Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.3.2229

Web Application Vulnerabilities

This page lists 24119 vulnerabilities in 70 categories.

Critical: 1560 High: 12984 Medium: 8644 Low: 865 Information: 66
Vulnerability Name
CVE
CWE
Severity
YUI Library Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4940)
CVE-2013-4940
CWE-707
Medium
YUI Library Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4941)
CVE-2013-4941
CWE-707
Medium
YUI Library Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4942)
CVE-2013-4942
CWE-707
Medium
YUI Library Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6780)
CVE-2013-6780
CWE-707
Medium
Zabbix 1.8.x-2.2.x Local File Inclusion via XXE Attack
-
CWE-611
High
Zabbix 2.0.8 SQL injection
CVE-2013-5743
CWE-89
High
Zabbix Guest Access
-
CWE-200
Medium
ZenCart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-4403)
CVE-2011-4403
CWE-352
Medium
ZenCart Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-4322)
CVE-2009-4322
CWE-200
Medium
ZenCart Improper Authentication Vulnerability (CVE-2009-2255)
CVE-2009-2255
CWE-287
Medium
ZenCart Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-11675)
CVE-2017-11675
CWE-94
High
ZenCart Improper Input Validation Vulnerability (CVE-2009-4321)
CVE-2009-4321
CWE-20
Medium
ZenCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-8352)
CVE-2015-8352
CWE-22
Critical
ZenCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4547)
CVE-2011-4547
CWE-707
Medium
ZenCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4567)
CVE-2011-4567
CWE-707
Medium
ZenCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1413)
CVE-2012-1413
CWE-707
Low
ZenCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-0882)
CVE-2015-0882
CWE-707
Medium
ZenCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-6578)
CVE-2020-6578
CWE-707
Medium
ZenCart Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2021-3291)
CVE-2021-3291
CWE-138
High
ZenCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2005-3996)
CVE-2005-3996
CWE-138
Medium
ZenCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-6985)
CVE-2008-6985
CWE-138
Medium
ZenCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-6986)
CVE-2008-6986
CWE-138
Medium
ZenCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-2254)
CVE-2009-2254
CWE-138
High
ZenCart Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2024-5762)
CVE-2024-5762
CWE-829
High
ZenCart Other Vulnerability (CVE-2009-4323)
CVE-2009-4323
-
High
ZenCart Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-0697)
CVE-2006-0697
CWE-264
Critical
Zend framework configuration file information disclosure
-
CWE-538
High
Zend Framework local file disclosure via XXE injection
CVE-2015-5161
CWE-611
High
Zenphoto Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5595)
CVE-2015-5595
CWE-352
Medium
Zenphoto Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2012-0993)
CVE-2012-0993
CWE-94
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-6925)
CVE-2008-6925
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4562)
CVE-2009-4562
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4563)
CVE-2009-4563
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4907)
CVE-2010-4907
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0995)
CVE-2012-0995
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2641)
CVE-2012-2641
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4519)
CVE-2012-4519
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-7241)
CVE-2013-7241
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-2948)
CVE-2015-2948
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-2949)
CVE-2015-2949
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5592)
CVE-2015-5592
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5593)
CVE-2015-5593
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5594)
CVE-2015-5594
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20140)
CVE-2018-20140
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5592)
CVE-2020-5592
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-44449)
CVE-2022-44449
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-53915)
CVE-2023-53915
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-53916)
CVE-2023-53916
CWE-707
Medium
Zenphoto Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-5593)
CVE-2020-5593
CWE-138
High
Zenphoto Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2007-6666)
CVE-2007-6666
CWE-138
High
Zenphoto Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4564)
CVE-2009-4564
CWE-138
Medium
Zenphoto Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4566)
CVE-2009-4566
CWE-138
High
Zenphoto Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4906)
CVE-2010-4906
CWE-138
High
Zenphoto Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-0994)
CVE-2012-0994
CWE-138
Medium
Zenphoto Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-7242)
CVE-2013-7242
CWE-138
Medium
Zenphoto Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-5591)
CVE-2015-5591
CWE-138
High
Zenphoto Improper Privilege Management Vulnerability (CVE-2018-0610)
CVE-2018-0610
CWE-269
High
Zenphoto Other Vulnerability (CVE-2006-2186)
CVE-2006-2186
-
Medium
Zenphoto Other Vulnerability (CVE-2006-2187)
CVE-2006-2187
-
Medium
Zenphoto Other Vulnerability (CVE-2007-0616)
CVE-2007-0616
-
High
Zenphoto Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-36079)
CVE-2020-36079
CWE-434
High
Zikula Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-4729)
CVE-2010-4729
CWE-352
Medium
Zikula Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-0535)
CVE-2011-0535
CWE-352
Medium
Zikula Cryptographic Issues Vulnerability (CVE-2010-4728)
CVE-2010-4728
-
Medium
Zikula Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-2293)
CVE-2014-2293
CWE-94
Critical
Zikula Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-1724)
CVE-2010-1724
CWE-707
Medium
Zikula Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0911)
CVE-2011-0911
CWE-707
Medium
Zikula Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-3352)
CVE-2011-3352
CWE-707
Medium
Zikula Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-3979)
CVE-2011-3979
CWE-707
Medium
Zikula Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6168)
CVE-2013-6168
CWE-707
Medium
Zikula Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2016-9835)
CVE-2016-9835
CWE-138
Critical
Zimbra Collaboration LFI (CVE-2025-68645)
CVE-2025-68645
CWE-22
High
Zimbra Collaboration Suite SSRF (CVE-2020-7796)
CVE-2020-7796
CWE-918
High
Zimbra Collaboration XSS (CVE-2022-27926)
CVE-2022-27926
CWE-79
Medium
ZK Framework AuUploader Information Disclosure (CVE-2022-36537)
CVE-2022-36537
CWE-200
High