Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

High Severity Vulnerabilities

Found 13053 vulnerabilities at High severity.

Vulnerability Name
CVE
CWE
Severity
WebLogic CVE-2018-3213 Vulnerability (CVE-2018-3213)
CVE-2018-3213
-
High
WebLogic CVE-2018-3246 Vulnerability (CVE-2018-3246)
CVE-2018-3246
-
High
Craft CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-3814)
CVE-2018-3814
CWE-434
High
Atlassian Jira CVE-2018-5231 Vulnerability (CVE-2018-5231)
CVE-2018-5231
-
High
Jboss EAP Incomplete List of Disallowed Inputs Vulnerability (CVE-2018-5968)
CVE-2018-5968
CWE-184
High
Next.js Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-6184)
CVE-2018-6184
CWE-22
High
Django Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-6188)
CVE-2018-6188
CWE-200
High
WordPress Uncontrolled Resource Consumption Vulnerability (CVE-2018-6389)
CVE-2018-6389
CWE-400
High
Perl Out-of-bounds Read Vulnerability (CVE-2018-6798)
CVE-2018-6798
CWE-125
High
Ruby Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-6914)
CVE-2018-6914
CWE-22
High
FrontAccounting Cross-site Request Forgery (CSRF) Vulnerability (CVE-2018-7176)
CVE-2018-7176
-
High
osTicket CVE-2018-7195 Vulnerability (CVE-2018-7195)
CVE-2018-7195
-
High
ProjectSend Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2018-7201)
CVE-2018-7201
CWE-1236
High
PrestaShop Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2018-7491)
CVE-2018-7491
CWE-1021
High
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2018-8011)
CVE-2018-8011
CWE-476
High
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2018-8022)
CVE-2018-8022
CWE-20
High
Apache Tomcat Improper Certificate Validation Vulnerability (CVE-2018-8034)
CVE-2018-8034
CWE-295
High
Jboss EAP Improper Handling of Exceptional Conditions Vulnerability (CVE-2018-8039)
CVE-2018-8039
CWE-755
High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-8045)
CVE-2018-8045
CWE-138
High
SharePoint CVE-2018-8161 Vulnerability (CVE-2018-8161)
CVE-2018-8161
-
High
ASP.NET MVC Improper Authentication Vulnerability (CVE-2018-8171)
CVE-2018-8171
CWE-287
High
SharePoint CVE-2018-8628 Vulnerability (CVE-2018-8628)
CVE-2018-8628
-
High
Sqlite NULL Pointer Dereference Vulnerability (CVE-2018-8740)
CVE-2018-8740
CWE-476
High
Ruby Uncontrolled Resource Consumption Vulnerability (CVE-2018-8777)
CVE-2018-8777
CWE-400
High
Ruby Use of Externally-Controlled Format String Vulnerability (CVE-2018-8778)
CVE-2018-8778
CWE-134
High
Ruby Improper Input Validation Vulnerability (CVE-2018-8779)
CVE-2018-8779
CWE-20
High
Roundcube Unspesificed Vulnerability (CVE-2018-9846)
CVE-2018-9846
-
High
Apache HTTP Server CVE-2019-0190 Vulnerability (CVE-2019-0190)
CVE-2019-0190
-
High
Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2019-0199)
CVE-2019-0199
CWE-400
High
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-0205)
CVE-2019-0205
CWE-835
High
Jboss EAP Out-of-bounds Read Vulnerability (CVE-2019-0210)
CVE-2019-0210
CWE-125
High
Apache HTTP Server Use After Free Vulnerability (CVE-2019-0211)
CVE-2019-0211
CWE-416
High
Oracle HTTP Server Use After Free Vulnerability (CVE-2019-0211)
CVE-2019-0211
CWE-416
High
Apache HTTP Server CVE-2019-0215 Vulnerability (CVE-2019-0215)
CVE-2019-0215
-
High
Apache HTTP Server Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2019-0217)
CVE-2019-0217
CWE-362
High
Oracle HTTP Server Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2019-0217)
CVE-2019-0217
CWE-362
High
Apache Tomcat Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2019-0232)
CVE-2019-0232
CWE-138
High
