Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-19206)
CVE-2019-19206
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-19211)
CVE-2019-19211
CWE-707
Medium
PleskLin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-18793)
CVE-2019-18793
CWE-707
Medium
Oracle Database Server CVE-2010-3590 Vulnerability (CVE-2010-3590)
CVE-2010-3590
-
Medium
Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-19242)
CVE-2019-19242
CWE-476
Medium
Python Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2010-3493)
CVE-2010-3493
CWE-362
Medium
Python Other Vulnerability (CVE-2010-3492)
CVE-2010-3492
-
Medium
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3436)
CVE-2010-3436
CWE-264
Medium
silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-19325)
CVE-2019-19325
CWE-707
Medium
PleskWin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-18793)
CVE-2019-18793
CWE-707
Medium
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-3664)
CVE-2010-3664
CWE-200
Medium
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3433)
CVE-2010-3433
CWE-264
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-17674)
CVE-2019-17674
CWE-707
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-17660)
CVE-2019-17660
CWE-707
Medium
TYPO3 Session Fixation Vulnerability (CVE-2010-3671)
CVE-2010-3671
CWE-384
Medium
TYPO3 Inadequate Encryption Strength Vulnerability (CVE-2010-3670)
CVE-2010-3670
CWE-326
Medium
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-17671)
CVE-2019-17671
CWE-200
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-17672)
CVE-2019-17672
CWE-707
Medium
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-3669)
CVE-2010-3669
CWE-601
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-18210)
CVE-2019-18210
CWE-707
Medium
Squid Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-18678)
CVE-2019-18678
CWE-444
Medium
Python Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-18348)
CVE-2019-18348
CWE-138
Medium
TYPO3 Improper Input Validation Vulnerability (CVE-2010-3667)
CVE-2010-3667
CWE-20
Medium
TYPO3 Use of Insufficiently Random Values Vulnerability (CVE-2010-3666)
CVE-2010-3666
CWE-330
Medium
Joomla Missing Authorization Vulnerability (CVE-2019-18674)
CVE-2019-18674
CWE-862
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3665)
CVE-2010-3665
CWE-707
Medium
Squid Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-18677)
CVE-2019-18677
CWE-352
Medium
silverstripeCMS Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2019-19326)
CVE-2019-19326
-
Medium
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-19499)
CVE-2019-19499
CWE-200
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-17578)
CVE-2019-17578
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1036)
CVE-2019-1036
CWE-707
Medium
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2010-2952)
CVE-2010-2952
CWE-20
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1031)
CVE-2019-1031
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1032)
CVE-2019-1032
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1033)
CVE-2019-1033
CWE-707
Medium
Squid Other Vulnerability (CVE-2010-2951)
CVE-2010-2951
-
Medium
PHP Use of Externally-Controlled Format String Vulnerability (CVE-2010-2950)
CVE-2010-2950
CWE-134
Medium
OpenSSL Resource Management Errors Vulnerability (CVE-2010-2939)
CVE-2010-2939
-
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3056)
CVE-2010-3056
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1134)
CVE-2019-1134
CWE-707
Medium
Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-2791)
CVE-2010-2791
CWE-200
Medium
SharePoint Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-1202)
CVE-2019-1202
CWE-200
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-1203)
CVE-2019-1203
CWE-707
Medium
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-2787)
CVE-2010-2787
CWE-200
Medium
SharePoint CVE-2019-1260 Vulnerability (CVE-2019-1260)
CVE-2019-1260
-
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-2958)
CVE-2010-2958
CWE-707
Medium
Sqlite Improper Handling of Exceptional Conditions Vulnerability (CVE-2019-19924)
CVE-2019-19924
CWE-755
Medium
Ruby on Rails Missing Encryption of Sensitive Data Vulnerability (CVE-2010-3299)
CVE-2010-3299
CWE-311
Medium
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3092)
CVE-2010-3092
CWE-264
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3263)
CVE-2010-3263
CWE-707
Medium
Zope Web Application Server Other Vulnerability (CVE-2010-3198)
CVE-2010-3198
-
Medium
Sqlite Uncontrolled Recursion Vulnerability (CVE-2019-19645)
CVE-2019-19645
CWE-674
Medium
MediaWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-19709)
CVE-2019-19709
CWE-601
Medium
Contao Incorrect Default Permissions Vulnerability (CVE-2019-19712)
CVE-2019-19712
CWE-276
Medium
Contao Improper Encoding or Escaping of Output Vulnerability (CVE-2019-19714)
CVE-2019-19714
CWE-116
Medium
Drupal Improper Authentication Vulnerability (CVE-2010-3091)
CVE-2010-3091
CWE-287
Medium
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-3062)
CVE-2010-3062
CWE-200
Medium
Joomla Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-19845)
CVE-2019-19845
CWE-22
Medium
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3082)
CVE-2010-3082
CWE-707
Medium
Squid Other Vulnerability (CVE-2010-3072)
CVE-2010-3072
-
Medium
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3065)
CVE-2010-3065
CWE-264
Medium
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2010-3064)
CVE-2010-3064
CWE-119
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-19910)
CVE-2019-19910
CWE-707
Medium
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2010-3063)
CVE-2010-3063
CWE-119
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3672)
CVE-2010-3672
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-17577)
CVE-2019-17577
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16218)
CVE-2019-16218
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16780)
CVE-2019-16780
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16686)
CVE-2019-16686
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16687)
CVE-2019-16687
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16688)
CVE-2019-16688
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16725)
CVE-2019-16725
CWE-707
Medium
DOMPurify Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16728)
CVE-2019-16728
CWE-707
Medium
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-16738)
CVE-2019-16738
CWE-200
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16781)
CVE-2019-16781
CWE-707
Medium