Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Liferay Portal Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-25143)
CVE-2024-25143
CWE-770
Medium
Liferay DXP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-25143)
CVE-2024-25143
CWE-770
Medium
Liferay DXP Excessive Iteration Vulnerability (CVE-2024-25144)
CVE-2024-25144
CWE-834
Medium
Liferay Portal Excessive Iteration Vulnerability (CVE-2024-25144)
CVE-2024-25144
CWE-834
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25145)
CVE-2024-25145
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-29374)
CVE-2024-29374
CWE-707
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-2123)
CVE-2024-2123
CWE-707
Medium
Microsoft SQL Server Improper Input Validation Vulnerability (CVE-2001-0509)
CVE-2001-0509
CWE-20
Medium
Oracle Application Server Other Vulnerability (CVE-2001-1217)
CVE-2001-1217
-
Medium
Internet Information Services Other Vulnerability (CVE-2001-1186)
CVE-2001-1186
-
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-40747)
CVE-2024-40747
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-40743)
CVE-2024-40743
CWE-707
Medium
Apache HTTP Server CVE-2024-40725 Vulnerability (CVE-2024-40725)
CVE-2024-40725
-
Medium
GeoServer Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-40625)
CVE-2024-40625
CWE-918
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-40605)
CVE-2024-40605
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-40604)
CVE-2024-40604
CWE-707
Medium
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-40603)
CVE-2024-40603
CWE-352
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-40602)
CVE-2024-40602
CWE-707
Medium
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-40601)
CVE-2024-40601
CWE-352
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-40600)
CVE-2024-40600
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-40599)
CVE-2024-40599
CWE-707
Medium
MediaWiki Insertion of Sensitive Information into Log File Vulnerability (CVE-2024-40598)
CVE-2024-40598
CWE-532
Medium
MediaWiki Insertion of Sensitive Information into Log File Vulnerability (CVE-2024-40596)
CVE-2024-40596
CWE-532
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-3938)
CVE-2024-3938
CWE-707
Medium
Apache HTTP Server Other Vulnerability (CVE-2001-1072)
CVE-2001-1072
-
Medium
Internet Information Services Other Vulnerability (CVE-2001-1243)
CVE-2001-1243
-
Medium
Artifactory CVE-2024-3505 Vulnerability (CVE-2024-3505)
CVE-2024-3505
-
Medium
MongoDb Reachable Assertion Vulnerability (CVE-2024-3374)
CVE-2024-3374
CWE-617
Medium
Dot CMS Insertion of Sensitive Information into Log File Vulnerability (CVE-2024-3165)
CVE-2024-3165
CWE-532
Medium
Dot CMS CVE-2024-3164 Vulnerability (CVE-2024-3164)
CVE-2024-3164
-
Medium
PHP CVE-2024-3096 Vulnerability (CVE-2024-3096)
CVE-2024-3096
-
Medium
Apache HTTP Server CVE-2024-39884 Vulnerability (CVE-2024-39884)
CVE-2024-39884
-
Medium
Open Resty Inefficient Algorithmic Complexity Vulnerability (CVE-2024-39702)
CVE-2024-39702
CWE-407
Medium
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2001-1247)
CVE-2001-1247
CWE-264
Medium
MySQL Other Vulnerability (CVE-2001-1255)
CVE-2001-1255
-
Medium
Django Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-39330)
CVE-2024-39330
CWE-22
Medium
Django Observable Timing Discrepancy Vulnerability (CVE-2024-39329)
CVE-2024-39329
CWE-208
Medium
Apache HTTP Server Other Vulnerability (CVE-2001-1342)
CVE-2001-1342
-
Medium
Oracle Application Server Other Vulnerability (CVE-2001-1372)
CVE-2001-1372
-
Medium
OpenSSL Other Vulnerability (CVE-2001-1141)
CVE-2001-1141
-
Medium
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-41665)
CVE-2024-41665
CWE-707
Medium
Apache HTTP Server Insertion of Sensitive Information into Log File Vulnerability (CVE-2001-1556)
CVE-2001-1556
CWE-532
Medium
Apache HTTP Server Other Vulnerability (CVE-2001-0730)
CVE-2001-0730
-
Medium
Django CVE-2024-45231 Vulnerability (CVE-2024-45231)
CVE-2024-45231
-
Medium
Oracle Database Server Other Vulnerability (CVE-2001-0515)
CVE-2001-0515
-
Medium
Internet Information Services Other Vulnerability (CVE-2001-0545)
CVE-2001-0545
-
Medium
Zope Web Application Server Other Vulnerability (CVE-2001-0567)
CVE-2001-0567
-
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-43439)
CVE-2024-43439
CWE-707
Medium
Apache Tomcat Other Vulnerability (CVE-2001-0590)
CVE-2001-0590
-
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-43437)
CVE-2024-43437
CWE-707
Medium
Moodle Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2024-43435)
CVE-2024-43435
CWE-754
Medium
Internet Information Services Other Vulnerability (CVE-2001-0709)
CVE-2001-0709
-
Medium
Moodle Incorrect Authorization Vulnerability (CVE-2024-43433)
CVE-2024-43433
CWE-863
Medium
Moodle Cleartext Transmission of Sensitive Information Vulnerability (CVE-2024-43432)
CVE-2024-43432
CWE-319
Medium
Apache HTTP Server Other Vulnerability (CVE-2001-0729)
CVE-2001-0729
-
Medium
Moodle Incorrect Default Permissions Vulnerability (CVE-2024-43430)
CVE-2024-43430
CWE-276
Medium
Moodle Cleartext Storage of Sensitive Information Vulnerability (CVE-2024-43429)
CVE-2024-43429
CWE-312
Medium
Apache HTTP Server Other Vulnerability (CVE-2001-0731)
CVE-2001-0731
-
Medium
XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-41947)
CVE-2024-41947
CWE-707
Medium
Apache Tomcat Other Vulnerability (CVE-2001-0829)
CVE-2001-0829
-
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-43407)
CVE-2024-43407
CWE-707
Medium
Oracle Database Server Other Vulnerability (CVE-2001-0831)
CVE-2001-0831
-
Medium
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-43400)
CVE-2024-43400
CWE-707
Medium
Jenkins Missing Authorization Vulnerability (CVE-2024-43045)
CVE-2024-43045
CWE-862
Medium
Microsoft SQL Server Other Vulnerability (CVE-2001-0879)
CVE-2001-0879
-
Medium
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-43018)
CVE-2024-43018
CWE-138
Medium
LimeSurvey Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2024-42903)
CVE-2024-42903
CWE-138
Medium
Mailman Other Vulnerability (CVE-2001-0884)
CVE-2001-0884
-
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-42901)
CVE-2024-42901
CWE-707
Medium
Apache Tomcat Other Vulnerability (CVE-2001-0917)
CVE-2001-0917
-
Medium
Apache HTTP Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2001-0925)
CVE-2001-0925
CWE-22
Medium
Oracle Database Server Other Vulnerability (CVE-2001-0941)
CVE-2001-0941
-
Medium
Oracle Database Server Other Vulnerability (CVE-2001-0942)
CVE-2001-0942
-
Medium
PHP Other Vulnerability (CVE-2001-1385)
CVE-2001-1385
-
Medium
XWiki Incorrect Authorization Vulnerability (CVE-2024-38369)
CVE-2024-38369
CWE-863
Medium