Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Known Vulnerabilities
This page lists
13509 vulnerabilities
in this category.
Critical: 1465
High: 3387
Medium: 7907
Low: 748
Information: 2
Vulnerability Name
CVE
CWE
Severity
MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9068)
CVE-2017-9068
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7579)
CVE-2017-7579
CWE-707
Medium
PostgreSQL Missing Encryption of Sensitive Data Vulnerability (CVE-2017-7485)
CVE-2017-7485
CWE-311
Medium
Moodle Improper Privilege Management Vulnerability (CVE-2017-7489)
CVE-2017-7489
CWE-269
Medium
Moodle Exposure of Resource to Wrong Sphere Vulnerability (CVE-2017-7490)
CVE-2017-7490
CWE-668
Medium
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-7491)
CVE-2017-7491
CWE-352
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7531)
CVE-2017-7531
CWE-200
Medium
Moodle Improper Privilege Management Vulnerability (CVE-2017-7532)
CVE-2017-7532
CWE-269
Medium
Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-7559)
CVE-2017-7559
CWE-444
Medium
Apache Tomcat Insufficient Verification of Data Authenticity Vulnerability (CVE-2017-7674)
CVE-2017-7674
CWE-345
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7987)
CVE-2017-7987
CWE-707
Medium
concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7725)
CVE-2017-7725
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7887)
CVE-2017-7887
CWE-707
Medium
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7890)
CVE-2017-7890
CWE-200
Medium
XOOPS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7944)
CVE-2017-7944
CWE-707
Medium
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7983)
CVE-2017-7983
CWE-200
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7984)
CVE-2017-7984
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7985)
CVE-2017-7985
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7986)
CVE-2017-7986
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9063)
CVE-2017-9063
CWE-707
Medium
MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9070)
CVE-2017-9070
CWE-707
Medium
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-1000195)
CVE-2018-1000195
CWE-352
Medium
RubyGems Improper Input Validation Vulnerability (CVE-2018-1000077)
CVE-2018-1000077
CWE-20
Medium
MySQL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2018-0735)
CVE-2018-0735
CWE-327
Medium
Atlassian Confluence Missing Authorization Vulnerability (CVE-2021-26085)
CVE-2021-26085
CWE-862
Medium
OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2018-0737)
CVE-2018-0737
CWE-327
Medium
OpenSSL Uncontrolled Recursion Vulnerability (CVE-2018-0739)
CVE-2018-0739
CWE-674
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-0864)
CVE-2018-0864
CWE-707
Medium
Jenkins Server-Side Request Forgery (SSRF) Vulnerability (CVE-2018-1000067)
CVE-2018-1000067
CWE-918
Medium
Jenkins Improper Input Validation Vulnerability (CVE-2018-1000068)
CVE-2018-1000068
CWE-20
Medium
RubyGems Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1000078)
CVE-2018-1000078
CWE-707
Medium
OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2018-0734)
CVE-2018-0734
CWE-327
Medium
RubyGems Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000079)
CVE-2018-1000079
CWE-22
Medium
Python Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2018-1000117)
CVE-2018-1000117
CWE-119
Medium
Jolokia Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1000129)
CVE-2018-1000129
CWE-707
Medium
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1000169)
CVE-2018-1000169
CWE-200
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1000170)
CVE-2018-1000170
CWE-707
Medium
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1000192)
CVE-2018-1000192
CWE-200
Medium
Jenkins Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2018-1000193)
CVE-2018-1000193
CWE-138
Medium
OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2018-0735)
CVE-2018-0735
CWE-327
Medium
OpenSSL CVE-2018-0733 Vulnerability (CVE-2018-0733)
CVE-2018-0733
-
Medium
MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9071)
CVE-2017-9071
CWE-707
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9516)
CVE-2017-9516
CWE-707
Medium
ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9338)
CVE-2017-9338
CWE-707
Medium
ownCloud CVE-2017-9339 Vulnerability (CVE-2017-9339)
CVE-2017-9339
-
Medium
ownCloud CVE-2017-9340 Vulnerability (CVE-2017-9340)
CVE-2017-9340
-
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9452)
CVE-2017-9452
CWE-707
Medium
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-9463)
CVE-2017-9463
CWE-138
Medium
Piwigo URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-9464)
CVE-2017-9464
CWE-601
Medium
Atlassian Confluence Incorrect Default Permissions Vulnerability (CVE-2017-9505)
CVE-2017-9505
CWE-276
Medium
ProjectSend Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9783)
CVE-2017-9783
CWE-707
Medium
Mailman Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-0618)
CVE-2018-0618
CWE-707
Medium
ProjectSend Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9786)
CVE-2017-9786
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9836)
CVE-2017-9836
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9838)
CVE-2017-9838
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9934)
CVE-2017-9934
CWE-707
Medium
MediaWiki Improper Privilege Management Vulnerability (CVE-2018-0503)
CVE-2018-0503
CWE-269
Medium
MediaWiki Insertion of Sensitive Information into Log File Vulnerability (CVE-2018-0504)
CVE-2018-0504
CWE-532
Medium
MediaWiki Improper Authentication Vulnerability (CVE-2018-0505)
CVE-2018-0505
CWE-287
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-0585)
CVE-2018-0585
CWE-707
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16381)
CVE-2018-16381
CWE-707
Medium
LimeSurvey Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-16397)
CVE-2018-16397
CWE-434
Medium
MySQL CVE-2018-2612 Vulnerability (CVE-2018-2612)
CVE-2018-2612
-
Medium
Contao CVE-2018-20028 Vulnerability (CVE-2018-20028)
CVE-2018-20028
-
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1892)
CVE-2018-1892
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1893)
CVE-2018-1893
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1916)
CVE-2018-1916
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1952)
CVE-2018-1952
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1982)
CVE-2018-1982
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1983)
CVE-2018-1983
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1984)
CVE-2018-1984
CWE-707
Medium
Podcast Generator Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20121)
CVE-2018-20121
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1828)
CVE-2018-1828
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20140)
CVE-2018-20140
CWE-707
Medium
AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20141)
CVE-2018-20141
CWE-707
Medium
«
1
...
155
156
157
...
181
»
