| Cross-site Scripting (XSS) | |
| Information Exposure | |
| Incorrect Resource Transfer Between Spheres | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| CVE-2024-6307 | |
| CVE-2024-4439 | |
| CVE-2023-5692 | |
| CVE-2024-31210 | |
| CVE-2024-31211 | |
| CVE-2023-5561 | |
| Information Exposure | |
| Cross-site Scripting (XSS) | |
| Directory Traversal | |
| Time-of-check Time-of-use (TOCTOU) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Improper Authentication | |
| Incorrect Default Permissions | |
| Cross-site Scripting (XSS) | |
| SQL Injection | |
| Deserialization of Untrusted Data | |
| SQL Injection | |
| CVE-2021-44223 | |
| Cross-site Scripting (XSS) | |
| Information Exposure | |
| Deserialization of Untrusted Data | |
| XML External Entity (XXE) Injection | |
| Information Exposure | |
| Cross-site Request Forgery (CSRF) | |
| CVE-2020-28039 | |
| Cross-site Scripting (XSS) | |
| Improper Privilege Management | |
| Improper Privilege Management | |
| Improper Input Validation | |
| Cross-site Scripting (XSS) | |
| CVE-2020-28033 | |
| Deserialization of Untrusted Data | |
| CVE-2020-25286 | |
| Cross-site Scripting (XSS) | |
| Open Redirect | |
| Cross-site Scripting (XSS) | |
| Authentication Bypass | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Weak Password Recovery Mechanism for Forgotten Password | |
| Missing Authentication for Critical Function | |
| Improper Privilege Management | |
| Improper Input Validation | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Server-Side Request Forgery (SSRF) | |
| Cross-site Scripting (XSS) | |
| Information Exposure | |
| Server-Side Request Forgery (SSRF) | |
| Improper Input Validation | |
| Cross-site Request Forgery (CSRF) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Open Redirect | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Information Exposure | |
| Cross-site Request Forgery (CSRF) | |
| Arbitrary Code Injection | |
| Improper Input Validation | |
| Information Exposure | |
| Cross-site Scripting (XSS) | |
| Incorrect Authorization | |
| Deserialization of Untrusted Data | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Improper Input Validation | |
| Unrestricted Upload of File with Dangerous Type | |
| Directory Traversal | |
| Cross-site Scripting (XSS) | |
| Open Redirect | |
| Open Redirect | |
| Resource Exhaustion | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Use of Insufficiently Random Values | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| SQL Injection | |
| Inadequate Encryption Strength | |
| Improper Input Validation | |
| Cleartext Storage of Sensitive Information | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Directory Traversal | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| SQL Injection | |
| Cross-site Scripting (XSS) | |
| Open Redirect | |
| Directory Traversal | |
| Cross-site Request Forgery (CSRF) | |
| Cross-site Scripting (XSS) | |
| Cross-site Request Forgery (CSRF) | |
| Server-Side Request Forgery (SSRF) | |
| Cross-site Scripting (XSS) | |
| Improper Input Validation | |
| Weak Password Recovery Mechanism for Forgotten Password | |
| CVE-2017-1001000 | |
| Incorrect Authorization | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Request Forgery (CSRF) | |
| Improper Input Validation | |
| Cross-site Scripting (XSS) | |
| SQL Injection | |
| Information Exposure | |
| Directory Traversal | |
| Cross-site Request Forgery (CSRF) | |
| Security Features | |
| Cross-site Request Forgery (CSRF) | |
| Insecure Default Initialization of Resource | |
| Cross-site Request Forgery (CSRF) | |
| Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) | |
| Cross-site Scripting (XSS) | |
| Information Exposure | |
| Cross-site Scripting (XSS) | |
| Directory Traversal | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Improper Authorization | |
| Cross-site Request Forgery (CSRF) | |
| Cross-site Scripting (XSS) | |
| CVE-2016-5839 | |
| CVE-2016-5832 | |
| Cross-site Scripting (XSS) | |
| Information Exposure | |
| CVE-2016-5836 | |
| Credentials Management | |
| CVE-2016-5837 | |
| Access Restriction Bypass | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| CVE-2016-2221 | |
| CVE-2016-2222 | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Information Exposure | |
| Cross-site Request Forgery (CSRF) | |
| Cross-site Scripting (XSS) | |
| SQL Injection | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Improper Access Control | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Request Forgery (CSRF) | |
| Cross-site Scripting (XSS) | |
