Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-5834)
CVE-2016-5834
CWE-707
Medium
ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4394)
CVE-2012-4394
CWE-707
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-5731)
CVE-2016-5731
CWE-707
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4408)
CVE-2012-4408
CWE-264
Medium
ownCloud Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-4391)
CVE-2012-4391
CWE-352
Medium
MySQL CVE-2016-5634 Vulnerability (CVE-2016-5634)
CVE-2016-5634
-
Medium
MySQL CVE-2016-5628 Vulnerability (CVE-2016-5628)
CVE-2016-5628
-
Medium
MySQL CVE-2016-5629 Vulnerability (CVE-2016-5629)
CVE-2016-5629
-
Medium
MySQL CVE-2016-5630 Vulnerability (CVE-2016-5630)
CVE-2016-5630
-
Medium
MySQL CVE-2016-5631 Vulnerability (CVE-2016-5631)
CVE-2016-5631
-
Medium
MySQL CVE-2016-5632 Vulnerability (CVE-2016-5632)
CVE-2016-5632
-
Medium
MySQL CVE-2016-5633 Vulnerability (CVE-2016-5633)
CVE-2016-5633
-
Medium
MySQL CVE-2016-5635 Vulnerability (CVE-2016-5635)
CVE-2016-5635
-
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-5705)
CVE-2016-5705
CWE-707
Medium
Oracle JRE CVE-2012-4416 Vulnerability (CVE-2012-4416)
CVE-2012-4416
-
Medium
Swagger UI Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-5682)
CVE-2016-5682
CWE-707
Medium
Python Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') Vulnerability (CVE-2016-5699)
CVE-2016-5699
CWE-113
Medium
phpMyAdmin Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2016-5701)
CVE-2016-5701
CWE-138
Medium
MySQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-4414)
CVE-2012-4414
CWE-138
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-5704)
CVE-2016-5704
CWE-707
Medium
ownCloud Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-4393)
CVE-2012-4393
CWE-352
Medium
ownCloud Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-4390)
CVE-2012-4390
CWE-200
Medium
MySQL CVE-2016-5626 Vulnerability (CVE-2016-5626)
CVE-2016-5626
-
Medium
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4029)
CVE-2012-4029
CWE-707
Medium
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-4219)
CVE-2012-4219
CWE-200
Medium
OpenSSL Out-of-bounds Read Vulnerability (CVE-2016-6306)
CVE-2016-6306
CWE-125
Medium
OpenSSL Uncontrolled Resource Consumption Vulnerability (CVE-2016-6307)
CVE-2016-6307
CWE-400
Medium
OpenSSL Resource Management Errors Vulnerability (CVE-2016-6308)
CVE-2016-6308
-
Medium
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6311)
CVE-2016-6311
CWE-200
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6316)
CVE-2016-6316
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6333)
CVE-2016-6333
CWE-707
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4246)
CVE-2012-4246
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6334)
CVE-2016-6334
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3843)
CVE-2012-3843
CWE-707
Medium
MediaWiki Improper Access Control Vulnerability (CVE-2016-6336)
CVE-2016-6336
CWE-284
Medium
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-3829)
CVE-2012-3829
CWE-200
Medium
MongoDb Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6494)
CVE-2016-6494
CWE-200
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3828)
CVE-2012-3828
CWE-707
Medium
TCExam Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-4237)
CVE-2012-4237
CWE-138
Medium
phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4247)
CVE-2012-4247
CWE-707
Medium
ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-5876)
CVE-2016-5876
CWE-264
Medium
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6186)
CVE-2016-6186
CWE-707
Medium
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6024)
CVE-2016-6024
CWE-200
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6035)
CVE-2016-6035
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6037)
CVE-2016-6037
CWE-707
Medium
Sqlite Improper Input Validation Vulnerability (CVE-2016-6153)
CVE-2016-6153
CWE-20
Medium
ownCloud Other Vulnerability (CVE-2012-4389)
CVE-2012-4389
-
Medium
PHP Improper Input Validation Vulnerability (CVE-2012-4388)
CVE-2012-4388
CWE-20
Medium
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-6207)
CVE-2016-6207
CWE-190
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4377)
CVE-2012-4377
CWE-707
Medium
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6212)
CVE-2016-6212
CWE-200
Medium
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6283)
CVE-2016-6283
CWE-707
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6285)
CVE-2016-6285
CWE-707
Medium
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-4382)
CVE-2012-4382
CWE-200
Medium
MediaWiki Improper Access Control Vulnerability (CVE-2012-4379)
CVE-2012-4379
CWE-284
Medium
PHP NULL Pointer Dereference Vulnerability (CVE-2016-6292)
CVE-2016-6292
CWE-476
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4378)
CVE-2012-4378
CWE-707
Medium
MySQL CVE-2016-5627 Vulnerability (CVE-2016-5627)
CVE-2016-5627
-
Medium
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4421)
CVE-2012-4421
CWE-264
Medium
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3546)
CVE-2012-3546
CWE-264
Medium
ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-4848)
CVE-2016-4848
CWE-707
Medium
Plupload Cross-site Scripting (XSS) Vulnerability (CVE-2016-4566)
CVE-2016-4566
-
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-4566)
CVE-2016-4566
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-4567)
CVE-2016-4567
CWE-707
Medium
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4558)
CVE-2012-4558
CWE-707
Medium
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2012-4557)
CVE-2012-4557
-
Medium
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4554)
CVE-2012-4554
CWE-264
Medium
Apache HTTP Server Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability (CVE-2016-4975)
CVE-2016-4975
CWE-707
Medium
TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4602)
CVE-2012-4602
CWE-707
Medium
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4553)
CVE-2012-4553
CWE-264
Medium
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4550)
CVE-2012-4550
CWE-264
Medium
Jboss EAP Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability (CVE-2016-4993)
CVE-2016-4993
CWE-707
Medium
WildFly Application Server Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') Vulnerability (CVE-2016-4993)
CVE-2016-4993
CWE-113
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-5012)
CVE-2016-5012
CWE-200
Medium
Moodle Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2016-5013)
CVE-2016-5013
CWE-138
Medium