Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity PHP Address Book Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-2778) CVE-2013-2778 CWE-352 CWE-352 High PHP Address Book Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-1911) CVE-2012-1911 CWE-138 CWE-138 High PHP Address Book Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-0135) CVE-2013-0135 CWE-138 CWE-138 High PHP Address Book Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-1748) CVE-2013-1748 CWE-138 CWE-138 High PHP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2017-7963) CVE-2017-7963 CWE-770 CWE-770 High PHP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-0568) CVE-2023-0568 CWE-770 CWE-770 High phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-16993) CVE-2019-16993 CWE-352 CWE-352 High phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-70810) CVE-2025-70810 CWE-352 CWE-352 High phpBB CVE-2010-1630 Vulnerability (CVE-2010-1630) CVE-2010-1630 High phpBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-16108) CVE-2019-16108 CWE-94 CWE-94 High phpBB Improper Initialization Vulnerability (CVE-2001-1471) CVE-2001-1471 CWE-665 CWE-665 High phpBB Improper Input Validation Vulnerability (CVE-2019-9826) CVE-2019-9826 CWE-20 CWE-20 High phpBB Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-25685) CVE-2019-25685 CWE-22 CWE-22 High phpBB Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2018-19274) CVE-2018-19274 CWE-915 CWE-915 High phpBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2003-1530) CVE-2003-1530 CWE-138 CWE-138 High phpBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2007-4653) CVE-2007-4653 CWE-138 CWE-138 High phpBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2007-5688) CVE-2007-5688 CWE-138 CWE-138 High phpBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-1000419) CVE-2017-1000419 CWE-918 CWE-918 High phpBB Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2026-29199) CVE-2026-29199 CWE-640 CWE-640 High PHP Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2007-0455) CVE-2007-0455 CWE-120 CWE-120 High PHP Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2022-31626) CVE-2022-31626 CWE-120 CWE-120 High PHP code injection (pmwiki) CWE-94 CWE-94 High PHP Configuration Vulnerability (CVE-2008-5844) CVE-2008-5844 High PHP Cryptographic Issues Vulnerability (CVE-2015-8867) CVE-2015-8867 High PHP CVE-2006-5706 Vulnerability (CVE-2006-5706) CVE-2006-5706 High PHP CVE-2009-3292 Vulnerability (CVE-2009-3292) CVE-2009-3292 High PHP CVE-2009-3293 Vulnerability (CVE-2009-3293) CVE-2009-3293 High PHP CVE-2009-3559 Vulnerability (CVE-2009-3559) CVE-2009-3559 High PHP CVE-2014-3515 Vulnerability (CVE-2014-3515) CVE-2014-3515 High PHP CVE-2016-6174 Vulnerability (CVE-2016-6174) CVE-2016-6174 High PHP CVE-2024-2757 Vulnerability (CVE-2024-2757) CVE-2024-2757 High PHP Data Processing Errors Vulnerability (CVE-2015-4025) CVE-2015-4025 High PHP Data Processing Errors Vulnerability (CVE-2015-4026) CVE-2015-4026 High PHP Data Processing Errors Vulnerability (CVE-2015-4147) CVE-2015-4147 High PHP DEPRECATED: Code Vulnerability (CVE-2014-9426) CVE-2014-9426 High PHP Deserialization of Untrusted Data Vulnerability (CVE-2017-11143) CVE-2017-11143 CWE-502 CWE-502 High PHP Deserialization of Untrusted Data Vulnerability (CVE-2018-19396) CVE-2018-19396 CWE-502 CWE-502 High PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8393) CVE-2015-8393 CWE-200 CWE-200 High PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-11145) CVE-2017-11145 CWE-200 CWE-200 High PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-15132) CVE-2018-15132 CWE-200 CWE-200 High PHPFusion Code Execution Vulnerability (CVE-2019-12099) CVE-2019-12099 High PHPFusion Multiple SQL Injection Vulnerabilities (CVE-2014-8596) CVE-2014-8596 High PHP Improper Access Control Vulnerability (CVE-2016-5385) CVE-2016-5385 CWE-284 CWE-284 High PHP Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2017-11144) CVE-2017-11144 CWE-754 CWE-754 High PHP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-1868) CVE-2010-1868 CWE-94 CWE-94 High PHP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-3379) CVE-2011-3379 CWE-94 CWE-94 High PHP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-19520) CVE-2018-19520 CWE-94 CWE-94 High PHP Improper Encoding or Escaping of Output Vulnerability (CVE-2024-5585) CVE-2024-5585 CWE-116 CWE-116 High PHP Improper Input Validation Vulnerability (CVE-2009-3291) CVE-2009-3291 CWE-20 CWE-20 High PHP Improper Input Validation Vulnerability (CVE-2010-1129) CVE-2010-1129 CWE-20 CWE-20 High PHP Improper Input Validation Vulnerability (CVE-2014-9653) CVE-2014-9653 CWE-20 CWE-20 High PHP Improper Input Validation Vulnerability (CVE-2015-4604) CVE-2015-4604 CWE-20 CWE-20 High PHP Improper Input Validation Vulnerability (CVE-2015-4605) CVE-2015-4605 CWE-20 CWE-20 High PHP Improper Input Validation Vulnerability (CVE-2015-8873) CVE-2015-8873 CWE-20 CWE-20 High PHP Improper Input Validation Vulnerability (CVE-2015-8879) CVE-2015-8879 CWE-20 CWE-20 High PHP Improper Input Validation Vulnerability (CVE-2016-3185) CVE-2016-3185 CWE-20 CWE-20 High PHP Improper Input Validation Vulnerability (CVE-2016-10397) CVE-2016-10397 CWE-20 CWE-20 High PHP Improper Input Validation Vulnerability (CVE-2016-10712) CVE-2016-10712 CWE-20 CWE-20 High PHP Improper Input Validation Vulnerability (CVE-2017-7189) CVE-2017-7189 CWE-20 CWE-20 High PHP Improper Input Validation Vulnerability (CVE-2025-1736) CVE-2025-1736 CWE-20 CWE-20 High PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2007-4663) CVE-2007-4663 CWE-22 CWE-22 High PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2007-4825) CVE-2007-4825 CWE-22 CWE-22 High PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-5658) CVE-2008-5658 CWE-22 CWE-22 High PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-6833) CVE-2015-6833 CWE-22 CWE-22 High PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-9067) CVE-2017-9067 CWE-22 CWE-22 High PHP Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') Vulnerability (CVE-2001-1246) CVE-2001-1246 CWE-707 CWE-707 High PHP Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') Vulnerability (CVE-2002-0985) CVE-2002-0985 CWE-707 CWE-707 High PHP Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') Vulnerability (CVE-2018-19518) CVE-2018-19518 CWE-707 CWE-707 High PHP Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2016-7125) CVE-2016-7125 CWE-138 CWE-138 High PHP Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2024-11234) CVE-2024-11234 CWE-138 CWE-138 High PHP Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2024-8926) CVE-2024-8926 CWE-138 CWE-138 High PHP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-2311) CVE-2012-2311 CWE-138 CWE-138 High PHP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-1735) CVE-2025-1735 CWE-138 CWE-138 High PHP Improper Resource Shutdown or Release Vulnerability (CVE-2015-3415) CVE-2015-3415 CWE-404 CWE-404 High PHP Improper Resource Shutdown or Release Vulnerability (CVE-2026-7263) CVE-2026-7263 CWE-404 CWE-404 High 1...41424344...176 42 / 176
