CVE Database - 2014

Browse known vulnerabilities with WAF coverage analysis. See which CVEs are detectable by Web Application Firewalls and their OWASP CRS rules.

Matching CVEs

15562

Critical

25943

High

66770

High WAF Coverage

Severity: All Critical (15562) High (25943) Medium (39674) Low (770)

Attack: Authentication Bypass (3125) CSRF (7701) Code Injection (3830) Command Injection (3048) Cross-Site Scripting (XSS) (36254) HTTP Response Splitting (71) Incorrect Authorization (2629) Input Validation (8386) Insecure Deserialization (2433) Missing Authorization (7123) OS Command Injection (5173) Open Redirect (1379) Path Traversal (6529) Privilege Escalation (2537) Remote File Inclusion (1002) Resource Exhaustion (2704) SQL Injection (14078) SSRF (2172) Unrestricted File Upload (3880) XXE (1194)

Year: 2006 2014 2016 2017 2018 2019 2020 2021 2022 2023 2024 2025 2026

WAF: High (66770) Medium (22627) Low (22304)

Clear filter

CVE-2012-6430

MEDIUM

4.30 CVSS 2.0

Cross-site scripting (XSS) vulnerability in Open Solution Quick.Cms 5.0 and Quick.Cart 6.0, possibly as downloaded before December 19, 2012, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin.php. NOTE: this might be a duplicate of CVE-2008-4140.

Cross-Site Scripting (XSS)

WAF: High Mar 24, 2014