Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24637 vulnerabilities in 62 categories.

Critical: 1632 High: 13196 Medium: 8851 Low: 887 Information: 71
Vulnerability Name
CVE
CWE
Severity
Argo CD Information Disclosure (CVE-2024-37152)
CVE-2024-37152
CWE-287
Medium
Argument Injection
-
CWE-88
High
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-1000206)
CVE-2018-1000206
CWE-352
High
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10321)
CVE-2019-10321
CWE-352
Medium
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10324)
CVE-2019-10324
CWE-352
Medium
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-23163)
CVE-2021-23163
CWE-352
High
Artifactory CVE-2019-9733 Vulnerability (CVE-2019-9733)
CVE-2019-9733
-
Critical
Artifactory CVE-2020-7931 Vulnerability (CVE-2020-7931)
CVE-2020-7931
-
High
Artifactory CVE-2023-42508 Vulnerability (CVE-2023-42508)
CVE-2023-42508
-
Medium
Artifactory CVE-2023-42661 Vulnerability (CVE-2023-42661)
CVE-2023-42661
-
High
Artifactory CVE-2024-3505 Vulnerability (CVE-2024-3505)
CVE-2024-3505
-
Medium
Artifactory Deserialization of Untrusted Data Vulnerability (CVE-2022-0573)
CVE-2022-0573
CWE-502
High
Artifactory Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-46687)
CVE-2021-46687
CWE-668
Medium
Artifactory Improper Authentication Vulnerability (CVE-2023-42662)
CVE-2023-42662
CWE-287
Medium
Artifactory Improper Handling of Exceptional Conditions Vulnerability (CVE-2023-42509)
CVE-2023-42509
CWE-755
High
Artifactory Improper Input Validation Vulnerability (CVE-2016-6501)
CVE-2016-6501
CWE-20
Critical
Artifactory Improper Input Validation Vulnerability (CVE-2019-19937)
CVE-2019-19937
CWE-20
High
Artifactory Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000623)
CVE-2018-1000623
CWE-22
High
Artifactory Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-45721)
CVE-2021-45721
CWE-707
Medium
Artifactory Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-2247)
CVE-2024-2247
CWE-707
Medium
Artifactory Improper Privilege Management Vulnerability (CVE-2022-0668)
CVE-2022-0668
CWE-269
Critical
Artifactory Incorrect Authorization Vulnerability (CVE-2021-45074)
CVE-2021-45074
CWE-863
Medium
Artifactory Incorrect Authorization Vulnerability (CVE-2021-45730)
CVE-2021-45730
CWE-863
Medium
Artifactory Incorrect Default Permissions Vulnerability (CVE-2021-46270)
CVE-2021-46270
CWE-276
Low
Artifactory Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-41834)
CVE-2021-41834
CWE-732
Medium
Artifactory Insufficient Verification of Data Authenticity Vulnerability (CVE-2018-19971)
CVE-2018-19971
CWE-345
Critical
Artifactory Insufficiently Protected Credentials Vulnerability (CVE-2018-1000424)
CVE-2018-1000424
CWE-522
High
Artifactory Insufficiently Protected Credentials Vulnerability (CVE-2020-2164)
CVE-2020-2164
CWE-522
Medium
Artifactory Insufficiently Protected Credentials Vulnerability (CVE-2020-2165)
CVE-2020-2165
CWE-522
High
Artifactory Missing Authorization Vulnerability (CVE-2019-10322)
CVE-2019-10322
CWE-862
Medium
Artifactory Missing Authorization Vulnerability (CVE-2019-10323)
CVE-2019-10323
CWE-862
Medium
Artifactory Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-10036)
CVE-2016-10036
CWE-434
Critical
Artifactory Weak Password Requirements Vulnerability (CVE-2019-17444)
CVE-2019-17444
CWE-521
Critical
ASP.NET application-level tracing enabled
-
CWE-215
Medium
ASP.NET ASPX debugging enabled
-
CWE-11
Medium
ASP.NET connection strings stored in plaintext
-
CWE-312
High
ASP.NET cookieless authentication enabled
-
CWE-598
Medium
ASP.NET Cookieless session state enabled
-
CWE-598
Medium
ASP.NET cookies accessible from client-side scripts
-
CWE-1004
Medium
ASP.NET Core Development Mode enabled
-
CWE-200
Medium
ASP.NET CustomErrors Is Disabled
-
CWE-12
Medium
ASP.NET debugging enabled
-
CWE-11
Low
ASP.NET Deny missing from authorization rule on location
-
CWE-288
Medium
ASP.NET diagnostic page
-
CWE-200
Medium
ASP.NET error message
-
CWE-12
Low
ASP.NET event validation disabled
-
CWE-345
Medium
ASP.NET expired session IDs are not regenerated
-
CWE-384
Medium
ASP.NET forms authentication using inadequate protection
-
CWE-345
Medium
ASP.NET header checking is disabled in web.config
-
CWE-113
Medium
ASP.NET login credentials stored in plain text
-
CWE-256
Medium
ASP.NET MVC Improper Authentication Vulnerability (CVE-2018-8171)
CVE-2018-8171
CWE-287
High
ASP.NET MVC Improper Input Validation Vulnerability (CVE-2017-0247)
CVE-2017-0247
CWE-20
High
ASP.NET MVC Improper Input Validation Vulnerability (CVE-2017-0249)
CVE-2017-0249
CWE-20
High
ASP.NET MVC Improper Input Validation Vulnerability (CVE-2017-0256)
CVE-2017-0256
CWE-20
Medium
ASP.NET MVC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-4075)
CVE-2014-4075
CWE-707
Medium
ASP.NET path disclosure
-
CWE-200
Low
ASP.NET potential HTTP Verb Tampering
-
CWE-288
Medium
ASP.NET SignalR Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-5042)
CVE-2013-5042
CWE-707
Medium
ASP.NET ValidateRequest Is Globally Disabled
-
CWE-707
Medium
ASP.NET viewstate encryption disabled
-
CWE-319
Medium
ASP.NET ViewState Weak Validation Key
-
CWE-321
Critical
ASP.NET ViewStateUserKey Is Not Set
-
CWE-642
Low
ASP.NET WCF metadata enabled for behavior
-
CWE-200
Medium
ASP.NET WCF replay attacks are not detected
-
CWE-294
Medium
ASP.NET WCF service include exception details
-
CWE-209
Medium
ASP.NET: Failure To Require SSL For Authentication Cookies
-
CWE-319
Medium
Atlassian Confluence Access Restriction Bypass
CVE-2017-9505
-
Medium
Atlassian Confluence Asymmetric Resource Consumption (Amplification) Vulnerability (CVE-2025-22166)
CVE-2025-22166
CWE-405
High
Atlassian Confluence Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-6342)
CVE-2012-6342
CWE-352
Medium
Atlassian Confluence CVE-2020-29448 Vulnerability (CVE-2020-29448)
CVE-2020-29448
-
Medium
Atlassian Confluence CVE-2023-22503 Vulnerability (CVE-2023-22503)
CVE-2023-22503
-
Medium
Atlassian Confluence CVE-2023-22505 Vulnerability (CVE-2023-22505)
CVE-2023-22505
-
High
Atlassian Confluence CVE-2023-22508 Vulnerability (CVE-2023-22508)
CVE-2023-22508
-
High
Atlassian Confluence CVE-2023-22512 Vulnerability (CVE-2023-22512)
CVE-2023-22512
-
High
Atlassian Confluence CVE-2023-22515 Vulnerability (CVE-2023-22515)
CVE-2023-22515
-
Critical