Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Sensitive Information Disclosure Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity (Possible) Cross site scripting CWE-79 CWE-79 Informational .htaccess File Detected CWE-443 CWE-443 Informational .NET HTTP Remoting publicly exposed CWE-502 CWE-502 High .NET JSON.NET Deserialization RCE CWE-502 CWE-502 High AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20141) CVE-2018-20141 CWE-707 CWE-707 Medium AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42050) CVE-2021-42050 CWE-707 CWE-707 Medium AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42051) CVE-2021-42051 CWE-707 CWE-707 Medium AbanteCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-10755) CVE-2016-10755 CWE-138 CWE-138 High AbanteCart Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-26521) CVE-2022-26521 CWE-434 CWE-434 High Access-Control-Allow-Origin header with wildcard (*) value CWE-284 CWE-284 Informational ACME mini_httpd arbitrary file read CVE-2018-18778 CWE-23 CWE-23 High Active Mixed Content over HTTPS CWE-284 CWE-284 Medium ActiveMQ OpenWire RCE (CVE-2023-46604) CVE-2023-46604 CWE-502 CWE-502 Critical Adminer 4.6.2 file disclosure vulnerability CWE-22 CWE-22 High Adminer Server Side Request Forgery (SSRF) CVE-2021-21311 CWE-918 CWE-918 Medium Adobe Coldfusion 8 multiple linked XSS vulnerabilies CVE-2009-1872 CWE-79 CWE-79 High Adobe ColdFusion 9 administrative login bypass CVE-2013-0625 CVE-2013-0629 CVE-2013-0631 CVE-2013-0632 CWE-287 CWE-287 High Adobe ColdFusion directory traversal CVE-2013-3336 CWE-22 CWE-22 High Adobe Commerce/Magento "CosmicSting" XXE (CVE-2024-34102) CVE-2024-34102 CWE-611 CWE-611 Critical Adobe Experience Manager Information Disclosure via Apache Sling v2.3.6 vulnerability CVE-2016-0956 CWE-668 CWE-668 Medium Adobe Experience Manager Misconfiguration CVE-2016-0957 CWE-693 CWE-693 High Adobe Flex 3 DOM-based XSS vulnerability CVE-2008-2640 CWE-79 CWE-79 High Agentejo Cockpit CMS resetpassword NoSQLi (CVE-2020-35847) CVE-2020-35847 CWE-89 CWE-89 High AjaxControlToolkit directory traversal CVE-2015-4670 CWE-434 CWE-434 High AjaxPro.NET Professional Deserialization RCE (CVE-2021-23758) CVE-2021-23758 CWE-502 CWE-502 High Akeeba backup access control bypass CWE-287 CWE-287 High Alibaba Nacos Authentication Bypass (CVE-2021-29441) CVE-2021-29441 CWE-287 CWE-287 High Amazon S3 public bucket CWE-264 CWE-264 Medium Amazon S3 publicly writable bucket CWE-264 CWE-264 High Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-47828) CVE-2024-47828 CWE-352 CWE-352 Medium Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51484) CVE-2024-51484 CWE-352 CWE-352 High Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51485) CVE-2024-51485 CWE-352 CWE-352 High Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51487) CVE-2024-51487 CWE-352 CWE-352 High Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51488) CVE-2024-51488 CWE-352 CWE-352 Medium Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51489) CVE-2024-51489 CWE-352 CWE-352 Medium Ampache Deserialization of Untrusted Data Vulnerability (CVE-2017-18375) CVE-2017-18375 CWE-502 CWE-502 High Ampache Improper Access Control Vulnerability (CVE-2021-21399) CVE-2021-21399 CWE-284 CWE-284 High Ampache Improper Authentication Vulnerability (CVE-2007-4438) CVE-2007-4438 CWE-287 CWE-287 Medium Ampache Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-3929) CVE-2008-3929 CWE-59 CWE-59 High Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12386) CVE-2019-12386 CWE-707 CWE-707 Medium Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32644) CVE-2021-32644 CWE-707 CWE-707 Medium Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0606) CVE-2023-0606 CWE-707 CWE-707 Medium Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28852) CVE-2024-28852 CWE-707 CWE-707 Medium Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28853) CVE-2024-28853 CWE-707 CWE-707 Medium Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-41665) CVE-2024-41665 CWE-707 CWE-707 Medium Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-47184) CVE-2024-47184 CWE-707 CWE-707 Medium Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-51486) CVE-2024-51486 CWE-707 CWE-707 High Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-51490) CVE-2024-51490 CWE-707 CWE-707 Critical Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-12385) CVE-2019-12385 CWE-138 CWE-138 High Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-15153) CVE-2020-15153 CWE-138 CWE-138 Critical Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-0771) CVE-2023-0771 CWE-138 CWE-138 High Ampache Other Vulnerability (CVE-2006-5668) CVE-2006-5668 High Ampache Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-4665) CVE-2022-4665 CWE-434 CWE-434 High Angular Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4231) CVE-2021-4231 CWE-707 CWE-707 Medium Angular Inefficient Regular Expression Complexity Vulnerability (CVE-2024-21490) CVE-2024-21490 CWE-1333 CWE-1333 High AngularJS client-side template injection CWE-79 CWE-79 High AngularJS Improper Input Validation Vulnerability (CVE-2019-10768) CVE-2019-10768 CWE-20 CWE-20 High AngularJS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14863) CVE-2019-14863 CWE-707 CWE-707 Medium AngularJS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-7676) CVE-2020-7676 CWE-707 CWE-707 Medium AngularJS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-25869) CVE-2022-25869 CWE-707 CWE-707 Medium AngularJS Inefficient Regular Expression Complexity Vulnerability (CVE-2022-25844) CVE-2022-25844 CWE-1333 CWE-1333 High AngularJS Inefficient Regular Expression Complexity Vulnerability (CVE-2023-26116) CVE-2023-26116 CWE-1333 CWE-1333 Medium AngularJS Inefficient Regular Expression Complexity Vulnerability (CVE-2023-26117) CVE-2023-26117 CWE-1333 CWE-1333 Medium AngularJS Inefficient Regular Expression Complexity Vulnerability (CVE-2023-26118) CVE-2023-26118 CWE-1333 CWE-1333 Medium AngularJS Inefficient Regular Expression Complexity Vulnerability (CVE-2024-21490) CVE-2024-21490 CWE-1333 CWE-1333 High AngularJS Other Vulnerability (CVE-2024-8372) CVE-2024-8372 Medium AngularJS Other Vulnerability (CVE-2024-8373) CVE-2024-8373 Medium An Unsafe Content Security Policy (CSP) Directive in Use CWE-16 CWE-16 Informational Apache 2.2.14 mod_isapi Dangling Pointer CVE-2010-0425 CWE-20 CWE-20 High Apache 2.x version equal to 2.0.51 CVE-2004-0811 CWE-264 CWE-264 Medium Apache 2.x version older than 2.0.43 CVE-2002-0840 CVE-2002-1156 CWE-538 CWE-538 Medium Apache 2.x version older than 2.0.45 CVE-2003-0132 CWE-400 CWE-400 Medium Apache 2.x version older than 2.0.46 CVE-2003-0083 CVE-2003-0134 CVE-2003-0189 CVE-2003-0245 CWE-20 CWE-20 Medium Apache 2.x version older than 2.0.47 CVE-2003-0192 CVE-2003-0253 CVE-2003-0254 CWE-20 CWE-20 Medium Apache 2.x version older than 2.0.48 CVE-2003-0542 CVE-2003-0789 CWE-119 CWE-119 Medium 12345...308 1 / 308
