Vulnerability Name CVE Severity
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31465) CVE-2024-31465
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31982) CVE-2024-31982
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31984) CVE-2024-31984
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31996) CVE-2024-31996
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37899) CVE-2024-37899
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37900) CVE-2024-37900
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37901) CVE-2024-37901
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-55877) CVE-2024-55877
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-24893) CVE-2025-24893
XWikiplatform Improper Encoding or Escaping of Output Vulnerability (CVE-2024-55663) CVE-2024-55663
XWikiplatform Improper Encoding or Escaping of Output Vulnerability (CVE-2025-32974) CVE-2025-32974
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-41947) CVE-2024-41947
XWikiplatform Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-32968) CVE-2025-32968
XWikiplatform Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-32969) CVE-2025-32969
XWikiplatform Incorrect Authorization Vulnerability (CVE-2024-55662) CVE-2024-55662
XWikiplatform Incorrect Authorization Vulnerability (CVE-2025-29924) CVE-2025-29924
XWikiplatform Incorrect Authorization Vulnerability (CVE-2025-32971) CVE-2025-32971
XWikiplatform Missing Authorization Vulnerability (CVE-2024-31981) CVE-2024-31981
XWikiplatform Missing Authorization Vulnerability (CVE-2024-31983) CVE-2024-31983
XWikiplatform Missing Authorization Vulnerability (CVE-2024-31987) CVE-2024-31987
XWikiplatform Missing Authorization Vulnerability (CVE-2024-31997) CVE-2024-31997
XWikiplatform Missing Authorization Vulnerability (CVE-2024-37898) CVE-2024-37898
XWikiplatform Missing Authorization Vulnerability (CVE-2024-45591) CVE-2024-45591
XWikiplatform Missing Authorization Vulnerability (CVE-2024-55876) CVE-2024-55876
XWikiplatform Missing Authorization Vulnerability (CVE-2024-55879) CVE-2024-55879
XWikiplatform Missing Authorization Vulnerability (CVE-2025-23025) CVE-2025-23025
XWikiplatform Missing Authorization Vulnerability (CVE-2025-29926) CVE-2025-29926
XWikiplatform Missing Authorization Vulnerability (CVE-2025-32973) CVE-2025-32973
XWikiplatform Other Vulnerability (CVE-2024-46978) CVE-2024-46978
XWikiplatform Other Vulnerability (CVE-2024-46979) CVE-2024-46979
XWikiplatform Other Vulnerability (CVE-2025-29925) CVE-2025-29925
XWikiplatform Other Vulnerability (CVE-2025-32783) CVE-2025-32783
XWiki Platform RCE (CVE-2023-37462) CVE-2023-37462
XWikiplatform URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2025-32970) CVE-2025-32970
XWikiplatform Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2024-31464) CVE-2024-31464
XWiki Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-48240) CVE-2023-48240
XWiki Transmission of Private Resources into a New Sphere ('Resource Leak') Vulnerability (CVE-2023-38509) CVE-2023-38509
XWiki Uncontrolled Resource Consumption Vulnerability (CVE-2024-21651) CVE-2024-21651
XWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-23618) CVE-2022-23618
XWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-29204) CVE-2023-29204
XWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-32068) CVE-2023-32068
XWiki Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2022-23619) CVE-2022-23619
XXE in Ivanti Connect Secure, Policy Secure and Neurons (CVE-2024-22024) CVE-2024-22024
YetiForce CRM Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-4092) CVE-2021-4092
YetiForce CRM Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-0269) CVE-2022-0269
YetiForce CRM Improper Input Validation Vulnerability (CVE-2021-4111) CVE-2021-4111
YetiForce CRM Improper Input Validation Vulnerability (CVE-2021-4117) CVE-2021-4117
YetiForce CRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-49508) CVE-2023-49508
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4107) CVE-2021-4107
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4116) CVE-2021-4116
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4121) CVE-2021-4121
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-1340) CVE-2022-1340
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-2829) CVE-2022-2829
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-2885) CVE-2022-2885
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-2890) CVE-2022-2890
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-2924) CVE-2022-2924
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3000) CVE-2022-3000
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3002) CVE-2022-3002
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3004) CVE-2022-3004
YetiForce CRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3005) CVE-2022-3005
YetiForce CRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-1411) CVE-2022-1411
Yii2 debug toolkit
Yii2 Gii extension
Yii2 weak secret key
Yii debug mode enabled
Yii running in dev mode
YOURLS Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2019-14537) CVE-2019-14537
YOURLS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-0088) CVE-2022-0088
YOURLS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3824) CVE-2011-3824
YOURLS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-8488) CVE-2014-8488
YOURLS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-27388) CVE-2020-27388
YOURLS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3783) CVE-2021-3783
YOURLS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3785) CVE-2021-3785
YOURLS Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2021-3734) CVE-2021-3734
YUI Library Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4207) CVE-2010-4207