Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

High Severity Vulnerabilities

Found 13053 vulnerabilities at High severity.

Vulnerability Name
CVE
CWE
Severity
OpenSSL Double Free Vulnerability (CVE-2022-4450)
CVE-2022-4450
CWE-415
High
Ampache Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-4665)
CVE-2022-4665
CWE-434
High
e107 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-50907)
CVE-2022-50907
CWE-434
High
e107 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-50916)
CVE-2022-50916
CWE-434
High
e107 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-50939)
CVE-2022-50939
CWE-22
High
OpenSSL Use After Free Vulnerability (CVE-2023-0215)
CVE-2023-0215
CWE-416
High
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2023-0216)
CVE-2023-0216
CWE-476
High
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2023-0217)
CVE-2023-0217
CWE-476
High
OpenSSL Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2023-0286)
CVE-2023-0286
CWE-843
High
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2023-0401)
CVE-2023-0401
CWE-476
High
OpenSSL Improper Certificate Validation Vulnerability (CVE-2023-0464)
CVE-2023-0464
CWE-295
High
PHP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-0568)
CVE-2023-0568
CWE-770
High
PHP Uncontrolled Resource Consumption Vulnerability (CVE-2023-0662)
CVE-2023-0662
CWE-400
High
Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-0771)
CVE-2023-0771
CWE-138
High
phpMyFAQ Uncaught Exception Vulnerability (CVE-2023-0790)
CVE-2023-0790
CWE-248
High
phpMyFAQ Weak Password Requirements Vulnerability (CVE-2023-0793)
CVE-2023-0793
CWE-521
High
Undertow Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2023-1108)
CVE-2023-1108
CWE-835
High
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2023-1108)
CVE-2023-1108
CWE-835
High
Grafana CVE-2023-1387 Vulnerability (CVE-2023-1387)
CVE-2023-1387
-
High
MongoDb Improper Certificate Validation Vulnerability (CVE-2023-1409)
CVE-2023-1409
CWE-295
High
phpMyFAQ Improper Privilege Management Vulnerability (CVE-2023-1762)
CVE-2023-1762
CWE-269
High
Microsoft SQL Server CVE-2023-21528 Vulnerability (CVE-2023-21528)
CVE-2023-21528
-
High
Microsoft SQL Server CVE-2023-21704 Vulnerability (CVE-2023-21704)
CVE-2023-21704
-
High
Microsoft SQL Server CVE-2023-21705 Vulnerability (CVE-2023-21705)
CVE-2023-21705
-
High
Microsoft SQL Server CVE-2023-21713 Vulnerability (CVE-2023-21713)
CVE-2023-21713
-
High
SharePoint CVE-2023-21717 Vulnerability (CVE-2023-21717)
CVE-2023-21717
-
High
Microsoft SQL Server CVE-2023-21718 Vulnerability (CVE-2023-21718)
CVE-2023-21718
-
High
SharePoint CVE-2023-21742 Vulnerability (CVE-2023-21742)
CVE-2023-21742
-
High
SharePoint CVE-2023-21744 Vulnerability (CVE-2023-21744)
CVE-2023-21744
-
High
WebLogic CVE-2023-21837 Vulnerability (CVE-2023-21837)
CVE-2023-21837
-
High
WebLogic CVE-2023-21838 Vulnerability (CVE-2023-21838)
CVE-2023-21838
-
High
WebLogic CVE-2023-21839 Vulnerability (CVE-2023-21839)
CVE-2023-21839
-
High
WebLogic CVE-2023-21841 Vulnerability (CVE-2023-21841)
CVE-2023-21841
-
High
WebLogic CVE-2023-21842 Vulnerability (CVE-2023-21842)
CVE-2023-21842
-
High
Oracle JRE CVE-2023-21930 Vulnerability (CVE-2023-21930)
CVE-2023-21930
-
High
WebLogic CVE-2023-21931 Vulnerability (CVE-2023-21931)
CVE-2023-21931
-
High
WebLogic CVE-2023-21964 Vulnerability (CVE-2023-21964)
CVE-2023-21964
-
High
