Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

High Severity Vulnerabilities

Found 13053 vulnerabilities at High severity.

Vulnerability Name
CVE
CWE
Severity
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-6211)
CVE-2016-6211
CWE-264
High
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-6289)
CVE-2016-6289
CWE-190
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-6297)
CVE-2016-6297
CWE-119
High
OpenSSL Improper Input Validation Vulnerability (CVE-2016-6302)
CVE-2016-6302
CWE-20
High
OpenSSL Resource Management Errors Vulnerability (CVE-2016-6304)
CVE-2016-6304
-
High
OpenSSL Improper Input Validation Vulnerability (CVE-2016-6305)
CVE-2016-6305
CWE-20
High
Ruby on Rails Improper Access Control Vulnerability (CVE-2016-6317)
CVE-2016-6317
CWE-284
High
MediaWiki Improper Access Control Vulnerability (CVE-2016-6331)
CVE-2016-6331
CWE-284
High
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6332)
CVE-2016-6332
CWE-200
High
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6335)
CVE-2016-6335
CWE-200
High
MediaWiki Improper Access Control Vulnerability (CVE-2016-6337)
CVE-2016-6337
CWE-284
High
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6606)
CVE-2016-6606
CWE-200
High
phpMyAdmin Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2016-6609)
CVE-2016-6609
CWE-138
High
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-6611)
CVE-2016-6611
CWE-138
High
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-6616)
CVE-2016-6616
CWE-138
High
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-6617)
CVE-2016-6617
CWE-138
High
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-6619)
CVE-2016-6619
CWE-138
High
phpMyAdmin Server-Side Request Forgery (SSRF) Vulnerability (CVE-2016-6621)
CVE-2016-6621
CWE-918
High
phpMyAdmin Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2016-6631)
CVE-2016-6631
CWE-138
High
phpMyAdmin CVE-2016-6633 Vulnerability (CVE-2016-6633)
CVE-2016-6633
-
High
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-6635)
CVE-2016-6635
CWE-352
High
MySQL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2016-6663)
CVE-2016-6663
CWE-362
High
MySQL Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2016-6664)
CVE-2016-6664
CWE-59
High
Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6668)
CVE-2016-6668
CWE-200
High
Jboss EAP CVE-2016-6796 Vulnerability (CVE-2016-6796)
CVE-2016-6796
-
High
Apache Tomcat Incorrect Authorization Vulnerability (CVE-2016-6797)
CVE-2016-6797
CWE-863
High
Apache Tomcat Improper Input Validation Vulnerability (CVE-2016-6816)
CVE-2016-6816
CWE-20
High
Apache Tomcat Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-6817)
CVE-2016-6817
CWE-119
High
Mailman Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-6893)
CVE-2016-6893
CWE-352
High
WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-6896)
CVE-2016-6896
CWE-22
High
Moodle Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2016-7038)
CVE-2016-7038
CWE-640
High
PostgreSQL Improper Access Control Vulnerability (CVE-2016-7048)
CVE-2016-7048
CWE-284
High
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2016-7052)
CVE-2016-7052
CWE-476
High
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2016-7053)
CVE-2016-7053
CWE-476
High
OpenSSL Improper Access Control Vulnerability (CVE-2016-7054)
CVE-2016-7054
CWE-284
High
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2016-7065)
CVE-2016-7065
CWE-502
High
Jboss EAP Permission Issues Vulnerability (CVE-2016-7066)
CVE-2016-7066
-
High
PHP Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2016-7125)
CVE-2016-7125
CWE-138
High
PHP NULL Pointer Dereference Vulnerability (CVE-2016-7130)
CVE-2016-7130
CWE-476
High
PHP NULL Pointer Dereference Vulnerability (CVE-2016-7131)
CVE-2016-7131
CWE-476
High
PHP NULL Pointer Dereference Vulnerability (CVE-2016-7132)
CVE-2016-7132
CWE-476
High
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-7133)
CVE-2016-7133
CWE-190
High
Django 7PK - Security Features Vulnerability (CVE-2016-7401)
CVE-2016-7401
-
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-7412)
CVE-2016-7412
CWE-119
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-7416)
CVE-2016-7416
CWE-119
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-7418)
CVE-2016-7418
CWE-119
High
PHP Other Vulnerability (CVE-2016-7478)
CVE-2016-7478
-
High
Dotclear Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-7902)
CVE-2016-7902
CWE-434
High
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-7919)
CVE-2016-7919
CWE-138
High
Dot CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8600)
CVE-2016-8600
CWE-264
High
OpenSSL Uncontrolled Resource Consumption Vulnerability (CVE-2016-8610)
CVE-2016-8610
CWE-400
High
WebLogic Uncontrolled Resource Consumption Vulnerability (CVE-2016-8610)
CVE-2016-8610
CWE-400
High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2016-8610)
CVE-2016-8610
CWE-400
High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8656)
CVE-2016-8656
CWE-264
High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8657)
CVE-2016-8657
CWE-264
High
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2016-8740)
CVE-2016-8740
-
High
Apache HTTP Server CVE-2016-8743 Vulnerability (CVE-2016-8743)
CVE-2016-8743
-
High
Apache Tomcat 7PK - Errors Vulnerability (CVE-2016-8745)
CVE-2016-8745
-
High
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-8747)
CVE-2016-8747
CWE-200
High
Joomla Improper Input Validation Vulnerability (CVE-2016-8870)
CVE-2016-8870
CWE-20
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8903)
CVE-2016-8903
CWE-138
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8904)
CVE-2016-8904
CWE-138
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8905)
CVE-2016-8905
CWE-138
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8906)
CVE-2016-8906
CWE-138
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8907)
CVE-2016-8907
CWE-138
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8908)
CVE-2016-8908
CWE-138
High
Django Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9014)
CVE-2016-9014
CWE-264
High
ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9127)
CVE-2016-9127
CWE-352
High
Moodle Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-9186)
CVE-2016-9186
CWE-434
High
Moodle Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-9187)
CVE-2016-9187
CWE-434
High
Dotclear Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-9268)
CVE-2016-9268
CWE-434
High
MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9410)
CVE-2016-9410
CWE-200
High
MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9414)
CVE-2016-9414
CWE-200
High
MyBB Improper Access Control Vulnerability (CVE-2016-9415)
CVE-2016-9415
CWE-284
High
MyBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2016-9417)
CVE-2016-9417
CWE-918
High