Web Application Vulnerabilities

This page lists 23441 vulnerabilities in 68 categories.

Critical: 1499 High: 12791 Medium: 8230 Low: 857 Information: 64

Vulnerability Name

CVE

CWE

Severity

Zope Web Application Server CVE-2011-3587 Vulnerability (CVE-2011-3587)

CVE-2011-3587

-

Critical

Zope Web Application Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2023-41050)

CVE-2023-41050

CWE-200

High

Zope Web Application Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-32633)

CVE-2021-32633

CWE-22

High

Zope Web Application Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-32674)

CVE-2021-32674

CWE-22

High

Zope Web Application Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-5145)

CVE-2009-5145

CWE-707

Medium

Zope Web Application Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-1104)

CVE-2010-1104

CWE-707

Medium

Zope Web Application Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4924)

CVE-2011-4924

CWE-707

Medium

Zope Web Application Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42458)

CVE-2023-42458

CWE-707

Medium

Zope Web Application Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-44389)

CVE-2023-44389

CWE-707

Medium

Zope Web Application Server Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) (CVE-2021-33507)

CVE-2021-33507

CWE-707

Medium

Zope Web Application Server Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2021-32811)

CVE-2021-32811

CWE-915

High

Zope Web Application Server Other Vulnerability (CVE-2000-0062)

CVE-2000-0062

-

Critical

Zope Web Application Server Other Vulnerability (CVE-2000-0483)

CVE-2000-0483

-

High

Zope Web Application Server Other Vulnerability (CVE-2000-0725)

CVE-2000-0725

-

High

Zope Web Application Server Other Vulnerability (CVE-2000-1211)

CVE-2000-1211

-

High

Zope Web Application Server Other Vulnerability (CVE-2000-1212)

CVE-2000-1212

-

Medium

Zope Web Application Server Other Vulnerability (CVE-2001-0567)

CVE-2001-0567

-

Medium

Zope Web Application Server Other Vulnerability (CVE-2001-1227)

CVE-2001-1227

-

High

Zope Web Application Server Other Vulnerability (CVE-2001-1278)

CVE-2001-1278

-

High

Zope Web Application Server Other Vulnerability (CVE-2002-0170)

CVE-2002-0170

-

High

Zope Web Application Server Other Vulnerability (CVE-2002-0687)

CVE-2002-0687

-

Medium

Zope Web Application Server Other Vulnerability (CVE-2002-0688)

CVE-2002-0688

-

High

Zope Web Application Server Other Vulnerability (CVE-2005-3323)

CVE-2005-3323

-

High

Zope Web Application Server Other Vulnerability (CVE-2006-3458)

CVE-2006-3458

-

Low

Zope Web Application Server Other Vulnerability (CVE-2006-4684)

CVE-2006-4684

-

Medium

Zope Web Application Server Other Vulnerability (CVE-2007-0240)

CVE-2007-0240

-

Medium

Zope Web Application Server Other Vulnerability (CVE-2010-3198)

CVE-2010-3198

-

Medium

Zope Web Application Server Other Vulnerability (CVE-2012-5486)

CVE-2012-5486

-

Medium

Zope Web Application Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5489)

CVE-2012-5489

CWE-264

Medium

Zope Web Application Server Resource Management Errors Vulnerability (CVE-2008-5102)

CVE-2008-5102

-

Medium

[Possible] AWStats Detected

-

CWE-538

Medium

[Possible] Backup Folder

-

CWE-538

Medium

[Possible] Backup Source Code Detected

-

CWE-538

High

[Possible] Database Connection String Detected

-

CWE-200

Medium

[Possible] Internal IP Address Disclosure

-

CWE-200

Low

[Possible] Internal Path Disclosure (*nix)

-

CWE-200

Information

[Possible] Internal Path Disclosure (Windows)

-

CWE-200

Information

[Possible] Password Transmitted over Query String

-

CWE-200

Medium

[Possible] Source Code Disclosure (Ruby)

-

CWE-540

Medium

[Possible] Sublime SFTP Config File Detected

-

CWE-200

High

[Possible] WS_FTP Log File Detected

-

CWE-538

Information