Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Web Application Vulnerabilities
This page lists
23441 vulnerabilities
in
68 categories
.
Critical: 1499
High: 12791
Medium: 8230
Low: 857
Information: 64
Vulnerability Name
CVE
CWE
Severity
Atlassian Jira Incorrect Default Permissions Vulnerability (CVE-2019-20106)
CVE-2019-20106
CWE-276
Medium
Atlassian Jira insecure REST permissions
-
-
High
Atlassian Jira Insufficient Session Expiration Vulnerability (CVE-2021-39113)
CVE-2021-39113
CWE-613
High
Atlassian Jira Manage Filters information disclosure
-
CWE-200
Low
Atlassian Jira Missing Authentication for Critical Function Vulnerability (CVE-2019-8449)
CVE-2019-8449
CWE-306
Medium
Atlassian Jira Missing Authorization Vulnerability (CVE-2017-18101)
CVE-2017-18101
CWE-862
Medium
Atlassian Jira Missing Authorization Vulnerability (CVE-2019-15013)
CVE-2019-15013
CWE-862
Medium
Atlassian Jira Missing Authorization Vulnerability (CVE-2019-20407)
CVE-2019-20407
CWE-862
Medium
Atlassian Jira Missing Authorization Vulnerability (CVE-2019-3399)
CVE-2019-3399
CWE-862
High
Atlassian Jira Missing Authorization Vulnerability (CVE-2019-8445)
CVE-2019-8445
CWE-862
Medium
Atlassian Jira Missing Authorization Vulnerability (CVE-2020-14185)
CVE-2020-14185
CWE-862
Medium
Atlassian Jira Observable Discrepancy Vulnerability (CVE-2020-4028)
CVE-2020-4028
CWE-203
Medium
Atlassian Jira Other Vulnerability (CVE-2006-3338)
CVE-2006-3338
-
Low
Atlassian Jira Other Vulnerability (CVE-2006-3339)
CVE-2006-3339
-
Medium
Atlassian Jira Other Vulnerability (CVE-2007-6618)
CVE-2007-6618
-
Medium
Atlassian Jira Other Vulnerability (CVE-2019-14997)
CVE-2019-14997
-
Medium
Atlassian Jira Other Vulnerability (CVE-2019-20101)
CVE-2019-20101
-
Medium
Atlassian Jira Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-6619)
CVE-2007-6619
CWE-264
High
Atlassian Jira Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2928)
CVE-2012-2928
CWE-264
Medium
Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-16865)
CVE-2017-16865
CWE-918
Medium
Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2018-13404)
CVE-2018-13404
CWE-918
Medium
Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-20408)
CVE-2019-20408
CWE-918
Medium
Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-8451)
CVE-2019-8451
CWE-918
Medium
Atlassian JIRA Servicedesk misconfiguration
-
CWE-287
Medium
Atlassian Jira Uncontrolled Search Path Element Vulnerability (CVE-2019-20400)
CVE-2019-20400
CWE-427
High
Atlassian Jira Uncontrolled Search Path Element Vulnerability (CVE-2019-20419)
CVE-2019-20419
CWE-427
High
Atlassian Jira Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-20897)
CVE-2019-20897
CWE-434
Medium
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-13401)
CVE-2018-13401
CWE-601
Medium
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-13402)
CVE-2018-13402
CWE-601
Medium
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-11585)
CVE-2019-11585
CWE-601
Medium
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-11589)
CVE-2019-11589
CWE-601
Medium
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-20417)
CVE-2019-20417
CWE-601
Medium
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-20901)
CVE-2019-20901
CWE-601
Medium
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-39112)
CVE-2021-39112
CWE-601
Medium
Atlassian OAuth Plugin IconUriServlet SSRF
CVE-2017-9506
CWE-918
High
ATutor Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-1583)
CVE-2015-1583
CWE-352
High
ATutor Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-2539)
CVE-2016-2539
CWE-352
High
ATutor Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3706)
CVE-2011-3706
CWE-200
Medium
ATutor Improper Authentication Vulnerability (CVE-2014-9753)
CVE-2014-9753
CWE-287
Critical
ATutor Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3368)
CVE-2008-3368
CWE-94
Medium
ATutor Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-10400)
CVE-2016-10400
CWE-22
High
ATutor Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-1000002)
CVE-2017-1000002
CWE-22
Critical
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0828)
CVE-2008-0828
CWE-707
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-0971)
CVE-2010-0971
CWE-707
Low
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6528)
CVE-2012-6528
CWE-707
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-2091)
CVE-2014-2091
CWE-707
Low
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-6521)
CVE-2015-6521
CWE-707
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7711)
CVE-2015-7711
CWE-707
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14981)
CVE-2017-14981
CWE-707
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-6483)
CVE-2017-6483
CWE-707
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7172)
CVE-2019-7172
CWE-707
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23341)
CVE-2020-23341
CWE-707
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-27008)
CVE-2023-27008
CWE-707
Medium
ATutor Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-2555)
CVE-2016-2555
CWE-138
Critical
ATutor Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-1000004)
CVE-2017-1000004
CWE-138
Critical
ATutor Improper Privilege Management Vulnerability (CVE-2017-1000003)
CVE-2017-1000003
CWE-269
Critical
ATutor Incorrect Authorization Vulnerability (CVE-2019-16114)
CVE-2019-16114
CWE-863
Critical
ATutor Other Vulnerability (CVE-2014-9752)
CVE-2014-9752
-
Medium
ATutor Other Vulnerability (CVE-2015-7712)
CVE-2015-7712
-
Medium
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-11446)
CVE-2019-11446
CWE-434
High
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-12169)
CVE-2019-12169
CWE-434
High
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-12170)
CVE-2019-12170
CWE-434
High
ATutor Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2021-43498)
CVE-2021-43498
CWE-640
High
Authentication Bypass in Ivanti Connect Secure and Policy Secure (CVE-2023-46805)
CVE-2023-46805
CWE-287
High
Authentication bypass via MongoDB operator injection
-
CWE-943
High
Auxiliary systems SSRF
-
CWE-918
High
axios Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-45857)
CVE-2023-45857
CWE-352
Medium
axios Improper Input Validation Vulnerability (CVE-2019-10742)
CVE-2019-10742
CWE-20
High
axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-28168)
CVE-2020-28168
CWE-918
Medium
axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-39338)
CVE-2024-39338
CWE-918
High
axios Uncontrolled Resource Consumption Vulnerability (CVE-2021-3749)
CVE-2021-3749
CWE-400
High
Axis development mode enabled in WEB-INF/server-config.wsdd
-
CWE-16
Medium
Axis system configuration listing enabled in WEB-INF/server-config.wsdd
-
CWE-16
Medium
Axway Secure Transport Improper Restriction of XML External Entity Reference Vulnerability (CVE-2019-14277)
CVE-2019-14277
CWE-611
Critical
b2evolution Credentials Management Errors Vulnerability (CVE-2016-9479)
CVE-2016-9479
-
High
«
1
...
14
15
16
...
313
»
