Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
math.js Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-1001002)
CVE-2017-1001002
CWE-94
Critical
Oracle JRE CVE-2012-1716 Vulnerability (CVE-2012-1716)
CVE-2012-1716
-
Critical
Oracle JRE CVE-2012-1725 Vulnerability (CVE-2012-1725)
CVE-2012-1725
-
Critical
WebLogic CVE-2017-10352 Vulnerability (CVE-2017-10352)
CVE-2017-10352
-
Critical
b2evolution Improper Input Validation Vulnerability (CVE-2017-1000423)
CVE-2017-1000423
CWE-20
Critical
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1000362)
CVE-2017-1000362
CWE-200
Critical
Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2017-1000353)
CVE-2017-1000353
CWE-502
Critical
PHP Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2012-1823)
CVE-2012-1823
CWE-138
Critical
Python Integer Overflow or Wraparound Vulnerability (CVE-2017-1000158)
CVE-2017-1000158
CWE-190
Critical
GlassFish Improper Authentication Vulnerability (CVE-2017-1000030)
CVE-2017-1000030
CWE-287
Critical
Oracle JRE CVE-2017-10346 Vulnerability (CVE-2017-10346)
CVE-2017-10346
-
Critical
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-10682)
CVE-2017-10682
CWE-138
Critical
ATutor Improper Privilege Management Vulnerability (CVE-2017-1000003)
CVE-2017-1000003
CWE-269
Critical
Oracle JRE CVE-2012-1532 Vulnerability (CVE-2012-1532)
CVE-2012-1532
-
Critical
Perl Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-12883)
CVE-2017-12883
CWE-119
Critical
Perl Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-12814)
CVE-2017-12814
CWE-119
Critical
Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2017-12629)
CVE-2017-12629
CWE-611
Critical
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2017-12149)
CVE-2017-12149
CWE-502
Critical
Ruby Out-of-bounds Write Vulnerability (CVE-2017-11465)
CVE-2017-11465
CWE-787
Critical
Oracle JRE CVE-2012-1531 Vulnerability (CVE-2012-1531)
CVE-2012-1531
-
Critical
Oracle JRE CVE-2012-1533 Vulnerability (CVE-2012-1533)
CVE-2012-1533
-
Critical
Sqlite Out-of-bounds Read Vulnerability (CVE-2017-10989)
CVE-2017-10989
CWE-125
Critical
Oracle JRE CVE-2012-1541 Vulnerability (CVE-2012-1541)
CVE-2012-1541
-
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-11362)
CVE-2017-11362
CWE-119
Critical
Telerik Web UI Improper Input Validation Vulnerability (CVE-2017-11357)
CVE-2017-11357
CWE-20
Critical
Telerik Web UI Inadequate Encryption Strength Vulnerability (CVE-2017-11317)
CVE-2017-11317
CWE-326
Critical
phpMyFAQ Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2017-11187)
CVE-2017-11187
CWE-307
Critical
XOOPS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-11174)
CVE-2017-11174
CWE-138
Critical
PHP Out-of-bounds Read Vulnerability (CVE-2017-11147)
CVE-2017-11147
CWE-125
Critical
ATutor Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-1000004)
CVE-2017-1000004
CWE-138
Critical
ATutor Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-1000002)
CVE-2017-1000002
CWE-22
Critical
PHP Out-of-bounds Read Vulnerability (CVE-2017-12933)
CVE-2017-12933
CWE-125
Critical
ReviveAdserver Session Fixation Vulnerability (CVE-2016-9125)
CVE-2016-9125
CWE-384
Critical
MyBB Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9403)
CVE-2016-9403
CWE-264
Critical
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-9402)
CVE-2016-9402
CWE-138
Critical
Jenkins Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') Vulnerability (CVE-2016-9299)
CVE-2016-9299
CWE-138
Critical
PHP CVE-2012-2688 Vulnerability (CVE-2012-2688)
