Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24254 vulnerabilities in 62 categories.

Critical: 1581 High: 13032 Medium: 8704 Low: 868 Information: 69
Vulnerability Name
CVE
CWE
Severity
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2021-27577)
CVE-2021-27577
CWE-444
High
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2021-32565)
CVE-2021-32565
CWE-444
High
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-33934)
CVE-2023-33934
-
Critical
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-38522)
CVE-2023-38522
-
High
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2024-35161)
CVE-2024-35161
-
High
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2024-53868)
CVE-2024-53868
-
High
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2025-65114)
CVE-2025-65114
-
High
Apache Traffic Server Integer Overflow or Wraparound Vulnerability (CVE-2018-9481)
CVE-2018-9481
CWE-190
Medium
Apache Traffic Server Memory Disclosure Vulnerability (CVE-2020-17508)
CVE-2020-17508
-
High
Apache Traffic Server Other Vulnerability (CVE-2019-9513)
CVE-2019-9513
-
High
Apache Traffic Server Out-of-bounds Write Vulnerability (CVE-2021-35474)
CVE-2021-35474
CWE-787
Critical
Apache Traffic Server Remote DOS Attack (CVE-2021-27737)
CVE-2021-27737
-
High
Apache Traffic Server Resource Management Errors Vulnerability (CVE-2016-5396)
CVE-2016-5396
-
High
Apache Traffic Server Unchecked Return Value Vulnerability (CVE-2024-50306)
CVE-2024-50306
CWE-252
Critical
Apache Traffic Server Uncontrolled Resource Consumption Vulnerability (CVE-2018-8005)
CVE-2018-8005
CWE-400
Medium
Apache Traffic Server Uncontrolled Resource Consumption Vulnerability (CVE-2019-9512)
CVE-2019-9512
CWE-400
High
Apache Traffic Server Uncontrolled Resource Consumption Vulnerability (CVE-2020-9481)
CVE-2020-9481
CWE-400
High
Apache Traffic Server Uncontrolled Resource Consumption Vulnerability (CVE-2025-49763)
CVE-2025-49763
CWE-400
High
Apache Unomi MVEL RCE (CVE-2020-13942)
CVE-2020-13942
CWE-20
High
Apache ZooKeeper Unauthorized Access Vulnerability
-
CWE-200
Medium
apc.php page found
-
CWE-538
Medium
API Authentication Bypass Using a Test/Staging Host Header
-
-
High
API Sensitive Data (PII) accessible without authentication
-
CWE-306
High
Apple's App-Site Association (AASA) file
-
CWE-200
Information
AppWeb Authentication Bypass (CVE-2018-8715)
CVE-2018-8715
CWE-287
High
Appwrite favicon SSRF (CVE-2023-27159)
CVE-2023-27159
CWE-918
High
Arbitrary EL Evaluation in RichFaces
CVE-2015-0279
CWE-917
High
Arbitrary File Creation
-
CWE-20
High
Arbitrary File Deletion
-
CWE-20
High
Arbitrary file existence disclosure in Action Pack
CVE-2014-7829
CWE-200
Medium
Arbitrary File Read in Next.js
-
CWE-22
High
Arbitrary File Read on Nuxt.js Development Server
-
CWE-200
Low
Arbitrary local file read via file upload
-
CWE-200
High
Argo CD Information Disclosure (CVE-2024-37152)
CVE-2024-37152
CWE-287
Medium
Argument Injection
-
CWE-88
High
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-1000206)
CVE-2018-1000206
CWE-352
High
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10321)
CVE-2019-10321
CWE-352
Medium
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10324)
CVE-2019-10324
CWE-352
Medium
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-23163)
CVE-2021-23163
CWE-352
High
Artifactory CVE-2019-9733 Vulnerability (CVE-2019-9733)
CVE-2019-9733
-
Critical
Artifactory CVE-2020-7931 Vulnerability (CVE-2020-7931)
CVE-2020-7931
-
High
Artifactory CVE-2023-42508 Vulnerability (CVE-2023-42508)
CVE-2023-42508
-
Medium
Artifactory CVE-2023-42661 Vulnerability (CVE-2023-42661)
CVE-2023-42661
-
High
Artifactory CVE-2024-3505 Vulnerability (CVE-2024-3505)
CVE-2024-3505
-
Medium
Artifactory Deserialization of Untrusted Data Vulnerability (CVE-2022-0573)
CVE-2022-0573
CWE-502
High
Artifactory Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-46687)
CVE-2021-46687
CWE-668
Medium
Artifactory Improper Authentication Vulnerability (CVE-2023-42662)
CVE-2023-42662
CWE-287
Medium
Artifactory Improper Handling of Exceptional Conditions Vulnerability (CVE-2023-42509)
CVE-2023-42509
CWE-755
High
Artifactory Improper Input Validation Vulnerability (CVE-2016-6501)
CVE-2016-6501
CWE-20
Critical
Artifactory Improper Input Validation Vulnerability (CVE-2019-19937)
CVE-2019-19937
CWE-20
High
Artifactory Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000623)
CVE-2018-1000623
CWE-22
High
Artifactory Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-45721)
CVE-2021-45721
CWE-707
Medium
Artifactory Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-2247)
CVE-2024-2247
CWE-707
Medium
Artifactory Improper Privilege Management Vulnerability (CVE-2022-0668)
CVE-2022-0668
CWE-269
Critical
Artifactory Incorrect Authorization Vulnerability (CVE-2021-45074)
CVE-2021-45074
CWE-863
Medium
Artifactory Incorrect Authorization Vulnerability (CVE-2021-45730)
CVE-2021-45730
CWE-863
Medium
Artifactory Incorrect Default Permissions Vulnerability (CVE-2021-46270)
CVE-2021-46270
CWE-276
Low
Artifactory Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-41834)
CVE-2021-41834
CWE-732
Medium
Artifactory Insufficient Verification of Data Authenticity Vulnerability (CVE-2018-19971)
CVE-2018-19971
CWE-345
Critical
Artifactory Insufficiently Protected Credentials Vulnerability (CVE-2018-1000424)
CVE-2018-1000424
CWE-522
High
Artifactory Insufficiently Protected Credentials Vulnerability (CVE-2020-2164)
CVE-2020-2164
CWE-522
Medium
Artifactory Insufficiently Protected Credentials Vulnerability (CVE-2020-2165)
CVE-2020-2165
CWE-522
High
Artifactory Missing Authorization Vulnerability (CVE-2019-10322)
CVE-2019-10322
CWE-862
Medium
Artifactory Missing Authorization Vulnerability (CVE-2019-10323)
CVE-2019-10323
CWE-862
Medium
Artifactory Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-10036)
CVE-2016-10036
CWE-434
Critical
Artifactory Weak Password Requirements Vulnerability (CVE-2019-17444)
CVE-2019-17444
CWE-521
Critical
ASP.NET application-level tracing enabled
-
CWE-215
Medium
ASP.NET ASPX debugging enabled
-
CWE-11
Medium
ASP.NET connection strings stored in plaintext
-
CWE-312
High
ASP.NET cookieless authentication enabled
-
CWE-598
Medium
ASP.NET Cookieless session state enabled
-
CWE-598
Medium
ASP.NET cookies accessible from client-side scripts
-
CWE-1004
Medium
ASP.NET Core Development Mode enabled
-
CWE-200
Medium
ASP.NET CustomErrors Is Disabled
-
CWE-12
Medium
ASP.NET debugging enabled
-
CWE-11
Low