Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20141) CVE-2018-20141 CWE-707 CWE-707 Medium AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42050) CVE-2021-42050 CWE-707 CWE-707 Medium AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42051) CVE-2021-42051 CWE-707 CWE-707 Medium AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-40626) CVE-2025-40626 CWE-707 CWE-707 Medium AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-40627) CVE-2025-40627 CWE-707 CWE-707 Medium AbanteCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-50801) CVE-2024-50801 CWE-138 CWE-138 Medium AbanteCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-50802) CVE-2024-50802 CWE-138 CWE-138 Medium Active Mixed Content over HTTPS CWE-319 CWE-1428 CWE-319 CWE-1428 Medium Adminer Server Side Request Forgery (SSRF) CVE-2021-21311 CWE-918 CWE-918 Medium Adobe Experience Manager Information Disclosure via Apache Sling v2.3.6 vulnerability CVE-2016-0956 CWE-668 CWE-668 Medium Amazon S3 public bucket CWE-732 CWE-732 Medium Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-47828) CVE-2024-47828 CWE-352 CWE-352 Medium Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51488) CVE-2024-51488 CWE-352 CWE-352 Medium Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51489) CVE-2024-51489 CWE-352 CWE-352 Medium Ampache Improper Authentication Vulnerability (CVE-2007-4438) CVE-2007-4438 CWE-287 CWE-287 Medium Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12386) CVE-2019-12386 CWE-707 CWE-707 Medium Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32644) CVE-2021-32644 CWE-707 CWE-707 Medium Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0606) CVE-2023-0606 CWE-707 CWE-707 Medium Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28852) CVE-2024-28852 CWE-707 CWE-707 Medium Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-28853) CVE-2024-28853 CWE-707 CWE-707 Medium Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-41665) CVE-2024-41665 CWE-707 CWE-707 Medium Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-47184) CVE-2024-47184 CWE-707 CWE-707 Medium Angular Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4231) CVE-2021-4231 CWE-707 CWE-707 Medium Angular Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-61261) CVE-2025-61261 CWE-707 CWE-707 Medium Angular Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-66412) CVE-2025-66412 CWE-707 CWE-707 Medium Angular Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-22610) CVE-2026-22610 CWE-707 CWE-707 Medium Angular Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-27970) CVE-2026-27970 CWE-707 CWE-707 Medium AngularJS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14863) CVE-2019-14863 CWE-707 CWE-707 Medium AngularJS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-7676) CVE-2020-7676 CWE-707 CWE-707 Medium AngularJS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-25869) CVE-2022-25869 CWE-707 CWE-707 Medium AngularJS Inefficient Regular Expression Complexity Vulnerability (CVE-2023-26116) CVE-2023-26116 CWE-1333 CWE-1333 Medium AngularJS Inefficient Regular Expression Complexity Vulnerability (CVE-2023-26117) CVE-2023-26117 CWE-1333 CWE-1333 Medium AngularJS Inefficient Regular Expression Complexity Vulnerability (CVE-2023-26118) CVE-2023-26118 CWE-1333 CWE-1333 Medium AngularJS Other Vulnerability (CVE-2024-8372) CVE-2024-8372 Medium AngularJS Other Vulnerability (CVE-2024-8373) CVE-2024-8373 Medium Angular Server-Side Request Forgery (SSRF) Vulnerability (CVE-2026-41423) CVE-2026-41423 