Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity LimeSurvey Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-9960) CVE-2019-9960 CWE-22 CWE-22 Critical LimeSurvey Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-11455) CVE-2020-11455 CWE-22 CWE-22 Medium LimeSurvey Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2019-16184) CVE-2019-16184 CWE-1236 CWE-1236 Critical LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-2571) CVE-2008-2571 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-5256) CVE-2011-5256 CWE-707 CWE-707 Low LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4995) CVE-2012-4995 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5016) CVE-2014-5016 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18358) CVE-2017-18358 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17003) CVE-2018-17003 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20322) CVE-2018-20322 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16172) CVE-2019-16172 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16173) CVE-2019-16173 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16178) CVE-2019-16178 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16182) CVE-2019-16182 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-17660) CVE-2019-17660 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11456) CVE-2020-11456 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-16192) CVE-2020-16192 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23710) CVE-2020-23710 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-25797) CVE-2020-25797 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-25798) CVE-2020-25798 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-25799) CVE-2020-25799 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42112) CVE-2021-42112 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-29710) CVE-2022-29710 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-48010) CVE-2022-48010 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-44796) CVE-2023-44796 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28709) CVE-2024-28709 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28710) CVE-2024-28710 CWE-707 CWE-707 Medium LimeSurvey Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2024-42903) CVE-2024-42903 CWE-138 CWE-138 Medium LimeSurvey Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-4927) CVE-2012-4927 CWE-138 CWE-138 High LimeSurvey Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-4994) CVE-2012-4994 CWE-138 CWE-138 Medium LimeSurvey Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-5017) CVE-2014-5017 CWE-138 CWE-138 High LimeSurvey Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-4628) CVE-2015-4628 CWE-138 CWE-138 Medium LimeSurvey Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-5078) CVE-2015-5078 CWE-138 CWE-138 Medium LimeSurvey Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-25019) CVE-2019-25019 CWE-138 CWE-138 Critical LimeSurvey Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-43279) CVE-2022-43279 CWE-138 CWE-138 High LimeSurvey Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2019-16175) CVE-2019-16175 CWE-1021 CWE-1021 Medium LimeSurvey Improper Restriction of XML External Entity Reference Vulnerability (CVE-2019-16174) CVE-2019-16174 CWE-611 CWE-611 High LimeSurvey Incorrect Default Permissions Vulnerability (CVE-2019-16183) CVE-2019-16183 CWE-276 CWE-276 Low LimeSurvey Incorrect Default Permissions Vulnerability (CVE-2019-16185) CVE-2019-16185 CWE-276 CWE-276 High LimeSurvey Incorrect Default Permissions Vulnerability (CVE-2019-16186) CVE-2019-16186 CWE-276 CWE-276 High LimeSurvey Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2019-16187) CVE-2019-16187 CWE-732 CWE-732 High LimeSurvey Other Vulnerability (CVE-2014-5018) CVE-2014-5018 Medium LimeSurvey Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-16397) CVE-2018-16397 CWE-434 CWE-434 Medium LimeSurvey Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-1000658) CVE-2018-1000658 CWE-434 CWE-434 High LimeSurvey Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-44967) CVE-2021-44967 CWE-434 CWE-434 High LimeSurvey Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-48008) CVE-2022-48008 CWE-434 CWE-434 Critical Limited Remote File Read/Include in Jira Software Server CVE-2021-26086 CWE-22 CWE-22 Medium LISTSERV XSS (CVE-2022-39195) CVE-2022-39195 CWE-79 CWE-79 Medium LiteSpeed Web Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-2333) CVE-2010-2333 CWE-200 CWE-200 Medium LiteSpeed Web Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4871) CVE-2012-4871 CWE-707 CWE-707 Medium LiteSpeed Web Server Out-of-bounds Read Vulnerability (CVE-2004-0112) CVE-2004-0112 CWE-125 CWE-125 Medium LLM Command Injection CWE-78 CWE-78 Critical LLM Insecure Output Handling CWE-116 CWE-116 High LLM Model Detected CWE-200 CWE-200 Informational LLM Prompt Injection CWE-74 CWE-74 High LLM Response Pattern Detected CWE-200 CWE-200 Informational LLM Server-Side Request Forgery (SSRF) CWE-918 CWE-918 High LLM System Prompt Leakage CWE-200 CWE-200 Medium LLM Tool Usage Exposure CWE-200 CWE-200 Low Local File Inclusion CWE-20 CWE-20 High Local File Inclusion (CMS Made Simple) CWE-94 CWE-94 Medium Lodash Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-1010266) CVE-2019-1010266 CWE-770 CWE-770 Medium Lodash CVE-2018-3721 Vulnerability (CVE-2018-3721) CVE-2018-3721 Medium Lodash CVE-2018-16487 Vulnerability (CVE-2018-16487) CVE-2018-16487 Medium Lodash Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2020-8203) CVE-2020-8203 CWE-1321 CWE-1321 High Lodash Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2021-23337) CVE-2021-23337 CWE-138 CWE-138 High Lodash Other Vulnerability (CVE-2019-10744) CVE-2019-10744 Critical Lodash Other Vulnerability (CVE-2020-28500) CVE-2020-28500 Medium Long password denial of service CWE-400 CWE-400 High Lotus Notes formula injection CWE-89 CWE-89 High Lucee CF_CLIENT_ RCE CWE-200 CWE-200 Critical Lucee Server Arbitrary File Creation CVE-2021-21307 CWE-22 CWE-22 High Lucee Stacktrace Information Disclosure CWE-200 CWE-200 Medium Lucee Unset Admin Password CWE-200 CWE-200 Critical Macromedia Dreamweaver remote database scripts CVE-2004-1893 CWE-200 CWE-200 High 1...66676869...307 67 / 307