Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14740 vulnerabilities in this category.

Critical: 1584 High: 3908 Medium: 8472 Low: 774 Information: 2
Vulnerability Name
CVE
CWE
Severity
Joomla Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2018-11325)
CVE-2018-11325
CWE-209
Critical
IBM WebSEAL Missing Authorization Vulnerability (CVE-2020-4499)
CVE-2020-4499
CWE-862
Critical
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-7471)
CVE-2020-7471
CWE-138
Critical
PHP Out-of-bounds Read Vulnerability (CVE-2020-7061)
CVE-2020-7061
CWE-125
Critical
PHP Out-of-bounds Read Vulnerability (CVE-2020-7060)
CVE-2020-7060
CWE-125
Critical
PHP Out-of-bounds Read Vulnerability (CVE-2020-7059)
CVE-2020-7059
CWE-125
Critical
Dot CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-6754)
CVE-2020-6754
CWE-22
Critical
SharePoint Integer Overflow or Wraparound Vulnerability (CVE-2008-4019)
CVE-2008-4019
CWE-190
Critical
PrestaShop Improper Authentication Vulnerability (CVE-2020-4074)
CVE-2020-4074
CWE-287
Critical
Plone CMS Improper Privilege Management Vulnerability (CVE-2020-7941)
CVE-2020-7941
CWE-269
Critical
Magento CVE-2020-3718 Vulnerability (CVE-2020-3718)
CVE-2020-3718
-
Critical
Magento Deserialization of Untrusted Data Vulnerability (CVE-2020-3716)
CVE-2020-3716
CWE-502
Critical
WordPress Deserialization of Untrusted Data Vulnerability (CVE-2020-36326)
CVE-2020-36326
CWE-502
Critical
WordPress Ultimate Member Plugin CVE-2020-36157 Vulnerability (CVE-2020-36157)
CVE-2020-36157
-
Critical
WordPress Ultimate Member Plugin Improper Privilege Management Vulnerability (CVE-2020-36155)
CVE-2020-36155
CWE-269
Critical
WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-4769)
CVE-2008-4769
CWE-22
Critical
SugarCRM Missing Authorization Vulnerability (CVE-2020-7472)
CVE-2020-7472
CWE-862
Critical
Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2020-7961)
CVE-2020-7961
CWE-502
Critical
WordPress Improper Input Validation Vulnerability (CVE-2020-35539)
CVE-2020-35539
CWE-20
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-9547)
CVE-2020-9547
CWE-502
Critical
Dolphin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3167)
CVE-2008-3167
CWE-94
Critical
Magento CVE-2020-9580 Vulnerability (CVE-2020-9580)
CVE-2020-9580
-
Critical
Magento CVE-2020-9579 Vulnerability (CVE-2020-9579)
CVE-2020-9579
-
Critical
Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-9578)
CVE-2020-9578
CWE-138
Critical
Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-9576)
CVE-2020-9576
CWE-138
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-9548)
CVE-2020-9548
CWE-502
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-9546)
CVE-2020-9546
CWE-502
Critical
Dolibarr Improper Authentication Vulnerability (CVE-2020-7995)
CVE-2020-7995
CWE-287
Critical
phpBB CVE-2008-3224 Vulnerability (CVE-2008-3224)
CVE-2008-3224
-
Critical
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3225)
CVE-2008-3225
CWE-264
Critical
Dotclear Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3232)
CVE-2008-3232
CWE-94
Critical
WebLogic Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2008-3257)
CVE-2008-3257
CWE-119
Critical
OpenVPN AS Improper Authentication Vulnerability (CVE-2020-8953)
CVE-2020-8953
CWE-287
Critical
phpList Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2020-8547)
CVE-2020-8547
CWE-843
Critical
Ruby on Rails Deserialization of Untrusted Data Vulnerability (CVE-2020-8165)
CVE-2020-8165
CWE-502
Critical
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-35613)
CVE-2020-35613
CWE-138
Critical