CVE-2012-2688
-
Critical
PHP Use After Free Vulnerability (CVE-2016-9138)
CVE-2016-9138
CWE-416
Critical
PHP Use After Free Vulnerability (CVE-2016-9137)
CVE-2016-9137
CWE-416
Critical
ReviveAdserver Improper Authentication Vulnerability (CVE-2016-9124)
CVE-2016-9124
CWE-287
Critical
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-9416)
CVE-2016-9416
CWE-138
Critical
Joomla Credentials Management Errors Vulnerability (CVE-2016-9081)
CVE-2016-9081
-
Critical
Python Integer Overflow or Wraparound Vulnerability (CVE-2016-9063)
CVE-2016-9063
CWE-190
Critical
Django Use of Hard-coded Credentials Vulnerability (CVE-2016-9013)
CVE-2016-9013
CWE-798
Critical
MySQL CVE-2012-2750 Vulnerability (CVE-2012-2750)
CVE-2012-2750
-
Critical
Atlassian Jira CVE-2012-2926 Vulnerability (CVE-2012-2926)
CVE-2012-2926
-
Critical
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8902)
CVE-2016-8902
CWE-138
Critical
b2evolution Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2016-8901)
CVE-2016-8901
CWE-138
Critical
MyBB Improper Access Control Vulnerability (CVE-2016-9412)
CVE-2016-9412
CWE-284
Critical
MyBB Improper Input Validation Vulnerability (CVE-2016-9420)
CVE-2016-9420
CWE-20
Critical
RubyGems Deserialization of Untrusted Data Vulnerability (CVE-2017-0903)
CVE-2017-0903
CWE-502
Critical
phpMyAdmin 7PK - Security Features Vulnerability (CVE-2016-9865)
CVE-2016-9865
-
Critical
RubyGems Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-0899)
CVE-2017-0899
CWE-94
Critical
Ruby Use of Externally-Controlled Format String Vulnerability (CVE-2017-0898)
CVE-2017-0898
CWE-134
Critical
MediaWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2017-0372)
CVE-2017-0372
CWE-138
Critical
PHP Use After Free Vulnerability (CVE-2016-9936)
CVE-2016-9936
CWE-416
Critical
PHP Out-of-bounds Read Vulnerability (CVE-2016-9935)
CVE-2016-9935
CWE-125
Critical
phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9866)
CVE-2016-9866
CWE-352
Critical
phpMyAdmin Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9849)
CVE-2016-9849
CWE-264
Critical
WordPress CVE-2012-2400 Vulnerability (CVE-2012-2400)
CVE-2012-2400
-
Critical
MySQL CVE-2016-9843 Vulnerability (CVE-2016-9843)
CVE-2016-9843
-
Critical
MySQL CVE-2016-9841 Vulnerability (CVE-2016-9841)
CVE-2016-9841
-
Critical
Joomla Improper Access Control Vulnerability (CVE-2016-9836)
CVE-2016-9836
CWE-284
Critical
Zikula Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2016-9835)
CVE-2016-9835
CWE-138
Critical
ReviveAdserver 7PK - Security Features Vulnerability (CVE-2016-9470)
CVE-2016-9470
-
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2012-2376)
CVE-2012-2376
CWE-119
Critical
WordPress CVE-2012-2399 Vulnerability (CVE-2012-2399)
CVE-2012-2399
-
Critical
PHP Use After Free Vulnerability (CVE-2017-12932)
CVE-2017-12932
CWE-416
Critical
CrushFTP Server Deserialization of Untrusted Data Vulnerability (CVE-2017-14035)
CVE-2017-14035
CWE-502
Critical
PHP Out-of-bounds Read Vulnerability (CVE-2017-9227)
CVE-2017-9227
CWE-125
Critical
Drupal Data Processing Errors Vulnerability (CVE-2017-6920)
CVE-2017-6920
-
Critical
Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2017-7464)
CVE-2017-7464
CWE-611
Critical
MODX Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-7324)
CVE-2017-7324
CWE-94
Critical
MyBB CVE-2011-5133 Vulnerability (CVE-2011-5133)
CVE-2011-5133
-
Critical
MODX Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-7321)
CVE-2017-7321
CWE-94
Critical