Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-17478)
CVE-2017-17478
CWE-707
Medium
Moodle Configuration Vulnerability (CVE-2012-0797)
CVE-2012-0797
-
Medium
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2012-0796)
CVE-2012-0796
CWE-94
Medium
Moodle Improper Input Validation Vulnerability (CVE-2012-0795)
CVE-2012-0795
CWE-20
Medium
Ruby Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') Vulnerability (CVE-2017-17742)
CVE-2017-17742
CWE-113
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-17775)
CVE-2017-17775
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-17094)
CVE-2017-17094
CWE-707
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-0793)
CVE-2012-0793
CWE-264
Medium
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17822)
CVE-2017-17822
CWE-138
Medium
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17823)
CVE-2017-17823
CWE-138
Medium
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17824)
CVE-2017-17824
CWE-138
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-17825)
CVE-2017-17825
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-17826)
CVE-2017-17826
CWE-707
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-17383)
CVE-2017-17383
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-17093)
CVE-2017-17093
CWE-707
Medium
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-0826)
CVE-2012-0826
CWE-352
Medium
Joomla CVE-2012-0819 Vulnerability (CVE-2012-0819)
CVE-2012-0819
-
Medium
Phusion Passenger Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-16355)
CVE-2017-16355
CWE-200
Medium
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-0825)
CVE-2012-0825
CWE-200
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0822)
CVE-2012-0822
CWE-707
Medium
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-16633)
CVE-2017-16633
CWE-200
Medium
Joomla CVE-2012-0821 Vulnerability (CVE-2012-0821)
CVE-2012-0821
-
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0820)
CVE-2012-0820
CWE-707
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-16781)
CVE-2017-16781
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-17092)
CVE-2017-17092
CWE-707
Medium
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-16856)
CVE-2017-16856
CWE-707
Medium
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-16862)
CVE-2017-16862
CWE-352
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-16863)
CVE-2017-16863
CWE-707
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-16864)
CVE-2017-16864
CWE-707
Medium
Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-16865)
CVE-2017-16865
CWE-918
Medium
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-16893)
CVE-2017-16893
CWE-138
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-0799)
CVE-2012-0799
CWE-200
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14618)
CVE-2017-14618
CWE-707
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14594)
CVE-2017-14594
CWE-707
Medium
MySQL CVE-2017-10378 Vulnerability (CVE-2017-10378)
CVE-2017-10378
-
Medium
MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-11744)
CVE-2017-11744
CWE-707
Medium
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-1578)
CVE-2012-1578
CWE-352
Medium
Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-11355)
CVE-2017-11355
CWE-707
Medium
Pega Infinity Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-11356)
CVE-2017-11356
CWE-200
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1500)
CVE-2012-1500
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-11612)
CVE-2017-11612
CWE-707
Medium
Contao Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-1297)
CVE-2012-1297
CWE-352
Medium
XOOPS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-12138)
CVE-2017-12138
CWE-601
Medium
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-1580)
CVE-2012-1580
CWE-352
Medium
XOOPS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-12139)
CVE-2017-12139
CWE-707
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-12156)
CVE-2017-12156
CWE-707
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-12157)
CVE-2017-12157
CWE-200
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1190)
CVE-2012-1190
CWE-707
Medium
Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2012-1181)
CVE-2012-1181
CWE-119
Medium
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-12167)
CVE-2017-12167
CWE-200
Medium
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1579)
CVE-2012-1579
CWE-200
Medium
MediaWiki Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1581)
CVE-2012-1581
CWE-264
Medium
PostgreSQL Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2017-12172)
CVE-2017-12172
CWE-59
Medium
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1611)
CVE-2012-1611
CWE-264
Medium
MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-10379)
CVE-2017-10379
CWE-200
Medium
MySQL CVE-2017-10384 Vulnerability (CVE-2017-10384)
CVE-2017-10384
-
Medium
GlassFish CVE-2017-10385 Vulnerability (CVE-2017-10385)
CVE-2017-10385
-
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1612)
CVE-2012-1612
CWE-707
Medium
GlassFish CVE-2017-10393 Vulnerability (CVE-2017-10393)
CVE-2017-10393
-
Medium
GlassFish CVE-2017-10400 Vulnerability (CVE-2017-10400)
CVE-2017-10400
-
Medium
TYPO3 Improper Input Validation Vulnerability (CVE-2012-1608)
CVE-2012-1608
CWE-20
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1582)
CVE-2012-1582
CWE-707
Medium
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1607)
CVE-2012-1607
CWE-200
Medium
TYPO3 Other Vulnerability (CVE-2012-1605)
CVE-2012-1605
-
Medium
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1599)
CVE-2012-1599
CWE-264
Medium
Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-10838)
CVE-2017-10838
CWE-707
Medium
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1591)
CVE-2012-1591
CWE-264
Medium
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1590)
CVE-2012-1590
CWE-264
Medium
Drupal Improper Input Validation Vulnerability (CVE-2012-1589)
CVE-2012-1589
CWE-20
Medium
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2017-12171)
CVE-2017-12171
CWE-20
Medium
Nginx Use After Free Vulnerability (CVE-2012-1180)
CVE-2012-1180
CWE-416
Medium
SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14510)
CVE-2017-14510
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14239)
CVE-2017-14239
CWE-707
Medium
Perl Use of Externally-Controlled Format String Vulnerability (CVE-2012-1151)
CVE-2012-1151
CWE-134
Medium
CrushFTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14036)
CVE-2017-14036
CWE-707
Medium