Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.3.2229
Known Vulnerabilities
This page lists
14179 vulnerabilities
in this category.
Critical: 1524
High: 3574
Medium: 8322
Low: 757
Information: 2
Vulnerability Name
CVE
CWE
Severity
phpMyAdmin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-1151)
CVE-2009-1151
CWE-94
Critical
Apache HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-28615)
CVE-2022-28615
CWE-190
Critical
Oracle JRE CVE-2012-1716 Vulnerability (CVE-2012-1716)
CVE-2012-1716
-
Critical
Nginx Integer Overflow or Wraparound Vulnerability (CVE-2017-20005)
CVE-2017-20005
CWE-190
Critical
Oracle JRE CVE-2012-1723 Vulnerability (CVE-2012-1723)
CVE-2012-1723
-
Critical
Chamilo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-27423)
CVE-2022-27423
CWE-138
Critical
Oracle JRE CVE-2012-1725 Vulnerability (CVE-2012-1725)
CVE-2012-1725
-
Critical
phpMyAdmin CVE-2017-18264 Vulnerability (CVE-2017-18264)
CVE-2017-18264
-
Critical
MediaWiki CVE-2022-28205 Vulnerability (CVE-2022-28205)
CVE-2022-28205
-
Critical
MediaWiki CVE-2022-28206 Vulnerability (CVE-2022-28206)
CVE-2022-28206
-
Critical
MediaWiki CVE-2022-28209 Vulnerability (CVE-2022-28209)
CVE-2022-28209
-
Critical
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-28346)
CVE-2022-28346
CWE-138
Critical
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-28347)
CVE-2022-28347
CWE-138
Critical
Grafana Missing Authentication for Critical Function Vulnerability (CVE-2022-28660)
CVE-2022-28660
CWE-306
Critical
phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-20029)
CVE-2017-20029
CWE-138
Critical
Ruby Double Free Vulnerability (CVE-2022-28738)
CVE-2022-28738
CWE-415
Critical
XWiki Inadequate Encryption Strength Vulnerability (CVE-2022-29161)
CVE-2022-29161
CWE-326
Critical
Envoy Proxy Missing Authentication for Critical Function Vulnerability (CVE-2022-29226)
CVE-2022-29226
CWE-306
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17900)
CVE-2017-17900
CWE-138
Critical
PHP Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2012-1823)
CVE-2012-1823
CWE-138
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17899)
CVE-2017-17899
CWE-138
Critical
Werkzeug WSGI Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2022-29361)
CVE-2022-29361
-
Critical
MediaWiki Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-29904)
CVE-2022-29904
CWE-138
Critical
MediaWiki Incorrect Authorization Vulnerability (CVE-2022-29906)
CVE-2022-29906
CWE-863
Critical
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17897)
CVE-2017-17897
CWE-138
Critical
Ruby Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2017-17790)
CVE-2017-17790
CWE-138
Critical
OpenSSL Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2022-2068)
CVE-2022-2068
CWE-138
Critical
Dot CMS Other Vulnerability (CVE-2022-26352)
CVE-2022-26352
-
Critical
phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-20032)
CVE-2017-20032
CWE-138
Critical
PHP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2007-1581)
CVE-2007-1581
CWE-94
Critical
Oracle Application Server Other Vulnerability (CVE-2007-2122)
CVE-2007-2122
-
Critical
Oracle HTTP Server Out-of-bounds Write Vulnerability (CVE-2022-23943)
CVE-2022-23943
CWE-787
Critical
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2022-23943)
CVE-2022-23943
CWE-787
Critical
Pega Infinity Deserialization of Untrusted Data Vulnerability (CVE-2022-24082)
CVE-2022-24082
CWE-502
Critical
Pega Infinity Other Vulnerability (CVE-2022-24083)
CVE-2022-24083
-
Critical
Magento Improper Input Validation Vulnerability (CVE-2022-24086)
CVE-2022-24086
CWE-20
Critical
WebLogic CVE-2017-3248 Vulnerability (CVE-2017-3248)
CVE-2017-3248
