Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity PostgreSQL Other Vulnerability (CVE-2005-1410) CVE-2005-1410 Low PostgreSQL Other Vulnerability (CVE-2006-0678) CVE-2006-0678 Low PostgreSQL Out-of-bounds Read Vulnerability (CVE-2019-10209) CVE-2019-10209 CWE-125 CWE-125 Low PrestaShop Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2025-51586) CVE-2025-51586 CWE-359 CWE-359 Low Programming Error Messages CWE-209 CWE-209 Low Python Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2014-2667) CVE-2014-2667 CWE-362 CWE-362 Low Python Improper Input Validation Vulnerability (CVE-2026-4519) CVE-2026-4519 CWE-20 CWE-20 Low Python Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4940) CVE-2011-4940 CWE-707 CWE-707 Low Python Other Vulnerability (CVE-2006-1542) CVE-2006-1542 Low Python Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4944) CVE-2011-4944 CWE-264 CWE-264 Low Python Use After Free Vulnerability (CVE-2018-1000030) CVE-2018-1000030 CWE-416 CWE-416 Low ReviveAdserver Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-7368) CVE-2015-7368 CWE-200 CWE-200 Low ReviveAdserver Other Vulnerability (CVE-2016-9471) CVE-2016-9471 Low ReviveAdserver Use of Externally-Controlled Format String Vulnerability (CVE-2025-52666) CVE-2025-52666 CWE-134 CWE-134 Low Roundcube Cross-site Scripting (XSS) Vulnerability (CVE-2015-8105) CVE-2015-8105 Low Roundcube Improper Input Validation Vulnerability (CVE-2011-1491) CVE-2011-1491 CWE-20 CWE-20 Low Roundcube Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') Vulnerability (CVE-2026-35538) CVE-2026-35538 CWE-707 CWE-707 Low Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1253) CVE-2012-1253 CWE-707 CWE-707 Low Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3507) CVE-2012-3507 CWE-707 CWE-707 Low Ruby on Rails 7PK - Security Features Vulnerability (CVE-2015-7576) CVE-2015-7576 Low Ruby on Rails CookieStore session cookie persistence CWE-613 CWE-613 Low Sensitive pages could be cached CWE-200 CWE-200 Low Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-2957) CVE-2010-2957 CWE-707 CWE-707 Low Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-2289) CVE-2015-2289 CWE-707 CWE-707 Low Session cookies scoped to parent domain CWE-923 CWE-358 CWE-923 CWE-358 Low Session ID in URL CWE-200 CWE-200 Low SharePoint CVE-2021-34519 Vulnerability (CVE-2021-34519) CVE-2021-34519 Low SharePoint CVE-2021-38651 Vulnerability (CVE-2021-38651) CVE-2021-38651 Low SharePoint CVE-2021-40483 Vulnerability (CVE-2021-40483) CVE-2021-40483 Low SharePoint CVE-2021-40484 Vulnerability (CVE-2021-40484) CVE-2021-40484 Low SharePoint CVE-2023-23395 Vulnerability (CVE-2023-23395) CVE-2023-23395 Low SharePoint CVE-2024-26251 Vulnerability (CVE-2024-26251) CVE-2024-26251 Low SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-5026) CVE-2008-5026 CWE-707 CWE-707 Low SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-0716) CVE-2010-0716 CWE-707 CWE-707 Low SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1633) CVE-2015-1633 CWE-707 CWE-707 Low SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1636) CVE-2015-1636 CWE-707 CWE-707 Low SharePoint Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-1290) CVE-2013-1290 CWE-264 CWE-264 Low silverstripeCMS Credentials Management Errors Vulnerability (CVE-2010-5092) CVE-2010-5092 Low silverstripeCMS CVE-2019-12617 Vulnerability (CVE-2019-12617) CVE-2019-12617 Low silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0976) CVE-2012-0976 CWE-707 CWE-707 Low Snoop Servlet information disclosure CWE-200 CWE-200 Low Spring Boot Misconfiguration: Spring Boot Actuator shutdown endpoint is web exposed CWE-749 CWE-749 Low Squid Improper Input Validation Vulnerability (CVE-2015-3455) CVE-2015-3455 CWE-20 CWE-20 Low Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4053) CVE-2016-4053 CWE-119 CWE-119 Low Stack Trace Disclosure (Apache MyFaces) CWE-209 CWE-209 Low Stack Trace Disclosure (ASP.NET) CWE-209 CWE-209 Low Stack Trace Disclosure (CakePHP) CWE-209 CWE-209 Low Stack Trace Disclosure (CherryPy) CWE-209 CWE-209 Low Stack Trace Disclosure (Grails) CWE-209 CWE-209 Low Stack Trace Disclosure (GWT) CWE-209 CWE-209 Low Stack Trace Disclosure (NodeJS) CWE-209 CWE-209 Low Stack Trace Disclosure (Ruby-Sinatra Framework) CWE-209 CWE-209 Low Stack Trace Disclosure (Tomcat) CWE-209 CWE-209 Low Symfony debug mode enabled CWE-200 CWE-200 Low Symfony ESI (Edge-Side Includes) enabled CWE-749 CWE-200 CWE-749 CWE-200 Low TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4238) CVE-2012-4238 CWE-707 CWE-707 Low Tomcat status page CWE-200 CWE-200 Low TRACE Method enabled CWE-489 CWE-489 Low TRACK Method enabled CWE-489 CWE-489 Low Typo3 debug mode enabled CWE-200 CWE-200 Low TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-3529) CVE-2012-3529 CWE-200 CWE-200 Low TYPO3 Improper Authentication Vulnerability (CVE-2015-2047) CVE-2015-2047 CWE-287 CWE-287 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3629) CVE-2009-3629 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5097) CVE-2010-5097 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5098) CVE-2010-5098 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5100) CVE-2010-5100 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1606) CVE-2012-1606 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3528) CVE-2012-3528 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6145) CVE-2012-6145 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6147) CVE-2012-6147 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6148) CVE-2012-6148 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-7074) CVE-2013-7074 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-7078) CVE-2013-7078 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3943) CVE-2014-3943 CWE-707 CWE-707 Low TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5956) CVE-2015-5956 CWE-707 CWE-707 Low 1...101112 11 / 12
