Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0706)
CVE-2016-0706
CWE-200
Medium
Zope Web Application Server Cryptographic Issues Vulnerability (CVE-2012-6661)
CVE-2012-6661
-
Medium
Plone CMS Cryptographic Issues Vulnerability (CVE-2012-6661)
CVE-2012-6661
-
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0724)
CVE-2016-0724
CWE-200
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-0725)
CVE-2016-0725
CWE-707
Medium
ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6642)
CVE-2012-6642
CWE-707
Medium
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6634)
CVE-2012-6634
CWE-264
Medium
Nginx Resource Management Errors Vulnerability (CVE-2016-0747)
CVE-2016-0747
-
Medium
PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6641)
CVE-2012-6641
CWE-707
Medium
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6635)
CVE-2012-6635
CWE-264
Medium
Ruby on Rails Improper Input Validation Vulnerability (CVE-2016-0753)
CVE-2016-0753
CWE-20
Medium
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-0762)
CVE-2016-0762
CWE-264
Medium
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-0763)
CVE-2016-0763
CWE-264
Medium
Atlassian Confluence Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-6342)
CVE-2012-6342
CWE-352
Medium
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-6144)
CVE-2012-6144
CWE-138
Medium
OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0703)
CVE-2016-0703
CWE-200
Medium
Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10737)
CVE-2016-10737
CWE-707
Medium
Werkzeug WSGI Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10516)
CVE-2016-10516
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6043)
CVE-2012-6043
CWE-707
Medium
Backbone.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10537)
CVE-2016-10537
CWE-707
Medium
Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10704)
CVE-2016-10704
CWE-707
Medium
b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-5911)
CVE-2012-5911
CWE-707
Medium
Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10735)
CVE-2016-10735
CWE-707
Medium
Select2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10744)
CVE-2016-10744
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10513)
CVE-2016-10513
CWE-707
Medium
b2evolution Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-5910)
CVE-2012-5910
CWE-138
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-5908)
CVE-2012-5908
CWE-707
Medium
Apache Tomcat Improper Authentication Vulnerability (CVE-2012-5887)
CVE-2012-5887
CWE-287
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10872)
CVE-2016-10872
CWE-707
Medium
Apache Tomcat Improper Authentication Vulnerability (CVE-2012-5886)
CVE-2012-5886
CWE-287
Medium
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5885)
CVE-2012-5885
CWE-264
Medium
Piwigo Improper Access Control Vulnerability (CVE-2016-10514)
CVE-2016-10514
CWE-284
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10404)
CVE-2016-10404
CWE-707
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6121)
CVE-2012-6121
CWE-707
Medium
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-6103)
CVE-2012-6103
CWE-352
Medium
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-6113)
CVE-2012-6113
CWE-200
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6112)
CVE-2012-6112
CWE-264
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6106)
CVE-2012-6106
CWE-264
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-6105)
CVE-2012-6105
CWE-200
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10083)
CVE-2016-10083
CWE-707
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-6104)
CVE-2012-6104
CWE-200
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6102)
CVE-2012-6102
CWE-264
Medium
Jenkins Improper Input Validation Vulnerability (CVE-2012-6072)
CVE-2012-6072
CWE-20
Medium
WordPress 7PK - Security Features Vulnerability (CVE-2016-10148)
CVE-2016-10148
-
Medium
Moodle Improper Input Validation Vulnerability (CVE-2012-6101)
CVE-2012-6101
CWE-20
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6100)
CVE-2012-6100
CWE-264
Medium
Moodle Improper Input Validation Vulnerability (CVE-2012-6099)
CVE-2012-6099
CWE-20
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6098)
CVE-2012-6098
CWE-264
Medium
Moodle Improper Input Validation Vulnerability (CVE-2012-6087)
CVE-2012-6087
CWE-20
Medium
Jenkins Improper Input Validation Vulnerability (CVE-2012-6073)
CVE-2012-6073
CWE-20
Medium
OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0704)
CVE-2016-0704
CWE-200
Medium
OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0702)
CVE-2016-0702
CWE-200
Medium
YUI Library Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-5882)
CVE-2012-5882
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-0331)
CVE-2016-0331
CWE-707
Medium
Chamilo URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-9540)
CVE-2015-9540
CWE-601
Medium
IBM RTC Improper Restriction of XML External Entity Reference Vulnerability (CVE-2016-0219)
CVE-2016-0219
CWE-611
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-0273)
CVE-2016-0273
CWE-707
Medium
IBM RTC Improper Restriction of XML External Entity Reference Vulnerability (CVE-2016-0284)
CVE-2016-0284
CWE-611
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-0285)
CVE-2016-0285
CWE-707
Medium
IBM RTC Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2016-0325)
CVE-2016-0325
CWE-138
Medium
Oracle Database Server CVE-2016-0461 Vulnerability (CVE-2016-0461)
CVE-2016-0461
-
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-9304)
CVE-2015-9304
CWE-707
Medium
Oracle Database Server CVE-2016-0467 Vulnerability (CVE-2016-0467)
CVE-2016-0467
-
Medium
Oracle Database Server CVE-2016-0472 Vulnerability (CVE-2016-0472)
CVE-2016-0472
-
Medium
MySQL CVE-2016-0502 Vulnerability (CVE-2016-0502)
CVE-2016-0502
-
Medium
MySQL CVE-2016-0503 Vulnerability (CVE-2016-0503)
CVE-2016-0503
-
Medium
MySQL CVE-2016-0504 Vulnerability (CVE-2016-0504)
CVE-2016-0504
-
Medium
MySQL CVE-2016-0505 Vulnerability (CVE-2016-0505)
CVE-2016-0505
-
Medium
jQuery PrettyPhoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-9478)
CVE-2015-9478
CWE-707
Medium
PHP Uncontrolled Resource Consumption Vulnerability (CVE-2015-9253)
CVE-2015-9253
CWE-400
Medium
PleskWin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-0132)
CVE-2013-0132
CWE-94
Medium
ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-0202)
CVE-2013-0202
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-0236)
CVE-2013-0236
CWE-707
Medium
WordPress Other Vulnerability (CVE-2013-0235)
CVE-2013-0235
-
Medium
Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-0234)
CVE-2013-0234
CWE-707
Medium