Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Known Vulnerabilities

This page lists 13509 vulnerabilities in this category.

Critical: 1465 High: 3387 Medium: 7907 Low: 748 Information: 2
Vulnerability Name
CVE
CWE
Severity
Lighttpd Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-2323)
CVE-2014-2323
CWE-138
Critical
Oracle JRE CVE-2014-2397 Vulnerability (CVE-2014-2397)
CVE-2014-2397
-
Critical
Oracle JRE CVE-2014-2410 Vulnerability (CVE-2014-2410)
CVE-2014-2410
-
Critical
Oracle JRE CVE-2014-2421 Vulnerability (CVE-2014-2421)
CVE-2014-2421
-
Critical
WebLogic CVE-2023-22069 Vulnerability (CVE-2023-22069)
CVE-2023-22069
-
Critical
WebLogic CVE-2023-22072 Vulnerability (CVE-2023-22072)
CVE-2023-22072
-
Critical
SharePoint Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-2816)
CVE-2014-2816
CWE-264
Critical
SugarCRM Improper Restriction of XML External Entity Reference Vulnerability (CVE-2014-3244)
CVE-2014-3244
CWE-611
Critical
SharePoint Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-0260)
CVE-2014-0260
CWE-119
Critical
SharePoint CVE-2023-21716 Vulnerability (CVE-2023-21716)
CVE-2023-21716
-
Critical
Telerik Web UI Missing Authorization Vulnerability (CVE-2021-28141)
CVE-2021-28141
CWE-862
Critical
Oracle JRE CVE-2013-5850 Vulnerability (CVE-2013-5850)
CVE-2013-5850
-
Critical
Oracle JRE CVE-2013-5817 Vulnerability (CVE-2013-5817)
CVE-2013-5817
-
Critical
PHP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-1939)
CVE-2011-1939
CWE-138
Critical
Oracle JRE CVE-2013-5824 Vulnerability (CVE-2013-5824)
CVE-2013-5824
-
Critical
Oracle JRE CVE-2013-5829 Vulnerability (CVE-2013-5829)
CVE-2013-5829
-
Critical
Oracle JRE CVE-2013-5830 Vulnerability (CVE-2013-5830)
CVE-2013-5830
-
Critical
phpMyFAQ Weak Password Requirements Vulnerability (CVE-2023-0307)
CVE-2023-0307
CWE-521
Critical
Oracle JRE CVE-2013-5832 Vulnerability (CVE-2013-5832)
CVE-2013-5832
-
Critical
Oracle JRE CVE-2013-5838 Vulnerability (CVE-2013-5838)
CVE-2013-5838
-
Critical
phpMyFAQ Improper Authentication Vulnerability (CVE-2023-0311)
CVE-2023-0311
CWE-287
Critical
Oracle JRE CVE-2013-5842 Vulnerability (CVE-2013-5842)
CVE-2013-5842
-
Critical
Oracle JRE CVE-2013-5843 Vulnerability (CVE-2013-5843)
CVE-2013-5843
-
Critical
Oracle JRE CVE-2013-5844 Vulnerability (CVE-2013-5844)
CVE-2013-5844
-
Critical
Oracle JRE CVE-2013-5846 Vulnerability (CVE-2013-5846)
CVE-2013-5846
-
Critical
PrestaShop Improper Privilege Management Vulnerability (CVE-2013-6295)
CVE-2013-6295
CWE-269
Critical
GlassFish CVE-2011-0807 Vulnerability (CVE-2011-0807)
CVE-2011-0807
-
Critical
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-32615)
CVE-2021-32615
CWE-138
Critical
phpMyFAQ Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-0788)
CVE-2023-0788
CWE-94
Critical
phpMyFAQ Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2023-0789)
CVE-2023-0789
CWE-138
Critical
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-1151)
CVE-2011-1151
CWE-138
Critical
Serendipity Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2011-1134)
CVE-2011-1134
CWE-434
Critical
Ruby Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2021-31799)
CVE-2021-31799
CWE-138
Critical
MediaWiki Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2021-31556)
CVE-2021-31556
CWE-327
Critical
phpMyFAQ Weak Password Requirements Vulnerability (CVE-2023-1753)
CVE-2023-1753
CWE-521
Critical
Beego Framework CVE-2021-30080 Vulnerability (CVE-2021-30080)
CVE-2021-30080
-
Critical
WebLogic CVE-2021-2397 Vulnerability (CVE-2021-2397)
