Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24342 vulnerabilities in 62 categories.

Critical: 1593 High: 13071 Medium: 8734 Low: 875 Information: 69
Vulnerability Name
CVE
CWE
Severity
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-7139)
CVE-2016-7139
CWE-707
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-7140)
CVE-2016-7140
CWE-707
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-7147)
CVE-2016-7147
CWE-707
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1000482)
CVE-2017-1000482
CWE-707
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-7937)
CVE-2020-7937
CWE-707
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29002)
CVE-2021-29002
CWE-707
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3313)
CVE-2021-3313
CWE-707
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33507)
CVE-2021-33507
CWE-707
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33508)
CVE-2021-33508
CWE-707
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33512)
CVE-2021-33512
CWE-707
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33513)
CVE-2021-33513
CWE-707
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35959)
CVE-2021-35959
CWE-707
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23599)
CVE-2022-23599
CWE-707
Medium
Plone CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-7939)
CVE-2020-7939
CWE-138
High
Plone CMS Improper Privilege Management Vulnerability (CVE-2020-7938)
CVE-2020-7938
CWE-269
High
Plone CMS Improper Privilege Management Vulnerability (CVE-2020-7941)
CVE-2020-7941
CWE-269
Critical
Plone CMS Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2024-0669)
CVE-2024-0669
CWE-1021
High
Plone CMS Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-28734)
CVE-2020-28734
CWE-611
High
Plone CMS Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-28736)
CVE-2020-28736
CWE-611
High
Plone CMS Incorrect Default Permissions Vulnerability (CVE-2024-22889)
CVE-2024-22889
CWE-276
High
Plone CMS Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-33509)
CVE-2021-33509
CWE-732
Critical
Plone CMS Missing Authentication for Critical Function Vulnerability (CVE-2020-35190)
CVE-2020-35190
CWE-306
Critical
Plone CMS Other Vulnerability (CVE-2006-1711)
CVE-2006-1711
-
Medium
Plone CMS Other Vulnerability (CVE-2006-4247)
CVE-2006-4247
-
Medium
Plone CMS Other Vulnerability (CVE-2006-4249)
CVE-2006-4249
-
Medium
Plone CMS Other Vulnerability (CVE-2012-5486)
CVE-2012-5486
-
Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1950)
CVE-2011-1950
CWE-264
Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4030)
CVE-2011-4030
CWE-264
Critical
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5487)
CVE-2012-5487
CWE-264
High
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5489)
CVE-2012-5489
CWE-264
Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5498)
CVE-2012-5498
CWE-264
Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5501)
CVE-2012-5501
CWE-264
Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4191)
CVE-2013-4191
CWE-264
Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4193)
CVE-2013-4193
CWE-264
Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4196)
CVE-2013-4196
CWE-264
Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4198)
CVE-2013-4198
CWE-264
Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4200)
CVE-2013-4200
CWE-264
Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7061)
CVE-2013-7061
CWE-264
Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-7317)
CVE-2015-7317
CWE-264
Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-4041)
CVE-2016-4041
CWE-264
High
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-4043)
CVE-2016-4043
CWE-264
Medium
Plone CMS Resource Management Errors Vulnerability (CVE-2012-5496)
CVE-2012-5496
-
Medium
Plone CMS Resource Management Errors Vulnerability (CVE-2012-5499)
CVE-2012-5499
-
Medium
Plone CMS Resource Management Errors Vulnerability (CVE-2012-5506)
CVE-2012-5506
-
Medium
Plone CMS Resource Management Errors Vulnerability (CVE-2013-4188)
CVE-2013-4188
-
Medium
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-28735)
CVE-2020-28735
CWE-918
High
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-33510)
CVE-2021-33510
CWE-918
Medium
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-33511)
CVE-2021-33511
CWE-918
High
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-33926)
CVE-2021-33926
CWE-918
High
Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2016-7137)
CVE-2016-7137
CWE-601
Medium
Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-1000481)
CVE-2017-1000481
CWE-601
Medium
Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-1000484)
CVE-2017-1000484
CWE-601
Medium
Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-7936)
CVE-2020-7936
CWE-601
Medium
Plone CMS Use of Externally-Controlled Format String Vulnerability (CVE-2017-5524)
CVE-2017-5524
CWE-134
Medium
Plone CMS Weak Password Requirements Vulnerability (CVE-2020-7940)
CVE-2020-7940
CWE-521
High
Plupload Cross-site Scripting (XSS) Vulnerability (CVE-2016-4566)
CVE-2016-4566
-
Medium
PmWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-4453)
CVE-2011-4453
CWE-94
High
PmWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-1481)
CVE-2010-1481
CWE-707
Low
PmWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4662)
CVE-2010-4662
CWE-707
Medium
PmWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4748)
CVE-2010-4748
CWE-707
Medium
PmWiki Other Vulnerability (CVE-2005-3849)
CVE-2005-3849
-
Medium
PmWiki Other Vulnerability (CVE-2006-2840)
CVE-2006-2840
-
Medium
PmWiki Other Vulnerability (CVE-2006-4453)
CVE-2006-4453
-
Medium
Podcast Generator Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20121)
CVE-2018-20121
CWE-707
Medium
Podcast Generator Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-53918)
CVE-2023-53918
CWE-707
Medium
Podcast Generator Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-53919)
CVE-2023-53919
CWE-707
Medium
Podcast Generator Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-53920)
CVE-2023-53920
CWE-707
Medium
Podcast Generator Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-70336)
CVE-2025-70336
CWE-707
Medium
Podcast Generator Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-53899)
CVE-2023-53899
CWE-918
Critical
Polyfill.io Supply Chain Attack
-
-
High
Possible CSRF (Cross-site request forgery)
-
CWE-352
Low
Possible database backup
-
CWE-538
High
Possible Database Name Disclosure
-
CWE-200
Low
Possible sensitive directories
-
CWE-200
Low
Possible sensitive files
-
CWE-200
Low