-
Critical
Oracle HTTP Server Improper Encoding or Escaping of Output Vulnerability (CVE-2022-25235)
CVE-2022-25235
CWE-116
Critical
silverstripeCMS Other Vulnerability (CVE-2007-2321)
CVE-2007-2321
-
Critical
Oracle HTTP Server Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-25236)
CVE-2022-25236
CWE-668
Critical
Oracle Database Server Other Vulnerability (CVE-2007-2130)
CVE-2007-2130
-
Critical
Oracle Application Server Other Vulnerability (CVE-2007-2130)
CVE-2007-2130
-
Critical
Oracle Application Server Other Vulnerability (CVE-2007-2123)
CVE-2007-2123
-
Critical
Oracle Application Server Other Vulnerability (CVE-2007-2121)
CVE-2007-2121
-
Critical
Grafana Cleartext Storage of Sensitive Information Vulnerability (CVE-2022-26148)
CVE-2022-26148
CWE-312
Critical
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2017-3169)
CVE-2017-3169
CWE-476
Critical
Oracle JRE CVE-2012-1682 Vulnerability (CVE-2012-1682)
CVE-2012-1682
-
Critical
Apache HTTP Server Improper Authentication Vulnerability (CVE-2017-3167)
CVE-2017-3167
CWE-287
Critical
Oracle HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-25315)
CVE-2022-25315
CWE-190
Critical
Oracle Database Server CVE-2007-2116 Vulnerability (CVE-2007-2116)
CVE-2007-2116
-
Critical
Oracle Database Server CVE-2007-2114 Vulnerability (CVE-2007-2114)
CVE-2007-2114
-
Critical
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-2641)
CVE-2017-2641
CWE-138
Critical
Atlassian Confluence Unauthenticated Remote Code Execution Vulnerability (CVE-2022-26134)
CVE-2022-26134
-
Critical
Atlassian Jira Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26136)
CVE-2022-26136
CWE-180
Critical
Atlassian Confluence Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26136)
CVE-2022-26136
CWE-180
Critical
Atlassian Confluence Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26137)
CVE-2022-26137
CWE-180
Critical
Atlassian Jira Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26137)
CVE-2022-26137
CWE-180
Critical
OpenSSL Out-of-bounds Write Vulnerability (CVE-2022-2274)
CVE-2022-2274
CWE-787
Critical
Nexus Repository Manager Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2017-17717)
CVE-2017-17717
CWE-327
Critical
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-23797)
CVE-2022-23797
CWE-138
Critical
Perl Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-12883)
CVE-2017-12883
CWE-119
Critical
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36096)
CVE-2022-36096
CWE-707
Critical
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36098)
CVE-2022-36098
CWE-707
Critical
CrushFTP Server Deserialization of Untrusted Data Vulnerability (CVE-2017-14035)
CVE-2017-14035
CWE-502
Critical
PHP Other Vulnerability (CVE-2007-0448)
CVE-2007-0448
-
Critical
PHP Out-of-bounds Read Vulnerability (CVE-2017-12933)
CVE-2017-12933
CWE-125
Critical
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2022-36760)
CVE-2022-36760
-
Critical
Claroline Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-37159)
CVE-2022-37159
CWE-434
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2012-2376)
CVE-2012-2376
CWE-119
Critical
PHP Integer Overflow or Wraparound Vulnerability (CVE-2022-37454)
CVE-2022-37454
CWE-190
Critical
Python Integer Overflow or Wraparound Vulnerability (CVE-2022-37454)
CVE-2022-37454
CWE-190
Critical
PHP Use After Free Vulnerability (CVE-2017-12932)
CVE-2017-12932
CWE-416
Critical
WordPress CVE-2012-2399 Vulnerability (CVE-2012-2399)
CVE-2012-2399
-
Critical
Ruby Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-14064)
CVE-2017-14064
CWE-119
Critical
WordPress CVE-2012-2400 Vulnerability (CVE-2012-2400)
CVE-2012-2400
-
Critical
1
2
3
4
...
190
»
