Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21029) CVE-2021-21029 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21030) CVE-2021-21030 CWE-707 CWE-707 High Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-28556) CVE-2021-28556 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-34257) CVE-2022-34257 CWE-707 CWE-707 Medium Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-34258) CVE-2022-34258 CWE-707 CWE-707 Medium Magento Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2016-4010) CVE-2016-4010 CWE-138 CWE-138 Critical Magento Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-7889) CVE-2019-7889 CWE-138 CWE-138 Medium Magento Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-8135) CVE-2019-8135 CWE-138 CWE-138 Critical Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2019-8159) CVE-2019-8159 CWE-138 CWE-138 High Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-9576) CVE-2020-9576 CWE-138 CWE-138 Critical Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-9578) CVE-2020-9578 CWE-138 CWE-138 Critical Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-9582) CVE-2020-9582 CWE-138 CWE-138 Critical Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-9583) CVE-2020-9583 CWE-138 CWE-138 Critical Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2021-21015) CVE-2021-21015 CWE-138 CWE-138 High Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2021-21016) CVE-2021-21016 CWE-138 CWE-138 Critical Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2021-21018) CVE-2021-21018 CWE-138 CWE-138 Critical Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2021-36023) CVE-2021-36023 CWE-138 CWE-138 High Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-1397) CVE-2015-1397 CWE-138 CWE-138 Medium Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-7139) CVE-2019-7139 CWE-138 CWE-138 Critical Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-8127) CVE-2019-8127 CWE-138 CWE-138 High Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-8130) CVE-2019-8130 CWE-138 CWE-138 High Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-8134) CVE-2019-8134 CWE-138 CWE-138 High Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-8143) CVE-2019-8143 CWE-138 CWE-138 Medium Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-3719) CVE-2020-3719 CWE-138 CWE-138 High Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-24400) CVE-2020-24400 CWE-138 CWE-138 High Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-21024) CVE-2021-21024 CWE-138 CWE-138 Critical Magento Improper Privilege Management Vulnerability (CVE-2020-9630) CVE-2020-9630 CWE-269 CWE-269 Critical Magento Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') Vulnerability (CVE-2019-8126) CVE-2019-8126 CWE-776 CWE-776 Medium Magento Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2019-8154) CVE-2019-8154 CWE-829 CWE-829 High Magento Incorrect Authorization Vulnerability (CVE-2020-9587) CVE-2020-9587 CWE-863 CWE-863 High Magento Incorrect Authorization Vulnerability (CVE-2020-9692) CVE-2020-9692 CWE-863 CWE-863 Medium Magento Incorrect Authorization Vulnerability (CVE-2020-24401) CVE-2020-24401 CWE-863 CWE-863 Medium Magento Incorrect Authorization Vulnerability (CVE-2021-28567) CVE-2021-28567 CWE-863 CWE-863 Medium Magento Incorrect Authorization Vulnerability (CVE-2022-34255) CVE-2022-34255 CWE-863 CWE-863 High Magento Incorrect Authorization Vulnerability (CVE-2022-34256) CVE-2022-34256 CWE-863 CWE-863 Critical Magento Insufficient Session Expiration Vulnerability (CVE-2019-8149) CVE-2019-8149 CWE-613 CWE-613 Critical Magento Insufficient Session Expiration Vulnerability (CVE-2021-21031) CVE-2021-21031 CWE-613 CWE-613 Medium Magento Insufficient Session Expiration Vulnerability (CVE-2021-21032) CVE-2021-21032 CWE-613 CWE-613 Medium Magento Insufficient Verification of Data Authenticity Vulnerability (CVE-2019-8112) CVE-2019-8112 CWE-345 CWE-345 High Magento Insufficient Verification of Data Authenticity Vulnerability (CVE-2019-8124) CVE-2019-8124 CWE-345 CWE-345 High Magento Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-9588) CVE-2020-9588 High Magento Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-9690) CVE-2020-9690 Medium Magento Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-15151) CVE-2020-15151 High Magento Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-3458) CVE-2015-3458 CWE-264 CWE-264 Medium Magento remote code execution CVE-2015-1397 CVE-2015-1398 CVE-2015-1399 CWE-94 CWE-94 High Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-7892) CVE-2019-7892 CWE-918 CWE-918 High Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-7911) CVE-2019-7911 CWE-918 CWE-918 High Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-7913) CVE-2019-7913 CWE-918 CWE-918 High Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-7923) CVE-2019-7923 CWE-918 CWE-918 High Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-8151) CVE-2019-8151 CWE-918 CWE-918 High Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-8156) CVE-2019-8156 CWE-918 CWE-918 High Magento Session Fixation Vulnerability (CVE-2019-7849) CVE-2019-7849 CWE-384 CWE-384 High Magento Session Fixation Vulnerability (CVE-2019-8116) CVE-2019-8116 CWE-384 CWE-384 High Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-7861) CVE-2019-7861 CWE-434 CWE-434 High Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-7912) CVE-2019-7912 CWE-434 CWE-434 High Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-7930) CVE-2019-7930 CWE-434 CWE-434 High Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-8093) CVE-2019-8093 CWE-434 CWE-434 High Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-8114) CVE-2019-8114 CWE-434 CWE-434 High Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-8140) CVE-2019-8140 CWE-434 CWE-434 Medium Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-24407) CVE-2020-24407 CWE-434 CWE-434 Critical Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-21014) CVE-2021-21014 CWE-434 CWE-434 Critical Magento Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2019-8113) CVE-2019-8113 CWE-338 CWE-338 Medium Magento Violation of Secure Design Principles Vulnerability (CVE-2021-28583) CVE-2021-28583 CWE-657 CWE-657 Medium Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2019-8158) CVE-2019-8158 CWE-91 CWE-91 Critical Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2021-21019) CVE-2021-21019 CWE-91 CWE-91 Critical Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2021-21025) CVE-2021-21025 CWE-91 CWE-91 Critical Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2022-34253) CVE-2022-34253 CWE-91 CWE-91 High Mailman Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-6893) CVE-2016-6893 CWE-352 CWE-352 High Mailman Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-42097) CVE-2021-42097 CWE-352 CWE-352 High Mailman Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-44227) CVE-2021-44227 CWE-352 CWE-352 High Mailman CVE-2006-2941 Vulnerability (CVE-2006-2941) CVE-2006-2941 Medium Mailman Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2006-4624) CVE-2006-4624 CWE-94 CWE-94 Low Mailman Improper Input Validation Vulnerability (CVE-2018-13796) CVE-2018-13796 CWE-20 CWE-20 Medium Mailman Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-2775) CVE-2015-2775 CWE-22 CWE-22 High Mailman Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-43919) CVE-2025-43919 CWE-22 CWE-22 High 1...79808182...327 80 / 327
