Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Known Vulnerabilities

This page lists 13509 vulnerabilities in this category.

Critical: 1465 High: 3387 Medium: 7907 Low: 748 Information: 2
Vulnerability Name
CVE
CWE
Severity
PHP Other Vulnerability (CVE-2015-4602)
CVE-2015-4602
-
Critical
PHP Other Vulnerability (CVE-2015-4603)
CVE-2015-4603
-
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2009-3546)
CVE-2009-3546
CWE-119
Critical
XOOPS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-36217)
CVE-2023-36217
CWE-707
Critical
PHP Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2015-4642)
CVE-2015-4642
CWE-138
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-4643)
CVE-2015-4643
CWE-119
Critical
Oracle HTTP Server Other Vulnerability (CVE-2020-35168)
CVE-2020-35168
-
Critical
ownCloud Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-4716)
CVE-2015-4716
CWE-22
Critical
Drupal CVE-2009-3352 Vulnerability (CVE-2009-3352)
CVE-2009-3352
-
Critical
ownCloud Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2015-4718)
CVE-2015-4718
CWE-138
Critical
Oracle Database Server CVE-2015-4794 Vulnerability (CVE-2015-4794)
CVE-2015-4794
-
Critical
OpenSSL Improper Input Validation Vulnerability (CVE-2009-3245)
CVE-2009-3245
CWE-20
Critical
Oracle Database Server CVE-2015-4796 Vulnerability (CVE-2015-4796)
CVE-2015-4796
-
Critical
WebLogic CVE-2020-2884 Vulnerability (CVE-2020-2884)
CVE-2020-2884
-
Critical
WebLogic CVE-2020-2883 Vulnerability (CVE-2020-2883)
CVE-2020-2883
-
Critical
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2015-4852)
CVE-2015-4852
CWE-502
Critical
Internet Information Services Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2009-3023)
CVE-2009-3023
CWE-120
Critical
Oracle Database Server CVE-2015-4863 Vulnerability (CVE-2015-4863)
CVE-2015-4863
-
Critical
WebLogic CVE-2020-2801 Vulnerability (CVE-2020-2801)
CVE-2020-2801
-
Critical
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-2853)
CVE-2009-2853
CWE-264
Critical
Oracle HTTP Server Other Vulnerability (CVE-2020-35167)
CVE-2020-35167
-
Critical
Oracle HTTP Server Improper Input Validation Vulnerability (CVE-2020-35169)
CVE-2020-35169
CWE-20
Critical
Oracle HTTP Server CVE-2010-0425 Vulnerability (CVE-2010-0425)
CVE-2010-0425
-
Critical
WordPress Deserialization of Untrusted Data Vulnerability (CVE-2020-36326)
CVE-2020-36326
CWE-502
Critical
Apache HTTP Server CVE-2010-0425 Vulnerability (CVE-2010-0425)
CVE-2010-0425
-
Critical
Oracle Database Server CVE-2010-0071 Vulnerability (CVE-2010-0071)
CVE-2010-0071
-
Critical
Python Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2015-20107)
CVE-2015-20107
CWE-138
Critical
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-33361)
CVE-2023-33361
CWE-138
Critical
Jetty Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2009-5047)
CVE-2009-5047
CWE-119
Critical
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-33362)
CVE-2023-33362
CWE-138
Critical
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-33934)
CVE-2023-33934
-
Critical
IBM WebSEAL Missing Authorization Vulnerability (CVE-2020-4499)
CVE-2020-4499
CWE-862
Critical
PrestaShop Improper Authentication Vulnerability (CVE-2020-4074)
CVE-2020-4074
CWE-287
Critical
Oracle Database Server CVE-2015-2629 Vulnerability (CVE-2015-2629)
CVE-2015-2629
-
Critical
Magento CVE-2020-3718 Vulnerability (CVE-2020-3718)
CVE-2020-3718
-
Critical
Magento Deserialization of Untrusted Data Vulnerability (CVE-2020-3716)
CVE-2020-3716
CWE-502
Critical
MyBB CVE-2015-2786 Vulnerability (CVE-2015-2786)
