Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
TYPO3 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2010-5101)
CVE-2010-5101
CWE-22
Medium
TYPO3 Improper Input Validation Vulnerability (CVE-2010-5099)
CVE-2010-5099
CWE-20
Medium
Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-12529)
CVE-2019-12529
CWE-200
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12748)
CVE-2019-12748
CWE-707
Medium
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-5104)
CVE-2010-5104
CWE-200
Medium
Joomla CVE-2019-12764 Vulnerability (CVE-2019-12764)
CVE-2019-12764
-
Medium
silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5095)
CVE-2010-5095
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12766)
CVE-2019-12766
CWE-707
Medium
Django Cleartext Transmission of Sensitive Information Vulnerability (CVE-2019-12781)
CVE-2019-12781
CWE-319
Medium
Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12823)
CVE-2019-12823
CWE-707
Medium
silverstripeCMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5094)
CVE-2010-5094
CWE-264
Medium
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-5103)
CVE-2010-5103
CWE-138
Medium
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5106)
CVE-2010-5106
CWE-264
Medium
silverstripeCMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-5091)
CVE-2010-5091
CWE-94
Medium
Collabtive Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-5285)
CVE-2010-5285
CWE-352
Medium
Dot CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-12309)
CVE-2019-12309
CWE-22
Medium
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5293)
CVE-2010-5293
CWE-264
Medium
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12386)
CVE-2019-12386
CWE-707
Medium
Twisted Web HTTP Server Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-12387)
CVE-2019-12387
CWE-138
Medium
Jboss EAP Improper Input Validation Vulnerability (CVE-2019-12400)
CVE-2019-12400
CWE-20
Medium
WebLogic Improper Input Validation Vulnerability (CVE-2019-12400)
CVE-2019-12400
CWE-20
Medium
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5284)
CVE-2010-5284
CWE-707
Medium
silverstripeCMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-5187)
CVE-2010-5187
CWE-200
Medium
MODX Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2010-5278)
CVE-2010-5278
CWE-22
Medium
MediaWiki CVE-2019-12467 Vulnerability (CVE-2019-12467)
CVE-2019-12467
-
Medium
silverstripeCMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-5188)
CVE-2010-5188
CWE-200
Medium
MediaWiki Missing Authorization Vulnerability (CVE-2019-12469)
CVE-2019-12469
CWE-862
Medium
MediaWiki Missing Authorization Vulnerability (CVE-2019-12470)
CVE-2019-12470
CWE-862
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12471)
CVE-2019-12471
CWE-707
Medium
silverstripeCMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5093)
CVE-2010-5093
CWE-264
Medium
silverstripeCMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5090)
CVE-2010-5090
CWE-264
Medium
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14548)
CVE-2019-14548
CWE-707
Medium
Perl Improper Input Validation Vulnerability (CVE-2010-4777)
CVE-2010-4777
CWE-20
Medium
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14329)
CVE-2019-14329
CWE-707
Medium
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14330)
CVE-2019-14330
CWE-707
Medium
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14331)
CVE-2019-14331
CWE-707
Medium
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14349)
CVE-2019-14349
CWE-707
Medium
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14350)
CVE-2019-14350
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4821)
CVE-2010-4821
CWE-707
Medium
Nexus Repository Manager Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14469)
CVE-2019-14469
CWE-707
Medium
Craft CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-14280)
CVE-2019-14280
CWE-200
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4757)
CVE-2010-4757
CWE-707
Medium
PmWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4748)
CVE-2010-4748
CWE-707
Medium
Zikula Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-4729)
CVE-2010-4729
CWE-352
Medium
Zikula Cryptographic Issues Vulnerability (CVE-2010-4728)
CVE-2010-4728
-
Medium
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14546)
CVE-2019-14546
CWE-707
Medium
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14547)
CVE-2019-14547
CWE-707
Medium
silverstripeCMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-4822)
CVE-2010-4822
CWE-200
Medium
silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4823)
CVE-2010-4823
CWE-707
Medium
silverstripeCMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5089)
CVE-2010-5089
CWE-264
Medium
silverstripeCMS Credentials Management Errors Vulnerability (CVE-2010-5080)
CVE-2010-5080
-
Medium
phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-12922)
CVE-2019-12922
CWE-352
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-13068)
CVE-2019-13068
CWE-707
Medium
silverstripeCMS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-5088)
CVE-2010-5088
CWE-352
Medium
silverstripeCMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5087)
CVE-2010-5087
CWE-264
Medium
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-5084)
CVE-2010-5084
CWE-352
Medium
Squid Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-13345)
CVE-2019-13345
CWE-707
Medium
silverstripeCMS Cryptographic Issues Vulnerability (CVE-2010-5079)
CVE-2010-5079
-
Medium
silverstripeCMS Files or Directories Accessible to External Parties Vulnerability (CVE-2019-14273)
CVE-2019-14273
CWE-552
Medium
phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-13376)
CVE-2019-13376
CWE-352
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-13397)
CVE-2019-13397
CWE-707
Medium
silverstripeCMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5078)
CVE-2010-5078
CWE-264
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4907)
CVE-2010-4907
CWE-707
Medium
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-13643)
CVE-2019-13643
CWE-707
Medium
silverstripeCMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4824)
CVE-2010-4824
CWE-138
Medium
silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14272)
CVE-2019-14272
CWE-707
Medium
Oracle Database Server CVE-2010-4421 Vulnerability (CVE-2010-4421)
CVE-2010-4421
-
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16217)
CVE-2019-16217
CWE-707
Medium
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-2531)
CVE-2010-2531
CWE-200
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-19210)
CVE-2019-19210
CWE-707
Medium
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-3661)
CVE-2010-3661
CWE-601
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3660)
CVE-2010-3660
CWE-707
Medium
Squid Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-18860)
CVE-2019-18860
CWE-138
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3659)
CVE-2010-3659
CWE-707
Medium
Django Incorrect Default Permissions Vulnerability (CVE-2019-19118)
CVE-2019-19118
CWE-276
Medium