Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Web Application Vulnerabilities

This page lists 24254 vulnerabilities in 62 categories.

Critical: 1581 High: 13032 Medium: 8704 Low: 868 Information: 69
Vulnerability Name
CVE
CWE
Severity
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42220)
CVE-2021-42220
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-47779)
CVE-2021-47779
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-2060)
CVE-2022-2060
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-22293)
CVE-2022-22293
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-30875)
CVE-2022-30875
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-38888)
CVE-2023-38888
CWE-707
Critical
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5323)
CVE-2023-5323
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5842)
CVE-2023-5842
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23817)
CVE-2024-23817
CWE-707
Medium
Dolibarr Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-4197)
CVE-2023-4197
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2020-35136)
CVE-2020-35136
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-30253)
CVE-2023-30253
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4802)
CVE-2011-4802
CWE-138
Medium
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-1225)
CVE-2012-1225
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-2091)
CVE-2013-2091
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3992)
CVE-2014-3992
CWE-138
Medium
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-7137)
CVE-2014-7137
CWE-138
Medium
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-14238)
CVE-2017-14238
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-14242)
CVE-2017-14242
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17897)
CVE-2017-17897
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17899)
CVE-2017-17899
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17900)
CVE-2017-17900
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-18260)
CVE-2017-18260
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-7886)
CVE-2017-7886
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-9435)
CVE-2017-9435
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-9839)
CVE-2017-9839
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-10094)
CVE-2018-10094
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-13447)
CVE-2018-13447
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-13448)
CVE-2018-13448
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-13449)
CVE-2018-13449
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-13450)
CVE-2018-13450
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-16809)
CVE-2018-16809
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-19994)
CVE-2018-19994
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-19998)
CVE-2018-19998
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-9019)
CVE-2018-9019
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-19209)
CVE-2019-19209
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-25450)
CVE-2019-25450
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-25452)
CVE-2019-25452
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-14443)
CVE-2020-14443
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-36625)
CVE-2021-36625
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-0224)
CVE-2022-0224
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-4093)
CVE-2022-4093
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-5314)
CVE-2024-5314
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-5315)
CVE-2024-5315
CWE-138
Critical
Dolibarr Improper Privilege Management Vulnerability (CVE-2020-14201)
CVE-2020-14201
CWE-269
Medium
Dolibarr Improper Privilege Management Vulnerability (CVE-2022-43138)
CVE-2022-43138
CWE-269
Critical
Dolibarr Inadequate Encryption Strength Vulnerability (CVE-2017-7888)
CVE-2017-7888
CWE-326
Critical
Dolibarr Incorrect Authorization Vulnerability (CVE-2020-12669)
CVE-2020-12669
CWE-863
High
Dolibarr Incorrect Authorization Vulnerability (CVE-2021-25954)
CVE-2021-25954
CWE-863
Medium
Dolibarr Incorrect Authorization Vulnerability (CVE-2021-37517)
CVE-2021-37517
CWE-863
High
Dolibarr Incorrect Authorization Vulnerability (CVE-2022-0731)
CVE-2022-0731
CWE-863
Medium
Dolibarr Incorrect Default Permissions Vulnerability (CVE-2020-13240)
CVE-2020-13240
CWE-276
Medium
Dolibarr Incorrect Default Permissions Vulnerability (CVE-2022-40871)
CVE-2022-40871
CWE-276
Critical
Dolibarr Information Disclosure (CVE-2023-33568)
CVE-2023-33568
CWE-552
High
Dolibarr Missing Authorization Vulnerability (CVE-2018-10092)
CVE-2018-10092
CWE-862
High
Dolibarr Missing Authorization Vulnerability (CVE-2023-4198)
CVE-2023-4198
CWE-862
Medium
Dolibarr Other Vulnerability (CVE-2022-0414)
CVE-2022-0414
-
Medium
Dolibarr Other Vulnerability (CVE-2022-0746)
CVE-2022-0746
-
Medium
Dolibarr Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-9840)
CVE-2017-9840
CWE-434
High
Dolibarr Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-14209)
CVE-2020-14209
CWE-434
High
Dolibarr Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-38887)
CVE-2023-38887
CWE-434
High
Dolibarr Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2021-25957)
CVE-2021-25957
CWE-640
High
Dolphin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-4333)
CVE-2014-4333
CWE-352
Medium
Dolphin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3728)
CVE-2011-3728
CWE-200
Medium
Dolphin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3167)
CVE-2008-3167
CWE-94
Critical
Dolphin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0873)
CVE-2012-0873
CWE-707
Medium
Dolphin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-27969)
CVE-2021-27969
CWE-707
Medium
Dolphin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-3638)
CVE-2013-3638
CWE-138
High
Dolphin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3810)
CVE-2014-3810
CWE-138
Medium
Dolphin Other Vulnerability (CVE-2006-4189)
CVE-2006-4189
-
Medium
Dolphin Other Vulnerability (CVE-2006-5410)
CVE-2006-5410
-
Medium
DOMPurify Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16728)
CVE-2019-16728
CWE-707
Medium
DOMPurify Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-26870)
CVE-2020-26870
CWE-707
Medium
DOMPurify Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-47875)
CVE-2024-47875
CWE-707
Medium
DOMPurify Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-15599)
CVE-2025-15599
CWE-707
Medium