Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Web Application Vulnerabilities

This page lists 23441 vulnerabilities in 68 categories.

Critical: 1499 High: 12791 Medium: 8230 Low: 857 Information: 64
Vulnerability Name
CVE
CWE
Severity
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-16389)
CVE-2018-16389
CWE-138
Medium
e107 Inadequate Encryption Strength Vulnerability (CVE-2021-27885)
CVE-2021-27885
CWE-326
High
e107 Other Vulnerability (CVE-2003-1191)
CVE-2003-1191
-
Medium
e107 Other Vulnerability (CVE-2004-2028)
CVE-2004-2028
-
Medium
e107 Other Vulnerability (CVE-2004-2031)
CVE-2004-2031
-
Medium
e107 Other Vulnerability (CVE-2004-2039)
CVE-2004-2039
-
Medium
e107 Other Vulnerability (CVE-2004-2040)
CVE-2004-2040
-
Medium
e107 Other Vulnerability (CVE-2004-2042)
CVE-2004-2042
-
High
e107 Other Vulnerability (CVE-2004-2262)
CVE-2004-2262
-
Medium
e107 Other Vulnerability (CVE-2005-1949)
CVE-2005-1949
-
High
e107 Other Vulnerability (CVE-2005-1966)
CVE-2005-1966
-
High
e107 Other Vulnerability (CVE-2005-2327)
CVE-2005-2327
-
Medium
e107 Other Vulnerability (CVE-2005-2559)
CVE-2005-2559
-
High
e107 Other Vulnerability (CVE-2005-2805)
CVE-2005-2805
-
Medium
e107 Other Vulnerability (CVE-2005-3521)
CVE-2005-3521
-
High
e107 Other Vulnerability (CVE-2005-3594)
CVE-2005-3594
-
Medium
e107 Other Vulnerability (CVE-2005-4051)
CVE-2005-4051
-
Medium
e107 Other Vulnerability (CVE-2005-4224)
CVE-2005-4224
-
High
e107 Other Vulnerability (CVE-2006-0682)
CVE-2006-0682
-
Medium
e107 Other Vulnerability (CVE-2006-2590)
CVE-2006-2590
-
Medium
e107 Other Vulnerability (CVE-2006-2591)
CVE-2006-2591
-
Medium
e107 Other Vulnerability (CVE-2006-3259)
CVE-2006-3259
-
Medium
e107 Other Vulnerability (CVE-2006-4548)
CVE-2006-4548
-
High
e107 Other Vulnerability (CVE-2006-4757)
CVE-2006-4757
-
Medium
e107 Other Vulnerability (CVE-2006-4794)
CVE-2006-4794
-
Medium
e107 Other Vulnerability (CVE-2006-5786)
CVE-2006-5786
-
High
e107 Other Vulnerability (CVE-2007-3429)
CVE-2007-3429
-
Medium
e107 Other Vulnerability (CVE-2010-0996)
CVE-2010-0996
-
Medium
e107 Other Vulnerability (CVE-2010-2098)
CVE-2010-2098
-
High
e107 Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2020)
CVE-2008-2020
CWE-264
Medium
e107 Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-2099)
CVE-2010-2099
CWE-264
High
e107 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-16388)
CVE-2018-16388
CWE-434
High
easyXDM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-5212)
CVE-2013-5212
CWE-707
Medium
easyXDM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-1403)
CVE-2014-1403
CWE-707
Medium
easyXDM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-27739)
CVE-2023-27739
CWE-707
Medium
Edge Side Include injection
-
CWE-918
High
Ektron CMS Account Hijack
-
CWE-264
High
Ektron CMS authentication bypass
CVE-2018-12596
CWE-285
High
Ektron CMS multiple vulnerabilities
-
CWE-434
High
Ektron CMS unauthenticated code execution and Local File Read
CVE-2012-5358
CWE-20
High
Ektron CMS400.NET ContentRatingGraph.aspx SQL injection
CVE-2008-5122
CWE-89
High
EktronCMS Saxon XSLT parser remote code execution
CVE-2015-0931
CWE-78
High
Elasticsearch remote code execution
CVE-2014-3120
CWE-78
High
Elasticsearch service accessible
-
CWE-200
High
elFinder RCE (CVE-2021-32682)
CVE-2021-32682
CWE-22
High
Elgg Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-3964)
CVE-2021-3964
CWE-639
Medium
Elgg Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2021-3980)
CVE-2021-3980
CWE-359
High
Elgg Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3733)
CVE-2011-3733
CWE-200
Medium
Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2935)
CVE-2011-2935
CWE-707
Medium
Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6561)
CVE-2012-6561
CWE-707
Medium
Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-0234)
CVE-2013-0234
CWE-707
Medium
Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-4072)
CVE-2021-4072
CWE-707
Medium
Elgg Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-2936)
CVE-2011-2936
CWE-138
Critical
Elgg Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6562)
CVE-2012-6562
CWE-264
Medium
Elgg Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6563)
CVE-2012-6563
CWE-264
Medium
Elgg URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-11016)
CVE-2019-11016
CWE-601
Medium
Elmah.axd / Errorlog.axd Detected
-
CWE-209
High
Email Header Injection
-
CWE-20
High
Email Header Injection (Invicti IAST)
-
CWE-20
High
Email injection
-
CWE-20
High
Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4170)
CVE-2013-4170
CWE-707
Medium
Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0013)
CVE-2014-0013
CWE-707
Medium
Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0014)
CVE-2014-0014
CWE-707
Medium
Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0046)
CVE-2014-0046
CWE-707
Low
Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1866)
CVE-2015-1866
CWE-707
Medium
Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7565)
CVE-2015-7565
CWE-707
Medium
Envoy Metadata disclosure
-
CWE-200
Low
Envoy mishandles dropped and truncated datagrams Issue (CVE-2020-35471)
CVE-2020-35471
-
High
Envoy Proxy Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-15225)
CVE-2019-15225
CWE-770
High
Envoy Proxy Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-27492)
CVE-2023-27492
CWE-770
Medium
Envoy Proxy Always-Incorrect Control Flow Implementation Vulnerability (CVE-2022-21655)
CVE-2022-21655
CWE-670
High
Envoy Proxy Always-Incorrect Control Flow Implementation Vulnerability (CVE-2024-53269)
CVE-2024-53269
CWE-670
High
Envoy Proxy Always-Incorrect Control Flow Implementation Vulnerability (CVE-2024-53271)
CVE-2024-53271
CWE-670
High
Envoy Proxy Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-45806)
CVE-2024-45806
CWE-639
Critical
Envoy Proxy CVE-2019-18802 Vulnerability (CVE-2019-18802)
CVE-2019-18802
-
Critical