Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-3484)
CVE-2013-3484
CWE-707
Medium
Apache HTTP Server Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2014-0226)
CVE-2014-0226
CWE-362
Medium
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-0238)
CVE-2014-0238
CWE-119
Medium
Oracle HTTP Server Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2014-0226)
CVE-2014-0226
CWE-362
Medium
Jboss EAP Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2014-0226)
CVE-2014-0226
CWE-362
Medium
Apache Tomcat Data Processing Errors Vulnerability (CVE-2014-0227)
CVE-2014-0227
-
Medium
PHP Improper Input Validation Vulnerability (CVE-2013-3735)
CVE-2013-3735
CWE-20
Medium
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2014-0231)
CVE-2014-0231
-
Medium
PHP Resource Management Errors Vulnerability (CVE-2014-0237)
CVE-2014-0237
-
Medium
Jboss EAP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-0248)
CVE-2014-0248
CWE-94
Medium
MySQL CVE-2014-0412 Vulnerability (CVE-2014-0412)
CVE-2014-0412
-
Medium
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-3630)
CVE-2013-3630
CWE-94
Medium
Oracle Database Server CVE-2014-0377 Vulnerability (CVE-2014-0377)
CVE-2014-0377
-
Medium
Oracle Database Server CVE-2014-0378 Vulnerability (CVE-2014-0378)
CVE-2014-0378
-
Medium
MySQL CVE-2014-0384 Vulnerability (CVE-2014-0384)
CVE-2014-0384
-
Medium
MySQL CVE-2014-0386 Vulnerability (CVE-2014-0386)
CVE-2014-0386
-
Medium
MySQL CVE-2014-0401 Vulnerability (CVE-2014-0401)
CVE-2014-0401
-
Medium
MySQL CVE-2014-0402 Vulnerability (CVE-2014-0402)
CVE-2014-0402
-
Medium
Oracle Database Server CVE-2013-3789 Vulnerability (CVE-2013-3789)
CVE-2013-3789
-
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0081)
CVE-2014-0081
CWE-707
Medium
Ruby on Rails Improper Input Validation Vulnerability (CVE-2013-6414)
CVE-2013-6414
CWE-20
Medium
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7073)
CVE-2013-7073
CWE-264
Medium
silverstripeCMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-6789)
CVE-2013-6789
CWE-200
Medium
Collabtive Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-6872)
CVE-2013-6872
CWE-138
Medium
Python Cryptographic Issues Vulnerability (CVE-2013-7040)
CVE-2013-7040
-
Medium
Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-7060)
CVE-2013-7060
CWE-200
Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7061)
CVE-2013-7061
CWE-264
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-7062)
CVE-2013-7062
CWE-707
Medium
TYPO3 Cryptographic Issues Vulnerability (CVE-2013-7075)
CVE-2013-7075
-
Medium
YUI Library Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6780)
CVE-2013-6780
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-7076)
CVE-2013-7076
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-7077)
CVE-2013-7077
CWE-707
Medium
TYPO3 Improper Input Validation Vulnerability (CVE-2013-7079)
CVE-2013-7079
CWE-20
Medium
TYPO3 CVE-2013-7080 Vulnerability (CVE-2013-7080)
CVE-2013-7080
-
Medium
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7081)
CVE-2013-7081
CWE-264
Medium
MySQL CVE-2013-3798 Vulnerability (CVE-2013-3798)
CVE-2013-3798
-
Medium
Chamilo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-6787)
CVE-2013-6787
CWE-138
Medium
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2013-6712)
CVE-2013-6712
CWE-119
Medium
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-7233)
CVE-2013-7233
CWE-352
Medium
OpenSSL Cryptographic Issues Vulnerability (CVE-2013-6449)
CVE-2013-6449
-
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6415)
CVE-2013-6415
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6416)
CVE-2013-6416
CWE-707
Medium
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-6417)
CVE-2013-6417
CWE-264
Medium
MySQL CVE-2013-3802 Vulnerability (CVE-2013-3802)
CVE-2013-3802
-
Medium
Apache HTTP Server CVE-2013-6438 Vulnerability (CVE-2013-6438)
CVE-2013-6438
-
Medium
Oracle HTTP Server CVE-2013-6438 Vulnerability (CVE-2013-6438)
CVE-2013-6438
-
Medium
OpenSSL Cryptographic Issues Vulnerability (CVE-2013-6450)
CVE-2013-6450
-
Medium
PHP Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2013-6501)
CVE-2013-6501
CWE-138
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6451)
CVE-2013-6451
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6452)
CVE-2013-6452
CWE-707
Medium
MySQL CVE-2013-3801 Vulnerability (CVE-2013-3801)
CVE-2013-3801
-
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6454)
CVE-2013-6454
CWE-707
Medium
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-6455)
CVE-2013-6455
CWE-200
Medium
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-6472)
CVE-2013-6472
CWE-200
Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6495)
CVE-2013-6495
CWE-707
Medium
PHP Numeric Errors Vulnerability (CVE-2013-7226)
CVE-2013-7226
-
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-7241)
CVE-2013-7241
CWE-707
Medium
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-0080)
CVE-2014-0080
CWE-138
Medium
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0061)
CVE-2014-0061
CWE-264
Medium
Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0013)
CVE-2014-0013
CWE-707
Medium
Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0014)
CVE-2014-0014
CWE-707
Medium
Apache Tomcat Improper Input Validation Vulnerability (CVE-2014-0033)
CVE-2014-0033
CWE-20
Medium
Jboss EAP Improper Input Validation Vulnerability (CVE-2014-0034)
CVE-2014-0034
CWE-20
Medium
Jboss EAP Cryptographic Issues Vulnerability (CVE-2014-0035)
CVE-2014-0035
-
Medium
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0060)
CVE-2014-0060
CWE-264
Medium
PostgreSQL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2014-0062)
CVE-2014-0062
CWE-362
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0009)
CVE-2014-0009
CWE-264
Medium
PostgreSQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-0063)
CVE-2014-0063
CWE-119
Medium
PostgreSQL Numeric Errors Vulnerability (CVE-2014-0064)
CVE-2014-0064
-
Medium
PostgreSQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-0065)
CVE-2014-0065
CWE-119
Medium
PostgreSQL Improper Input Validation Vulnerability (CVE-2014-0066)
CVE-2014-0066
CWE-20
Medium
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0067)
CVE-2014-0067
CWE-264
Medium
Apache Tomcat Numeric Errors Vulnerability (CVE-2014-0075)
CVE-2014-0075
-
Medium
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-0010)
CVE-2014-0010
CWE-352
Medium
Moodle Credentials Management Errors Vulnerability (CVE-2014-0008)
CVE-2014-0008
-
Medium