Vulnerability Name CVE Severity
Cross site scripting in HTTP-01 ACME challenge implementation
Cross site scripting via Bootstrap
Cross site scripting vulnerability in clipboard.swf
Cross site scripting vulnerability in flowplayer SWF CVE-2013-7342 CVE-2013-7343
Cross site scripting vulnerability in jPlayer SWF CVE-2013-2023 CVE-2013-7129
Cross site scripting vulnerability in JW Player SWF CVE-2012-3351 CVE-2012-2904
Cross site scripting vulnerability in SimpleViewer
Cross site scripting vulnerability in Uploadify SWF
Cross site scripting vulnerability in ZeroClipboard.swf
Custom Vulnerability Alert
CVS web repository
Database connection string disclosure
Data Binding Expression Vulnerability in Spring Web Flow CVE-2017-4971
Deserialization of Untrusted Data (.NET BinaryFormatter Object Deserialization)
Deserialization of Untrusted Data (Java JSON Deserialization) Fastjson
Deserialization of Untrusted Data (Java JSON Deserialization) Genson
Deserialization of Untrusted Data (Java JSON Deserialization) Jackson
Deserialization of Untrusted Data (Java JSON Deserialization) JsonIO
Deserialization of Untrusted Data (Java Object Deserialization)
Development configuration files
Devise weak password
Directory listings
Directory traversal
Directory Traversal (lib/translation.functions.php) (CMS Made Simple) v1.6.x CVE-2010-2797
Directory Traversal (lib/translation.functions.php) (CMS Made Simple) v1.8.x CVE-2010-2797
Directory Traversal with spring-cloud-config-server CVE-2020-5410
Django debug mode enabled
Django weak secret key
DNN (DotNetNuke) CMS Cookie Deserialization RCE CVE-2017-9822
Docker Engine API is accessible without authentication
Docker Registry API is accessible without authentication
Documentation files
DOM-based cross site scripting
Dotenv .env file
DotNetNuke multiple vulnerabilities CVE-2012-1030
Drupal 7 arbitrary PHP code execution and information disclosure CVE-2012-4553 CVE-2012-4554
Drupal Backup Migrate directory publicly accessible
Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.1) CVE-2005-0682
Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.5) CVE-2005-3973
Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.7) CVE-2006-1226
Drupal Core 4.5.x Mail Header Injection (4.5.0 - 4.5.7)
Drupal Core 4.5.x Multiple Vulnerabilities (4.5.0 - 4.5.5)
Drupal Core 4.5.x Security Bypass (4.5.0 - 4.5.7)
Drupal Core 4.5.x Session Fixation (4.5.0 - 4.5.7)
Drupal Core 4.6.x Arbitrary Code Execution (4.6.0 - 4.6.6) CVE-2006-2743
Drupal Core 4.6.x Arbitrary Code Execution (4.6.0 - 4.6.7) CVE-2006-2831
Drupal Core 4.6.x Cross-Site Request Forgery (4.6.0 - 4.6.9) CVE-2006-5476
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.3) CVE-2005-3973
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.5) CVE-2006-1226
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.7) CVE-2006-2833
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.8) CVE-2006-4002
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.10) CVE-2007-0136
Drupal Core 4.6.x Denial of Service (4.6.0 - 4.6.10) CVE-2007-0124
Drupal Core 4.6.x Form Action Attribute Injection (4.6.0 - 4.6.9) CVE-2006-5477
Drupal Core 4.6.x Mail Header Injection (4.6.0 - 4.6.5)
Drupal Core 4.6.x Multiple Cross-Site Scripting Vulnerabilities (4.6.0 - 4.6.9) CVE-2006-5475
Drupal Core 4.6.x Multiple Vulnerabilities (4.6.0 - 4.6.3)
Drupal Core 4.6.x Security Bypass (4.6.0 - 4.6.3) CVE-2005-3974
Drupal Core 4.6.x Security Bypass (4.6.0 - 4.6.5)
Drupal Core 4.6.x Session Fixation (4.6.0 - 4.6.5)
Drupal Core 4.6.x SQL Injection (4.6.0 - 4.6.6) CVE-2006-2742
Drupal Core 4.7.x Arbitrary Code Execution (4.7.0 - 4.7.0) CVE-2006-2743
Drupal Core 4.7.x Arbitrary Code Execution (4.7.0 - 4.7.5) CVE-2007-0626
Drupal Core 4.7.x Cross-Site Request Forgery (4.7.0 - 4.7.3) CVE-2006-5476
Drupal Core 4.7.x Cross-Site Request Forgery (4.7.0 - 4.7.10) CVE-2008-0272
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.1) CVE-2006-2833
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.2) CVE-2006-4002
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.4) CVE-2007-0136
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.7) CVE-2007-5596
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.10) CVE-2008-0273
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.10) CVE-2008-0274
Drupal Core 4.7.x Denial of Service (4.7.0 - 4.7.4) CVE-2007-0124
Drupal Core 4.7.x Form Action Attribute Injection (4.7.0 - 4.7.3) CVE-2006-5477
Drupal Core 4.7.x HTTP Response Splitting (4.7.0 - 4.7.7) CVE-2007-5595
Drupal Core 4.7.x Multiple Cross-Site Scripting Vulnerabilities (4.7.0 - 4.7.3) CVE-2006-5475