Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Squid Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-18678) CVE-2019-18678 CWE-444 CWE-444 Medium Squid Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-15810) CVE-2020-15810 CWE-444 CWE-444 Medium Squid Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-15811) CVE-2020-15811 CWE-444 CWE-444 Medium Squid Integer Overflow or Wraparound Vulnerability (CVE-2021-31807) CVE-2021-31807 CWE-190 CWE-190 Medium Squid Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2021-28652) CVE-2021-28652 CWE-401 CWE-401 Medium Squid Missing Release of Resource after Effective Lifetime Vulnerability (CVE-2018-19132) CVE-2018-19132 CWE-772 CWE-772 Medium Squid NULL Pointer Dereference Vulnerability (CVE-2018-1172) CVE-2018-1172 CWE-476 CWE-476 Medium Squid Operation on a Resource after Expiration or Release Vulnerability (CVE-2024-23638) CVE-2024-23638 CWE-672 CWE-672 Medium Squid Other Vulnerability (CVE-2010-0639) CVE-2010-0639 Medium Squid Other Vulnerability (CVE-2010-2951) CVE-2010-2951 Medium Squid Other Vulnerability (CVE-2010-3072) CVE-2010-3072 Medium Squid Other Vulnerability (CVE-2011-3205) CVE-2011-3205 Medium Squid Other Vulnerability (CVE-2015-0881) CVE-2015-0881 Medium Squid Out-of-bounds Read Vulnerability (CVE-2021-28116) CVE-2021-28116 CWE-125 CWE-125 Medium Squid Out-of-bounds Read Vulnerability (CVE-2026-33515) CVE-2026-33515 CWE-125 CWE-125 Medium Squid Out-of-bounds Write Vulnerability (CVE-2019-12521) CVE-2019-12521 CWE-787 CWE-787 Medium Squid Out-of-bounds Write Vulnerability (CVE-2024-37894) CVE-2024-37894 CWE-787 CWE-787 Medium Squid Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2213) CVE-2012-2213 CWE-264 CWE-264 Medium Squid Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-9749) CVE-2014-9749 CWE-264 CWE-264 Medium Squid Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5400) CVE-2015-5400 CWE-264 CWE-264 Medium Squid Resource Management Errors Vulnerability (CVE-2011-4096) CVE-2011-4096 Medium Squid Stack-based Buffer Overflow Vulnerability (CVE-2025-59362) CVE-2025-59362 CWE-121 CWE-121 Medium Squid Uncontrolled Resource Consumption Vulnerability (CVE-2021-46784) CVE-2021-46784 CWE-400 CWE-400 Medium SSL/TLS Not Implemented CWE-319 CWE-319 Medium SSL Certificate Is About To Expire CWE-298 CWE-298 Medium SSL Certificate Name Hostname Mismatch CWE-295 CWE-295 Medium SSL Secure renegotiation is not supported CVE-2009-3555 CWE-295 CWE-295 Medium SSL Untrusted Root Certificate CWE-295 CWE-295 Medium Stack Trace Disclosure (ColdFusion) CWE-209 CWE-209 Medium Stack Trace Disclosure (Java) CWE-209 CWE-209 Medium Stack Trace Disclosure (Laravel) CWE-209 CWE-209 Medium Stack Trace Disclosure (Python) CWE-209 CWE-209 Medium Stack Trace Disclosure (RoR) CWE-209 CWE-209 Medium Struts 2 Config Browser plugin enabled CWE-200 CWE-200 Medium SugarCRM Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3803) CVE-2011-3803 CWE-200 CWE-200 Medium SugarCRM Gain Sensitive Information Vulnerability (CVE-2004-1226) CVE-2004-1226 Medium SugarCRM Improper Input Validation Vulnerability (CVE-2011-0745) CVE-2011-0745 CWE-20 CWE-20 Medium SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-2045) CVE-2008-2045 CWE-22 CWE-22 Medium SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-0465) CVE-2010-0465 CWE-707 CWE-707 Medium SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14510) CVE-2017-14510 CWE-707 CWE-707 Medium SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5715) CVE-2018-5715 CWE-707 CWE-707 Medium SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17784) CVE-2018-17784 CWE-707 CWE-707 Medium SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14974) CVE-2019-14974 CWE-707 CWE-707 Medium SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-17372) CVE-2020-17372 CWE-707 CWE-707 Medium SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-28955) CVE-2020-28955 CWE-707 CWE-707 Medium SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-28956) CVE-2020-28956 CWE-707 CWE-707 Medium SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-36501) CVE-2020-36501 CWE-707 CWE-707 Medium SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-17373) CVE-2020-17373 CWE-138 CWE-138 Medium SugarCRM Other Vulnerability (CVE-2005-0266) CVE-2005-0266 Medium SugarCRM Other Vulnerability (CVE-2006-2460) CVE-2006-2460 Medium SugarCRM Other Vulnerability (CVE-2006-6712) CVE-2006-6712 Medium SugarCRM Other Vulnerability (CVE-2009-2146) CVE-2009-2146 Medium Swagger UI Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-5682) CVE-2016-5682 CWE-707 CWE-707 Medium Symfony debug mode enabled (Invicti IAST) CWE-489 CWE-489 Medium Symfony Profiler open CWE-200 CWE-200 Medium Symfony running in dev mode CWE-200 CWE-489 CWE-200 CWE-489 Medium Symfony web debug toolbar CWE-489 CWE-489 Medium TCExam Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3806) CVE-2011-3806 CWE-200 CWE-200 Medium TCExam Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-5743) CVE-2020-5743 CWE-200 CWE-200 Medium TCExam Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-5744) CVE-2020-5744 CWE-22 CWE-22 Medium TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4602) CVE-2012-4602 CWE-707 CWE-707 Medium TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-13422) CVE-2018-13422 CWE-707 CWE-707 Medium TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5746) CVE-2020-5746 CWE-707 CWE-707 Medium TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5747) CVE-2020-5747 CWE-707 CWE-707 Medium TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5748) CVE-2020-5748 CWE-707 CWE-707 Medium TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5749) CVE-2020-5749 CWE-707 CWE-707 Medium TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5750) CVE-2020-5750 CWE-707 CWE-707 Medium TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5751) CVE-2020-5751 CWE-707 CWE-707 Medium TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20111) CVE-2021-20111 CWE-707 CWE-707 Medium TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20112) CVE-2021-20112 CWE-707 CWE-707 Medium TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20115) CVE-2021-20115 CWE-707 CWE-707 Medium TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20116) CVE-2021-20116 CWE-707 CWE-707 Medium TCExam Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-4237) CVE-2012-4237 CWE-138 CWE-138 Medium TCExam Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-4601) CVE-2012-4601 CWE-138 CWE-138 Medium TCExam Missing Authorization Vulnerability (CVE-2023-6554) CVE-2023-6554 CWE-862 CWE-862 Medium 1...105106107108...119 106 / 119