Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

High Severity Vulnerabilities

Found 13053 vulnerabilities at High severity.

Vulnerability Name
CVE
CWE
Severity
PHP-Fusion Improper Privilege Management Vulnerability (CVE-2020-24949)
CVE-2020-24949
CWE-269
High
concrete5 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-24986)
CVE-2020-24986
CWE-434
High
Envoy Proxy Other Vulnerability (CVE-2020-25017)
CVE-2020-25017
-
High
Envoy Proxy CVE-2020-25018 Vulnerability (CVE-2020-25018)
CVE-2020-25018
-
High
Squid Improper Input Validation Vulnerability (CVE-2020-25097)
CVE-2020-25097
CWE-20
High
Ruby Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-25613)
CVE-2020-25613
CWE-444
High
Moodle Improper Access Control Vulnerability (CVE-2020-25629)
CVE-2020-25629
CWE-284
High
Moodle Uncontrolled Resource Consumption Vulnerability (CVE-2020-25630)
CVE-2020-25630
CWE-400
High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-25644)
CVE-2020-25644
CWE-400
High
PostgreSQL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2020-25694)
CVE-2020-25694
CWE-327
High
PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-25695)
CVE-2020-25695
CWE-138
High
PostgreSQL Arbitrary Code Execution Vulnerbality (CVE-2020-25696)
CVE-2020-25696
-
High
Moodle CVE-2020-25698 Vulnerability (CVE-2020-25698)
CVE-2020-25698
-
High
Moodle Improper Privilege Management Vulnerability (CVE-2020-25699)
CVE-2020-25699
CWE-269
High
Jboss EAP Reachable Assertion Vulnerability (CVE-2020-25710)
CVE-2020-25710
CWE-617
High
MediaWiki Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2020-25827)
CVE-2020-25827
CWE-307
High
MediaWiki Improper Handling of Exceptional Conditions Vulnerability (CVE-2020-25869)
CVE-2020-25869
CWE-755
High
Python Improper Encoding or Escaping of Output Vulnerability (CVE-2020-26116)
CVE-2020-26116
CWE-116
High
MediaWiki Incorrect Authorization Vulnerability (CVE-2020-26121)
CVE-2020-26121
CWE-863
High
qdPM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2020-26165)
CVE-2020-26165
CWE-94
High
Oracle HTTP Server Improper Certificate Validation Vulnerability (CVE-2020-26184)
CVE-2020-26184
CWE-295
High
Oracle HTTP Server Out-of-bounds Read Vulnerability (CVE-2020-26185)
CVE-2020-26185
CWE-125
High
PrestaShop CVE-2020-26224 Vulnerability (CVE-2020-26224)
CVE-2020-26224
-
High
TYPO3 Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-26228)
CVE-2020-26228
CWE-312
High
WordPress Improper Input Validation Vulnerability (CVE-2020-26596)
CVE-2020-26596
CWE-20
High
Play Framework Uncontrolled Recursion Vulnerability (CVE-2020-26882)
CVE-2020-26882
CWE-674
High
Play Framework Uncontrolled Recursion Vulnerability (CVE-2020-26883)
CVE-2020-26883
CWE-674
High
Play Framework Out-of-bounds Write Vulnerability (CVE-2020-27196)
CVE-2020-27196
CWE-787
High
Jetty Other Vulnerability (CVE-2020-27216)
CVE-2020-27216
-
High
Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2020-27223)
CVE-2020-27223
CWE-400
High
Prototype CVE-2020-27511 Vulnerability (CVE-2020-27511)
CVE-2020-27511
-
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-27848)
CVE-2020-27848
CWE-138
High
osCommerce Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-27975)
CVE-2020-27975
CWE-352
High
WordPress CVE-2020-28033 Vulnerability (CVE-2020-28033)
CVE-2020-28033
-
High
DataTables Prototype Pollution Vulnerability (CVE-2020-28458)
CVE-2020-28458
-
High
Tornado Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-28476)
CVE-2020-28476
CWE-444
