Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Known Vulnerabilities

This page lists 13509 vulnerabilities in this category.

Critical: 1465 High: 3387 Medium: 7907 Low: 748 Information: 2
Vulnerability Name
CVE
CWE
Severity
Jenkins Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1000864)
CVE-2018-1000864
CWE-835
Medium
WeBid Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1000868)
CVE-2018-1000868
CWE-707
Medium
Oracle Database Server Improper Input Validation Vulnerability (CVE-2018-1000873)
CVE-2018-1000873
CWE-20
Medium
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000997)
CVE-2018-1000997
CWE-22
Medium
WebLogic Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2018-10237)
CVE-2018-10237
CWE-770
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-10095)
CVE-2018-10095
CWE-707
Medium
WordPress URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-10100)
CVE-2018-10100
CWE-601
Medium
WordPress URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-10101)
CVE-2018-10101
CWE-601
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-10102)
CVE-2018-10102
CWE-707
Medium
Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-10125)
CVE-2018-10125
CWE-707
Medium
Oracle Database Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2018-10237)
CVE-2018-10237
CWE-770
Medium
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2018-10237)
CVE-2018-10237
CWE-770
Medium
WebLogic Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-11771)
CVE-2018-11771
CWE-835
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-12099)
CVE-2018-12099
CWE-707
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1000407)
CVE-2018-1000407
CWE-707
Medium
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-14642)
CVE-2018-14642
CWE-200
Medium
Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-14042)
CVE-2018-14042
CWE-707
Medium
Java Unspesificed Vulnerability (CVE-2018-14048)
CVE-2018-14048
-
Medium
Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-14384)
CVE-2018-14384
CWE-707
Medium
Coppermine Cross-site Scripting (XSS) Vulnerability (CVE-2018-14478)
CVE-2018-14478
-
Medium
Osclass Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-14481)
CVE-2018-14481
CWE-707
Medium
Django URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-14574)
CVE-2018-14574
CWE-601
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-14631)
CVE-2018-14631
CWE-707
Medium
Drupal CVE-2018-14773 Vulnerability (CVE-2018-14773)
CVE-2018-14773
-
Medium
Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-14040)
CVE-2018-14040
CWE-707
Medium
PHP Out-of-bounds Read Vulnerability (CVE-2018-14851)
CVE-2018-14851
CWE-125
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-15596)
CVE-2018-15596
CWE-707
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-15605)
CVE-2018-15605
CWE-707
Medium
Vanilla Forums Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2018-15833)
CVE-2018-15833
CWE-639
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-15880)
CVE-2018-15880
CWE-707
Medium
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16277)
CVE-2018-16277
CWE-707
Medium
Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16358)
CVE-2018-16358
CWE-707
Medium
Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-14041)
CVE-2018-14041
CWE-707
Medium
Mailman Improper Input Validation Vulnerability (CVE-2018-13796)
CVE-2018-13796
CWE-20
Medium
Nexus Repository Manager Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-12100)
CVE-2018-12100
CWE-707
Medium
Atlassian Confluence Improper Input Validation Vulnerability (CVE-2018-13389)
CVE-2018-13389
CWE-20
Medium
Jetty CVE-2018-12536 Vulnerability (CVE-2018-12536)
CVE-2018-12536
-
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-12581)
CVE-2018-12581
CWE-707
Medium
Phusion Passenger Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2018-12615)
CVE-2018-12615
CWE-732
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-12711)
CVE-2018-12711
CWE-707
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-13136)
CVE-2018-13136
CWE-707
Medium
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-13258)
CVE-2018-13258
CWE-200
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-13387)
CVE-2018-13387
CWE-707
Medium
Atlassian Jira Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-13391)
CVE-2018-13391
CWE-200
Medium
Java Multiple Vulnerabilities (CVE-2018-13785)
CVE-2018-13785
-
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-13395)
CVE-2018-13395
CWE-707
Medium
Atlassian Jira Improper Privilege Management Vulnerability (CVE-2018-13400)
CVE-2018-13400
CWE-269
Medium
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-13401)
CVE-2018-13401
CWE-601
Medium
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-13402)
CVE-2018-13402
CWE-601
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-13403)
CVE-2018-13403
CWE-707
Medium
Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2018-13404)
CVE-2018-13404
CWE-918
Medium
TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-13422)
CVE-2018-13422
CWE-707
Medium
Omeka Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-13423)
CVE-2018-13423
CWE-707
Medium
Jenkins CVE-2018-1000408 Vulnerability (CVE-2018-1000408)
CVE-2018-1000408
-
Medium
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000406)
CVE-2018-1000406
CWE-22
Medium
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-16389)
CVE-2018-16389
CWE-138
Medium
Craft CMS CVE-2017-8383 Vulnerability (CVE-2017-8383)
CVE-2017-8383
-
Medium
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-8057)
CVE-2017-8057
CWE-200
Medium
concrete5 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-8082)
CVE-2017-8082
CWE-352
Medium
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-8098)
CVE-2017-8098
CWE-352
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-8103)
CVE-2017-8103
CWE-707
Medium
MyBB Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-8104)
CVE-2017-8104
CWE-22
Medium
MODX Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-8115)
CVE-2017-8115
CWE-22
Medium
WordPress Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2017-8295)
CVE-2017-8295
CWE-640
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-8384)
CVE-2017-8384
CWE-707
Medium
Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-7989)
CVE-2017-7989
CWE-434
Medium
Craft CMS Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2017-8385)
CVE-2017-8385
CWE-640
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-8808)
CVE-2017-8808
CWE-707
Medium
MediaWiki Improper Input Validation Vulnerability (CVE-2017-8811)
CVE-2017-8811
CWE-20
Medium
MediaWiki CVE-2017-8812 Vulnerability (CVE-2017-8812)
CVE-2017-8812
-
Medium
Dolibarr Improper Authentication Vulnerability (CVE-2017-8879)
CVE-2017-8879
CWE-287
Medium
ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-8896)
CVE-2017-8896
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9061)
CVE-2017-9061
CWE-707
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-8052)
CVE-2017-8052
CWE-707
Medium
Joomla CVE-2017-7988 Vulnerability (CVE-2017-7988)
CVE-2017-7988
-
Medium