Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19992)
CVE-2018-19992
CWE-707
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19970)
CVE-2018-19970
CWE-707
Medium
Opencart Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3763)
CVE-2011-3763
CWE-200
Medium
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2011-3348)
CVE-2011-3348
CWE-400
Medium
MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3759)
CVE-2011-3759
CWE-200
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16808)
CVE-2018-16808
CWE-707
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3757)
CVE-2011-3757
CWE-200
Medium
Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2018-1042)
CVE-2018-1042
CWE-918
Medium
Zikula Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-3352)
CVE-2011-3352
CWE-707
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19799)
CVE-2018-19799
CWE-707
Medium
LimeSurvey Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3752)
CVE-2011-3752
CWE-200
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19554)
CVE-2018-19554
CWE-707
Medium
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2011-3368)
CVE-2011-3368
CWE-20
Medium
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3747)
CVE-2011-3747
CWE-200
Medium
Nginx Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-16845)
CVE-2018-16845
CWE-835
Medium
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3375)
CVE-2011-3375
CWE-200
Medium
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-3376)
CVE-2011-3376
CWE-264
Medium
Hesk Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3743)
CVE-2011-3743
CWE-200
Medium
Frontaccounting Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3740)
CVE-2011-3740
CWE-200
Medium
Elgg Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3733)
CVE-2011-3733
CWE-200
Medium
Piwigo Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3790)
CVE-2011-3790
CWE-200
Medium
Nexus Repository Manager Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16619)
CVE-2018-16619
CWE-707
Medium
Oracle Database Server CVE-2011-3512 Vulnerability (CVE-2011-3512)
CVE-2011-3512
-
Medium
PHP Other Vulnerability (CVE-2011-3182)
CVE-2011-3182
-
Medium
Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2018-1301)
CVE-2018-1301
CWE-119
Medium
Apache HTTP Server CVE-2018-1283 Vulnerability (CVE-2018-1283)
CVE-2018-1283
-
Medium
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3128)
CVE-2011-3128
CWE-200
Medium
LimeSurvey Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-16397)
CVE-2018-16397
CWE-434
Medium
WebLogic CVE-2018-1257 Vulnerability (CVE-2018-1257)
CVE-2018-1257
-
Medium
Squid NULL Pointer Dereference Vulnerability (CVE-2018-1172)
CVE-2018-1172
CWE-476
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1136)
CVE-2018-1136
CWE-707
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1135)
CVE-2018-1135
CWE-200
Medium
Vanilla Forums Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-16410)
CVE-2018-16410
CWE-138
Medium
PrestaShop Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3796)
CVE-2011-3796
CWE-200
Medium
Moodle Improper Privilege Management Vulnerability (CVE-2018-1134)
CVE-2018-1134
CWE-269
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-3181)
CVE-2011-3181
CWE-707
Medium
Ruby on Rails Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-3186)
CVE-2011-3186
CWE-94
Medium
Moodle CVE-2018-1043 Vulnerability (CVE-2018-1043)
CVE-2018-1043
-
Medium
Moodle CVE-2018-1081 Vulnerability (CVE-2018-1081)
CVE-2018-1081
-
Medium
Jboss EAP Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') Vulnerability (CVE-2018-1067)
CVE-2018-1067
CWE-113
Medium
Undertow Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') Vulnerability (CVE-2018-1067)
CVE-2018-1067
CWE-113
Medium
Ruby on Rails Improper Input Validation Vulnerability (CVE-2011-3187)
CVE-2011-3187
CWE-20
Medium
PHP Cryptographic Issues Vulnerability (CVE-2011-3189)
CVE-2011-3189
-
Medium
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1052)
CVE-2018-1052
CWE-200
Medium
Squid Other Vulnerability (CVE-2011-3205)
CVE-2011-3205
-
Medium
WildFly Application Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1047)
CVE-2018-1047
CWE-22
Medium
Jboss EAP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1047)
CVE-2018-1047
CWE-22
Medium
Ruby on Rails CVE-2018-16477 Vulnerability (CVE-2018-16477)
CVE-2018-16477
-
Medium
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1045)
CVE-2018-1045
CWE-707
Medium
Lodash CVE-2018-16487 Vulnerability (CVE-2018-16487)
CVE-2018-16487
-
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1044)
CVE-2018-1044
CWE-200
Medium
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16980)
CVE-2018-16980
CWE-707
Medium
Django Insufficiently Protected Credentials Vulnerability (CVE-2018-16984)
CVE-2018-16984
CWE-522
Medium
Serendipity Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3800)
CVE-2011-3800
CWE-200
Medium
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2011-3639)
CVE-2011-3639
CWE-20
Medium
Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2018-1999042)
CVE-2018-1999042
CWE-502
Medium
Dolphin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3728)
CVE-2011-3728
CWE-200
Medium
MathJax Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1999024)
CVE-2018-1999024
CWE-707
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1999007)
CVE-2018-1999007
CWE-707
Medium
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1999006)
CVE-2018-1999006
CWE-200
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1999005)
CVE-2018-1999005
CWE-707
Medium
Jenkins Incorrect Authorization Vulnerability (CVE-2018-1999004)
CVE-2018-1999004
CWE-863
Medium
Jenkins Incorrect Authorization Vulnerability (CVE-2018-1999003)
CVE-2018-1999003
CWE-863
Medium
CubeCart Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3724)
CVE-2011-3724
CWE-200
Medium
Joomla Incorrect Authorization Vulnerability (CVE-2018-17857)
CVE-2018-17857
CWE-863
Medium
Ruby Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2011-3624)
CVE-2011-3624
CWE-138
Medium
Coppermine Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3722)
CVE-2011-3722
CWE-200
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18625)
CVE-2018-18625
CWE-707
Medium
SugarCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17784)
CVE-2018-17784
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18624)
CVE-2018-18624
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18623)
CVE-2018-18623
CWE-707
Medium
phpMyAdmin Improper Input Validation Vulnerability (CVE-2011-3646)
CVE-2011-3646
CWE-20
Medium
ATutor Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3706)
CVE-2011-3706
CWE-200
Medium
jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18405)
CVE-2018-18405
CWE-707
Medium
b2evolution Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3709)
CVE-2011-3709
CWE-200
Medium