Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
CubeCart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-42428)
CVE-2023-42428
CWE-22
Medium
Jetty Weak Authentication Vulnerability (CVE-2023-41900)
CVE-2023-41900
-
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2004-1424)
CVE-2004-1424
CWE-707
Medium
Moodle Other Vulnerability (CVE-2004-1425)
CVE-2004-1425
-
Medium
Payara URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-41699)
CVE-2023-41699
CWE-601
Medium
WordPress Other Vulnerability (CVE-2004-1559)
CVE-2004-1559
-
Medium
Microsoft SQL Server Other Vulnerability (CVE-2004-1560)
CVE-2004-1560
-
Medium
WordPress Other Vulnerability (CVE-2004-1584)
CVE-2004-1584
-
Medium
Serendipity Other Vulnerability (CVE-2004-1620)
CVE-2004-1620
-
Medium
Artifactory CVE-2023-42508 Vulnerability (CVE-2023-42508)
CVE-2023-42508
-
Medium
XWiki Missing Authorization Vulnerability (CVE-2023-41046)
CVE-2023-41046
CWE-862
Medium
Moodle Other Vulnerability (CVE-2004-1711)
CVE-2004-1711
-
Medium
Python CVE-2023-40217 Vulnerability (CVE-2023-40217)
CVE-2023-40217
-
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-40191)
CVE-2023-40191
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-40191)
CVE-2023-40191
CWE-707
Medium
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-40176)
CVE-2023-40176
CWE-707
Medium
Jetty CVE-2023-40167 Vulnerability (CVE-2023-40167)
CVE-2023-40167
-
Medium
WP Plugin Advanced Custom Fields Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-40068)
CVE-2023-40068
CWE-707
Medium
Omeka Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-3982)
CVE-2023-3982
CWE-707
Medium
Omeka Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-3981)
CVE-2023-3981
CWE-918
Medium
Omeka Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-3980)
CVE-2023-3980
CWE-707
Medium
Wordpress Plugin Backup Migration Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-3977)
CVE-2023-3977
CWE-352
Medium
Moodle Other Vulnerability (CVE-2004-1978)
CVE-2004-1978
-
Medium
osCommerce Other Vulnerability (CVE-2004-2021)
CVE-2004-2021
-
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42498)
CVE-2023-42498
CWE-707
Medium
PHP Other Vulnerability (CVE-2004-1392)
CVE-2004-1392
-
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43717)
CVE-2023-43717
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43702)
CVE-2023-43702
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43716)
CVE-2023-43716
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43715)
CVE-2023-43715
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43714)
CVE-2023-43714
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43713)
CVE-2023-43713
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43712)
CVE-2023-43712
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43711)
CVE-2023-43711
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43710)
CVE-2023-43710
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43709)
CVE-2023-43709
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43708)
CVE-2023-43708
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43707)
CVE-2023-43707
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43706)
CVE-2023-43706
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43705)
CVE-2023-43705
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43704)
CVE-2023-43704
CWE-707
Medium
osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43703)
CVE-2023-43703
CWE-707
Medium
Oracle Application Server Other Vulnerability (CVE-2004-1365)
CVE-2004-1365
-
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42627)
CVE-2023-42627
CWE-707
Medium
Apache Tomcat Incomplete Cleanup Vulnerability (CVE-2023-42794)
CVE-2023-42794
CWE-459
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42627)
CVE-2023-42627
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42628)
CVE-2023-42628
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42628)
CVE-2023-42628
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42629)
CVE-2023-42629
CWE-707
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-42629)
CVE-2023-42629
CWE-707
Medium
Artifactory Improper Authentication Vulnerability (CVE-2023-42662)
CVE-2023-42662
CWE-287
Medium
Apache Tomcat Incomplete Cleanup Vulnerability (CVE-2023-42795)
CVE-2023-42795
CWE-459
Medium
PrestaShop Improper Privilege Management Vulnerability (CVE-2023-43664)
CVE-2023-43664
CWE-269
Medium
Jenkins CVE-2023-43494 Vulnerability (CVE-2023-43494)
CVE-2023-43494
-
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43495)
CVE-2023-43495
CWE-707
Medium
Oracle Application Server Other Vulnerability (CVE-2004-1369)
CVE-2004-1369
-
Medium
Oracle Application Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2004-1367)
CVE-2004-1367
CWE-200
Medium
Oracle Application Server Credentials Management Errors Vulnerability (CVE-2004-1366)
CVE-2004-1366
-
Medium
PrestaShop Improper Privilege Management Vulnerability (CVE-2023-43663)
CVE-2023-43663
CWE-269
Medium
TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-17480)
CVE-2020-17480
CWE-707
Medium
MySQL CVE-2023-22008 Vulnerability (CVE-2023-22008)
CVE-2023-22008
-
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-17449)
CVE-2020-17449
CWE-707
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4400)
CVE-2012-4400
CWE-264
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-5732)
CVE-2016-5732
CWE-707
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-5733)
CVE-2016-5733
CWE-707
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-4407)
CVE-2012-4407
CWE-200
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-4403)
CVE-2012-4403
CWE-200
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4402)
CVE-2012-4402
CWE-264
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4401)
CVE-2012-4401
CWE-264
Medium
CakePHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4399)
CVE-2012-4399
CWE-264
Medium
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-5730)
CVE-2016-5730
CWE-200
Medium
ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4397)
CVE-2012-4397
CWE-707
Medium
ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4396)
CVE-2012-4396
CWE-707
Medium
ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4395)
CVE-2012-4395
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-5833)
CVE-2016-5833
CWE-707
Medium