Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24637 vulnerabilities in 62 categories.

Critical: 1632 High: 13196 Medium: 8851 Low: 887 Information: 71
Vulnerability Name
CVE
CWE
Severity
Atlassian Jira Other Vulnerability (CVE-2019-14997)
CVE-2019-14997
-
Medium
Atlassian Jira Other Vulnerability (CVE-2019-20101)
CVE-2019-20101
-
Medium
Atlassian Jira Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-6619)
CVE-2007-6619
CWE-264
High
Atlassian Jira Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2928)
CVE-2012-2928
CWE-264
Medium
Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-16865)
CVE-2017-16865
CWE-918
Medium
Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2018-13404)
CVE-2018-13404
CWE-918
Medium
Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-20408)
CVE-2019-20408
CWE-918
Medium
Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-8451)
CVE-2019-8451
CWE-918
Medium
Atlassian JIRA Servicedesk misconfiguration
-
CWE-287
Medium
Atlassian Jira Uncontrolled Search Path Element Vulnerability (CVE-2019-20400)
CVE-2019-20400
CWE-427
High
Atlassian Jira Uncontrolled Search Path Element Vulnerability (CVE-2019-20419)
CVE-2019-20419
CWE-427
High
Atlassian Jira Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-20897)
CVE-2019-20897
CWE-434
Medium
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-13401)
CVE-2018-13401
CWE-601
Medium
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-13402)
CVE-2018-13402
CWE-601
Medium
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-11585)
CVE-2019-11585
CWE-601
Medium
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-11589)
CVE-2019-11589
CWE-601
Medium
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-20417)
CVE-2019-20417
CWE-601
Medium
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-20901)
CVE-2019-20901
CWE-601
Medium
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-39112)
CVE-2021-39112
CWE-601
Medium
Atlassian OAuth Plugin IconUriServlet SSRF
CVE-2017-9506
CWE-918
High
ATutor Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-1583)
CVE-2015-1583
CWE-352
High
ATutor Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-2539)
CVE-2016-2539
CWE-352
High
ATutor Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3706)
CVE-2011-3706
CWE-200
Medium
ATutor Improper Authentication Vulnerability (CVE-2014-9753)
CVE-2014-9753
CWE-287
Critical
ATutor Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3368)
CVE-2008-3368
CWE-94
Medium
ATutor Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-10400)
CVE-2016-10400
CWE-22
High
ATutor Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-1000002)
CVE-2017-1000002
CWE-22
Critical
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0828)
CVE-2008-0828
CWE-707
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-0971)
CVE-2010-0971
CWE-707
Low
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6528)
CVE-2012-6528
CWE-707
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-2091)
CVE-2014-2091
CWE-707
Low
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-6521)
CVE-2015-6521
CWE-707
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7711)
CVE-2015-7711
CWE-707
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14981)
CVE-2017-14981
CWE-707
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-6483)
CVE-2017-6483
CWE-707
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7172)
CVE-2019-7172
CWE-707
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23341)
CVE-2020-23341
CWE-707
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-27008)
CVE-2023-27008
CWE-707
Medium
ATutor Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-2555)
CVE-2016-2555
CWE-138
Critical
ATutor Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-1000004)
CVE-2017-1000004
CWE-138
Critical
ATutor Improper Privilege Management Vulnerability (CVE-2017-1000003)
CVE-2017-1000003
CWE-269
Critical
ATutor Incorrect Authorization Vulnerability (CVE-2019-16114)
CVE-2019-16114
CWE-863
Critical
ATutor Other Vulnerability (CVE-2014-9752)
CVE-2014-9752
-
Medium
ATutor Other Vulnerability (CVE-2015-7712)
CVE-2015-7712
-
Medium
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-11446)
CVE-2019-11446
CWE-434
High
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-12169)
CVE-2019-12169
CWE-434
High
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-12170)
CVE-2019-12170
CWE-434
High
ATutor Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2021-43498)
CVE-2021-43498
CWE-640
High
Authentication Bypass in Ivanti Connect Secure and Policy Secure (CVE-2023-46805)
CVE-2023-46805
CWE-287
High
Authentication bypass via MongoDB operator injection
-
CWE-943
High
Auxiliary systems SSRF
-
CWE-918
High
axios Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2025-58754)
CVE-2025-58754
CWE-770
High
axios Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-42034)
CVE-2026-42034
CWE-770
Medium
axios Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-42036)
CVE-2026-42036
CWE-770
Medium
axios Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-44488)
CVE-2026-44488
CWE-770
High
axios Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-45857)
CVE-2023-45857
CWE-352
Medium
axios Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2026-44486)
CVE-2026-44486
CWE-200
High
axios Improper Authentication Vulnerability (CVE-2026-42041)
CVE-2026-42041
CWE-287
Medium
axios Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2026-25639)
CVE-2026-25639
CWE-754
High
axios Improper Encoding or Escaping of Output Vulnerability (CVE-2026-42040)
CVE-2026-42040
CWE-116
Low
axios Improper Input Validation Vulnerability (CVE-2019-10742)
CVE-2019-10742
CWE-20
High
axios Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability (CVE-2026-42037)
CVE-2026-42037
CWE-707
Medium
axios Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') Vulnerability (CVE-2026-40175)
CVE-2026-40175
CWE-707
Medium
axios Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') Vulnerability (CVE-2026-42035)
CVE-2026-42035
CWE-707
High
axios Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') Vulnerability (CVE-2026-44489)
CVE-2026-44489
CWE-707
Medium
axios Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2026-42044)
CVE-2026-42044
CWE-915
Critical
axios Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2026-42033)
CVE-2026-42033
CWE-1321
High
axios Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2026-42264)
CVE-2026-42264
CWE-1321
Critical
axios Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2026-44490)
CVE-2026-44490
CWE-1321
High
axios Insertion of Sensitive Information Into Sent Data Vulnerability (CVE-2026-44487)
CVE-2026-44487
CWE-201
High
axios Origin Validation Error Vulnerability (CVE-2024-57965)
CVE-2024-57965
CWE-346
Critical
axios Permissive List of Allowed Inputs Vulnerability (CVE-2026-42042)
CVE-2026-42042
CWE-183
Medium
axios Permissive List of Allowed Inputs Vulnerability (CVE-2026-42043)
CVE-2026-42043
CWE-183
Critical
axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-28168)
CVE-2020-28168
CWE-918
Medium
axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-39338)
CVE-2024-39338
CWE-918
High