Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Next.js Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-5284) CVE-2020-5284 CWE-22 CWE-22 Medium Next.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18282) CVE-2018-18282 CWE-707 CWE-707 Medium Next.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-39178) CVE-2021-39178 CWE-707 CWE-707 Medium Next.js URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-15242) CVE-2020-15242 CWE-601 CWE-601 Medium Next.js URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-37699) CVE-2021-37699 CWE-601 CWE-601 Medium Nexus Repository Manager Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-11415) CVE-2020-11415 CWE-312 CWE-312 Medium Nexus Repository Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-42568) CVE-2021-42568 CWE-200 CWE-200 Medium Nexus Repository Manager Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-30635) CVE-2021-30635 CWE-22 CWE-22 Medium Nexus Repository Manager Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-34553) CVE-2021-34553 CWE-22 CWE-22 Medium Nexus Repository Manager Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5306) CVE-2018-5306 CWE-707 CWE-707 Medium Nexus Repository Manager Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5307) CVE-2018-5307 CWE-707 CWE-707 Medium Nexus Repository Manager Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-12100) CVE-2018-12100 CWE-707 CWE-707 Medium Nexus Repository Manager Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16619) CVE-2018-16619 CWE-707 CWE-707 Medium Nexus Repository Manager Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11629) CVE-2019-11629 CWE-707 CWE-707 Medium Nexus Repository Manager Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14469) CVE-2019-14469 CWE-707 CWE-707 Medium Nexus Repository Manager Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29159) CVE-2021-29159 CWE-707 CWE-707 Medium Nexus Repository Manager Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-37152) CVE-2021-37152 CWE-707 CWE-707 Medium Nexus Repository Manager Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-43961) CVE-2021-43961 CWE-138 CWE-138 Medium Nexus Repository Manager Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-29436) CVE-2020-29436 CWE-611 CWE-611 Medium Nexus Repository Manager Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-43293) CVE-2021-43293 CWE-918 CWE-918 Medium Nexus Repository Manager Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-27907) CVE-2022-27907 CWE-918 CWE-918 Medium Nginx Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9516) CVE-2019-9516 CWE-770 CWE-770 Medium Nginx Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2012-2089) CVE-2012-2089 CWE-120 CWE-120 Medium Nginx CVE-2009-4487 Vulnerability (CVE-2009-4487) CVE-2009-4487 Medium Nginx CVE-2010-4180 Vulnerability (CVE-2010-4180) CVE-2010-4180 Medium Nginx CVE-2011-4963 Vulnerability (CVE-2011-4963) CVE-2011-4963 Medium Nginx CVE-2013-2070 Vulnerability (CVE-2013-2070) CVE-2013-2070 Medium Nginx Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-2263) CVE-2010-2263 CWE-200 CWE-200 Medium Nginx Improper Certificate Validation Vulnerability (CVE-2009-3555) CVE-2009-3555 CWE-295 CWE-295 Medium Nginx Improper Input Validation Vulnerability (CVE-2011-4968) CVE-2011-4968 CWE-20 CWE-20 Medium Nginx Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2009-3898) CVE-2009-3898 CWE-22 CWE-22 Medium Nginx Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2010-2266) CVE-2010-2266 CWE-22 CWE-22 Medium Nginx Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2014-3556) CVE-2014-3556 CWE-138 CWE-138 Medium Nginx Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2009-3896) CVE-2009-3896 CWE-119 CWE-119 Medium Nginx Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-20372) CVE-2019-20372 CWE-444 CWE-444 Medium Nginx Insufficient Session Expiration Vulnerability (CVE-2014-3616) CVE-2014-3616 CWE-613 CWE-613 Medium Nginx Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-16845) CVE-2018-16845 CWE-835 CWE-835 Medium Nginx Out-of-bounds Write Vulnerability (CVE-2011-4315) CVE-2011-4315 CWE-787 CWE-787 Medium nginx range filter integer overflow CVE-2017-7529 CWE-200 CWE-200 Medium Nginx Redirect Header Injection CWE-93 CWE-93 Medium Nginx Resource Management Errors Vulnerability (CVE-2016-0747) CVE-2016-0747 Medium Nginx Use After Free Vulnerability (CVE-2012-1180) CVE-2012-1180 CWE-416 CWE-416 Medium Nginx Use After Free Vulnerability (CVE-2022-31307) CVE-2022-31307 CWE-416 CWE-416 Medium Nginx Use After Free Vulnerability (CVE-2022-32414) CVE-2022-32414 CWE-416 CWE-416 Medium Node.js Running in Development Mode CWE-215 CWE-215 Medium Node.js Web Application does not handle uncaughtException CWE-248 CWE-248 Medium Node.js Web Application does not handle unhandledRejection CWE-248 CWE-248 Medium NodeBB Arbitrary JSON File Read (CVE-2021-43788) CVE-2021-43788 CWE-22 CWE-22 Medium npm log file publicly accessible (npm-debug.log) CWE-200 CWE-200 Medium Odoo XSS (CVE-2023-1434) CVE-2023-1434 CWE-79 CWE-79 Medium Omeka Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-5100) CVE-2014-5100 CWE-352 CWE-352 Medium Omeka Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-13423) CVE-2018-13423 CWE-707 CWE-707 Medium Omeka Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26799) CVE-2021-26799 CWE-707 CWE-707 Medium Omeka Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-3980) CVE-2023-3980 CWE-707 CWE-707 Medium Omeka Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-3982) CVE-2023-3982 CWE-707 CWE-707 Medium Omeka Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-3981) CVE-2023-3981 CWE-918 CWE-918 Medium Opencart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-1610) CVE-2010-1610 CWE-352 CWE-352 Medium Opencart Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3763) CVE-2011-3763 CWE-200 CWE-200 Medium Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2009-1621) CVE-2009-1621 CWE-22 CWE-22 Medium Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2013-1891) CVE-2013-1891 CWE-22 CWE-22 Medium Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-11495) CVE-2018-11495 CWE-22 CWE-22 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-4671) CVE-2015-4671 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-15081) CVE-2019-15081 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-10596) CVE-2020-10596 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13980) CVE-2020-13980 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-29470) CVE-2020-29470 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-29471) CVE-2020-29471 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21515) CVE-2024-21515 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21516) CVE-2024-21516 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21517) CVE-2024-21517 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1746) CVE-2025-1746 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1747) CVE-2025-1747 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1748) CVE-2025-1748 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-1749) CVE-2025-1749 CWE-707 CWE-707 Medium Opencart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-37823) CVE-2021-37823 CWE-138 CWE-138 Medium 1...61626364...107 62 / 107
