Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Drupal Improper Access Control Vulnerability (CVE-2016-5385) CVE-2016-5385 CWE-284 CWE-284 High Drupal Improper Access Control Vulnerability (CVE-2020-13677) CVE-2020-13677 CWE-284 CWE-284 High Drupal Improper Authentication Vulnerability (CVE-2019-10911) CVE-2019-10911 CWE-287 CWE-287 High Drupal Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2025-31674) CVE-2025-31674 CWE-913 CWE-913 High Drupal Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2005-1921) CVE-2005-1921 CWE-94 CWE-94 High Drupal Improper Handling of Case Sensitivity Vulnerability (CVE-2024-55634) CVE-2024-55634 CWE-178 CWE-178 High Drupal Improper Input Validation Vulnerability (CVE-2007-6299) CVE-2007-6299 CWE-20 CWE-20 High Drupal Improper Input Validation Vulnerability (CVE-2022-25271) CVE-2022-25271 CWE-20 CWE-20 High Drupal Improper Input Validation Vulnerability (CVE-2022-25273) CVE-2022-25273 CWE-20 CWE-20 High Drupal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-39261) CVE-2022-39261 CWE-22 CWE-22 High Drupal Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2020-36193) CVE-2020-36193 CWE-59 CWE-59 High Drupal Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2020-13664) CVE-2020-13664 CWE-138 CWE-138 High Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-2999) CVE-2008-2999 CWE-138 CWE-138 High Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-3223) CVE-2008-3223 CWE-138 CWE-138 High Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3704) CVE-2014-3704 CWE-138 CWE-138 High Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-6659) CVE-2015-6659 CWE-138 CWE-138 High Drupal Improper Privilege Management Vulnerability (CVE-2017-6924) CVE-2017-6924 CWE-269 CWE-269 High Drupal Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2017-6381) CVE-2017-6381 CWE-829 CWE-829 High Drupal Incorrect Authorization Vulnerability (CVE-2011-2726) CVE-2011-2726 CWE-863 CWE-863 High Drupal Incorrect Authorization Vulnerability (CVE-2017-6377) CVE-2017-6377 CWE-863 CWE-863 High Drupal Inefficient Regular Expression Complexity Vulnerability (CVE-2022-24729) CVE-2022-24729 CWE-1333 CWE-1333 High Drupal Insufficient Verification of Data Authenticity Vulnerability (CVE-2016-9450) CVE-2016-9450 CWE-345 CWE-345 High Drupal Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2024-11941) CVE-2024-11941 CWE-835 CWE-835 High Drupal Other Vulnerability (CVE-2005-1871) CVE-2005-1871 High Drupal Other Vulnerability (CVE-2006-2742) CVE-2006-2742 High Drupal Other Vulnerability (CVE-2006-2831) CVE-2006-2831 High Drupal Other Vulnerability (CVE-2006-5476) CVE-2006-5476 High Drupal Other Vulnerability (CVE-2016-3164) CVE-2016-3164 High Drupal Other Vulnerability (CVE-2016-3167) CVE-2016-3167 High Drupal Other Vulnerability (CVE-2022-25275) CVE-2022-25275 High Drupal Other Vulnerability (CVE-2024-22362) CVE-2024-22362 High Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-2687) CVE-2011-2687 CWE-264 CWE-264 High Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-3169) CVE-2016-3169 CWE-264 CWE-264 High Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-6211) CVE-2016-6211 CWE-264 CWE-264 High Drupal Reliance on Cookies without Validation and Integrity Checking Vulnerability (CVE-2022-29248) CVE-2022-29248 CWE-565 CWE-565 High Drupal Remote Code Execution (SA-CORE-2018-002) CVE-2018-7600 CWE-94 CWE-94 High Drupal Remote Code Execution (SA-CORE-2018-004) CVE-2018-7602 CWE-94 CWE-94 High Drupal REST Remote Code Execution CVE-2019-6340 CWE-78 CWE-78 High Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-13671) CVE-2020-13671 CWE-434 CWE-434 High Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-25277) CVE-2022-25277 CWE-434 CWE-434 High e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-15901) CVE-2018-15901 CWE-352 CWE-352 High e107 Deserialization of Untrusted Data Vulnerability (CVE-2016-10753) CVE-2016-10753 CWE-502 CWE-502 High e107 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-50939) CVE-2022-50939 CWE-22 CWE-22 High e107 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-11941) CVE-2025-11941 CWE-22 CWE-22 High e107 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2011-1513) CVE-2011-1513 CWE-138 CWE-138 High e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4084) CVE-2009-4084 CWE-138 CWE-138 High e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-10378) CVE-2016-10378 CWE-138 CWE-138 High e107 Inadequate Encryption Strength Vulnerability (CVE-2021-27885) CVE-2021-27885 CWE-326 CWE-326 High e107 Other Vulnerability (CVE-2004-2042) CVE-2004-2042 High e107 Other Vulnerability (CVE-2005-1949) CVE-2005-1949 High e107 Other Vulnerability (CVE-2005-1966) CVE-2005-1966 High e107 Other Vulnerability (CVE-2005-2559) CVE-2005-2559 High e107 Other Vulnerability (CVE-2005-3521) CVE-2005-3521 High e107 Other Vulnerability (CVE-2005-4224) CVE-2005-4224 High e107 Other Vulnerability (CVE-2006-4548) CVE-2006-4548 High e107 Other Vulnerability (CVE-2006-5786) CVE-2006-5786 High e107 Other Vulnerability (CVE-2010-2098) CVE-2010-2098 High e107 Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-2099) CVE-2010-2099 CWE-264 CWE-264 High e107 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-16388) CVE-2018-16388 CWE-434 CWE-434 High e107 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-50907) CVE-2022-50907 CWE-434 CWE-434 High e107 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-50916) CVE-2022-50916 CWE-434 CWE-434 High Edge Side Include injection CWE-918 CWE-918 High Ektron CMS400.NET ContentRatingGraph.aspx SQL injection CVE-2008-5122 CWE-89 CWE-89 High Ektron CMS Account Hijack CWE-288 CWE-288 High Ektron CMS authentication bypass CVE-2018-12596 CWE-285 CWE-285 High Ektron CMS multiple vulnerabilities CWE-434 CWE-434 High EktronCMS Saxon XSLT parser remote code execution CVE-2015-0931 CWE-78 CWE-78 High Ektron CMS unauthenticated code execution and Local File Read CVE-2012-5357 CVE-2012-5358 CWE-20 CWE-20 High Elasticsearch remote code execution CVE-2014-3120 CWE-78 CWE-78 High Elasticsearch service accessible CWE-200 CWE-200 High elFinder RCE (CVE-2021-32682) CVE-2021-32682 CWE-22 CWE-22 High Elgg Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2021-3980) CVE-2021-3980 CWE-359 CWE-359 High Elmah.axd / Errorlog.axd Detected CWE-209 CWE-209 High Email Header Injection CWE-20 CWE-20 High Email Header Injection (Invicti IAST) CWE-20 CWE-20 High 1...14151617...176 15 / 176
