Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Known Vulnerabilities
This page lists
13509 vulnerabilities
in this category.
Critical: 1465
High: 3387
Medium: 7907
Low: 748
Information: 2
Vulnerability Name
CVE
CWE
Severity
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-1692)
CVE-2020-1692
CWE-200
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-1691)
CVE-2020-1691
CWE-707
Medium
SharePoint CVE-2020-1583 Vulnerability (CVE-2020-1583)
CVE-2020-1583
-
Medium
MySQL CVE-2020-2921 Vulnerability (CVE-2020-2921)
CVE-2020-2921
-
Medium
MySQL CVE-2020-2924 Vulnerability (CVE-2020-2924)
CVE-2020-2924
-
Medium
Magento Incorrect Authorization Vulnerability (CVE-2021-28567)
CVE-2021-28567
CWE-863
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-28331)
CVE-2023-28331
CWE-707
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21603)
CVE-2021-21603
CWE-707
Medium
easyXDM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-27739)
CVE-2023-27739
CWE-707
Medium
Jenkins Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-21602)
CVE-2021-21602
CWE-59
Medium
PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21398)
CVE-2021-21398
CWE-707
Medium
Jenkins CVE-2023-27902 Vulnerability (CVE-2023-27902)
CVE-2023-27902
-
Medium
XWiki Improper Preservation of Permissions Vulnerability (CVE-2021-21379)
CVE-2021-21379
CWE-281
Medium
Jenkins Incorrect Authorization Vulnerability (CVE-2023-27903)
CVE-2023-27903
CWE-863
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21370)
CVE-2021-21370
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21365)
CVE-2021-21365
CWE-707
Medium
Jenkins CVE-2023-27904 Vulnerability (CVE-2023-27904)
CVE-2023-27904
-
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21358)
CVE-2021-21358
CWE-707
Medium
Moodle CVE-2023-28330 Vulnerability (CVE-2023-28330)
CVE-2023-28330
-
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-28332)
CVE-2023-28332
CWE-707
Medium
Jenkins Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-21607)
CVE-2021-21607
CWE-770
Medium
Moodle Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2023-28334)
CVE-2023-28334
CWE-639
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21340)
CVE-2021-21340
CWE-707
Medium
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-21338)
CVE-2021-21338
CWE-601
Medium
Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-21336)
CVE-2021-21336
CWE-200
Medium
Moodle Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-28336)
CVE-2023-28336
CWE-668
Medium
Tornado URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-28370)
CVE-2023-28370
CWE-601
Medium
Magento Insufficient Session Expiration Vulnerability (CVE-2021-21032)
CVE-2021-21032
CWE-613
Medium
Magento Insufficient Session Expiration Vulnerability (CVE-2021-21031)
CVE-2021-21031
CWE-613
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-28439)
CVE-2023-28439
CWE-707
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-28467)
CVE-2023-28467
CWE-707
Medium
Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21029)
CVE-2021-21029
CWE-707
Medium
Magento Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-21027)
CVE-2021-21027
CWE-352
Medium
Jenkins Improper Input Validation Vulnerability (CVE-2021-21606)
CVE-2021-21606
CWE-20
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21608)
CVE-2021-21608
CWE-707
Medium
Apache Tomcat Unprotected Transport of Credentials Vulnerability (CVE-2023-28708)
CVE-2023-28708
CWE-523
Medium
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-26480)
CVE-2023-26480
CWE-707
Medium
ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-22874)
CVE-2021-22874
CWE-707
Medium
ReviveAdserver URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22873)
CVE-2021-22873
CWE-601
Medium
ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-22872)
CVE-2021-22872
CWE-707
Medium
ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-22871)
CVE-2021-22871
CWE-707
Medium
MySQL NULL Pointer Dereference Vulnerability (CVE-2021-22570)
CVE-2021-22570
CWE-476
Medium
Spring Cloud Gateway Incorrect Authorization Vulnerability (CVE-2021-22051)
CVE-2021-22051
CWE-863
Medium
PHP Other Vulnerability (CVE-2021-21707)
CVE-2021-21707
-
Medium
PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-21706)
CVE-2021-21706
CWE-22
Medium
PHP Improper Input Validation Vulnerability (CVE-2021-21705)
CVE-2021-21705
CWE-20
Medium
PHP Out-of-bounds Write Vulnerability (CVE-2021-21704)
CVE-2021-21704
CWE-787
Medium
XWiki CVE-2023-26473 Vulnerability (CVE-2023-26473)
CVE-2023-26473
-
Medium
XWiki Improper Handling of Exceptional Conditions Vulnerability (CVE-2023-26479)
CVE-2023-26479
CWE-755
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-27008)
CVE-2023-27008
CWE-707
Medium
Jenkins Incorrect Authorization Vulnerability (CVE-2021-21609)
CVE-2021-21609
CWE-863
Medium
Python Improper Input Validation Vulnerability (CVE-2023-27043)
CVE-2023-27043
CWE-20
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-27148)
CVE-2023-27148
CWE-707
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-27149)
CVE-2023-27149
CWE-707
Medium
Envoy Proxy Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-27492)
CVE-2023-27492
CWE-770
Medium
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-21683)
CVE-2021-21683
CWE-22
Medium
Jenkins CVE-2021-21682 Vulnerability (CVE-2021-21682)
CVE-2021-21682
-
Medium
Jenkins Incorrect Authorization Vulnerability (CVE-2021-21670)
CVE-2021-21670
CWE-863
Medium
Jenkins Improper Handling of Inconsistent Structural Elements Vulnerability (CVE-2021-21640)
CVE-2021-21640
CWE-240
Medium
phpList CVE-2023-27576 Vulnerability (CVE-2023-27576)
CVE-2023-27576
-
Medium
Jenkins Improper Input Validation Vulnerability (CVE-2021-21639)
CVE-2021-21639
CWE-20
Medium
Jenkins Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2021-21615)
CVE-2021-21615
CWE-367
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21611)
CVE-2021-21611
CWE-707
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21610)
CVE-2021-21610
CWE-707
Medium
Magento Improper Authorization Vulnerability (CVE-2021-21026)
CVE-2021-21026
CWE-285
Medium
Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21023)
CVE-2021-21023
CWE-707
Medium
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22881)
CVE-2021-22881
CWE-601
Medium
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-29508)
CVE-2023-29508
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20279)
CVE-2021-20279
CWE-707
Medium
PostgreSQL Incorrect Authorization Vulnerability (CVE-2021-20229)
CVE-2021-20229
CWE-863
Medium
Sqlite Use After Free Vulnerability (CVE-2021-20227)
CVE-2021-20227
CWE-416
Medium
Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2021-20220)
CVE-2021-20220
CWE-444
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20186)
CVE-2021-20186
CWE-707
Medium
Moodle Uncontrolled Resource Consumption Vulnerability (CVE-2021-20185)
CVE-2021-20185
CWE-400
Medium
Moodle Improper Validation of Integrity Check Value Vulnerability (CVE-2021-20184)
CVE-2021-20184
CWE-354
Medium
«
1
...
100
101
102
...
181
»
