Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Web Application Vulnerabilities
This page lists
23441 vulnerabilities
in
68 categories
.
Critical: 1499
High: 12791
Medium: 8230
Low: 857
Information: 64
Vulnerability Name
CVE
CWE
Severity
Claroline Other Vulnerability (CVE-2005-1374)
CVE-2005-1374
-
Medium
Claroline Other Vulnerability (CVE-2005-1375)
CVE-2005-1375
-
High
Claroline Other Vulnerability (CVE-2005-1376)
CVE-2005-1376
-
High
Claroline Other Vulnerability (CVE-2005-1377)
CVE-2005-1377
-
High
Claroline Other Vulnerability (CVE-2006-0411)
CVE-2006-0411
-
Critical
Claroline Other Vulnerability (CVE-2006-1594)
CVE-2006-1594
-
High
Claroline Other Vulnerability (CVE-2006-1595)
CVE-2006-1595
-
Medium
Claroline Other Vulnerability (CVE-2006-1596)
CVE-2006-1596
-
High
Claroline Other Vulnerability (CVE-2006-2284)
CVE-2006-2284
-
Medium
Claroline Other Vulnerability (CVE-2006-2868)
CVE-2006-2868
-
Medium
Claroline Other Vulnerability (CVE-2006-3257)
CVE-2006-3257
-
Medium
Claroline Other Vulnerability (CVE-2006-5256)
CVE-2006-5256
-
High
Claroline Other Vulnerability (CVE-2006-7048)
CVE-2006-7048
-
High
Claroline Other Vulnerability (CVE-2007-3517)
CVE-2007-3517
-
Medium
Claroline Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-37159)
CVE-2022-37159
CWE-434
Critical
Cleo Harmony/VLTrader/LexiCom RCE (CVE-2024-50623, CVE-2024-55956)
CVE-2024-55956
CWE-434
Critical
Clickjacking: CSP frame-ancestors missing
-
CWE-1021
Low
Client Side Template Injection
-
CWE-116
High
Client-Side Prototype Pollution
-
-
High
ClipBucket Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3717)
CVE-2011-3717
CWE-200
Medium
ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6642)
CVE-2012-6642
CWE-707
Medium
ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6644)
CVE-2012-6644
CWE-707
Medium
ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-4673)
CVE-2015-4673
CWE-707
Medium
ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-1000307)
CVE-2016-1000307
CWE-707
Medium
ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-4848)
CVE-2016-4848
CWE-707
Medium
ClipBucket Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2018-7664)
CVE-2018-7664
CWE-138
Critical
ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-5849)
CVE-2012-5849
CWE-138
High
ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-6643)
CVE-2012-6643
CWE-138
High
ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-7666)
CVE-2018-7666
CWE-138
Critical
ClipBucket Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-7665)
CVE-2018-7665
CWE-434
Critical
Clockwork PHP dev tool enabled
-
CWE-200
Medium
Cloud metadata publicly exposed
-
CWE-918
High
CloudPanel file-manager Auth bypass (CVE-2023-35885)
CVE-2023-35885
CWE-565
Critical
Cmd hijack vulnerability
-
CWE-94
High
Code Evaluation (Apache Struts) S2-016
CVE-2013-2251
CWE-20
Critical
Code Evaluation (Apache Struts) S2-045
CVE-2017-5638
CWE-94
Critical
Code Evaluation (Apache Struts) S2-046
CVE-2017-5638
CWE-94
High
Code Evaluation (ASP)
-
CWE-95
Critical
Code Evaluation (Perl)
-
CWE-94
Critical
Code Evaluation (PHP)
-
CWE-94
Critical
Code Evaluation (Python)
-
CWE-95
Critical
Code Evaluation (Ruby)
-
CWE-94
Critical
Code Execution via WebDav
-
CWE-434
High
CodeIgniter 2.1.3 xss_clean() filter bypass
CVE-2013-4891
CWE-80
High
CodeIgniter development mode enabled
-
CWE-16
Medium
CodeIgniter session decoding vulnerability
-
CWE-327
High
CodeIgniter weak encryption key
-
CWE-200
High
ColdFusion 8 FCKEditor file upload vulnerability
CVE-2009-2265
CWE-22
High
ColdFusion 9 solr service exposed
CVE-2010-0185
CWE-264
High
ColdFusion Access Control bypass (CVE-2023-29298/CVE-2023-38205)
CVE-2023-38205
CWE-284
High
ColdFusion administrator login page publicly available
-
CWE-200
Low
ColdFusion AMF Deserialization RCE
CVE-2017-3066
CWE-502
High
ColdFusion Arbitrary File Upload
CVE-2018-15961
CWE-434
High
ColdFusion CFC Deserialization RCE (CVE-2023-26359/CVE-2023-26360)
CVE-2023-26360
CWE-502
High
ColdFusion directory traversal
CVE-2010-2861
CWE-22
High
ColdFusion FlashGateway Deserialization RCE CVE-2019-7091
CVE-2019-7091
CWE-502
High
ColdFusion JNDI injection RCE
CVE-2018-15957
CWE-502
High
ColdFusion path disclosures
-
CWE-200
Low
ColdFusion PMS Arbitrary File Read (CVE-2024-20767)
CVE-2024-20767
CWE-284
High
ColdFusion RDS Service enabled
-
CWE-200
Low
ColdFusion Request Debugging information disclosure
-
CWE-200
Medium
ColdFusion Robust Exception enabled
-
CWE-200
Medium
ColdFusion User-Agent cross-site scripting
CVE-2007-0817
CWE-79
High
ColdFusion WDDX Deserialization RCE (CVE-2023-29300/CVE-2023-38203/CVE-2023-38204)
CVE-2023-38204
CWE-502
Critical
ColdFusion WDDX Deserialization RCE (CVE-2023-44353)
CVE-2023-44353
CWE-502
Critical
ColdFusion XSS (CVE-2023-44352)
CVE-2023-44352
CWE-79
Medium
Collabtive Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-5285)
CVE-2010-5285
CWE-352
Medium
Collabtive Improper Input Validation Vulnerability (CVE-2012-2670)
CVE-2012-2670
CWE-20
Medium
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5284)
CVE-2010-5284
CWE-707
Medium
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3247)
CVE-2014-3247
CWE-707
Medium
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8935)
CVE-2019-8935
CWE-707
Medium
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13655)
CVE-2020-13655
CWE-707
Medium
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3298)
CVE-2021-3298
CWE-707
Medium
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-46240)
CVE-2024-46240
CWE-707
Medium
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-48706)
CVE-2024-48706
CWE-707
Medium
«
1
...
18
19
20
...
313
»
