Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-37389) CVE-2021-37389 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-37390) CVE-2021-37390 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-37391) CVE-2021-37391 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43687) CVE-2021-43687 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27422) CVE-2022-27422 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27425) CVE-2022-27425 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31799) CVE-2023-31799 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31800) CVE-2023-31800 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31801) CVE-2023-31801 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31802) CVE-2023-31802 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31803) CVE-2023-31803 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31804) CVE-2023-31804 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31805) CVE-2023-31805 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31806) CVE-2023-31806 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31807) CVE-2023-31807 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-34961) CVE-2023-34961 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37061) CVE-2023-37061 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37062) CVE-2023-37062 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37063) CVE-2023-37063 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37064) CVE-2023-37064 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37065) CVE-2023-37065 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37066) CVE-2023-37066 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37067) CVE-2023-37067 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-27525) CVE-2024-27525 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-30618) CVE-2024-30618 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-51142) CVE-2024-51142 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-50186) CVE-2025-50186 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-52468) CVE-2025-52468 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-52470) CVE-2025-52470 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-52475) CVE-2025-52475 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-52476) CVE-2025-52476 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-52563) CVE-2025-52563 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-59540) CVE-2025-59540 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-30882) CVE-2026-30882 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-34161) CVE-2026-34161 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Vulnerability (CVE-2025-52564) CVE-2025-52564 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-6787) CVE-2013-6787 CWE-138 CWE-138 Medium Chamilo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-39582) CVE-2023-39582 CWE-138 CWE-138 Medium Chamilo Improper Privilege Management Vulnerability (CVE-2020-23128) CVE-2020-23128 CWE-269 CWE-269 Medium Chamilo Improper Restriction of XML External Entity Reference Vulnerability (CVE-2026-33737) CVE-2026-33737 CWE-611 CWE-611 Medium Chamilo Incorrect Privilege Assignment Vulnerability (CVE-2026-1106) CVE-2026-1106 CWE-266 CWE-266 Medium Chamilo Insertion of Sensitive Information into Externally-Accessible File or Directory Vulnerability (CVE-2026-33705) CVE-2026-33705 CWE-538 CWE-538 Medium Chamilo Missing Authorization Vulnerability (CVE-2019-1000017) CVE-2019-1000017 CWE-862 CWE-862 Medium Chamilo Missing Authorization Vulnerability (CVE-2025-59544) CVE-2025-59544 CWE-862 CWE-862 Medium Chamilo Missing Authorization Vulnerability (CVE-2026-33708) CVE-2026-33708 CWE-862 CWE-862 Medium Chamilo Observable Response Discrepancy Vulnerability (CVE-2026-30876) CVE-2026-30876 CWE-204 CWE-204 Medium Chamilo Other Vulnerability (CVE-2023-34958) CVE-2023-34958 Medium Chamilo Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-34959) CVE-2023-34959 CWE-918 CWE-918 Medium Chamilo Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-50337) CVE-2024-50337 CWE-918 CWE-918 Medium Chamilo Server-Side Request Forgery (SSRF) Vulnerability (CVE-2026-31941) CVE-2026-31941 CWE-918 CWE-918 Medium Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4220) CVE-2023-4220 CWE-434 CWE-434 Medium Chamilo URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-9540) CVE-2015-9540 CWE-601 CWE-601 Medium Chamilo URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2025-66447) CVE-2025-66447 CWE-601 CWE-601 Medium Chamilo URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2026-32932) CVE-2026-32932 CWE-601 CWE-601 Medium Chamilo Use of Cache Containing Sensitive Information Vulnerability (CVE-2025-69581) CVE-2025-69581 CWE-524 CWE-524 Medium Cherokee Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-2191) CVE-2011-2191 CWE-352 CWE-352 Medium Cherokee Improper Authentication Vulnerability (CVE-2014-4668) CVE-2014-4668 CWE-287 CWE-287 Medium Cherokee Improper Input Validation Vulnerability (CVE-2009-4489) CVE-2009-4489 CWE-20 CWE-20 Medium CherryPy Other Vulnerability (CVE-2006-0847) CVE-2006-0847 Medium Chrome Logger information disclosure CWE-200 CWE-200 Medium Cisco Adaptive Security Appliance (ASA) XSS (CVE-2020-3580) CVE-2020-3580 CWE-79 CWE-79 Medium Cisco RV Series Authentication Bypass (CVE-2021-1472) CVE-2021-1472 CWE-119 CWE-119 Medium Citrix ADC NetScaler Local File Inclusion (CVE-2020-8193) CVE-2020-8193 CWE-284 CWE-284 Medium Citrix NetScaler ADC/Gateway XSS (CVE-2025-12101) CVE-2025-12101 CWE-79 CWE-79 Medium CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5191) CVE-2014-5191 CWE-707 CWE-707 Medium CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17960) CVE-2018-17960 CWE-707 CWE-707 Medium CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-9281) CVE-2020-9281 CWE-707 CWE-707 Medium CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-9440) CVE-2020-9440 CWE-707 CWE-707 Medium CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-27193) CVE-2020-27193 CWE-707 CWE-707 Medium CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32808) CVE-2021-32808 CWE-707 CWE-707 Medium CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32809) CVE-2021-32809 CWE-707 CWE-707 Medium CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-37695) CVE-2021-37695 CWE-707 CWE-707 Medium CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41164) CVE-2021-41164 CWE-707 CWE-707 Medium CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41165) CVE-2021-41165 CWE-707 CWE-707 Medium CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-24728) CVE-2022-24728 CWE-707 CWE-707 Medium 1...9101112...118 10 / 118
