Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Magento Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-3458)
CVE-2015-3458
CWE-264
Medium
PHP-Fusion Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-1807)
CVE-2013-1807
CWE-264
Medium
phpBB URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-3880)
CVE-2015-3880
CWE-601
Medium
PHP-Fusion Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2013-1806)
CVE-2013-1806
CWE-22
Medium
qdPM Multiple Cross-site Scripting (XSS) Vulnerabilities (CVE-2015-3883)
CVE-2015-3883
-
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-3935)
CVE-2015-3935
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-1804)
CVE-2013-1804
CWE-707
Medium
Ruby 7PK - Security Features Vulnerability (CVE-2015-3900)
CVE-2015-3900
-
Medium
RubyGems 7PK - Security Features Vulnerability (CVE-2015-3900)
CVE-2015-3900
-
Medium
phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-3902)
CVE-2015-3902
CWE-352
Medium
phpMyAdmin Cryptographic Issues Vulnerability (CVE-2015-3903)
CVE-2015-3903
-
Medium
Coppermine Open Redirection Vulnerability (CVE-2015-3922)
CVE-2015-3922
-
Medium
Coppermine Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-3923)
CVE-2015-3923
CWE-200
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5339)
CVE-2015-5339
CWE-200
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5341)
CVE-2015-5341
CWE-264
Medium
MySQL Improper Access Control Vulnerability (CVE-2015-3152)
CVE-2015-3152
CWE-284
Medium
MediaWiki Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-8004)
CVE-2015-8004
CWE-264
Medium
MySQL CVE-2013-0368 Vulnerability (CVE-2013-0368)
CVE-2013-0368
-
Medium
Joomla Improper Access Control Vulnerability (CVE-2015-7899)
CVE-2015-7899
CWE-284
Medium
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-7943)
CVE-2015-7943
CWE-601
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7989)
CVE-2015-7989
CWE-707
Medium
MediaWiki Resource Management Errors Vulnerability (CVE-2015-8002)
CVE-2015-8002
-
Medium
MediaWiki Resource Management Errors Vulnerability (CVE-2015-8003)
CVE-2015-8003
-
Medium
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8005)
CVE-2015-8005
CWE-200
Medium
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-7859)
CVE-2015-7859
CWE-200
Medium
MySQL CVE-2013-0367 Vulnerability (CVE-2013-0367)
CVE-2013-0367
-
Medium
Django Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8213)
CVE-2015-8213
CWE-200
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8354)
CVE-2015-8354
CWE-707
Medium
PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8375)
CVE-2015-8375
CWE-707
Medium
Python Improper Restriction of XML External Entity Reference Vulnerability (CVE-2013-0340)
CVE-2013-0340
CWE-611
Medium
Jenkins Improper Input Validation Vulnerability (CVE-2013-0331)
CVE-2013-0331
CWE-20
Medium
phpMyAdmin 7PK - Security Features Vulnerability (CVE-2015-7873)
CVE-2015-7873
-
Medium
MySQL CVE-2013-0371 Vulnerability (CVE-2013-0371)
CVE-2013-0371
-
Medium
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-0328)
CVE-2013-0328
CWE-352
Medium
Ruby on Rails Improper Access Control Vulnerability (CVE-2015-7577)
CVE-2015-7577
CWE-284
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7471)
CVE-2015-7471
CWE-707
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7536)
CVE-2015-7536
CWE-707
Medium
Oracle JRE CVE-2013-0409 Vulnerability (CVE-2013-0409)
CVE-2013-0409
-
Medium
MySQL CVE-2013-0389 Vulnerability (CVE-2013-0389)
CVE-2013-0389
-
Medium
MySQL CVE-2013-0386 Vulnerability (CVE-2013-0386)
CVE-2013-0386
-
Medium
Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7565)
CVE-2015-7565
CWE-707
Medium
MySQL CVE-2013-0385 Vulnerability (CVE-2013-0385)
CVE-2013-0385
-
Medium
MySQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-0375)
CVE-2013-0375
CWE-138
Medium
MySQL CVE-2013-0384 Vulnerability (CVE-2013-0384)
CVE-2013-0384
-
Medium
MySQL CVE-2013-0383 Vulnerability (CVE-2013-0383)
CVE-2013-0383
-
Medium
ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7711)
CVE-2015-7711
CWE-707
Medium
ATutor Other Vulnerability (CVE-2015-7712)
CVE-2015-7712
-
Medium
PHP Other Vulnerability (CVE-2015-7803)
CVE-2015-7803
-
Medium
PHP Numeric Errors Vulnerability (CVE-2015-7804)
CVE-2015-7804
-
Medium
Jenkins CVE-2013-0330 Vulnerability (CVE-2013-0330)
CVE-2013-0330
-
Medium
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-0327)
CVE-2013-0327
CWE-352
Medium
Oracle JRE CVE-2013-0424 Vulnerability (CVE-2013-0424)
CVE-2013-0424
-
Medium
TYPO3 Improper Input Validation Vulnerability (CVE-2015-8760)
CVE-2015-8760
CWE-20
Medium
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0276)
CVE-2013-0276
CWE-264
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8755)
CVE-2015-8755
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8756)
CVE-2015-8756
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8757)
CVE-2015-8757
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8758)
CVE-2015-8758
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8759)
CVE-2015-8759
CWE-707
Medium
Ruby Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-0256)
CVE-2013-0256
CWE-707
Medium
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8669)
CVE-2015-8669
CWE-200
Medium
Roundcube Cross-site Scripting (XSS) Vulnerability (CVE-2015-8793)
CVE-2015-8793
-
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8831)
CVE-2015-8831
CWE-707
Medium
PostgreSQL Improper Input Validation Vulnerability (CVE-2013-0255)
CVE-2013-0255
CWE-20
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8834)
CVE-2015-8834
CWE-707
Medium
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0246)
CVE-2013-0246
CWE-264
Medium
PHP Improper Access Control Vulnerability (CVE-2015-8838)
CVE-2015-8838
CWE-284
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8685)
CVE-2015-8685
CWE-707
Medium
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8628)
CVE-2015-8628
CWE-200
Medium
Drupal Resource Management Errors Vulnerability (CVE-2013-0316)
CVE-2013-0316
-
Medium
silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8606)
CVE-2015-8606
CWE-707
Medium
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8398)
CVE-2015-8398
CWE-707
Medium
Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8399)
CVE-2015-8399
CWE-200
Medium
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-8563)
CVE-2015-8563
CWE-352
Medium
Django Numeric Errors Vulnerability (CVE-2013-0306)
CVE-2013-0306
-
Medium