Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ High Severity
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
High Severity Vulnerabilities
Found
12791 vulnerabilities
at
High
severity.
Vulnerability Name
CVE
CWE
Severity
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-5492)
CVE-2017-5492
CWE-352
High
WordPress Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2017-5493)
CVE-2017-5493
CWE-338
High
Serendipity Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-5609)
CVE-2017-5609
CWE-138
High
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-5647)
CVE-2017-5647
CWE-200
High
Apache Tomcat Improper Resource Shutdown or Release Vulnerability (CVE-2017-5650)
CVE-2017-5650
CWE-404
High
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2017-5659)
CVE-2017-5659
CWE-20
High
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2017-5660)
CVE-2017-5660
CWE-20
High
Apache Tomcat Improper Handling of Exceptional Conditions Vulnerability (CVE-2017-5664)
CVE-2017-5664
CWE-755
High
Ruby Improper Input Validation Vulnerability (CVE-2017-6181)
CVE-2017-6181
CWE-20
High
Drupal Incorrect Authorization Vulnerability (CVE-2017-6377)
CVE-2017-6377
CWE-863
High
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-6379)
CVE-2017-6379
CWE-352
High
Drupal Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2017-6381)
CVE-2017-6381
CWE-829
High
PHP NULL Pointer Dereference Vulnerability (CVE-2017-6441)
CVE-2017-6441
CWE-476
High
Drupal CVE-2017-6919 Vulnerability (CVE-2017-6919)
CVE-2017-6919
-
High
Drupal Improper Privilege Management Vulnerability (CVE-2017-6924)
CVE-2017-6924
CWE-269
High
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-6926)
CVE-2017-6926
CWE-200
High
Drupal CVE-2017-6930 Vulnerability (CVE-2017-6930)
CVE-2017-6930
-
High
PHP Improper Input Validation Vulnerability (CVE-2017-7189)
CVE-2017-7189
CWE-20
High
PHP Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-7272)
CVE-2017-7272
CWE-918
High
XOOPS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-7290)
CVE-2017-7290
CWE-138
High
MODX Improper Certificate Validation Vulnerability (CVE-2017-7322)
CVE-2017-7322
CWE-295
High
MODX CVE-2017-7323 Vulnerability (CVE-2017-7323)
CVE-2017-7323
-
High
Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7415)
CVE-2017-7415
CWE-200
High
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7484)
CVE-2017-7484
CWE-200
High
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7486)
CVE-2017-7486
CWE-200
High
Nginx Integer Overflow or Wraparound Vulnerability (CVE-2017-7529)
CVE-2017-7529
CWE-190
High
Jboss EAP Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') Vulnerability (CVE-2017-7536)
CVE-2017-7536
CWE-470
High
PostgreSQL CVE-2017-7547 Vulnerability (CVE-2017-7547)
CVE-2017-7547
-
High
PostgreSQL CVE-2017-7548 Vulnerability (CVE-2017-7548)
CVE-2017-7548
-
High
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-7561)
CVE-2017-7561
CWE-444
High
MyBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-7566)
CVE-2017-7566
CWE-918
High
Jetty CVE-2017-7656 Vulnerability (CVE-2017-7656)
CVE-2017-7656
-
High
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2017-7659)
CVE-2017-7659
CWE-476
High
Apache HTTP Server Out-of-bounds Read Vulnerability (CVE-2017-7668)
CVE-2017-7668
CWE-125
High
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2017-7671)
CVE-2017-7671
CWE-20
High
Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-7675)
CVE-2017-7675
CWE-22
High
PHP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2017-7963)
CVE-2017-7963
CWE-770
High
Serendipity Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-8101)
CVE-2017-8101
CWE-352
High
Roundcube Improper Privilege Management Vulnerability (CVE-2017-8114)
CVE-2017-8114
CWE-269
High
SharePoint Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-8501)
CVE-2017-8501
CWE-119
High
SharePoint CVE-2017-8509 Vulnerability (CVE-2017-8509)
CVE-2017-8509
-
High
SharePoint CVE-2017-8511 Vulnerability (CVE-2017-8511)
CVE-2017-8511
-
High
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-8569)
CVE-2017-8569
CWE-707
High
SharePoint Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-8742)
CVE-2017-8742
CWE-119
High
SharePoint Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-8743)
CVE-2017-8743
CWE-119
High
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-8810)
CVE-2017-8810
CWE-200
High
MediaWiki Improper Input Validation Vulnerability (CVE-2017-8814)
CVE-2017-8814
CWE-20
High
MediaWiki Improper Input Validation Vulnerability (CVE-2017-8815)
CVE-2017-8815
CWE-20
High
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9062)
CVE-2017-9062
CWE-707
High
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-9064)
CVE-2017-9064
CWE-352
High
WordPress Improper Input Validation Vulnerability (CVE-2017-9065)
CVE-2017-9065
CWE-20
High
WordPress Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-9066)
CVE-2017-9066
CWE-918
High
PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-9067)
CVE-2017-9067
CWE-22
High
MODX Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-9067)
CVE-2017-9067
CWE-22
High
MODX Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-9069)
CVE-2017-9069
CWE-434
High
PHP Out-of-bounds Read Vulnerability (CVE-2017-9118)
CVE-2017-9118
CWE-125
High
PHP NULL Pointer Dereference Vulnerability (CVE-2017-9229)
CVE-2017-9229
CWE-476
High
Python Improper Restriction of XML External Entity Reference Vulnerability (CVE-2017-9233)
CVE-2017-9233
CWE-611
High
Jetty Observable Discrepancy Vulnerability (CVE-2017-9735)
CVE-2017-9735
CWE-203
High
Apache HTTP Server Use After Free Vulnerability (CVE-2017-9789)
CVE-2017-9789
CWE-416
High
Apache HTTP Server Use After Free Vulnerability (CVE-2017-9798)
CVE-2017-9798
CWE-416
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-9839)
CVE-2017-9839
CWE-138
High
Dolibarr Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-9840)
CVE-2017-9840
CWE-434
High
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-9933)
CVE-2017-9933
CWE-200
High
Zenphoto Improper Privilege Management Vulnerability (CVE-2018-0610)
CVE-2018-0610
CWE-269
High
OpenSSL Key Management Errors Vulnerability (CVE-2018-0732)
CVE-2018-0732
-
High
SharePoint Out-of-bounds Write Vulnerability (CVE-2018-0792)
CVE-2018-0792
CWE-787
High
Squid CVE-2018-1000024 Vulnerability (CVE-2018-1000024)
CVE-2018-1000024
-
High
Squid NULL Pointer Dereference Vulnerability (CVE-2018-1000027)
CVE-2018-1000027
CWE-476
High
Roundcube Unspesificed Vulnerability (CVE-2018-1000071)
CVE-2018-1000071
-
High
RubyGems Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2018-1000073)
CVE-2018-1000073
CWE-59
High
RubyGems Deserialization of Untrusted Data Vulnerability (CVE-2018-1000074)
CVE-2018-1000074
CWE-502
High
RubyGems Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1000075)
CVE-2018-1000075
CWE-835
High
Gunicorn Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability (CVE-2018-1000164)
CVE-2018-1000164
CWE-707
High
Jboss EAP Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2018-1000180)
CVE-2018-1000180
CWE-327
High
« Previous
1
...
31
32
33
34
35
36
37
38
...
171
Next »
