Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

High Severity Vulnerabilities

Found 13053 vulnerabilities at High severity.

Vulnerability Name
CVE
CWE
Severity
XWiki Improper Authentication Vulnerability (CVE-2022-36093)
CVE-2022-36093
CWE-287
High
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-36099)
CVE-2022-36099
CWE-116
High
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-36100)
CVE-2022-36100
CWE-116
High
TYPO3 Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2022-36104)
CVE-2022-36104
CWE-770
High
Django Download of Code Without Integrity Check Vulnerability (CVE-2022-36359)
CVE-2022-36359
CWE-494
High
Payara Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-37422)
CVE-2022-37422
CWE-22
High
Craft CMS Missing Encryption of Sensitive Data Vulnerability (CVE-2022-37783)
CVE-2022-37783
CWE-311
High
Lighttpd NULL Pointer Dereference Vulnerability (CVE-2022-37797)
CVE-2022-37797
CWE-476
High
SharePoint CVE-2022-37961 Vulnerability (CVE-2022-37961)
CVE-2022-37961
-
High
SharePoint CVE-2022-38008 Vulnerability (CVE-2022-38008)
CVE-2022-38008
-
High
SharePoint CVE-2022-38009 Vulnerability (CVE-2022-38009)
CVE-2022-38009
-
High
SharePoint CVE-2022-38053 Vulnerability (CVE-2022-38053)
CVE-2022-38053
-
High
EspoCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-38843)
CVE-2022-38843
CWE-434
High
EspoCRM Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2022-38844)
CVE-2022-38844
CWE-1236
High
Nginx Out-of-bounds Read Vulnerability (CVE-2022-38890)
CVE-2022-38890
CWE-125
High
Grafana CVE-2022-39201 Vulnerability (CVE-2022-39201)
CVE-2022-39201
-
High
Drupal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-39261)
CVE-2022-39261
CWE-22
High
MyBB Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2022-39265)
CVE-2022-39265
CWE-138
High
Grafana Improper Input Validation Vulnerability (CVE-2022-39306)
CVE-2022-39306
CWE-20
High
Grafana Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2022-39328)
CVE-2022-39328
CWE-362
High
Jboss EAP Observable Discrepancy Vulnerability (CVE-2022-3143)
CVE-2022-3143
CWE-203
High
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2022-3358)
CVE-2022-3358
CWE-476
High
WordPress Ultimate Member Plugin Other Vulnerability (CVE-2022-3383)
CVE-2022-3383
-
High
WordPress Ultimate Member Plugin Other Vulnerability (CVE-2022-3384)
CVE-2022-3384
-
High
OpenSSL Out-of-bounds Write Vulnerability (CVE-2022-3602)
CVE-2022-3602
CWE-787
High
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3608)
CVE-2022-3608
CWE-707
High
OpenSSL Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2022-3786)
CVE-2022-3786
CWE-120
High
WordPress Ultimate Member Plugin Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-3966)
CVE-2022-3966
CWE-22
High
OpenSSL Improper Locking Vulnerability (CVE-2022-3996)
CVE-2022-3996
CWE-667
High
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-40313)
CVE-2022-40313
CWE-707
High
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-40407)
CVE-2022-40407
CWE-434
High
SharePoint CVE-2022-41036 Vulnerability (CVE-2022-41036)
CVE-2022-41036
-
High
SharePoint CVE-2022-41037 Vulnerability (CVE-2022-41037)
CVE-2022-41037
-
High
SharePoint CVE-2022-41038 Vulnerability (CVE-2022-41038)
CVE-2022-41038
-
High
SharePoint CVE-2022-41061 Vulnerability (CVE-2022-41061)
CVE-2022-41061
-
High
SharePoint CVE-2022-41062 Vulnerability (CVE-2022-41062)
CVE-2022-41062
-
High
Squid Out-of-bounds Read Vulnerability (CVE-2022-41318)
CVE-2022-41318
CWE-125
High
Django Other Vulnerability (CVE-2022-41323)
CVE-2022-41323
-
High
Lighttpd Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2022-41556)
CVE-2022-41556
CWE-401
High
Nginx Out-of-bounds Write Vulnerability (CVE-2022-41741)
CVE-2022-41741
CWE-787
High
Nginx Out-of-bounds Write Vulnerability (CVE-2022-41742)
CVE-2022-41742
CWE-787
High
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-41927)
CVE-2022-41927
CWE-352
High
XWiki Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') Vulnerability (CVE-2022-41928)
CVE-2022-41928
CWE-707
High
XWiki Missing Authorization Vulnerability (CVE-2022-41930)
CVE-2022-41930
CWE-862
High
XWiki Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') Vulnerability (CVE-2022-41931)
CVE-2022-41931
CWE-707
High
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-41934)
CVE-2022-41934
CWE-116
High
XWiki Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2022-41936)
CVE-2022-41936
CWE-359
High
XWiki Missing Authorization Vulnerability (CVE-2022-41937)
CVE-2022-41937
CWE-862
High
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-42029)
CVE-2022-42029
CWE-434
High
Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42121)
CVE-2022-42121
CWE-138
High
Liferay DXP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42121)
CVE-2022-42121
CWE-138
High
Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42123)
CVE-2022-42123
CWE-22
High
Liferay DXP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42123)
CVE-2022-42123
CWE-22
High
Liferay Portal Inefficient Regular Expression Complexity Vulnerability (CVE-2022-42124)
CVE-2022-42124
CWE-1333
High
Liferay DXP Inefficient Regular Expression Complexity Vulnerability (CVE-2022-42124)
CVE-2022-42124
CWE-1333
High
Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42125)
CVE-2022-42125
CWE-22
High
Apache Tomcat Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2022-42252)
CVE-2022-42252
-
High
Magento Improper Input Validation Vulnerability (CVE-2022-42344)
CVE-2022-42344
CWE-20
High
Python CVE-2022-42919 Vulnerability (CVE-2022-42919)
CVE-2022-42919
-
High
LimeSurvey Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-43279)
CVE-2022-43279
CWE-138
High
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-43288)
CVE-2022-43288
CWE-138
High
SharePoint CVE-2022-44690 Vulnerability (CVE-2022-44690)
CVE-2022-44690
-
High
SharePoint CVE-2022-44693 Vulnerability (CVE-2022-44693)
CVE-2022-44693
-
High
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-45020)
CVE-2022-45020
CWE-707
High
Python Uncontrolled Resource Consumption Vulnerability (CVE-2022-45061)
CVE-2022-45061
CWE-400
High
Payara Files or Directories Accessible to External Parties Vulnerability (CVE-2022-45129)
CVE-2022-45129
CWE-552
High
Apache Tomcat Improper Encoding or Escaping of Output Vulnerability (CVE-2022-45143)
CVE-2022-45143
CWE-116
High
Dot CMS Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2022-45782)
CVE-2022-45782
CWE-338
High
MyBB Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-45867)
CVE-2022-45867
CWE-22
High
Apache Traffic Server CVE-2022-47184 Vulnerability (CVE-2022-47184)
CVE-2022-47184
-
High
Apache Traffic Server CVE-2022-47185 Vulnerability (CVE-2022-47185)
CVE-2022-47185
-
High
jszip Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-48285)
CVE-2022-48285
CWE-22
High
Python Use After Free Vulnerability (CVE-2022-48560)
CVE-2022-48560
CWE-416
High
Python Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2022-48566)
CVE-2022-48566
CWE-362
High
phpMyFAQ Cleartext Transmission of Sensitive Information Vulnerability (CVE-2022-4409)
CVE-2022-4409
CWE-319
High