Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Oracle JRE Uncontrolled Resource Consumption Vulnerability (CVE-2026-22021) CVE-2026-22021 CWE-400 CWE-400 Medium Osclass Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-6308) CVE-2014-6308 CWE-22 CWE-22 Medium Osclass Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-5163) CVE-2012-5163 CWE-707 CWE-707 Medium Osclass Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-6280) CVE-2014-6280 CWE-707 CWE-707 Medium Osclass Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-14481) CVE-2018-14481 CWE-707 CWE-707 Medium Osclass Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-5162) CVE-2012-5162 CWE-138 CWE-138 Medium Osclass Other Vulnerability (CVE-2014-8085) CVE-2014-8085 Medium osCommerce Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-22724) CVE-2024-22724 CWE-94 CWE-94 Medium osCommerce Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-2965) CVE-2015-2965 CWE-22 CWE-22 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-29070) CVE-2020-29070 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-35212) CVE-2022-35212 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5111) CVE-2023-5111 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5112) CVE-2023-5112 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-6296) CVE-2023-6296 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-6609) CVE-2023-6609 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43702) CVE-2023-43702 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43703) CVE-2023-43703 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43704) CVE-2023-43704 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43705) CVE-2023-43705 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43706) CVE-2023-43706 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43707) CVE-2023-43707 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43708) CVE-2023-43708 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43709) CVE-2023-43709 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43710) CVE-2023-43710 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43711) CVE-2023-43711 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43712) CVE-2023-43712 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43713) CVE-2023-43713 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43714) CVE-2023-43714 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43715) CVE-2023-43715 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43716) CVE-2023-43716 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43717) CVE-2023-43717 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43718) CVE-2023-43718 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43719) CVE-2023-43719 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43720) CVE-2023-43720 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43721) CVE-2023-43721 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43722) CVE-2023-43722 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43723) CVE-2023-43723 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43724) CVE-2023-43724 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43725) CVE-2023-43725 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43726) CVE-2023-43726 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43727) CVE-2023-43727 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43728) CVE-2023-43728 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43729) CVE-2023-43729 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43730) CVE-2023-43730 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43731) CVE-2023-43731 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43732) CVE-2023-43732 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43733) CVE-2023-43733 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43734) CVE-2023-43734 CWE-707 CWE-707 Medium osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43735) CVE-2023-43735 CWE-707 CWE-707 Medium osCommerce Other Vulnerability (CVE-2003-1219) CVE-2003-1219 Medium osCommerce Other Vulnerability (CVE-2004-2021) CVE-2004-2021 Medium osCommerce Other Vulnerability (CVE-2005-1951) CVE-2005-1951 Medium osCommerce Other Vulnerability (CVE-2006-5190) CVE-2006-5190 Medium osTicket Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2010-4634) CVE-2010-4634 CWE-22 CWE-22 Medium osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-4744) CVE-2014-4744 CWE-707 CWE-707 Medium osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1176) CVE-2015-1176 CWE-707 CWE-707 Medium osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1347) CVE-2015-1347 CWE-707 CWE-707 Medium osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-15362) CVE-2017-15362 CWE-707 CWE-707 Medium osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7192) CVE-2018-7192 CWE-707 CWE-707 Medium osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7193) CVE-2018-7193 CWE-707 CWE-707 Medium osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7196) CVE-2018-7196 CWE-707 CWE-707 Medium osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11537) CVE-2019-11537 CWE-707 CWE-707 Medium osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-13397) CVE-2019-13397 CWE-707 CWE-707 Medium osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14748) CVE-2019-14748 CWE-707 CWE-707 Medium osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14750) CVE-2019-14750 CWE-707 CWE-707 Medium osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12629) CVE-2020-12629 CWE-707 CWE-707 Medium osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-14012) CVE-2020-14012 CWE-707 CWE-707 Medium osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-16193) CVE-2020-16193 CWE-707 CWE-707 Medium osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-22608) CVE-2020-22608 CWE-707 CWE-707 Medium osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-22609) CVE-2020-22609 CWE-707 CWE-707 Medium osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-24917) CVE-2020-24917 CWE-707 CWE-707 Medium osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-4271) CVE-2022-4271 CWE-707 CWE-707 Medium osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-32074) CVE-2022-32074 CWE-707 CWE-707 Medium osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1315) CVE-2023-1315 CWE-707 CWE-707 Medium osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1316) CVE-2023-1316 CWE-707 CWE-707 Medium 1...79808182...118 80 / 118
