Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Squid Use After Free Vulnerability (CVE-2023-49288) CVE-2023-49288 CWE-416 CWE-416 High SSRF in Ivanti Connect Secure, Policy Secure and Neurons (CVE-2024-21893) CVE-2024-21893 CWE-918 CWE-918 High SSRF in Server-Side Rendering CWE-918 CWE-918 High SSRF via logo_uri in MITREid Connect CVE-2021-26715 CWE-918 CWE-918 High Strapi Cognito provider Authentication Bypass (CVE-2023-22893) CVE-2023-22893 CWE-287 CWE-287 High Struts 2 development mode CWE-489 CWE-489 High Struts2 Development Mode Enabled CWE-16 CWE-16 High Struts2/XWork remote command execution (S2-014) CVE-2013-1966 CVE-2013-2115 CWE-94 CWE-94 High SugarCRM CVE-2023-35809 Vulnerability (CVE-2023-35809) CVE-2023-35809 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17299) CVE-2019-17299 CWE-94 CWE-94 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17300) CVE-2019-17300 CWE-94 CWE-94 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17301) CVE-2019-17301 CWE-94 CWE-94 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17302) CVE-2019-17302 CWE-94 CWE-94 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17303) CVE-2019-17303 CWE-94 CWE-94 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17304) CVE-2019-17304 CWE-94 CWE-94 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17305) CVE-2019-17305 CWE-94 CWE-94 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17306) CVE-2019-17306 CWE-94 CWE-94 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17307) CVE-2019-17307 CWE-94 CWE-94 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17308) CVE-2019-17308 CWE-94 CWE-94 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17309) CVE-2019-17309 CWE-94 CWE-94 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17310) CVE-2019-17310 CWE-94 CWE-94 High SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-46816) CVE-2023-46816 CWE-94 CWE-94 High SugarCRM Improper Input Validation Vulnerability (CVE-2017-14509) CVE-2017-14509 CWE-20 CWE-20 High SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17311) CVE-2019-17311 CWE-22 CWE-22 High SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17312) CVE-2019-17312 CWE-22 CWE-22 High SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17313) CVE-2019-17313 CWE-22 CWE-22 High SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17314) CVE-2019-17314 CWE-22 CWE-22 High SugarCRM Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2019-17315) CVE-2019-17315 CWE-915 CWE-915 High SugarCRM Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2019-17316) CVE-2019-17316 CWE-915 CWE-915 High SugarCRM Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2019-17317) CVE-2019-17317 CWE-915 CWE-915 High SugarCRM Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-35810) CVE-2023-35810 CWE-138 CWE-138 High SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-2978) CVE-2009-2978 CWE-138 CWE-138 High SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4833) CVE-2011-4833 CWE-138 CWE-138 High SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-14508) CVE-2017-14508 CWE-138 CWE-138 High SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17292) CVE-2019-17292 CWE-138 CWE-138 High SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17293) CVE-2019-17293 CWE-138 CWE-138 High SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17294) CVE-2019-17294 CWE-138 CWE-138 High SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17295) CVE-2019-17295 CWE-138 CWE-138 High SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17296) CVE-2019-17296 CWE-138 CWE-138 High SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17297) CVE-2019-17297 CWE-138 CWE-138 High SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17298) CVE-2019-17298 CWE-138 CWE-138 High SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17318) CVE-2019-17318 CWE-138 CWE-138 High SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17319) CVE-2019-17319 CWE-138 CWE-138 High SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-35811) CVE-2023-35811 CWE-138 CWE-138 High SugarCRM Incomplete List of Disallowed Inputs Vulnerability (CVE-2015-5946) CVE-2015-5946 CWE-184 CWE-184 High SugarCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-35808) CVE-2023-35808 CWE-434 CWE-434 High SugarCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-46815) CVE-2023-46815 CWE-434 CWE-434 High SVN Detected CWE-538 CWE-538 High Swagger UI DOM XSS vulnerability CWE-80 CWE-80 High Symfony databases.yml configuration file CWE-538 CWE-538 High Symfony RCE via weak/predictable APP_SECRET CWE-94 CWE-94 High Symfony weak application secret CWE-94 CWE-94 High TCExam Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-20114) CVE-2021-20114 CWE-200 CWE-200 High TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5745) CVE-2020-5745 CWE-707 CWE-707 High TCPDF arbitrary file read CWE-98 CWE-98 High TeamCity Authentication Bypass (CVE-2024-27199) CVE-2024-27199 CWE-288 CWE-288 High Telerik.Web.UI.dll Cryptographic Weakness CVE-2017-9248 CWE-338 CWE-338 High Telerik Web UI Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-2217) CVE-2014-2217 CWE-22 CWE-22 High Telerik Web UI Insecure Direct Object Reference CVE-2017-11357 CWE-78 CWE-78 High Telerik Web UI RadAsyncUpload Deserialization CVE-2019-18935 CWE-78 CWE-78 High Telerik Web UI Unrestricted File Upload (CVE-2014-2217) CVE-2014-2217 CWE-78 CWE-78 High Telerik Web UI Unrestricted File Upload (CVE-2017-11317) CVE-2017-11317 CWE-78 CWE-78 High The DROWN attack (SSLv2 supported) CVE-2016-0800 CWE-310 CWE-310 High The GHOST Vulnerability CVE-2015-0235 CWE-119 CWE-119 High The Heartbleed Bug CVE-2014-0160 CWE-200 CWE-200 High ThinkPHP v5.0.22/5.1.29 Remote Code Execution Vulnerability CWE-94 CWE-94 High Three.js Uncontrolled Resource Consumption Vulnerability (CVE-2020-28496) CVE-2020-28496 CWE-400 CWE-400 High Tiki Wiki CMS: Arbitrary Code Execution High Tiki Wiki CMS: Arbitrary File Download High Tiki Wiki CMS: Remote Code Execution via Calendar Module High timthumb.php remote code execution CVE-2011-4106 CWE-20 CWE-20 High TimThumb WebShot remote code execution CWE-94 CWE-94 High TinyMCE ajax_create_folder remote code execution vulnerability CWE-94 CWE-94 High Tomcat path traversal via reverse proxy mapping CWE-22 CWE-22 High ToolsPack malware plugin CWE-95 CWE-95 High 1...49505152...169 50 / 169
