Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Magento CVE-2020-9580 Vulnerability (CVE-2020-9580) CVE-2020-9580 Critical Magento CVE-2020-9585 Vulnerability (CVE-2020-9585) CVE-2020-9585 Critical Magento CVE-2020-9631 Vulnerability (CVE-2020-9631) CVE-2020-9631 Critical Magento CVE-2020-9632 Vulnerability (CVE-2020-9632) CVE-2020-9632 Critical Magento Deserialization of Untrusted Data Vulnerability (CVE-2020-3716) CVE-2020-3716 CWE-502 CWE-502 Critical Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8707) CVE-2015-8707 CWE-200 CWE-200 Critical Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2020-9664) CVE-2020-9664 CWE-94 CWE-94 Critical Magento Improper Input Validation Vulnerability (CVE-2022-24086) CVE-2022-24086 CWE-20 CWE-20 Critical Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-9691) CVE-2020-9691 CWE-707 CWE-707 Critical Magento Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2016-4010) CVE-2016-4010 CWE-138 CWE-138 Critical Magento Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-8135) CVE-2019-8135 CWE-138 CWE-138 Critical Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-9576) CVE-2020-9576 CWE-138 CWE-138 Critical Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-9578) CVE-2020-9578 CWE-138 CWE-138 Critical Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-9582) CVE-2020-9582 CWE-138 CWE-138 Critical Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-9583) CVE-2020-9583 CWE-138 CWE-138 Critical Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2021-21016) CVE-2021-21016 CWE-138 CWE-138 Critical Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2021-21018) CVE-2021-21018 CWE-138 CWE-138 Critical Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-7139) CVE-2019-7139 CWE-138 CWE-138 Critical Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-21024) CVE-2021-21024 CWE-138 CWE-138 Critical Magento Improper Privilege Management Vulnerability (CVE-2020-9630) CVE-2020-9630 CWE-269 CWE-269 Critical Magento Incorrect Authorization Vulnerability (CVE-2022-34256) CVE-2022-34256 CWE-863 CWE-863 Critical Magento Insufficient Session Expiration Vulnerability (CVE-2019-8149) CVE-2019-8149 CWE-613 CWE-613 Critical Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-24407) CVE-2020-24407 CWE-434 CWE-434 Critical Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-21014) CVE-2021-21014 CWE-434 CWE-434 Critical Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2019-8158) CVE-2019-8158 CWE-91 CWE-91 Critical Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2021-21019) CVE-2021-21019 CWE-91 CWE-91 Critical Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2021-21025) CVE-2021-21025 CWE-91 CWE-91 Critical Malware Identified (SB) CWE-506 CWE-506 Critical Masa CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-32641) CVE-2024-32641 CWE-94 CWE-94 Critical Masa CMS Incorrect Authorization Vulnerability (CVE-2022-47002) CVE-2022-47002 CWE-863 CWE-863 Critical math.js Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-1001002) CVE-2017-1001002 CWE-94 CWE-94 Critical MediaWiki Credentials Management Errors Vulnerability (CVE-2015-8009) CVE-2015-8009 Critical MediaWiki Credentials Management Errors Vulnerability (CVE-2015-8626) CVE-2015-8626 Critical MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-34502) CVE-2024-34502 CWE-352 CWE-352 Critical MediaWiki CVE-2022-28205 Vulnerability (CVE-2022-28205) CVE-2022-28205 Critical MediaWiki CVE-2022-28206 Vulnerability (CVE-2022-28206) CVE-2022-28206 Critical MediaWiki CVE-2022-28209 Vulnerability (CVE-2022-28209) CVE-2022-28209 Critical MediaWiki CVE-2023-29141 Vulnerability (CVE-2023-29141) CVE-2023-29141 