Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ High Severity
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
High Severity Vulnerabilities
Found
12791 vulnerabilities
at
High
severity.
Vulnerability Name
CVE
CWE
Severity
ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9455)
CVE-2016-9455
CWE-352
High
ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9456)
CVE-2016-9456
CWE-352
High
ownCloud Improper Authentication Vulnerability (CVE-2016-9463)
CVE-2016-9463
CWE-287
High
b2evolution Credentials Management Errors Vulnerability (CVE-2016-9479)
CVE-2016-9479
-
High
WildFly Application Server Uncontrolled Resource Consumption Vulnerability (CVE-2016-9589)
CVE-2016-9589
CWE-400
High
IBM RTC Improper Restriction of XML External Entity Reference Vulnerability (CVE-2016-9707)
CVE-2016-9707
CWE-611
High
Serendipity Server-Side Request Forgery (SSRF) Vulnerability (CVE-2016-9752)
CVE-2016-9752
CWE-918
High
Apache Tomcat Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2016-9774)
CVE-2016-9774
CWE-59
High
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9775)
CVE-2016-9775
CWE-264
High
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9837)
CVE-2016-9837
CWE-264
High
Joomla Improper Access Control Vulnerability (CVE-2016-9838)
CVE-2016-9838
CWE-284
High
MySQL CVE-2016-9840 Vulnerability (CVE-2016-9840)
CVE-2016-9840
-
High
MySQL CVE-2016-9842 Vulnerability (CVE-2016-9842)
CVE-2016-9842
-
High
phpMyAdmin 7PK - Security Features Vulnerability (CVE-2016-9861)
CVE-2016-9861
-
High
phpMyAdmin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2016-9862)
CVE-2016-9862
CWE-94
High
phpMyAdmin Improper Input Validation Vulnerability (CVE-2016-9863)
CVE-2016-9863
CWE-20
High
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-9864)
CVE-2016-9864
CWE-138
High
Roundcube Improper Access Control Vulnerability (CVE-2016-9920)
CVE-2016-9920
CWE-284
High
PHP NULL Pointer Dereference Vulnerability (CVE-2016-9934)
CVE-2016-9934
CWE-476
High
ASP.NET MVC Improper Input Validation Vulnerability (CVE-2017-0247)
CVE-2017-0247
CWE-20
High
ASP.NET MVC Improper Input Validation Vulnerability (CVE-2017-0249)
CVE-2017-0249
CWE-20
High
SharePoint Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-0254)
CVE-2017-0254
CWE-119
High
SharePoint CVE-2017-0281 Vulnerability (CVE-2017-0281)
CVE-2017-0281
-
High
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-0361)
CVE-2017-0361
CWE-200
High
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-0362)
CVE-2017-0362
CWE-352
High
MediaWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2017-0367)
CVE-2017-0367
CWE-668
High
MediaWiki CVE-2017-0371 Vulnerability (CVE-2017-0371)
CVE-2017-0371
-
High
RubyGems Improper Input Validation Vulnerability (CVE-2017-0900)
CVE-2017-0900
CWE-20
High
RubyGems Improper Input Validation Vulnerability (CVE-2017-0901)
CVE-2017-0901
CWE-20
High
RubyGems Origin Validation Error Vulnerability (CVE-2017-0902)
CVE-2017-0902
CWE-346
High
phpMyAdmin Improper Input Validation Vulnerability (CVE-2017-1000014)
CVE-2017-1000014
CWE-20
High
phpMyAdmin Improper Input Validation Vulnerability (CVE-2017-1000016)
CVE-2017-1000016
CWE-20
High
phpMyAdmin Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-1000017)
CVE-2017-1000017
CWE-918
High
phpMyAdmin Improper Input Validation Vulnerability (CVE-2017-1000018)
CVE-2017-1000018
CWE-20
High
GlassFish Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-1000028)
CVE-2017-1000028
CWE-22
High
GlassFish Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1000029)
CVE-2017-1000029
CWE-200
High
MODX Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-1000067)
CVE-2017-1000067
CWE-138
High
Serendipity Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-1000129)
CVE-2017-1000129
CWE-138
High
Jenkins Improper Authentication Vulnerability (CVE-2017-1000354)
CVE-2017-1000354
CWE-287
High
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-1000356)
CVE-2017-1000356
CWE-352
High
Jenkins Improper Input Validation Vulnerability (CVE-2017-1000391)
CVE-2017-1000391
CWE-20
High
Jenkins Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2017-1000393)
CVE-2017-1000393
CWE-138
High
Jenkins Improper Input Validation Vulnerability (CVE-2017-1000394)
CVE-2017-1000394
CWE-20
High
phpBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-1000419)
CVE-2017-1000419
CWE-918
High
Vanilla Forums Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-1000432)
CVE-2017-1000432
CWE-352
High
phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-1000499)
CVE-2017-1000499
CWE-352
High
Jenkins Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2017-1000503)
CVE-2017-1000503
CWE-362
High
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-1000504)
CVE-2017-1000504
CWE-352
High
WordPress Improper Input Validation Vulnerability (CVE-2017-1000600)
CVE-2017-1000600
CWE-20
High
WordPress CVE-2017-1001000 Vulnerability (CVE-2017-1001000)
CVE-2017-1001000
-
High
WebLogic CVE-2017-10147 Vulnerability (CVE-2017-10147)
CVE-2017-10147
-
High
MySQL CVE-2017-10155 Vulnerability (CVE-2017-10155)
CVE-2017-10155
-
High
WebLogic CVE-2017-10271 Vulnerability (CVE-2017-10271)
CVE-2017-10271
-
High
Oracle JRE CVE-2017-10309 Vulnerability (CVE-2017-10309)
CVE-2017-10309
-
High
Oracle JRE CVE-2017-10388 Vulnerability (CVE-2017-10388)
CVE-2017-10388
-
High
GlassFish CVE-2017-10391 Vulnerability (CVE-2017-10391)
CVE-2017-10391
-
High
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-10678)
CVE-2017-10678
CWE-352
High
Piwigo Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-10679)
CVE-2017-10679
CWE-200
High
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-10680)
CVE-2017-10680
CWE-352
High
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-10681)
CVE-2017-10681
CWE-352
High
Ruby Improper Authentication Vulnerability (CVE-2017-10784)
CVE-2017-10784
CWE-287
High
Seo Panel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-10839)
CVE-2017-10839
CWE-138
High
Contao Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-10993)
CVE-2017-10993
CWE-22
High
PHP Uncontrolled Resource Consumption Vulnerability (CVE-2017-11142)
CVE-2017-11142
CWE-400
High
PHP Deserialization of Untrusted Data Vulnerability (CVE-2017-11143)
CVE-2017-11143
CWE-502
High
PHP Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2017-11144)
CVE-2017-11144
CWE-754
High
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-11145)
CVE-2017-11145
CWE-200
High
Joomla Improper Certificate Validation Vulnerability (CVE-2017-11364)
CVE-2017-11364
CWE-295
High
Dot CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-11466)
CVE-2017-11466
CWE-434
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-11628)
CVE-2017-11628
CWE-119
High
ZenCart Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-11675)
CVE-2017-11675
CWE-94
High
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-12165)
CVE-2017-12165
CWE-444
High
Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-12165)
CVE-2017-12165
CWE-444
High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2017-12174)
CVE-2017-12174
CWE-400
High
Jboss EAP CVE-2017-12189 Vulnerability (CVE-2017-12189)
CVE-2017-12189
-
High
« Previous
1
...
29
30
31
32
33
34
35
36
...
171
Next »