WebLogic CVE-2023-21979 Vulnerability (CVE-2023-21979)
CVE-2023-21979
-
High
MySQL CVE-2023-21980 Vulnerability (CVE-2023-21980)
CVE-2023-21980
-
High
WebLogic CVE-2023-21996 Vulnerability (CVE-2023-21996)
CVE-2023-21996
-
High
Oracle HTTP Server CVE-2023-22019 Vulnerability (CVE-2023-22019)
CVE-2023-22019
-
High
WebLogic CVE-2023-22086 Vulnerability (CVE-2023-22086)
CVE-2023-22086
-
High
WebLogic CVE-2023-22101 Vulnerability (CVE-2023-22101)
CVE-2023-22101
-
High
MySQL CVE-2023-22102 Vulnerability (CVE-2023-22102)
CVE-2023-22102
-
High
WebLogic CVE-2023-22108 Vulnerability (CVE-2023-22108)
CVE-2023-22108
-
High
Atlassian Confluence CVE-2023-22505 Vulnerability (CVE-2023-22505)
CVE-2023-22505
-
High
Atlassian Confluence CVE-2023-22508 Vulnerability (CVE-2023-22508)
CVE-2023-22508
-
High
Atlassian Confluence CVE-2023-22512 Vulnerability (CVE-2023-22512)
CVE-2023-22512
-
High
Atlassian Confluence Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-22522)
CVE-2023-22522
CWE-138
High
Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-22526)
CVE-2023-22526
CWE-94
High
WordPress Uncontrolled Resource Consumption Vulnerability (CVE-2023-22622)
CVE-2023-22622
CWE-400
High
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22792)
CVE-2023-22792
CWE-1333
High
Ruby Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22795)
CVE-2023-22795
CWE-1333
High
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22795)
CVE-2023-22795
CWE-1333
High
Multiple SugarCRM Products Remote Code Execution Vulnerability (CVE-2023-22952)
CVE-2023-22952
-
High
Microsoft SQL Server CVE-2023-23384 Vulnerability (CVE-2023-23384)
CVE-2023-23384
-
High
Joomla Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-23755)
CVE-2023-23755
CWE-307
High
Moodle CVE-2023-23923 Vulnerability (CVE-2023-23923)
CVE-2023-23923
-
High
Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-23969)
CVE-2023-23969
CWE-770
High
Python Improper Input Validation Vulnerability (CVE-2023-24329)
CVE-2023-24329
CWE-20
High
Django Uncontrolled Resource Consumption Vulnerability (CVE-2023-24580)
CVE-2023-24580
CWE-400
High
SharePoint Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-24955)
CVE-2023-24955
CWE-94
High
PrestaShop Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-25170)
CVE-2023-25170
CWE-352
High
Werkzeug WSGI Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-25577)
CVE-2023-25577
CWE-770
High
IBMHttpServer Improper Input Validation Vulnerability (CVE-2023-26281)
CVE-2023-26281
CWE-20
High
XWiki Out-of-bounds Write Vulnerability (CVE-2023-26470)
CVE-2023-26470
CWE-787
High
XWiki CVE-2023-26471 Vulnerability (CVE-2023-26471)
CVE-2023-26471
-
High
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2023-26472)
CVE-2023-26472
CWE-116
High
XWiki CVE-2023-26474 Vulnerability (CVE-2023-26474)
CVE-2023-26474
-
High
XWiki Improper Privilege Management Vulnerability (CVE-2023-26475)
CVE-2023-26475
CWE-269
High
XWiki Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-26476)
CVE-2023-26476
CWE-307
High
XWiki Other Vulnerability (CVE-2023-26478)
CVE-2023-26478
-
High
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-26876)
CVE-2023-26876
CWE-138
High
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-27233)
CVE-2023-27233
CWE-138
High
XWiki Improper Restriction of XML External Entity Reference Vulnerability (CVE-2023-27480)
CVE-2023-27480
CWE-611
High