Critical MediaWiki CVE-2023-37303 Vulnerability (CVE-2023-37303) CVE-2023-37303 Critical MediaWiki Improper Authentication Vulnerability (CVE-2021-36128) CVE-2021-36128 CWE-287 CWE-287 Critical MediaWiki Improper Input Validation Vulnerability (CVE-2025-67484) CVE-2025-67484 CWE-20 CWE-20 Critical MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-3550) CVE-2023-3550 CWE-707 CWE-707 Critical MediaWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2017-0372) CVE-2017-0372 CWE-138 CWE-138 Critical MediaWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2017-8809) CVE-2017-8809 CWE-138 CWE-138 Critical MediaWiki Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-29904) CVE-2022-29904 CWE-138 CWE-138 Critical MediaWiki Improper Privilege Management Vulnerability (CVE-2020-10534) CVE-2020-10534 CWE-269 CWE-269 Critical MediaWiki Improper Restriction of XML External Entity Reference Vulnerability (CVE-2014-9487) CVE-2014-9487 CWE-611 CWE-611 Critical MediaWiki Incorrect Authorization Vulnerability (CVE-2022-29906) CVE-2022-29906 CWE-863 CWE-863 Critical MediaWiki Missing Authentication for Critical Function Vulnerability (CVE-2019-12468) CVE-2019-12468 CWE-306 CWE-306 Critical MediaWiki Other Vulnerability (CVE-2021-36126) CVE-2021-36126 Critical MediaWiki Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2021-31556) CVE-2021-31556 CWE-327 CWE-327 Critical Microsoft SQL Server Other Vulnerability (CVE-2002-0721) CVE-2002-0721 Critical Microsoft SQL Server Other Vulnerability (CVE-2002-1145) CVE-2002-1145 Critical MODX Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-7321) CVE-2017-7321 CWE-94 CWE-94 Critical MODX Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-7324) CVE-2017-7324 CWE-94 CWE-94 Critical MODX Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-25911) CVE-2020-25911 CWE-611 CWE-611 Critical MongoDb CVE-2017-15535 Vulnerability (CVE-2017-15535) CVE-2017-15535 Critical MongoDb Improper Certificate Validation Vulnerability (CVE-2024-1351) CVE-2024-1351 CWE-295 CWE-295 Critical MongoDb Improper Check for Certificate Revocation Vulnerability (CVE-2025-3085) CVE-2025-3085 CWE-299 CWE-299 Critical MongoDb Use of Uninitialized Resource Vulnerability (CVE-2024-8654) CVE-2024-8654 CWE-908 CWE-908 Critical Moodle CVE-2019-14880 Vulnerability (CVE-2019-14880) CVE-2019-14880 Critical Moodle CVE-2021-36394 Vulnerability (CVE-2021-36394) CVE-2021-36394 Critical Moodle CVE-2022-40314 Vulnerability (CVE-2022-40314) CVE-2022-40314 Critical Moodle CVE-2024-33999 Vulnerability (CVE-2024-33999) CVE-2024-33999 Critical Moodle CVE-2025-67856 Vulnerability (CVE-2025-67856) CVE-2025-67856 Critical Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-28333) CVE-2023-28333 CWE-94 CWE-94 Critical Moodle Improper Input Validation Vulnerability (CVE-2006-4935) CVE-2006-4935 CWE-20 CWE-20 Critical Moodle Improper Input Validation Vulnerability (CVE-2006-4936) CVE-2006-4936 CWE-20 CWE-20 Critical Moodle Improper Input Validation Vulnerability (CVE-2021-3943) CVE-2021-3943 CWE-20 CWE-20 Critical Moodle Improper Input Validation Vulnerability (CVE-2022-35649) CVE-2022-35649 CWE-20 CWE-20 Critical Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-2641) CVE-2017-2641 CWE-138 CWE-138 Critical Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-36392) CVE-2021-36392 CWE-138 CWE-138 Critical Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-36393) CVE-2021-36393 CWE-138 CWE-138 Critical Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-0332) CVE-2022-0332 CWE-138 CWE-138 Critical Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-30599) CVE-2022-30599 CWE-138 CWE-138 Critical 1...78910...22 8 / 22