Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Web Application Vulnerabilities

This page lists 23441 vulnerabilities in 68 categories.

Critical: 1499 High: 12791 Medium: 8230 Low: 857 Information: 64
Vulnerability Name
CVE
CWE
Severity
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-2397)
CVE-2008-2397
CWE-707
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-3484)
CVE-2013-3484
CWE-707
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-3971)
CVE-2016-3971
CWE-707
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-15219)
CVE-2017-15219
CWE-707
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5875)
CVE-2017-5875
CWE-707
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5876)
CVE-2017-5876
CWE-707
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5877)
CVE-2017-5877
CWE-707
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-6003)
CVE-2017-6003
CWE-707
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16980)
CVE-2018-16980
CWE-707
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19554)
CVE-2018-19554
CWE-707
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11846)
CVE-2019-11846
CWE-707
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-17542)
CVE-2020-17542
CWE-707
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-35274)
CVE-2020-35274
CWE-707
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35358)
CVE-2021-35358
CWE-707
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35360)
CVE-2021-35360
CWE-707
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35361)
CVE-2021-35361
CWE-707
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-35740)
CVE-2022-35740
CWE-707
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37431)
CVE-2022-37431
CWE-707
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-3042)
CVE-2023-3042
CWE-707
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-3938)
CVE-2024-3938
CWE-707
Medium
Dot CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-18875)
CVE-2020-18875
CWE-138
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-10007)
CVE-2016-10007
CWE-138
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-10008)
CVE-2016-10008
CWE-138
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-2355)
CVE-2016-2355
CWE-138
Critical
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-4040)
CVE-2016-4040
CWE-138
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8902)
CVE-2016-8902
CWE-138
Critical
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8903)
CVE-2016-8903
CWE-138
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8904)
CVE-2016-8904
CWE-138
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8905)
CVE-2016-8905
CWE-138
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8906)
CVE-2016-8906
CWE-138
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8907)
CVE-2016-8907
CWE-138
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8908)
CVE-2016-8908
CWE-138
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-5344)
CVE-2017-5344
CWE-138
Critical
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-12872)
CVE-2019-12872
CWE-138
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-27848)
CVE-2020-27848
CWE-138
High
Dot CMS Insertion of Sensitive Information into Log File Vulnerability (CVE-2024-3165)
CVE-2024-3165
CWE-532
Medium
Dot CMS Other Vulnerability (CVE-2016-4803)
CVE-2016-4803
-
High
Dot CMS Other Vulnerability (CVE-2022-26352)
CVE-2022-26352
-
Critical
Dot CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1826)
CVE-2012-1826
CWE-264
Medium
Dot CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8600)
CVE-2016-8600
CWE-264
High
Dot CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-37033)
CVE-2022-37033
CWE-918
Medium
Dot CMS Uncontrolled Recursion Vulnerability (CVE-2022-37034)
CVE-2022-37034
CWE-674
Medium
Dot CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-11466)
CVE-2017-11466
CWE-434
High
Dot CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-3189)
CVE-2017-3189
CWE-434
High
Dot CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-19138)
CVE-2020-19138
CWE-434
Critical
Dot CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-17422)
CVE-2018-17422
CWE-601
Medium
Dot CMS Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2022-45782)
CVE-2022-45782
CWE-338
High
Dotclear Improper Access Control Vulnerability (CVE-2015-8832)
CVE-2015-8832
CWE-284
High
Dotclear Improper Authentication Vulnerability (CVE-2014-3781)
CVE-2014-3781
CWE-287
Medium
Dotclear Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3232)
CVE-2008-3232
CWE-94
Critical
Dotclear Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-1613)
CVE-2014-1613
CWE-94
High
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-0933)
CVE-2009-0933
CWE-707
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1039)
CVE-2012-1039
CWE-707
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5316)
CVE-2014-5316
CWE-707
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5651)
CVE-2015-5651
CWE-707
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8831)
CVE-2015-8831
CWE-707
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6523)
CVE-2016-6523
CWE-707
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-9891)
CVE-2016-9891
CWE-707
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-6446)
CVE-2017-6446
CWE-707
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16358)
CVE-2018-16358
CWE-707
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5689)
CVE-2018-5689
CWE-707
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5690)
CVE-2018-5690
CWE-707
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-27626)
CVE-2024-27626
CWE-707
Medium
Dotclear Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3783)
CVE-2014-3783
CWE-138
Medium
Dotclear Other Vulnerability (CVE-2005-3957)
CVE-2005-3957
-
Critical
Dotclear Other Vulnerability (CVE-2005-3963)
CVE-2005-3963
-
High
Dotclear Other Vulnerability (CVE-2006-2866)
CVE-2006-2866
-
Medium
Dotclear Other Vulnerability (CVE-2006-3938)
CVE-2006-3938
-
Medium
Dotclear Other Vulnerability (CVE-2007-1989)
CVE-2007-1989
-
Medium
Dotclear Other Vulnerability (CVE-2007-3672)
CVE-2007-3672
-
Medium
Dotclear Other Vulnerability (CVE-2007-3688)
CVE-2007-3688
-
Low
Dotclear Other Vulnerability (CVE-2014-3782)
CVE-2014-3782
-
Medium
Dotclear Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1584)
CVE-2011-1584
CWE-264
Medium
Dotclear Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-5083)
CVE-2011-5083
CWE-264
High
Dotclear Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-7903)
CVE-2016-7903
CWE-264
Low