WordPress Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2008-4796)
CVE-2008-4796
CWE-138
Critical
Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-9583)
CVE-2020-9583
CWE-138
Critical
WordPress Deserialization of Untrusted Data Vulnerability (CVE-2020-28032)
CVE-2020-28032
CWE-502
Critical
ownCloud Improper Input Validation Vulnerability (CVE-2020-28645)
CVE-2020-28645
CWE-20
Critical
WordPress CVE-2008-6767 Vulnerability (CVE-2008-6767)
CVE-2008-6767
-
Critical
WordPress CVE-2020-28039 Vulnerability (CVE-2020-28039)
CVE-2020-28039
-
Critical
WordPress Improper Input Validation Vulnerability (CVE-2020-28037)
CVE-2020-28037
CWE-20
Critical
WordPress Improper Privilege Management Vulnerability (CVE-2020-28036)
CVE-2020-28036
CWE-269
Critical
WordPress Improper Privilege Management Vulnerability (CVE-2020-28035)
CVE-2020-28035
CWE-269
Critical
osCommerce Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-27976)
CVE-2020-27976
CWE-138
Critical
Oracle HTTP Server Other Vulnerability (CVE-2020-29506)
CVE-2020-29506
-
Critical
Grafana Signature Verification Vulnerability (CVE-2020-27846)
CVE-2020-27846
-
Critical
Python CVE-2020-27619 Vulnerability (CVE-2020-27619)
CVE-2020-27619
-
Critical
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-26935)
CVE-2020-26935
CWE-138
Critical
Oracle Application Server CVE-2008-7233 Vulnerability (CVE-2008-7233)
CVE-2008-7233
-
Critical
phpMyAdmin Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-7251)
CVE-2008-7251
CWE-264
Critical
phpMyAdmin Cryptographic Issues Vulnerability (CVE-2008-7252)
CVE-2008-7252
-
Critical
MODX Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-25911)
CVE-2020-25911
CWE-611
Critical
Drupal Configuration Vulnerability (CVE-2008-6171)
CVE-2008-6171
-
Critical
Oracle HTTP Server Improper Input Validation Vulnerability (CVE-2020-29507)
CVE-2020-29507
CWE-20
Critical
Sqlite Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-35527)
CVE-2020-35527
CWE-119
Critical
Oracle HTTP Server Other Vulnerability (CVE-2020-35166)
CVE-2020-35166
-
Critical
WP Plugin Contact Form 7 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-35489)
CVE-2020-35489
CWE-434
Critical
Python Numeric Errors Vulnerability (CVE-2008-5031)
CVE-2008-5031
-
Critical
Plone CMS Missing Authentication for Critical Function Vulnerability (CVE-2020-35190)
CVE-2020-35190
CWE-306
Critical
Oracle HTTP Server Improper Input Validation Vulnerability (CVE-2020-35169)
CVE-2020-35169
CWE-20
Critical
Oracle HTTP Server Other Vulnerability (CVE-2020-35168)
CVE-2020-35168
-
Critical
Oracle HTTP Server Other Vulnerability (CVE-2020-35167)
CVE-2020-35167
-
Critical
Oracle HTTP Server Use of Insufficiently Random Values Vulnerability (CVE-2020-35163)
CVE-2020-35163
CWE-330
Critical
Oracle HTTP Server Improper Input Validation Vulnerability (CVE-2020-29508)
CVE-2020-29508
CWE-20
Critical
WebLogic CVE-2020-2884 Vulnerability (CVE-2020-2884)
CVE-2020-2884
-
Critical
WebLogic CVE-2020-2883 Vulnerability (CVE-2020-2883)
CVE-2020-2883
-
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2008-5557)
CVE-2008-5557
CWE-119
Critical
WebLogic CVE-2020-2801 Vulnerability (CVE-2020-2801)
CVE-2020-2801
-
Critical
WebLogic CVE-2020-2551 Vulnerability (CVE-2020-2551)
CVE-2020-2551
-
Critical
WebLogic CVE-2020-2546 Vulnerability (CVE-2020-2546)
CVE-2020-2546
-
Critical
PrestaShop CVE-2008-5791 Vulnerability (CVE-2008-5791)
CVE-2008-5791
-
Critical
Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-9582)
CVE-2020-9582
CWE-138
Critical
Magento CVE-2020-9585 Vulnerability (CVE-2020-9585)
CVE-2020-9585
-
Critical