure (RoR) CWE-209 CWE-209 Medium Stack Trace Disclosure (Ruby-Sinatra Framework) CWE-209 CWE-209 Low Stack Trace Disclosure (Tomcat) CWE-209 CWE-209 Low Static Nonce Identified in Content Security Policy (CSP) CWE-334 CWE-334 Informational Strapi Cognito provider Authentication Bypass (CVE-2023-22893) CVE-2023-22893 CWE-287 CWE-287 High Struts 2 Config Browser plugin enabled CWE-200 CWE-200 Medium Struts 2 development mode CWE-489 CWE-489 High Struts2 Development Mode Enabled CWE-200 CWE-489 CWE-200 CWE-489 High Struts2/XWork remote command execution (S2-014) CVE-2013-1966 CVE-2013-2115 CWE-94 CWE-94 High Subresource Integrity (SRI) Not Implemented CWE-830 CWE-830 Informational SugarCRM CVE-2023-35809 Vulnerability (CVE-2023-35809) CVE-2023-35809 High SugarCRM Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3803) CVE-2011-3803 CWE-200 CWE-200 Medium SugarCRM Gain Sensitive Information Vulnerability (CVE-2004-1226) CVE-2004-1226 Medium SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17299) CVE-2019-17299 CWE-94 CWE-94 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17300) CVE-2019-17300 CWE-94 CWE-94 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17301) CVE-2019-17301 CWE-94 CWE-94 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17302) CVE-2019-17302 CWE-94 CWE-94 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17303) CVE-2019-17303 CWE-94 CWE-94 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17304) CVE-2019-17304 CWE-94 CWE-94 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17305) CVE-2019-17305 CWE-94 CWE-94 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17306) CVE-2019-17306 CWE-94 CWE-94 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17307) CVE-2019-17307 CWE-94 CWE-94 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17308) CVE-2019-17308 CWE-94 CWE-94 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17309) CVE-2019-17309 CWE-94 CWE-94 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17310) CVE-2019-17310 CWE-94 CWE-94 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-46816) CVE-2023-46816 CWE-94 CWE-94 High SugarCRM Improper Input Validation Vulnerability (CVE-2011-0745) CVE-2011-0745 CWE-20 CWE-20 Medium SugarCRM Improper Input Validation Vulnerability (CVE-2012-0694) CVE-2012-0694 CWE-20 CWE-20 Critical SugarCRM Improper Input Validation Vulnerability (CVE-2017-14509) CVE-2017-14509 CWE-20 CWE-20 High SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-2045) CVE-2008-2045 CWE-22 CWE-22 Medium SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17311) CVE-2019-17311 CWE-22 CWE-22 High SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17312) CVE-2019-17312 CWE-22 CWE-22 High SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17313) CVE-2019-17313 CWE-22 CWE-22 High SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17314) CVE-2019-17314 CWE-22 CWE-22 High SugarCRM Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2019-17315) CVE-2019-17315 CWE-915 CWE-915 High SugarCRM Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2019-17316) CVE-2019-17316 CWE-915 CWE-915 High SugarCRM Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2019-17317) CVE-2019-17317 CWE-915 CWE-915 High SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-0465) CVE-2010-0465 CWE-707 CWE-707 Medium SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14510) CVE-2017-14510 CWE-707 CWE-707 Medium SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5715) CVE-2018-5715 CWE-707 CWE-707 Medium SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17784) CVE-2018-17784 CWE-707 CWE-707 Medium SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14974) CVE-2019-14974 CWE-707 CWE-707 Medium SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-17372) CVE-2020-17372 CWE-707 CWE-707 Medium SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-28955) CVE-2020-28955 CWE-707 CWE-707 Medium SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-28956) CVE-2020-28956 CWE-707 CWE-707 Medium SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-36501) CVE-2020-36501 CWE-707 CWE-707 Medium SugarCRM Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-35810) CVE-2023-35810 CWE-138 CWE-138 High SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-2978) CVE-2009-2978 CWE-138 CWE-138 High SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4833) CVE-2011-4833 CWE-138 CWE-138 High 1...190191192193...327 191 / 327