CWE-918 CWE-918 Medium Apache Airflow Exposed configuration CWE-200 CWE-200 Medium Apache APISIX default token (CVE-2020-13945/CVE-2022-24112) CVE-2020-13945 CVE-2022-24112 CWE-259 CWE-259 Medium Apache Axis2 information disclosure CWE-200 CWE-200 Medium Apache balancer-manager application publicly accessible CWE-200 CWE-200 Medium Apache Cassandra Unauthorized Access Vulnerability CWE-200 CWE-200 Medium Apache configured to run as proxy CWE-441 CWE-441 Medium Apache Denial of service in mod_lua r:parsebody Vulnerability (CVE-2022-29404) CVE-2022-29404 Medium Apache httpOnly cookie disclosure CVE-2012-0053 CWE-200 CWE-200 Medium Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2005-2970) CVE-2005-2970 CWE-770 CWE-770 Medium Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2008-2364) CVE-2008-2364 CWE-770 CWE-770 Medium Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2011-0419) CVE-2011-0419 CWE-770 CWE-770 Medium Apache HTTP Server Authentication Bypass Using an Alternate Path or Channel Vulnerability (CVE-2025-66200) CVE-2025-66200 CWE-288 CWE-288 Medium Apache HTTP Server Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2007-1741) CVE-2007-1741 CWE-362 CWE-362 Medium Apache HTTP Server Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2014-0226) CVE-2014-0226 CWE-362 CWE-362 Medium Apache HTTP Server Configuration Vulnerability (CVE-2009-1195) CVE-2009-1195 Medium Apache HTTP Server Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-6420) CVE-2007-6420 CWE-352 CWE-352 Medium Apache HTTP Server Cryptographic Issues Vulnerability (CVE-2009-3555) CVE-2009-3555 Medium Apache HTTP Server CVE-1999-0070 Vulnerability (CVE-1999-0070) CVE-1999-0070 Medium Apache HTTP Server CVE-2004-0751 Vulnerability (CVE-2004-0751) CVE-2004-0751 Medium Apache HTTP Server CVE-2004-0786 Vulnerability (CVE-2004-0786) CVE-2004-0786 Medium Apache HTTP Server CVE-2004-0809 Vulnerability (CVE-2004-0809) CVE-2004-0809 Medium Apache HTTP Server CVE-2007-3304 Vulnerability (CVE-2007-3304) CVE-2007-3304 Medium Apache HTTP Server CVE-2009-1191 Vulnerability (CVE-2009-1191) CVE-2009-1191 Medium Apache HTTP Server CVE-2009-3720 Vulnerability (CVE-2009-3720) CVE-2009-3720 Medium Apache HTTP Server CVE-2012-0031 Vulnerability (CVE-2012-0031) CVE-2012-0031 Medium Apache HTTP Server CVE-2012-0053 Vulnerability (CVE-2012-0053) CVE-2012-0053 Medium Apache HTTP Server CVE-2012-0883 Vulnerability (CVE-2012-0883) CVE-2012-0883 Medium Apache HTTP Server CVE-2013-1862 Vulnerability (CVE-2013-1862) CVE-2013-1862 Medium Apache HTTP Server CVE-2013-1896 Vulnerability (CVE-2013-1896) CVE-2013-1896 Medium Apache HTTP Server CVE-2013-5704 Vulnerability (CVE-2013-5704) CVE-2013-5704 Medium Apache HTTP Server CVE-2013-6438 Vulnerability (CVE-2013-6438) CVE-2013-6438 Medium Apache HTTP Server CVE-2014-0098 Vulnerability (CVE-2014-0098) CVE-2014-0098 Medium Apache HTTP Server CVE-2018-1283 Vulnerability (CVE-2018-1283) CVE-2018-1283 Medium Apache HTTP Server CVE-2018-11763 Vulnerability (CVE-2018-11763) CVE-2018-11763 Medium Apache HTTP Server CVE-2024-39884 Vulnerability (CVE-2024-39884) CVE-2024-39884 Medium Apache HTTP Server CVE-2024-40725 Vulnerability (CVE-2024-40725) CVE-2024-40725 Medium Apache HTTP Server DEPRECATED: Code Vulnerability (CVE-2015-3183) CVE-2015-3183 Medium Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2003-1418) CVE-2003-1418 CWE-200 CWE-200 Medium Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-6514) CVE-2007-6514 CWE-200 CWE-200 Medium 12345...118 1 / 118