SharePoint CVE-2019-0585 Vulnerability (CVE-2019-0585)
CVE-2019-0585
-
High
SharePoint Improper Input Validation Vulnerability (CVE-2019-0594)
CVE-2019-0594
CWE-20
High
SharePoint Improper Input Validation Vulnerability (CVE-2019-0957)
CVE-2019-0957
CWE-20
High
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-0958)
CVE-2019-0958
CWE-707
High
Jenkins Insufficient Session Expiration Vulnerability (CVE-2019-1003003)
CVE-2019-1003003
CWE-613
High
Jenkins Insufficient Session Expiration Vulnerability (CVE-2019-1003004)
CVE-2019-1003004
CWE-613
High
Jenkins Insufficient Session Expiration Vulnerability (CVE-2019-1003049)
CVE-2019-1003049
CWE-613
High
Dolibarr Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-1010054)
CVE-2019-1010054
CWE-352
High
MODX Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-1010123)
CVE-2019-1010123
CWE-434
High
Apache Tomcat Improper Locking Vulnerability (CVE-2019-10072)
CVE-2019-10072
CWE-667
High
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2019-10079)
CVE-2019-10079
CWE-20
High
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2019-10081)
CVE-2019-10081
CWE-787
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-10086)
CVE-2019-10086
CWE-502
High
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-10086)
CVE-2019-10086
CWE-502
High
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2019-10097)
CVE-2019-10097
CWE-787
High
Oracle HTTP Server NULL Pointer Dereference Vulnerability (CVE-2019-10097)
CVE-2019-10097
CWE-476
High
PostgreSQL Improper Access Control Vulnerability (CVE-2019-10127)
CVE-2019-10127
CWE-284
High
PostgreSQL Improper Access Control Vulnerability (CVE-2019-10128)
CVE-2019-10128
CWE-284
High
Moodle Other Vulnerability (CVE-2019-10154)
CVE-2019-10154
-
High
PostgreSQL Out-of-bounds Write Vulnerability (CVE-2019-10164)
CVE-2019-10164
CWE-787
High
Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2019-10172)
CVE-2019-10172
CWE-611
High
Jboss EAP Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') Vulnerability (CVE-2019-10174)
CVE-2019-10174
CWE-470
High
Jboss EAP Missing Authorization Vulnerability (CVE-2019-10184)
CVE-2019-10184
CWE-862
High
Undertow Missing Authorization Vulnerability (CVE-2019-10184)
CVE-2019-10184
CWE-862
High
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10186)
CVE-2019-10186
CWE-352
High
PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-10208)
CVE-2019-10208
CWE-138
High
PostgreSQL Improper Input Validation Vulnerability (CVE-2019-10210)
CVE-2019-10210
CWE-20
High
WordPress Ultimate Member Plugin Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2019-10270)
CVE-2019-10270
CWE-640
High
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10353)
CVE-2019-10353
CWE-352
High
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10384)
CVE-2019-10384
CWE-352
High
Contao Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10642)
CVE-2019-10642
CWE-352
High
WordPress Ultimate Member Plugin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10673)
CVE-2019-10673
CWE-352
High
axios Improper Input Validation Vulnerability (CVE-2019-10742)
CVE-2019-10742
CWE-20
High
AngularJS Improper Input Validation Vulnerability (CVE-2019-10768)
CVE-2019-10768
CWE-20
High
Drupal Improper Authentication Vulnerability (CVE-2019-10911)
CVE-2019-10911
CWE-287
High
Joomla Missing Authentication for Critical Function Vulnerability (CVE-2019-10946)
CVE-2019-10946
CWE-306
High
PHP Out-of-bounds Read Vulnerability (CVE-2019-11041)
CVE-2019-11041
CWE-125
High
PHP Out-of-bounds Read Vulnerability (CVE-2019-11042)
CVE-2019-11042
CWE-125
High