CVE-2021-2397
-
Critical
WebLogic CVE-2021-2394 Vulnerability (CVE-2021-2394)
CVE-2021-2394
-
Critical
WebLogic CVE-2021-2382 Vulnerability (CVE-2021-2382)
CVE-2021-2382
-
Critical
phpMyFAQ Authentication Bypass by Capture-replay Vulnerability (CVE-2023-1886)
CVE-2023-1886
CWE-294
Critical
WebLogic CVE-2023-22089 Vulnerability (CVE-2023-22089)
CVE-2023-22089
-
Critical
Apache Traffic Server CVE-2014-3525 Vulnerability (CVE-2014-3525)
CVE-2014-3525
-
Critical
Internet Information Services Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2010-2730)
CVE-2010-2730
CWE-119
Critical
SharePoint Other Vulnerability (CVE-2014-6357)
CVE-2014-6357
-
Critical
Jenkins Incorrect Authorization Vulnerability (CVE-2021-21692 )
CVE-2021-21692
CWE-863
Critical
Jenkins Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-21691)
CVE-2021-21691
CWE-59
Critical
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-21690)
CVE-2021-21690
CWE-22
Critical
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-27479)
CVE-2023-27479
CWE-138
Critical
Jenkins Protection Mechanism Failure Vulnerability (CVE-2021-21690 )
CVE-2021-21690
CWE-693
Critical
Envoy Proxy CVE-2023-27487 Vulnerability (CVE-2023-27487)
CVE-2023-27487
-
Critical
Jenkins Other Vulnerability (CVE-2021-21689)
CVE-2021-21689
-
Critical
Envoy Proxy CVE-2023-27488 Vulnerability (CVE-2023-27488)
CVE-2023-27488
-
Critical
Envoy Proxy Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-27491)
CVE-2023-27491
-
Critical
Envoy Proxy Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-27493)
CVE-2023-27493
-
Critical
Jenkins Missing Authorization Vulnerability (CVE-2021-21687)
CVE-2021-21687
CWE-862
Critical
Jenkins Missing Authorization Vulnerability (CVE-2021-21685)
CVE-2021-21685
CWE-862
Critical
Oracle Database Server CVE-2014-6453 Vulnerability (CVE-2014-6453)
CVE-2014-6453
-
Critical
Jenkins Improper Authorization Vulnerability (CVE-2021-21693)
CVE-2021-21693
CWE-285
Critical
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-27898)
CVE-2023-27898
CWE-707
Critical
Oracle Database Server CVE-2014-6455 Vulnerability (CVE-2014-6455)
CVE-2014-6455
-
Critical
Oracle Database Server CVE-2014-6467 Vulnerability (CVE-2014-6467)
CVE-2014-6467
-
Critical
WebLogic CVE-2021-21350 Vulnerability (CVE-2021-21350)
CVE-2021-21350
-
Critical
WebLogic Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-21347)
CVE-2021-21347
CWE-434
Critical
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-28333)
CVE-2023-28333
CWE-94
Critical
PrestaShop Improper Authentication Vulnerability (CVE-2021-21308)
CVE-2021-21308
CWE-287
Critical
Oracle Database Server CVE-2014-6545 Vulnerability (CVE-2014-6545)
CVE-2014-6545
-
Critical
Oracle Database Server CVE-2014-6546 Vulnerability (CVE-2014-6546)
CVE-2014-6546
-
Critical
Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2021-21025)
CVE-2021-21025
CWE-91
Critical
Oracle Database Server CVE-2014-6560 Vulnerability (CVE-2014-6560)
CVE-2014-6560
-
Critical
Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-21024)
CVE-2021-21024
CWE-138
Critical
Oracle Database Server CVE-2014-6567 Vulnerability (CVE-2014-6567)
CVE-2014-6567
-
Critical
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-21692)
CVE-2021-21692
CWE-22
Critical
Jenkins Missing Authorization Vulnerability (CVE-2021-21694)
CVE-2021-21694
CWE-862
Critical
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-27903)
CVE-2021-27903
CWE-94
Critical
Dojo Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2021-23450)
CVE-2021-23450
CWE-1321
Critical