High
GSAP CVE-2020-28478 Vulnerability (CVE-2020-28478)
CVE-2020-28478
-
High
WebLogic Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2020-28491)
CVE-2020-28491
CWE-770
High
Three.js Uncontrolled Resource Consumption Vulnerability (CVE-2020-28496)
CVE-2020-28496
CWE-400
High
Plone CMS Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-28734)
CVE-2020-28734
CWE-611
High
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-28735)
CVE-2020-28735
CWE-918
High
Plone CMS Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-28736)
CVE-2020-28736
CWE-611
High
FluxBB Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2020-28873)
CVE-2020-28873
CWE-916
High
ProjectSend Improper Privilege Management Vulnerability (CVE-2020-28874)
CVE-2020-28874
CWE-269
High
Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-28884)
CVE-2020-28884
CWE-138
High
Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-28885)
CVE-2020-28885
CWE-138
High
Drupal Deserialization of Untrusted Data Vulnerability (CVE-2020-28948)
CVE-2020-28948
CWE-502
High
Drupal CVE-2020-28949 Vulnerability (CVE-2020-28949)
CVE-2020-28949
-
High
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-29004)
CVE-2020-29004
CWE-352
High
MediaWiki Insufficiently Protected Credentials Vulnerability (CVE-2020-29005)
CVE-2020-29005
CWE-522
High
Python Improper Privilege Management Vulnerability (CVE-2020-29396)
CVE-2020-29396
CWE-269
High
Jenkins Use of Insufficiently Random Values Vulnerability (CVE-2020-2099)
CVE-2020-2099
CWE-330
High
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-2160)
CVE-2020-2160
CWE-352
High
Artifactory Insufficiently Protected Credentials Vulnerability (CVE-2020-2165)
CVE-2020-2165
CWE-522
High
Oracle Database Server CVE-2020-2510 Vulnerability (CVE-2020-2510)
CVE-2020-2510
-
High
Oracle Database Server CVE-2020-2511 Vulnerability (CVE-2020-2511)
CVE-2020-2511
-
High
Oracle Database Server CVE-2020-2518 Vulnerability (CVE-2020-2518)
CVE-2020-2518
-
High
WebLogic CVE-2020-2549 Vulnerability (CVE-2020-2549)
CVE-2020-2549
-
High
Oracle Database Server CVE-2020-2735 Vulnerability (CVE-2020-2735)
CVE-2020-2735
-
High
WebLogic CVE-2020-2798 Vulnerability (CVE-2020-2798)
CVE-2020-2798
-
High
Oracle JRE CVE-2020-2803 Vulnerability (CVE-2020-2803)
CVE-2020-2803
-
High
Oracle JRE CVE-2020-2805 Vulnerability (CVE-2020-2805)
CVE-2020-2805
-
High
Oracle JRE CVE-2020-2816 Vulnerability (CVE-2020-2816)
CVE-2020-2816
-
High
WebLogic CVE-2020-2828 Vulnerability (CVE-2020-2828)
CVE-2020-2828
-
High
WebLogic CVE-2020-2867 Vulnerability (CVE-2020-2867)
CVE-2020-2867
-
High
WebLogic CVE-2020-2963 Vulnerability (CVE-2020-2963)
CVE-2020-2963
-
High
WebLogic CVE-2020-2967 Vulnerability (CVE-2020-2967)
CVE-2020-2967
-
High
Oracle Database Server CVE-2020-2968 Vulnerability (CVE-2020-2968)
CVE-2020-2968
-
High
Dolibarr Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2020-35136)
CVE-2020-35136
CWE-138
High
Oracle HTTP Server Other Vulnerability (CVE-2020-35164)
CVE-2020-35164
-
High
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-35239)
CVE-2020-35239
CWE-352
High
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2020-35452)
CVE-2020-35452
CWE-787
High
Envoy Wrong DOWNSTREAM_REMOTE_ADDRESS logged Issue (CVE-2020-35470)
CVE-2020-35470
-
High
Envoy mishandles dropped and truncated datagrams Issue (CVE-2020-35471)
CVE-2020-35471
-
High
MediaWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2020-35475)
CVE-2020-35475
CWE-116
High