CVE-2015-2786
-
Critical
PostgreSQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-3166)
CVE-2015-3166
CWE-119
Critical
Plone CMS Missing Authentication for Critical Function Vulnerability (CVE-2020-35190)
CVE-2020-35190
CWE-306
Critical
WordPress Ultimate Member Plugin CVE-2020-36157 Vulnerability (CVE-2020-36157)
CVE-2020-36157
-
Critical
WordPress Ultimate Member Plugin Improper Privilege Management Vulnerability (CVE-2020-36155)
CVE-2020-36155
CWE-269
Critical
PHP Other Vulnerability (CVE-2009-4143)
CVE-2009-4143
-
Critical
GibbonEdu Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-34598)
CVE-2023-34598
CWE-22
Critical
Apache Traffic Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-3249)
CVE-2015-3249
CWE-119
Critical
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-34944)
CVE-2023-34944
CWE-434
Critical
Chamilo Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2023-34960)
CVE-2023-34960
CWE-138
Critical
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-35613)
CVE-2020-35613
CWE-138
Critical
GeoServer CVE-2023-35042 Vulnerability (CVE-2023-35042)
CVE-2023-35042
-
Critical
WordPress Improper Input Validation Vulnerability (CVE-2020-35539)
CVE-2020-35539
CWE-20
Critical
Sqlite Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-35527)
CVE-2020-35527
CWE-119
Critical
WP Plugin Contact Form 7 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-35489)
CVE-2020-35489
CWE-434
Critical
qdPM Code Execution Vulnerability (CVE-2015-3884)
CVE-2015-3884
-
Critical
Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2021-21016)
CVE-2021-21016
CWE-138
Critical
Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2021-21019)
CVE-2021-21019
CWE-91
Critical
Oracle JRE CVE-2013-5814 Vulnerability (CVE-2013-5814)
CVE-2013-5814
-
Critical
WebLogic CVE-2021-2047 Vulnerability (CVE-2021-2047)
CVE-2021-2047
-
Critical
Oracle JRE CVE-2014-0429 Vulnerability (CVE-2014-0429)
CVE-2014-0429
-
Critical
Oracle JRE CVE-2014-0432 Vulnerability (CVE-2014-0432)
CVE-2014-0432
-
Critical
Oracle JRE CVE-2014-0455 Vulnerability (CVE-2014-0455)
CVE-2014-0455
-
Critical
Oracle JRE CVE-2014-0456 Vulnerability (CVE-2014-0456)
CVE-2014-0456
-
Critical
Oracle JRE CVE-2014-0457 Vulnerability (CVE-2014-0457)
CVE-2014-0457
-
Critical
WebLogic CVE-2021-2136 Vulnerability (CVE-2021-2136)
CVE-2021-2136
-
Critical
Oracle JRE CVE-2014-0461 Vulnerability (CVE-2014-0461)
CVE-2014-0461
-
Critical
WebLogic CVE-2021-2135 Vulnerability (CVE-2021-2135)
CVE-2021-2135
-
Critical
WebLogic CVE-2021-2108 Vulnerability (CVE-2021-2108)
CVE-2021-2108
-
Critical
Django Resource Management Errors Vulnerability (CVE-2014-0474)
CVE-2014-0474
-
Critical
WebLogic CVE-2021-2075 Vulnerability (CVE-2021-2075)
CVE-2021-2075
-
Critical
WebLogic CVE-2021-2064 Vulnerability (CVE-2021-2064)
CVE-2021-2064
-
Critical
Contao Deserialization of Untrusted Data Vulnerability (CVE-2014-1860)
CVE-2014-1860
CWE-502
Critical
SharePoint Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-0251)
CVE-2014-0251
CWE-94
Critical
ownCloud Improper Access Control Vulnerability (CVE-2014-2048)
CVE-2014-2048
CWE-284
Critical
ownCloud Improper Restriction of XML External Entity Reference Vulnerability (CVE-2014-2052)
CVE-2014-2052
CWE-611
Critical
Python Improper Input Validation Vulnerability (CVE-2021-29921)
CVE-2021-29921
CWE-20
Critical
Zikula Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-2293)
CVE-2014-2293
CWE-94
Critical
Envoy Proxy Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-29492)
CVE-2021-29492
CWE-22
Critical