Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14884)
CVE-2019-14884
CWE-707
Medium
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-14885)
CVE-2019-14885
CWE-200
Medium
Coppermine Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4693)
CVE-2010-4693
CWE-707
Medium
Coppermine Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4667)
CVE-2010-4667
CWE-707
Medium
PmWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4662)
CVE-2010-4662
CWE-707
Medium
Jboss EAP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-14900)
CVE-2019-14900
CWE-138
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14881)
CVE-2019-14881
CWE-707
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14945)
CVE-2019-14945
CWE-707
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14946)
CVE-2019-14946
CWE-707
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14947)
CVE-2019-14947
CWE-707
Medium
SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14974)
CVE-2019-14974
CWE-707
Medium
Atlassian Jira Incorrect Default Permissions Vulnerability (CVE-2019-14995)
CVE-2019-14995
CWE-276
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14996)
CVE-2019-14996
CWE-707
Medium
Moodle URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-14882)
CVE-2019-14882
CWE-601
Medium
PHP Resource Management Errors Vulnerability (CVE-2010-4697)
CVE-2010-4697
-
Medium
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-14998)
CVE-2019-14998
CWE-352
Medium
Moodle Improper Authorization Vulnerability (CVE-2019-14828)
CVE-2019-14828
CWE-285
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14748)
CVE-2019-14748
CWE-707
Medium
PHP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4700)
CVE-2010-4700
CWE-138
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14750)
CVE-2019-14750
CWE-707
Medium
PHP Numeric Errors Vulnerability (CVE-2010-4699)
CVE-2010-4699
-
Medium
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-14820)
CVE-2019-14820
CWE-200
Medium
Moodle Improper Control of Generation of Code (Code Injection) (CVE-2019-14827)
CVE-2019-14827
-
Medium
Moodle Improper Following of Specification by Caller Vulnerability (CVE-2019-14829)
CVE-2019-14829
CWE-573
Medium
Moodle Improper Check for Dropped Privileges Vulnerability (CVE-2019-14879)
CVE-2019-14879
CWE-273
Medium
Moodle URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-14830)
CVE-2019-14830
CWE-601
Medium
Moodle URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-14831)
CVE-2019-14831
CWE-601
Medium
Jboss EAP Improper Privilege Management Vulnerability (CVE-2019-14838)
CVE-2019-14838
CWE-269
Medium
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2010-4698)
CVE-2010-4698
CWE-119
Medium
Knockout.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14862)
CVE-2019-14862
CWE-707
Medium
AngularJS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14863)
CVE-2019-14863
CWE-707
Medium
Atlassian Jira Other Vulnerability (CVE-2019-14997)
CVE-2019-14997
-
Medium
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4642)
CVE-2010-4642
CWE-707
Medium
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14550)
CVE-2019-14550
CWE-707
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4480)
CVE-2010-4480
CWE-707
Medium
MySQL Divide By Zero Vulnerability (CVE-2019-16168)
CVE-2019-16168
CWE-369
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16172)
CVE-2019-16172
CWE-707
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16173)
CVE-2019-16173
CWE-707
Medium
phpMyAdmin Improper Authentication Vulnerability (CVE-2010-4481)
CVE-2010-4481
CWE-287
Medium
LimeSurvey Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2019-16175)
CVE-2019-16175
CWE-1021
Medium
LimeSurvey CVE-2019-16176 Vulnerability (CVE-2019-16176)
CVE-2019-16176
-
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16178)
CVE-2019-16178
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16147)
CVE-2019-16147
CWE-707
Medium
LimeSurvey Improper Certificate Validation Vulnerability (CVE-2019-16179)
CVE-2019-16179
CWE-295
Medium
LimeSurvey CVE-2019-16180 Vulnerability (CVE-2019-16180)
CVE-2019-16180
-
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16182)
CVE-2019-16182
CWE-707
Medium
WebLogic CVE-2010-4453 Vulnerability (CVE-2010-4453)
CVE-2010-4453
-
Medium
GlassFish CVE-2010-4438 Vulnerability (CVE-2010-4438)
CVE-2010-4438
-
Medium
Oracle Database Server CVE-2010-4423 Vulnerability (CVE-2010-4423)
CVE-2010-4423
-
Medium
Sqlite Divide By Zero Vulnerability (CVE-2019-16168)
CVE-2019-16168
CWE-369
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4522)
CVE-2010-4522
CWE-707
Medium
Atlassian Confluence Missing Authorization Vulnerability (CVE-2019-15005)
CVE-2019-15005
CWE-862
Medium
MyBB Other Vulnerability (CVE-2010-4628)
CVE-2010-4628
-
Medium
Atlassian Confluence Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2019-15006)
CVE-2019-15006
CWE-913
Medium
Atlassian Jira Missing Authorization Vulnerability (CVE-2019-15013)
CVE-2019-15013
CWE-862
Medium
Joomla CVE-2019-15028 Vulnerability (CVE-2019-15028)
CVE-2019-15028
-
Medium
Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-15081)
CVE-2019-15081
CWE-707
Medium
osTicket Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2010-4634)
CVE-2010-4634
CWE-22
Medium
MyBB Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-4629)
CVE-2010-4629
CWE-264
Medium
MyBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-4627)
CVE-2010-4627
CWE-352
Medium
Django Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-4534)
CVE-2010-4534
CWE-264
Medium
Grafana Insufficiently Protected Credentials Vulnerability (CVE-2019-15635)
CVE-2019-15635
CWE-522
Medium
MyBB Cryptographic Issues Vulnerability (CVE-2010-4626)
CVE-2010-4626
-
Medium
Ruby CVE-2019-15845 Vulnerability (CVE-2019-15845)
CVE-2019-15845
-
Medium
MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-4625)
CVE-2010-4625
CWE-200
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4536)
CVE-2010-4536
CWE-707
Medium
Django Improper Input Validation Vulnerability (CVE-2010-4535)
CVE-2010-4535
CWE-20
Medium
phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-16107)
CVE-2019-16107
CWE-352
Medium
YUI Library Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4710)
CVE-2010-4710
CWE-707
Medium
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14549)
CVE-2019-14549
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16197)
CVE-2019-16197
CWE-707
Medium
phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-12616)
CVE-2019-12616
CWE-352
Medium
Squid Out-of-bounds Write Vulnerability (CVE-2019-12521)
CVE-2019-12521
CWE-787
Medium
Squid Improper Privilege Management Vulnerability (CVE-2019-12522)
CVE-2019-12522
CWE-269
Medium
TYPO3 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2010-5102)
CVE-2010-5102
CWE-22
Medium