Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-45136) CVE-2023-45136 CWE-707 CWE-707 Critical XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-27479) CVE-2023-27479 CWE-138 CWE-138 Critical XWiki Inadequate Encryption Strength Vulnerability (CVE-2022-29161) CVE-2022-29161 CWE-326 CWE-326 Critical XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31982) CVE-2024-31982 CWE-94 CWE-94 Critical XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-31996) CVE-2024-31996 CWE-94 CWE-94 Critical XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-24893) CVE-2025-24893 CWE-94 CWE-94 Critical XWikiplatform Improper Encoding or Escaping of Output Vulnerability (CVE-2024-55663) CVE-2024-55663 CWE-116 CWE-116 Critical XWikiplatform Improper Encoding or Escaping of Output Vulnerability (CVE-2025-32974) CVE-2025-32974 CWE-116 CWE-116 Critical XWikiplatform Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-32969) CVE-2025-32969 CWE-138 CWE-138 Critical XWikiplatform Missing Authorization Vulnerability (CVE-2025-29926) CVE-2025-29926 CWE-862 CWE-862 Critical XWikiplatform Missing Authorization Vulnerability (CVE-2025-32973) CVE-2025-32973 CWE-862 CWE-862 Critical YOURLS Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2019-14537) CVE-2019-14537 CWE-843 CWE-843 Critical ZenCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-8352) CVE-2015-8352 CWE-22 CWE-22 Critical ZenCart Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-0697) CVE-2006-0697 CWE-264 CWE-264 Critical Zikula Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-2293) CVE-2014-2293 CWE-94 CWE-94 Critical Zikula Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2016-9835) CVE-2016-9835 CWE-138 CWE-138 Critical Zope Web Application Server CVE-2011-3587 Vulnerability (CVE-2011-3587) CVE-2011-3587 Critical Zope Web Application Server Other Vulnerability (CVE-2000-0062) CVE-2000-0062 Critical 1...1617181920 20 / 20
