Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

High Severity Vulnerabilities

Found 13053 vulnerabilities at High severity.

Vulnerability Name
CVE
CWE
Severity
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17302)
CVE-2019-17302
CWE-94
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17303)
CVE-2019-17303
CWE-94
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17304)
CVE-2019-17304
CWE-94
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17305)
CVE-2019-17305
CWE-94
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17306)
CVE-2019-17306
CWE-94
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17307)
CVE-2019-17307
CWE-94
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17308)
CVE-2019-17308
CWE-94
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17309)
CVE-2019-17309
CWE-94
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17310)
CVE-2019-17310
CWE-94
High
SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17311)
CVE-2019-17311
CWE-22
High
SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17312)
CVE-2019-17312
CWE-22
High
SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17313)
CVE-2019-17313
CWE-22
High
SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17314)
CVE-2019-17314
CWE-22
High
SugarCRM Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2019-17315)
CVE-2019-17315
CWE-915
High
SugarCRM Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2019-17316)
CVE-2019-17316
CWE-915
High
SugarCRM Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2019-17317)
CVE-2019-17317
CWE-915
High
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17318)
CVE-2019-17318
CWE-138
High
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17319)
CVE-2019-17319
CWE-138
High
WebLogic Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-17359)
CVE-2019-17359
CWE-770
High
Python CVE-2019-17514 Vulnerability (CVE-2019-17514)
CVE-2019-17514
-
High
Apache Tomcat Session Fixation Vulnerability (CVE-2019-17563)
CVE-2019-17563
CWE-384
High
Play Framework Inadequate Encryption Strength Vulnerability (CVE-2019-17598)
CVE-2019-17598
CWE-326
High
WordPress CVE-2019-17673 Vulnerability (CVE-2019-17673)
CVE-2019-17673
-
High
WordPress Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2019-17675)
CVE-2019-17675
CWE-843
High
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-18650)
CVE-2019-18650
CWE-352
High
Squid Out-of-bounds Write Vulnerability (CVE-2019-18676)
CVE-2019-18676
CWE-787
High
Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-18679)
CVE-2019-18679
CWE-200
High
Envoy Proxy Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-18836)
CVE-2019-18836
CWE-835
High
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2019-18838)
CVE-2019-18838
CWE-476
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-19209)
CVE-2019-19209
CWE-138
High
Sqlite CVE-2019-19244 Vulnerability (CVE-2019-19244)
CVE-2019-19244
-
High
PHP Out-of-bounds Read Vulnerability (CVE-2019-19246)
CVE-2019-19246
CWE-125
High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2019-19343)
CVE-2019-19343
CWE-400
High
Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2019-19343)
CVE-2019-19343
CWE-400
High
Sqlite CVE-2019-19603 Vulnerability (CVE-2019-19603)
CVE-2019-19603
-
High
Contao Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-19745)
CVE-2019-19745
CWE-434
High
TYPO3 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-19848)
CVE-2019-19848
CWE-22
High
TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2019-19849)
CVE-2019-19849
CWE-502
High
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-19850)
CVE-2019-19850
CWE-138
High
Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-19880)
CVE-2019-19880
CWE-476
High
Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-19923)
CVE-2019-19923
CWE-476
High
Sqlite Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-19925)
CVE-2019-19925
CWE-434
High
Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-19926)
CVE-2019-19926
CWE-476
High
Artifactory Improper Input Validation Vulnerability (CVE-2019-19937)
CVE-2019-19937
CWE-20
High
Sqlite Other Vulnerability (CVE-2019-19959)
CVE-2019-19959
-
High
SharePoint Improper Certificate Validation Vulnerability (CVE-2019-1006)
CVE-2019-1006
CWE-295
High
SharePoint CVE-2019-1034 Vulnerability (CVE-2019-1034)
CVE-2019-1034
-
High
SharePoint CVE-2019-1035 Vulnerability (CVE-2019-1035)
CVE-2019-1035
-
High
Microsoft SQL Server Remote Code Execution Vulnerability (CVE-2019-1068)
CVE-2019-1068
-
High
SharePoint CVE-2019-1201 Vulnerability (CVE-2019-1201)
CVE-2019-1201
-
High
SharePoint CVE-2019-1205 Vulnerability (CVE-2019-1205)
CVE-2019-1205
-
High
SharePoint Improper Input Validation Vulnerability (CVE-2019-1257)
CVE-2019-1257
CWE-20
High
SharePoint Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-1261)
CVE-2019-1261
CWE-352
High
SharePoint Improper Input Validation Vulnerability (CVE-2019-1295)
CVE-2019-1295
CWE-20
High
SharePoint Improper Input Validation Vulnerability (CVE-2019-1296)
CVE-2019-1296
CWE-20
High
OpenSSL Cryptographic Issues Vulnerability (CVE-2019-1543)
CVE-2019-1543
-
High
Sqlite Other Vulnerability (CVE-2019-20218)
CVE-2019-20218
-
High
Atlassian Jira Uncontrolled Search Path Element Vulnerability (CVE-2019-20400)
CVE-2019-20400
CWE-427
High
Atlassian Confluence Uncontrolled Search Path Element Vulnerability (CVE-2019-20406)
CVE-2019-20406
CWE-427
High
Atlassian Jira CVE-2019-20413 Vulnerability (CVE-2019-20413)
CVE-2019-20413
-
High
Atlassian Jira Uncontrolled Search Path Element Vulnerability (CVE-2019-20419)
CVE-2019-20419
CWE-427
High
Cherokee Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20798)
CVE-2019-20798
CWE-707
High
Cherokee Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-20799)
CVE-2019-20799
CWE-119
High
Atlassian Jira CVE-2019-20898 Vulnerability (CVE-2019-20898)
CVE-2019-20898
-
High
Python Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-20907)
CVE-2019-20907
CWE-835
High
Handlebars Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-20920)
CVE-2019-20920
CWE-94
High
Handlebars Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-20922)
CVE-2019-20922
CWE-835
High
MongoDb Incorrect Comparison Vulnerability (CVE-2019-20925)
CVE-2019-20925
CWE-697
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-25450)
CVE-2019-25450
CWE-138
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-25452)
CVE-2019-25452
CWE-138
High
osCommerce Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-25495)
CVE-2019-25495
CWE-138
High
osCommerce Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-25496)
CVE-2019-25496
CWE-138
High
osCommerce Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-25497)
CVE-2019-25497
CWE-138
High
qdPM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-25669)
CVE-2019-25669
CWE-138
High
phpBB Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-25685)
CVE-2019-25685
CWE-22
High