Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Moodle Improper Input Validation Vulnerability (CVE-2022-35650) CVE-2022-35650 CWE-20 CWE-20 High Moodle Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-43434) CVE-2024-43434 CWE-22 CWE-22 High Moodle Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-43440) CVE-2024-43440 CWE-22 CWE-22 High Moodle Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2025-67851) CVE-2025-67851 CWE-1236 CWE-1236 High Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-40313) CVE-2022-40313 CWE-707 CWE-707 High Moodle Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2026-26046) CVE-2026-26046 CWE-138 CWE-138 High Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2006-0146) CVE-2006-0146 CWE-138 CWE-138 High Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2006-4785) CVE-2006-4785 CWE-138 CWE-138 High Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-6124) CVE-2008-6124 CWE-138 CWE-138 High Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-1615) CVE-2010-1615 CWE-138 CWE-138 High Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-4313) CVE-2013-4313 CWE-138 CWE-138 High Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-7919) CVE-2016-7919 CWE-138 CWE-138 High Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-32474) CVE-2021-32474 CWE-138 CWE-138 High Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-0983) CVE-2022-0983 CWE-138 CWE-138 High Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-28329) CVE-2023-28329 CWE-138 CWE-138 High Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-30944) CVE-2023-30944 CWE-138 CWE-138 High Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-43436) CVE-2024-43436 CWE-138 CWE-138 High Moodle Improper Privilege Management Vulnerability (CVE-2019-3849) CVE-2019-3849 CWE-269 CWE-269 High Moodle Improper Privilege Management Vulnerability (CVE-2020-25699) CVE-2020-25699 CWE-269 CWE-269 High Moodle Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2025-62399) CVE-2025-62399 CWE-307 CWE-307 High Moodle Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2025-67853) CVE-2025-67853 CWE-307 CWE-307 High Moodle Improper Validation of Integrity Check Value Vulnerability (CVE-2012-1170) CVE-2012-1170 CWE-354 CWE-354 High Moodle Improper Validation of Specified Type of Input Vulnerability (CVE-2024-43426) CVE-2024-43426 CWE-1287 CWE-1287 High Moodle Incomplete Cleanup Vulnerability (CVE-2024-38275) CVE-2024-38275 CWE-459 CWE-459 High Moodle Incorrect Authorization Vulnerability (CVE-2020-14321) CVE-2020-14321 CWE-863 CWE-863 High Moodle Incorrect Default Permissions Vulnerability (CVE-2024-45690) CVE-2024-45690 CWE-276 CWE-276 High Moodle Insertion of Sensitive Information into Log File Vulnerability (CVE-2012-1156) CVE-2012-1156 CWE-532 CWE-532 High Moodle Insufficient Verification of Data Authenticity Vulnerability (CVE-2024-43428) CVE-2024-43428 CWE-345 CWE-345 High Moodle Missing Authorization Vulnerability (CVE-2024-43431) CVE-2024-43431 CWE-862 CWE-862 High Moodle Other Vulnerability (CVE-2004-2232) CVE-2004-2232 High Moodle Other Vulnerability (CVE-2005-3648) CVE-2005-3648 High Moodle Other Vulnerability (CVE-2006-0147) CVE-2006-0147 High Moodle Other Vulnerability (CVE-2007-1429) CVE-2007-1429 High Moodle Other Vulnerability (CVE-2007-1647) CVE-2007-1647 High Moodle Other Vulnerability (CVE-2015-3272) CVE-2015-3272 High Moodle Other Vulnerability (CVE-2019-10154) CVE-2019-10154 High Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-6970) CVE-2019-6970 CWE-918 CWE-918 High Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-36396) CVE-2021-36396 CWE-918 CWE-918 High Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-35133) CVE-2023-35133 CWE-918 CWE-918 High Moodle Uncontrolled Recursion Vulnerability (CVE-2021-36395) CVE-2021-36395 CWE-674 CWE-674 High Moodle Uncontrolled Resource Consumption Vulnerability (CVE-2020-25630) CVE-2020-25630 CWE-400 CWE-400 High Moodle Uncontrolled Resource Consumption Vulnerability (CVE-2021-32476) CVE-2021-32476 CWE-400 CWE-400 High Moodle Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-9186) CVE-2016-9186 CWE-434 CWE-434 High Moodle Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-9187) CVE-2016-9187 CWE-434 CWE-434 High Moodle Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2016-7038) CVE-2016-7038 CWE-640 CWE-640 High MovableType remote code execution CVE-2015-1592 CWE-94 CWE-94 High Moveable Type 4.x unauthenticated remote command execution CVE-2013-0209 CWE-287 CWE-287 High MOVEit Transfer Improper Privilege Management Vulnerability (CVE-2025-2324) CVE-2025-2324 CWE-269 CWE-269 High MOVEit Transfer Unverified Password Change Vulnerability (CVE-2025-11235) CVE-2025-11235 CWE-620 CWE-620 High Multiple critical vulnerabilities in Apache Struts2 CVE-2012-0393 CWE-917 CWE-917 High Multiple SugarCRM Products Remote Code Execution Vulnerability (CVE-2023-22952) CVE-2023-22952 High Multiple vulnerabilities in Ioncube loader-wizard.php CWE-552 CWE-552 High Multiple vulnerabilities reported in Parallels Plesk Sitebuilder CWE-94 CWE-94 High Multiple XSS vulnerabilities in Google Web Toolkit CVE-2013-4204 CWE-80 CWE-80 High MyBB CVE-2008-3070 Vulnerability (CVE-2008-3070) CVE-2008-3070 High MyBB CVE-2015-2352 Vulnerability (CVE-2015-2352) CVE-2015-2352 High MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9410) CVE-2016-9410 CWE-200 CWE-200 High MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9414) CVE-2016-9414 CWE-200 CWE-200 High MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9418) CVE-2016-9418 CWE-200 CWE-200 High MyBB Improper Access Control Vulnerability (CVE-2015-8973) CVE-2015-8973 CWE-284 CWE-284 High MyBB Improper Access Control Vulnerability (CVE-2016-9415) CVE-2016-9415 CWE-284 CWE-284 High MyBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-43281) CVE-2021-43281 CWE-94 CWE-94 High MyBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-24734) CVE-2022-24734 CWE-94 CWE-94 High MyBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-41362) CVE-2023-41362 CWE-94 CWE-94 High MyBB Improper Input Validation Vulnerability (CVE-2019-12831) CVE-2019-12831 CWE-20 CWE-20 High MyBB Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-3071) CVE-2008-3071 CWE-22 CWE-22 High MyBB Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-45867) CVE-2022-45867 CWE-22 CWE-22 High MyBB Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-53979) CVE-2023-53979 CWE-22 CWE-22 High MyBB Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-48940) CVE-2025-48940 CWE-22 CWE-22 High MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12830) CVE-2019-12830 CWE-707 CWE-707 High MyBB Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2022-39265) CVE-2022-39265 CWE-138 CWE-138 High MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-0383) CVE-2008-0383 CWE-138 CWE-138 High MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-3965) CVE-2008-3965 CWE-138 CWE-138 High MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-5096) CVE-2010-5096 CWE-138 CWE-138 High MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-2324) CVE-2012-2324 CWE-138 CWE-138 High 1...32333435...176 33 / 176
