Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-48110) CVE-2022-48110 CWE-707 CWE-707 Medium CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-28439) CVE-2023-28439 CWE-707 CWE-707 Medium CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-24815) CVE-2024-24815 CWE-707 CWE-707 Medium CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-24816) CVE-2024-24816 CWE-707 CWE-707 Medium CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-43407) CVE-2024-43407 CWE-707 CWE-707 Medium CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-45613) CVE-2024-45613 CWE-707 CWE-707 Medium CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-61261) CVE-2025-61261 CWE-707 CWE-707 Medium CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2026-28343) CVE-2026-28343 CWE-707 CWE-707 Medium CKEditor Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-26271) CVE-2021-26271 CWE-829 CWE-829 Medium CKEditor Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-26272) CVE-2021-26272 CWE-829 CWE-829 Medium CKEditor Uncontrolled Resource Consumption Vulnerability (CVE-2021-21254) CVE-2021-21254 CWE-400 CWE-400 Medium Claroline Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3262) CVE-2008-3262 CWE-352 CWE-352 Medium Claroline Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3716) CVE-2011-3716 CWE-200 CWE-200 Medium Claroline Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2006-4844) CVE-2006-4844 CWE-94 CWE-94 Medium Claroline Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-3261) CVE-2008-3261 CWE-59 CWE-59 Medium Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3260) CVE-2008-3260 CWE-707 CWE-707 Medium Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3315) CVE-2008-3315 CWE-707 CWE-707 Medium Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-1907) CVE-2009-1907 CWE-707 CWE-707 Medium Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6267) CVE-2013-6267 CWE-707 CWE-707 Medium Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37160) CVE-2022-37160 CWE-707 CWE-707 Medium Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37161) CVE-2022-37161 CWE-707 CWE-707 Medium Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37162) CVE-2022-37162 CWE-707 CWE-707 Medium Claroline Other Vulnerability (CVE-2005-1374) CVE-2005-1374 Medium Claroline Other Vulnerability (CVE-2006-1595) CVE-2006-1595 Medium Claroline Other Vulnerability (CVE-2006-2284) CVE-2006-2284 Medium Claroline Other Vulnerability (CVE-2006-2868) CVE-2006-2868 Medium Claroline Other Vulnerability (CVE-2006-3257) CVE-2006-3257 Medium Claroline Other Vulnerability (CVE-2007-3517) CVE-2007-3517 Medium ClipBucket Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3717) CVE-2011-3717 CWE-200 CWE-200 Medium ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6642) CVE-2012-6642 CWE-707 CWE-707 Medium ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6644) CVE-2012-6644 CWE-707 CWE-707 Medium ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-4673) CVE-2015-4673 CWE-707 CWE-707 Medium ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-4848) CVE-2016-4848 CWE-707 CWE-707 Medium ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-1000307) CVE-2016-1000307 CWE-707 CWE-707 Medium Clockwork PHP dev tool enabled CWE-200 CWE-200 Medium CodeIgniter development mode enabled CWE-200 CWE-489 CWE-200 CWE-489 Medium ColdFusion Request Debugging information disclosure CWE-200 CWE-200 Medium ColdFusion Robust Exception enabled CWE-200 CWE-200 Medium ColdFusion XSS (CVE-2023-44352) CVE-2023-44352 CWE-79 CWE-79 Medium Collabtive Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-5285) CVE-2010-5285 CWE-352 CWE-352 Medium Collabtive Improper Input Validation Vulnerability (CVE-2012-2670) CVE-2012-2670 CWE-20 CWE-20 Medium Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5284) CVE-2010-5284 CWE-707 CWE-707 Medium Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3247) CVE-2014-3247 CWE-707 CWE-707 Medium Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8935) CVE-2019-8935 CWE-707 CWE-707 Medium Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13655) CVE-2020-13655 CWE-707 CWE-707 Medium Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3298) CVE-2021-3298 CWE-707 CWE-707 Medium Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-46240) CVE-2024-46240 CWE-707 CWE-707 Medium Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-48706) CVE-2024-48706 CWE-707 CWE-707 Medium Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-48707) CVE-2024-48707 CWE-707 CWE-707 Medium Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-48708) CVE-2024-48708 CWE-707 CWE-707 Medium Collabtive Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-6872) CVE-2013-6872 CWE-138 CWE-138 Medium Collabtive Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3246) CVE-2014-3246 CWE-138 CWE-138 Medium concrete5 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-8082) CVE-2017-8082 CWE-352 CWE-352 Medium concrete5 CVE-2020-14961 Vulnerability (CVE-2020-14961) CVE-2020-14961 Medium concrete5 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-5107) CVE-2014-5107 CWE-200 CWE-200 Medium concrete5 Improper Input Validation Vulnerability (CVE-2017-18195) CVE-2017-18195 CWE-20 CWE-20 Medium concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-5181) CVE-2012-5181 CWE-707 CWE-707 Medium concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5108) CVE-2014-5108 CWE-707 CWE-707 Medium concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9526) CVE-2014-9526 CWE-707 CWE-707 Medium concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-2250) CVE-2015-2250 CWE-707 CWE-707 Medium concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-3989) CVE-2015-3989 CWE-707 CWE-707 Medium concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-4721) CVE-2015-4721 CWE-707 CWE-707 Medium concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-6905) CVE-2017-6905 CWE-707 CWE-707 Medium concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-6908) CVE-2017-6908 CWE-707 CWE-707 Medium concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7725) CVE-2017-7725 CWE-707 CWE-707 Medium concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19146) CVE-2018-19146 CWE-707 CWE-707 Medium Contao Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-1297) CVE-2012-1297 CWE-352 CWE-352 Medium Contao CVE-2018-20028 Vulnerability (CVE-2018-20028) CVE-2018-20028 Medium Contao CVE-2024-28234 Vulnerability (CVE-2024-28234) CVE-2024-28234 Medium Contao CVE-2024-28235 Vulnerability (CVE-2024-28235) CVE-2024-28235 Medium Contao Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2025-57756) CVE-2025-57756 CWE-200 CWE-200 Medium Contao Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2025-57757) CVE-2025-57757 CWE-200 CWE-200 Medium Contao Improper Access Control Vulnerability (CVE-2025-57758) CVE-2025-57758 CWE-284 CWE-284 Medium Contao Improper Encoding or Escaping of Output Vulnerability (CVE-2019-19714) CVE-2019-19714 CWE-116 CWE-116 Medium Contao Improper Input Validation Vulnerability (CVE-2020-25768) CVE-2020-25768 CWE-20 CWE-20 Medium 1...10111213...118 11 / 118
