Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Joomla CVE-2018-17859 Vulnerability (CVE-2018-17859)
CVE-2018-17859
-
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17866)
CVE-2018-17866
CWE-707
Medium
CakePHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3712)
CVE-2011-3712
CWE-200
Medium
Claroline Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3716)
CVE-2011-3716
CWE-200
Medium
ClipBucket Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3717)
CVE-2011-3717
CWE-200
Medium
CrushFTP Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-18288)
CVE-2018-18288
CWE-601
Medium
JBoss Application Server Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-3609)
CVE-2011-3609
CWE-352
Medium
Jenkins Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1999044)
CVE-2018-1999044
CWE-835
Medium
Oracle Database Server CVE-2011-3525 Vulnerability (CVE-2011-3525)
CVE-2011-3525
-
Medium
PHP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17082)
CVE-2018-17082
CWE-707
Medium
Oracle JRE CVE-2011-3546 Vulnerability (CVE-2011-3546)
CVE-2011-3546
-
Medium
Oracle JRE CVE-2011-3547 Vulnerability (CVE-2011-3547)
CVE-2011-3547
-
Medium
Oracle JRE CVE-2011-3563 Vulnerability (CVE-2011-3563)
CVE-2011-3563
-
Medium
Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19206)
CVE-2018-19206
CWE-707
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17003)
CVE-2018-17003
CWE-707
Medium
e107 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3731)
CVE-2011-3731
CWE-200
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19202)
CVE-2018-19202
CWE-707
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19201)
CVE-2018-19201
CWE-707
Medium
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-17081)
CVE-2018-17081
CWE-352
Medium
concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19146)
CVE-2018-19146
CWE-707
Medium
Squid Missing Release of Resource after Effective Lifetime Vulnerability (CVE-2018-19132)
CVE-2018-19132
CWE-772
Medium
Squid Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19131)
CVE-2018-19131
CWE-707
Medium
MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17128)
CVE-2018-17128
CWE-707
Medium
Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17571)
CVE-2018-17571
CWE-707
Medium
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2018-17189)
CVE-2018-17189
CWE-400
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-3595)
CVE-2011-3595
CWE-707
Medium
JBoss Application Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-3606)
CVE-2011-3606
CWE-707
Medium
Apache HTTP Server Numeric Errors Vulnerability (CVE-2011-3607)
CVE-2011-3607
-
Medium
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3730)
CVE-2011-3730
CWE-200
Medium
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17301)
CVE-2018-17301
CWE-707
Medium
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-19039)
CVE-2018-19039
CWE-200
Medium
EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17302)
CVE-2018-17302
CWE-707
Medium
Dot CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-17422)
CVE-2018-17422
CWE-601
Medium
e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17423)
CVE-2018-17423
CWE-707
Medium
Jenkins Incorrect Authorization Vulnerability (CVE-2018-1999047)
CVE-2018-1999047
CWE-863
Medium
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1999046)
CVE-2018-1999046
CWE-200
Medium
Jenkins Improper Authentication Vulnerability (CVE-2018-1999045)
CVE-2018-1999045
CWE-287
Medium
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2018-1302)
CVE-2018-1302
CWE-476
Medium
WordPress Improper Input Validation Vulnerability (CVE-2011-3127)
CVE-2011-3127
CWE-20
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20965)
CVE-2018-20965
CWE-707
Medium
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-2890)
CVE-2011-2890
CWE-200
Medium
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20328)
CVE-2018-20328
CWE-707
Medium
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20327)
CVE-2018-20327
CWE-707
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20322)
CVE-2018-20322
CWE-707
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20239)
CVE-2018-20239
CWE-707
Medium
Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4090)
CVE-2011-4090
CWE-707
Medium
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20239)
CVE-2018-20239
CWE-707
Medium
Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-20237)
CVE-2018-20237
CWE-200
Medium
Jboss EAP Improper Authentication Vulnerability (CVE-2011-4085)
CVE-2011-4085
CWE-287
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20232)
CVE-2018-20232
CWE-707
Medium
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-2889)
CVE-2011-2889
CWE-200
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20153)
CVE-2018-20153
CWE-707
Medium
WordPress Improper Input Validation Vulnerability (CVE-2018-20152)
CVE-2018-20152
CWE-20
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20150)
CVE-2018-20150
CWE-707
Medium
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-2729)
CVE-2011-2729
CWE-264
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20149)
CVE-2018-20149
CWE-707
Medium
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-2891)
CVE-2011-2891
CWE-200
Medium
WordPress Incorrect Authorization Vulnerability (CVE-2018-20147)
CVE-2018-20147
CWE-863
Medium
AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20141)
CVE-2018-20141
CWE-707
Medium
Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20140)
CVE-2018-20140
CWE-707
Medium
Podcast Generator Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20121)
CVE-2018-20121
CWE-707
Medium
Drupal CVE-2018-14773 Vulnerability (CVE-2018-14773)
CVE-2018-14773
-
Medium
PHP Out-of-bounds Read Vulnerability (CVE-2018-14851)
CVE-2018-14851
CWE-125
Medium
Contao CVE-2018-20028 Vulnerability (CVE-2018-20028)
CVE-2018-20028
-
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1984)
CVE-2018-1984
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1983)
CVE-2018-1983
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1982)
CVE-2018-1982
CWE-707
Medium
Squid Resource Management Errors Vulnerability (CVE-2011-4096)
CVE-2011-4096
-
Medium
Perl Other Vulnerability (CVE-2011-2728)
CVE-2011-2728
-
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1916)
CVE-2018-1916
CWE-707
Medium
MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20758)
CVE-2018-20758
CWE-707
Medium
silverstripeCMS Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2019-12245)
CVE-2019-12245
CWE-732
Medium
Python Improper Input Validation Vulnerability (CVE-2018-20852)
CVE-2018-20852
CWE-20
Medium
phpMyAdmin Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2011-2643)
CVE-2011-2643
CWE-22
Medium
Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20827)
CVE-2018-20827
CWE-707
Medium