Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-0954)
CVE-2020-0954
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3636)
CVE-2009-3636
CWE-707
Medium
SharePoint CVE-2020-0972 Vulnerability (CVE-2020-0972)
CVE-2020-0972
-
Medium
TYPO3 Improper Authentication Vulnerability (CVE-2009-3635)
CVE-2009-3635
CWE-287
Medium
TYPO3 Other Vulnerability (CVE-2009-3630)
CVE-2009-3630
-
Medium
SharePoint CVE-2020-0975 Vulnerability (CVE-2020-0975)
CVE-2020-0975
-
Medium
SharePoint CVE-2020-0977 Vulnerability (CVE-2020-0977)
CVE-2020-0977
-
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-0978)
CVE-2020-0978
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3634)
CVE-2009-3634
CWE-707
Medium
TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2009-3633)
CVE-2009-3633
CWE-352
Medium
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-3632)
CVE-2009-3632
CWE-138
Medium
Nginx Improper Certificate Validation Vulnerability (CVE-2009-3555)
CVE-2009-3555
CWE-295
Medium
Apache HTTP Server Cryptographic Issues Vulnerability (CVE-2009-3555)
CVE-2009-3555
-
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-0927)
CVE-2020-0927
CWE-707
Medium
phpMyAdmin Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-11441)
CVE-2020-11441
CWE-138
Medium
Oracle Application Server CVE-2009-3407 Vulnerability (CVE-2009-3407)
CVE-2009-3407
-
Medium
PHP Use of Externally-Controlled Format String Vulnerability (CVE-2009-3294)
CVE-2009-3294
CWE-134
Medium
PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11074)
CVE-2020-11074
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11110)
CVE-2020-11110
CWE-707
Medium
PostgreSQL Improper Authentication Vulnerability (CVE-2009-3231)
CVE-2009-3231
CWE-287
Medium
Nexus Repository Manager Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-11415)
CVE-2020-11415
CWE-312
Medium
LimeSurvey Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-11455)
CVE-2020-11455
CWE-22
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11064)
CVE-2020-11064
CWE-707
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11456)
CVE-2020-11456
CWE-707
Medium
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-3230)
CVE-2009-3230
CWE-264
Medium
PostgreSQL CVE-2009-3229 Vulnerability (CVE-2009-3229)
CVE-2009-3229
-
Medium
PleskWin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11583)
CVE-2020-11583
CWE-707
Medium
PleskLin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11583)
CVE-2020-11583
CWE-707
Medium
PleskWin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11584)
CVE-2020-11584
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11065)
CVE-2020-11065
CWE-707
Medium
Oracle Database Server CVE-2009-3411 Vulnerability (CVE-2009-3411)
CVE-2009-3411
-
Medium
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-10803)
CVE-2020-10803
CWE-138
Medium
WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11022)
CVE-2020-11022
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3479)
CVE-2009-3479
CWE-707
Medium
Ruby Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-10933)
CVE-2020-10933
CWE-200
Medium
MediaWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-10959)
CVE-2020-10959
CWE-601
Medium
MediaWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2020-10960)
CVE-2020-10960
CWE-116
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3444)
CVE-2009-3444
CWE-707
Medium
Oracle Database Server CVE-2009-3414 Vulnerability (CVE-2009-3414)
CVE-2009-3414
-
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11022)
CVE-2020-11022
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11030)
CVE-2020-11030
CWE-707
Medium
jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11022)
CVE-2020-11022
CWE-707
Medium
jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11023)
CVE-2020-11023
CWE-707
Medium
WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11023)
CVE-2020-11023
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11023)
CVE-2020-11023
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11025)
CVE-2020-11025
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11026)
CVE-2020-11026
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11029)
CVE-2020-11029
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-0930)
CVE-2020-0930
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-0926)
CVE-2020-0926
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4563)
CVE-2009-4563
CWE-707
Medium
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4305)
CVE-2009-4305
CWE-138
Medium
PHP Numeric Errors Vulnerability (CVE-2009-4418)
CVE-2009-4418
-
Medium
WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-8943)
CVE-2019-8943
CWE-22
Medium
Serendipity Other Vulnerability (CVE-2009-4412)
CVE-2009-4412
-
Medium
OpenSSL Resource Management Errors Vulnerability (CVE-2009-4355)
CVE-2009-4355
-
Medium
ZenCart Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-4322)
CVE-2009-4322
CWE-200
Medium
ZenCart Improper Input Validation Vulnerability (CVE-2009-4321)
CVE-2009-4321
CWE-20
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-4303)
CVE-2009-4303
CWE-200
Medium
Internet Information Services CVE-2009-4444 Vulnerability (CVE-2009-4444)
CVE-2009-4444
-
Medium
Moodle Cryptographic Issues Vulnerability (CVE-2009-4302)
CVE-2009-4302
-
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-4301)
CVE-2009-4301
CWE-264
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-4300)
CVE-2009-4300
CWE-200
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-4299)
CVE-2009-4299
CWE-264
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-4298)
CVE-2009-4298
CWE-200
Medium
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2009-4297)
CVE-2009-4297
CWE-352
Medium
Collabtive Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8935)
CVE-2019-8935
CWE-707
Medium
Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-8451)
CVE-2019-8451
CWE-918
Medium
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9516)
CVE-2019-9516
CWE-770
Medium
qdPM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8391)
CVE-2019-8391
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4562)
CVE-2009-4562
CWE-707
Medium
Ruby Improper Input Validation Vulnerability (CVE-2009-4492)
CVE-2009-4492
CWE-20
Medium
Cherokee Improper Input Validation Vulnerability (CVE-2009-4489)
CVE-2009-4489
CWE-20
Medium
Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8331)
CVE-2019-8331
CWE-707
Medium
Nginx CVE-2009-4487 Vulnerability (CVE-2009-4487)
CVE-2009-4487
-
Medium