| Improper Input Validation | |
| Security Features | |
| Improper Data Handling | |
| Cross-site Scripting (XSS) | |
| Cryptographic Issues | |
| Cross-site Scripting (XSS) | |
| SQL Injection | |
| Cross-site Scripting (XSS) | |
| Resource Management Errors | |
| Cross-site Request Forgery (CSRF) | |
| Cross-site Request Forgery (CSRF) | |
| Resource Management Errors | |
| CVE-2014-5203 | |
| CVE-2014-2053 | |
| Improper Authentication | |
| Access Restriction Bypass | |
| Access Restriction Bypass | |
| Access Restriction Bypass | |
| Access Restriction Bypass | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Access Restriction Bypass | |
| Access Restriction Bypass | |
| Access Restriction Bypass | |
| Cross-site Request Forgery (CSRF) | |
| Improper Input Validation | |
| Access Restriction Bypass | |
| Improper Input Validation | |
| Cross-site Scripting (XSS) | |
| Arbitrary Code Injection | |
| Cross-site Scripting (XSS) | |
| Improper Input Validation | |
| Information Exposure | |
| Access Restriction Bypass | |
| Cross-site Scripting (XSS) | |
| Access Restriction Bypass | |
| Cross-site Scripting (XSS) | |
| CVE-2013-0235 | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Access Restriction Bypass | |
| Cryptographic Issues | |
| Access Restriction Bypass | |
| Information Exposure | |
| Cross-site Request Forgery (CSRF) | |
| Access Restriction Bypass | |
| Access Restriction Bypass | |
| Access Restriction Bypass | |
| Cross-site Request Forgery (CSRF) | |
| Access Restriction Bypass | |
| Access Restriction Bypass | |
| Improper Input Validation | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Access Restriction Bypass | |
| CVE-2012-2399 | |
| CVE-2012-2400 | |
| Cross-site Scripting (XSS) | |
| Access Restriction Bypass | |
| CVE-2012-0937 | |
| CVE-2011-4899 | |
| Cross-site Scripting (XSS) | |
| Information Exposure | |
| Cross-site Scripting (XSS) | |
| SQL Injection | |
| Information Exposure | |
| Information Exposure | |
| Improper Input Validation | |
| CVE-2011-3125 | |
| Access Restriction Bypass | |
| CVE-2011-3122 | |
| Information Exposure | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| SQL Injection | |
| Cross-site Scripting (XSS) | |
| Access Restriction Bypass | |
| Cross-site Scripting (XSS) | |
| Arbitrary Code Injection | |
| Cryptographic Issues | |
| CVE-2008-7220 | |
| Cross-site Scripting (XSS) | |
| Access Restriction Bypass | |
| Access Restriction Bypass | |
| Credentials Management | |
| Configuration | |
| Configuration | |
| Access Restriction Bypass | |
| Improper Input Validation | |
| Improper Authentication | |
| CVE-2008-6767 | |
| Link Following | |
| Improper Input Validation | |
| Cross-site Scripting (XSS) | |
| Cross-site Request Forgery (CSRF) | |
| OS Command Injection | |
| Directory Traversal | |
| Improper Input Validation | |
| Access Restriction Bypass | |
| Improper Input Validation | |
| Access Restriction Bypass | |
| Cross-site Scripting (XSS) | |
| Improper Authentication | |
| Cross-site Scripting (XSS) | |
| Access Restriction Bypass | |
| Directory Traversal | |
| Information Exposure | |
| Information Exposure | |
| Directory Traversal | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| SQL Injection | |
| Improper Authentication | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Cross-site Request Forgery (CSRF) | |
| SQL Injection | |
| CVE-2007-4483 | |
| CVE-2007-4154 | |
| CVE-2007-4153 | |
| CVE-2007-3639 | |
| CVE-2007-3544 | |
| CVE-2007-3543 | |
| CVE-2007-3238 | |
| CVE-2007-3215 | |
| CVE-2007-3140 | |
| CVE-2007-2821 | |
| CVE-2007-2714 | |
| CVE-2007-2627 | |
| SQL Injection | |
| Access Restriction Bypass | |
| CVE-2007-1894 | |
| Cross-site Scripting (XSS) | |
| CVE-2007-1622 | |
| CVE-2007-1599 | |
| CVE-2007-1244 | |
| CVE-2007-1230 | |
| CVE-2007-1049 | |
| CVE-2007-0539 | |
| CVE-2007-0540 | |
| Access Restriction Bypass | |
| CVE-2007-0262 | |
| CVE-2007-0233 | |
| CVE-2007-0107 | |
| CVE-2007-0106 | |
| CVE-2007-0109 | |
| CVE-2006-6808 | |
| CVE-2006-6016 | |
| CVE-2006-6017 | |
| CVE-2006-5705 | |
| CVE-2006-4743 | |
| CVE-2006-4208 | |
| CVE-2006-4028 | |
| CVE-2006-3390 | |
| CVE-2006-3389 | |
| CVE-2006-2702 | |
| CVE-2006-2667 | |
| CVE-2006-1796 | |
| CVE-2006-1263 | |
| CVE-2006-1012 | |
| CVE-2006-0985 | |
| CVE-2006-0986 | |
| CVE-2006-0733 | |
| Directory Traversal | |
| CVE-2005-4463 | |
| CVE-2005-2612 | |
| CVE-2005-2109 | |
| CVE-2005-2107 | |
| CVE-2005-2108 | |
| CVE-2005-2110 | |
| CVE-2005-1810 | |
| CVE-2005-1687 | |
| CVE-2005-1688 | |
| CVE-2004-1559 | |
| CVE-2004-1584 | |
