Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Citrix Gateway Open Redirect And XSS Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5553) CVE-2017-5553 CWE-707 CWE-707 Medium b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-22841) CVE-2020-22841 CWE-707 CWE-707 Medium b2evolution Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-5910) CVE-2012-5910 CWE-138 CWE-138 Medium b2evolution Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-2945) CVE-2013-2945 CWE-138 CWE-138 Medium b2evolution Other Vulnerability (CVE-2006-6197) CVE-2006-6197 Medium b2evolution URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-22840) CVE-2020-22840 CWE-601 CWE-601 Medium Backbone.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10537) CVE-2016-10537 CWE-707 CWE-707 Medium Basic authentication over HTTP CWE-522 CWE-522 Medium Beego Framework Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2019-16354) CVE-2019-16354 CWE-362 CWE-362 Medium Beego Framework Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-39391) CVE-2021-39391 CWE-707 CWE-707 Medium Beego Framework Incorrect Default Permissions Vulnerability (CVE-2019-16355) CVE-2019-16355 CWE-276 CWE-276 Medium Bitrix galleries_recalc.php XSS CWE-601 CWE-601 Medium Bitrix open redirect CWE-601 CWE-601 Medium Bitrix server test script publicly accessible CWE-200 CWE-200 Medium Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10735) CVE-2016-10735 CWE-707 CWE-707 Medium Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-14040) CVE-2018-14040 CWE-707 CWE-707 Medium Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-14041) CVE-2018-14041 CWE-707 CWE-707 Medium Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-14042) CVE-2018-14042 CWE-707 CWE-707 Medium Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20676) CVE-2018-20676 CWE-707 CWE-707 Medium Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20677) CVE-2018-20677 CWE-707 CWE-707 Medium Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8331) CVE-2019-8331 CWE-707 CWE-707 Medium Bootstrap Select Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20921) CVE-2019-20921 CWE-707 CWE-707 Medium Bootstrap Table Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2021-23472) CVE-2021-23472 CWE-843 CWE-843 Medium Bootstrap Table Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-1726) CVE-2022-1726 CWE-707 CWE-707 Medium Caddy Web Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-28923) CVE-2022-28923 CWE-601 CWE-601 Medium Caddy Web Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-29718) CVE-2022-29718 CWE-601 CWE-601 Medium CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-15400) CVE-2020-15400 CWE-352 CWE-352 Medium CakePHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3712) CVE-2011-3712 CWE-200 CWE-200 Medium CakePHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2006-5031) CVE-2006-5031 CWE-22 CWE-22 Medium CakePHP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2006-4067) CVE-2006-4067 CWE-707 CWE-707 Medium CakePHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4399) CVE-2012-4399 CWE-264 CWE-264 Medium Chamilo Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-32925) CVE-2021-32925 CWE-200 CWE-200 Medium Chamilo Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-38745) CVE-2021-38745 CWE-94 CWE-94 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4029) CVE-2012-4029 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-0738) CVE-2013-0738 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-0739) CVE-2013-0739 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20327) CVE-2018-20327 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20328) CVE-2018-20328 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1000015) CVE-2019-1000015 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23126) CVE-2020-23126 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26746) CVE-2021-26746 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35415) CVE-2021-35415 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-37389) CVE-2021-37389 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-37390) CVE-2021-37390 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-37391) CVE-2021-37391 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43687) CVE-2021-43687 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27422) CVE-2022-27422 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27425) CVE-2022-27425 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31799) CVE-2023-31799 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31800) CVE-2023-31800 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31801) CVE-2023-31801 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31802) CVE-2023-31802 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31803) CVE-2023-31803 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31804) CVE-2023-31804 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31805) CVE-2023-31805 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31806) CVE-2023-31806 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31807) CVE-2023-31807 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-34961) CVE-2023-34961 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37061) CVE-2023-37061 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37062) CVE-2023-37062 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37063) CVE-2023-37063 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37064) CVE-2023-37064 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37065) CVE-2023-37065 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37066) CVE-2023-37066 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37067) CVE-2023-37067 CWE-707 CWE-707 Medium Chamilo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-6787) CVE-2013-6787 CWE-138 CWE-138 Medium Chamilo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-39582) CVE-2023-39582 CWE-138 CWE-138 Medium Chamilo Improper Privilege Management Vulnerability (CVE-2020-23128) CVE-2020-23128 CWE-269 CWE-269 Medium Chamilo Missing Authorization Vulnerability (CVE-2019-1000017) CVE-2019-1000017 CWE-862 CWE-862 Medium Chamilo Other Vulnerability (CVE-2023-34958) CVE-2023-34958 Medium Chamilo Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-34959) CVE-2023-34959 CWE-918 CWE-918 Medium Chamilo URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-9540) CVE-2015-9540 CWE-601 CWE-601 Medium Cherokee Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-2191) CVE-2011-2191 CWE-352 CWE-352 Medium Cherokee Improper Authentication Vulnerability (CVE-2014-4668) CVE-2014-4668 CWE-287 CWE-287 Medium Cherokee Improper Input Validation Vulnerability (CVE-2009-4489) CVE-2009-4489 CWE-20 CWE-20 Medium 1...891011...94 9 / 94