Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Web Application Vulnerabilities
This page lists
23441 vulnerabilities
in
68 categories
.
Critical: 1499
High: 12791
Medium: 8230
Low: 857
Information: 64
Vulnerability Name
CVE
CWE
Severity
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5323)
CVE-2023-5323
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5842)
CVE-2023-5842
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23817)
CVE-2024-23817
CWE-707
Medium
Dolibarr Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-4197)
CVE-2023-4197
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2020-35136)
CVE-2020-35136
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-30253)
CVE-2023-30253
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4802)
CVE-2011-4802
CWE-138
Medium
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-1225)
CVE-2012-1225
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-2091)
CVE-2013-2091
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3992)
CVE-2014-3992
CWE-138
Medium
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-7137)
CVE-2014-7137
CWE-138
Medium
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-14238)
CVE-2017-14238
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-14242)
CVE-2017-14242
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17897)
CVE-2017-17897
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17899)
CVE-2017-17899
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17900)
CVE-2017-17900
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-18260)
CVE-2017-18260
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-7886)
CVE-2017-7886
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-9435)
CVE-2017-9435
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-9839)
CVE-2017-9839
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-10094)
CVE-2018-10094
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-13447)
CVE-2018-13447
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-13448)
CVE-2018-13448
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-13449)
CVE-2018-13449
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-13450)
CVE-2018-13450
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-16809)
CVE-2018-16809
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-19994)
CVE-2018-19994
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-19998)
CVE-2018-19998
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-9019)
CVE-2018-9019
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-19209)
CVE-2019-19209
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-14443)
CVE-2020-14443
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-36625)
CVE-2021-36625
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-0224)
CVE-2022-0224
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-4093)
CVE-2022-4093
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-5314)
CVE-2024-5314
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-5315)
CVE-2024-5315
CWE-138
Critical
Dolibarr Improper Privilege Management Vulnerability (CVE-2020-14201)
CVE-2020-14201
CWE-269
Medium
Dolibarr Improper Privilege Management Vulnerability (CVE-2022-43138)
CVE-2022-43138
CWE-269
Critical
Dolibarr Inadequate Encryption Strength Vulnerability (CVE-2017-7888)
CVE-2017-7888
CWE-326
Critical
Dolibarr Incorrect Authorization Vulnerability (CVE-2020-12669)
CVE-2020-12669
CWE-863
High
Dolibarr Incorrect Authorization Vulnerability (CVE-2021-25954)
CVE-2021-25954
CWE-863
Medium
Dolibarr Incorrect Authorization Vulnerability (CVE-2021-37517)
CVE-2021-37517
CWE-863
High
Dolibarr Incorrect Authorization Vulnerability (CVE-2022-0731)
CVE-2022-0731
CWE-863
Medium
Dolibarr Incorrect Default Permissions Vulnerability (CVE-2020-13240)
CVE-2020-13240
CWE-276
Medium
Dolibarr Incorrect Default Permissions Vulnerability (CVE-2022-40871)
CVE-2022-40871
CWE-276
Critical
Dolibarr Information Disclosure (CVE-2023-33568)
CVE-2023-33568
CWE-552
High
Dolibarr Missing Authorization Vulnerability (CVE-2018-10092)
CVE-2018-10092
CWE-862
High
Dolibarr Missing Authorization Vulnerability (CVE-2023-4198)
CVE-2023-4198
CWE-862
Medium
Dolibarr Other Vulnerability (CVE-2022-0414)
CVE-2022-0414
-
Medium
Dolibarr Other Vulnerability (CVE-2022-0746)
CVE-2022-0746
-
Medium
Dolibarr Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-9840)
CVE-2017-9840
CWE-434
High
Dolibarr Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-14209)
CVE-2020-14209
CWE-434
High
Dolibarr Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-38887)
CVE-2023-38887
CWE-434
High
Dolibarr Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2021-25957)
CVE-2021-25957
CWE-640
High
Dolphin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-4333)
CVE-2014-4333
CWE-352
Medium
Dolphin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3728)
CVE-2011-3728
CWE-200
Medium
Dolphin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3167)
CVE-2008-3167
CWE-94
Critical
Dolphin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0873)
CVE-2012-0873
CWE-707
Medium
Dolphin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-27969)
CVE-2021-27969
CWE-707
Medium
Dolphin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-3638)
CVE-2013-3638
CWE-138
High
Dolphin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3810)
CVE-2014-3810
CWE-138
Medium
Dolphin Other Vulnerability (CVE-2006-4189)
CVE-2006-4189
-
Medium
Dolphin Other Vulnerability (CVE-2006-5410)
CVE-2006-5410
-
Medium
DOMPurify Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16728)
CVE-2019-16728
CWE-707
Medium
DOMPurify Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-26870)
CVE-2020-26870
CWE-707
Medium
DOMPurify URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-25155)
CVE-2019-25155
CWE-601
Medium
Dot CMS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-3187)
CVE-2017-3187
CWE-352
High
Dot CMS CVE-2024-3164 Vulnerability (CVE-2024-3164)
CVE-2024-3164
-
Medium
Dot CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-3688)
CVE-2016-3688
CWE-200
Medium
Dot CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-3708)
CVE-2008-3708
CWE-22
Medium
Dot CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-3972)
CVE-2016-3972
CWE-22
Low
Dot CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-3188)
CVE-2017-3188
CWE-22
Medium
Dot CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-12309)
CVE-2019-12309
CWE-22
Medium
Dot CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-6754)
CVE-2020-6754
CWE-22
Critical
Dot CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-45783)
CVE-2022-45783
CWE-22
Medium
«
1
...
25
26
27
...
313
»
