Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Web Application Vulnerabilities
This page lists
23441 vulnerabilities
in
68 categories
.
Critical: 1499
High: 12791
Medium: 8230
Low: 857
Information: 64
Vulnerability Name
CVE
CWE
Severity
Apache Traffic Server Uncontrolled Resource Consumption Vulnerability (CVE-2025-49763)
CVE-2025-49763
CWE-400
High
Apache Unomi MVEL RCE (CVE-2020-13942)
CVE-2020-13942
CWE-20
High
Apache ZooKeeper Unauthorized Access Vulnerability
-
CWE-200
Medium
apc.php page found
-
CWE-538
Medium
API Authentication Bypass Using a Test/Staging Host Header
-
-
High
API Sensitive Info(PII) accessible without authentication
-
CWE-284
High
Apple's App-Site Association (AASA) file
-
CWE-200
Information
AppWeb Authentication Bypass (CVE-2018-8715)
CVE-2018-8715
CWE-287
High
Appwrite favicon SSRF (CVE-2023-27159)
CVE-2023-27159
CWE-918
High
Arbitrary EL Evaluation in RichFaces
CVE-2015-0279
CWE-917
High
Arbitrary File Creation
-
CWE-20
High
Arbitrary File Deletion
-
CWE-20
High
Arbitrary file existence disclosure in Action Pack
CVE-2014-7829
CWE-200
Medium
Arbitrary File Read in Next.js
-
CWE-22
High
Arbitrary File Read on Nuxt.js Development Server
-
CWE-200
Low
Arbitrary local file read via file upload
-
CWE-200
High
Argo CD Information Disclosure (CVE-2024-37152)
CVE-2024-37152
CWE-287
Medium
Argument Injection
-
CWE-88
High
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-1000206)
CVE-2018-1000206
CWE-352
High
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10321)
CVE-2019-10321
CWE-352
Medium
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10324)
CVE-2019-10324
CWE-352
Medium
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-23163)
CVE-2021-23163
CWE-352
High
Artifactory CVE-2019-9733 Vulnerability (CVE-2019-9733)
CVE-2019-9733
-
Critical
Artifactory CVE-2020-7931 Vulnerability (CVE-2020-7931)
CVE-2020-7931
-
High
Artifactory CVE-2023-42508 Vulnerability (CVE-2023-42508)
CVE-2023-42508
-
Medium
Artifactory CVE-2023-42661 Vulnerability (CVE-2023-42661)
CVE-2023-42661
-
High
Artifactory CVE-2024-3505 Vulnerability (CVE-2024-3505)
CVE-2024-3505
-
Medium
Artifactory Deserialization of Untrusted Data Vulnerability (CVE-2022-0573)
CVE-2022-0573
CWE-502
High
Artifactory Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-46687)
CVE-2021-46687
CWE-668
Medium
Artifactory Improper Authentication Vulnerability (CVE-2023-42662)
CVE-2023-42662
CWE-287
Medium
Artifactory Improper Handling of Exceptional Conditions Vulnerability (CVE-2023-42509)
CVE-2023-42509
CWE-755
High
Artifactory Improper Input Validation Vulnerability (CVE-2016-6501)
CVE-2016-6501
CWE-20
Critical
Artifactory Improper Input Validation Vulnerability (CVE-2019-19937)
CVE-2019-19937
CWE-20
High
Artifactory Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000623)
CVE-2018-1000623
CWE-22
High
Artifactory Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-45721)
CVE-2021-45721
CWE-707
Medium
Artifactory Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-2247)
CVE-2024-2247
CWE-707
Medium
Artifactory Improper Privilege Management Vulnerability (CVE-2022-0668)
CVE-2022-0668
CWE-269
Critical
Artifactory Incorrect Authorization Vulnerability (CVE-2021-45074)
CVE-2021-45074
CWE-863
Medium
Artifactory Incorrect Authorization Vulnerability (CVE-2021-45730)
CVE-2021-45730
CWE-863
Medium
Artifactory Incorrect Default Permissions Vulnerability (CVE-2021-46270)
CVE-2021-46270
CWE-276
Low
Artifactory Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-41834)
CVE-2021-41834
CWE-732
Medium
Artifactory Insufficient Verification of Data Authenticity Vulnerability (CVE-2018-19971)
CVE-2018-19971
CWE-345
Critical
Artifactory Insufficiently Protected Credentials Vulnerability (CVE-2018-1000424)
CVE-2018-1000424
CWE-522
High
Artifactory Insufficiently Protected Credentials Vulnerability (CVE-2020-2164)
CVE-2020-2164
CWE-522
Medium
Artifactory Insufficiently Protected Credentials Vulnerability (CVE-2020-2165)
CVE-2020-2165
CWE-522
High
Artifactory Missing Authorization Vulnerability (CVE-2019-10322)
CVE-2019-10322
CWE-862
Medium
Artifactory Missing Authorization Vulnerability (CVE-2019-10323)
CVE-2019-10323
CWE-862
Medium
Artifactory Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-10036)
CVE-2016-10036
CWE-434
Critical
Artifactory Weak Password Requirements Vulnerability (CVE-2019-17444)
CVE-2019-17444
CWE-521
Critical
ASP.NET application-level tracing enabled
-
CWE-215
Medium
ASP.NET ASPX debugging enabled
-
CWE-11
Medium
ASP.NET connection strings stored in plaintext
-
CWE-16
High
ASP.NET cookieless authentication enabled
-
CWE-598
Medium
ASP.NET Cookieless session state enabled
-
CWE-598
Medium
ASP.NET cookies accessible from client-side scripts
-
CWE-1004
Medium
ASP.NET Core Development Mode enabled
-
CWE-200
Medium
ASP.NET CustomErrors Is Disabled
-
CWE-12
Medium
ASP.NET debugging enabled
-
CWE-11
Low
ASP.NET Deny missing from authorization rule on location
-
CWE-16
Medium
ASP.NET diagnostic page
-
CWE-200
Medium
ASP.NET error message
-
CWE-12
Low
ASP.NET event validation disabled
-
CWE-16
Medium
ASP.NET expired session IDs are not regenerated
-
CWE-16
Medium
ASP.NET forms authentication using inadequate protection
-
CWE-16
Medium
ASP.NET header checking is disabled in web.config
-
CWE-16
Medium
ASP.NET login credentials stored in plain text
-
CWE-256
Medium
ASP.NET MVC Improper Authentication Vulnerability (CVE-2018-8171)
CVE-2018-8171
CWE-287
High
ASP.NET MVC Improper Input Validation Vulnerability (CVE-2017-0247)
CVE-2017-0247
CWE-20
High
ASP.NET MVC Improper Input Validation Vulnerability (CVE-2017-0249)
CVE-2017-0249
CWE-20
High
ASP.NET MVC Improper Input Validation Vulnerability (CVE-2017-0256)
CVE-2017-0256
CWE-20
Medium
ASP.NET MVC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-4075)
CVE-2014-4075
CWE-707
Medium
ASP.NET path disclosure
-
CWE-200
Low
ASP.NET potential HTTP Verb Tampering
-
CWE-16
Medium
ASP.NET SignalR Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-5042)
CVE-2013-5042
CWE-707
Medium
ASP.NET ValidateRequest Is Globally Disabled
-
CWE-707
Medium
«
1
...
10
11
12
...
313
»
