Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Known Vulnerabilities
This page lists
13509 vulnerabilities
in this category.
Critical: 1465
High: 3387
Medium: 7907
Low: 748
Information: 2
Vulnerability Name
CVE
CWE
Severity
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2007-5976)
CVE-2007-5976
CWE-138
Medium
PostgreSQL Numeric Errors Vulnerability (CVE-2007-6067)
CVE-2007-6067
-
Medium
Ruby on Rails Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2007-6077)
CVE-2007-6077
CWE-362
Medium
Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0124)
CVE-2008-0124
CWE-707
Medium
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-0191)
CVE-2008-0191
CWE-200
Medium
phpMyAdmin Cleartext Storage of Sensitive Information Vulnerability (CVE-2008-1567)
CVE-2008-1567
CWE-312
Medium
Lighttpd Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-1270)
CVE-2008-1270
CWE-200
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0828)
CVE-2008-0828
CWE-707
Medium
OpenSSL Numeric Errors Vulnerability (CVE-2008-0891)
CVE-2008-0891
-
Medium
Lighttpd Resource Management Errors Vulnerability (CVE-2008-0983)
CVE-2008-0983
-
Medium
Lighttpd Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-1111)
CVE-2008-1111
CWE-200
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1133)
CVE-2008-1133
CWE-707
Medium
phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-1149)
CVE-2008-1149
CWE-352
Medium
Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1232)
CVE-2008-1232
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1304)
CVE-2008-1304
CWE-707
Medium
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-0664)
CVE-2008-0664
CWE-264
Medium
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-1318)
CVE-2008-1318
CWE-200
Medium
PHP Numeric Errors Vulnerability (CVE-2008-1384)
CVE-2008-1384
-
Medium
Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1385)
CVE-2008-1385
CWE-707
Medium
Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1386)
CVE-2008-1386
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1502)
CVE-2008-1502
CWE-707
Medium
Lighttpd Other Vulnerability (CVE-2008-1531)
CVE-2008-1531
-
Medium
CubeCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1550)
CVE-2008-1550
CWE-707
Medium
MyBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-0788)
CVE-2008-0788
CWE-352
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0618)
CVE-2008-0618
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0192)
CVE-2008-0192
CWE-707
Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0455)
CVE-2008-0455
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0193)
CVE-2008-0193
CWE-707
Medium
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-0195)
CVE-2008-0195
CWE-200
Medium
WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-0196)
CVE-2008-0196
CWE-22
Medium
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-0198)
CVE-2008-0198
CWE-352
Medium
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-0272)
CVE-2008-0272
CWE-352
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0273)
CVE-2008-0273
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0276)
CVE-2008-0276
CWE-707
Medium
Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0455)
CVE-2008-0455
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0617)
CVE-2008-0617
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0460)
CVE-2008-0460
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0462)
CVE-2008-0462
CWE-707
Medium
phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-0471)
CVE-2008-0471
CWE-352
Medium
Coppermine Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-0504)
CVE-2008-0504
CWE-138
Medium
XOOPS Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-0613)
CVE-2008-0613
CWE-59
Medium
WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-0615)
CVE-2008-0615
CWE-22
Medium
WordPress Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-0616)
CVE-2008-0616
CWE-138
Medium
Apache Tomcat Improper Input Validation Vulnerability (CVE-2013-4322)
CVE-2013-4322
CWE-20
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-1832)
CVE-2013-1832
CWE-200
Medium
Apache HTTP Server Other Vulnerability (CVE-2013-4352)
CVE-2013-4352
-
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14619)
CVE-2017-14619
CWE-707
Medium
CrushFTP Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-14038)
CVE-2017-14038
CWE-601
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14239)
CVE-2017-14239
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14241)
CVE-2017-14241
CWE-707
Medium
silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14498)
CVE-2017-14498
CWE-707
Medium
SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14510)
CVE-2017-14510
CWE-707
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14594)
CVE-2017-14594
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14618)
CVE-2017-14618
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14718)
CVE-2017-14718
CWE-707
Medium
CrushFTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14036)
CVE-2017-14036
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14720)
CVE-2017-14720
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14721)
CVE-2017-14721
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14724)
CVE-2017-14724
CWE-707
Medium
WordPress URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-14725)
CVE-2017-14725
CWE-601
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14726)
CVE-2017-14726
CWE-707
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14981)
CVE-2017-14981
CWE-707
Medium
WordPress Cleartext Storage of Sensitive Information Vulnerability (CVE-2017-14990)
CVE-2017-14990
CWE-312
Medium
CrushFTP Server Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability (CVE-2017-14037)
CVE-2017-14037
CWE-707
Medium
Sqlite Improper Input Validation Vulnerability (CVE-2017-13685)
CVE-2017-13685
CWE-20
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-15110)
CVE-2017-15110
CWE-200
Medium
PostgreSQL Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2017-12172)
CVE-2017-12172
CWE-59
Medium
MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-11744)
CVE-2017-11744
CWE-707
Medium
XOOPS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-12138)
CVE-2017-12138
CWE-601
Medium
XOOPS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-12139)
CVE-2017-12139
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-12156)
CVE-2017-12156
CWE-707
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-12157)
CVE-2017-12157
CWE-200
Medium
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-12167)
CVE-2017-12167
CWE-200
Medium
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2017-12171)
CVE-2017-12171
CWE-20
Medium
Jboss EAP Incorrect Authorization Vulnerability (CVE-2017-12196)
CVE-2017-12196
CWE-863
Medium
«
1
...
140
141
142
...
181
»
