Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
XOOPS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3822)
CVE-2011-3822
CWE-200
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1761)
CVE-2018-1761
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1760)
CVE-2018-1760
CWE-707
Medium
IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1758)
CVE-2018-1758
CWE-707
Medium
IBM WebSEAL Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1740)
CVE-2018-1740
CWE-707
Medium
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1734)
CVE-2018-1734
CWE-200
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2931)
CVE-2011-2931
CWE-707
Medium
Vanilla Forums Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2018-15833)
CVE-2018-15833
CWE-639
Medium
IBM RTC CVE-2018-1694 Vulnerability (CVE-2018-1694)
CVE-2018-1694
-
Medium
Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-10125)
CVE-2018-10125
CWE-707
Medium
MongoDb Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-20803)
CVE-2018-20803
CWE-835
Medium
Oracle Database Server CVE-2011-0792 Vulnerability (CVE-2011-0792)
CVE-2011-0792
-
Medium
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-0197)
CVE-2019-0197
CWE-444
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4630)
CVE-2011-4630
CWE-707
Medium
Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0697)
CVE-2011-0697
CWE-707
Medium
Apache Tomcat Other Vulnerability (CVE-2011-1088)
CVE-2011-1088
-
Medium
Django Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-0696)
CVE-2011-0696
CWE-352
Medium
Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1133)
CVE-2011-1133
CWE-707
Medium
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4581)
CVE-2011-4581
CWE-200
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0653)
CVE-2011-0653
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4631)
CVE-2011-4631
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4632)
CVE-2011-4632
CWE-707
Medium
Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1135)
CVE-2011-1135
CWE-707
Medium
Jenkins Server-Side Request Forgery (SSRF) Vulnerability (CVE-2018-1000067)
CVE-2018-1000067
CWE-918
Medium
Moodle Improper Input Validation Vulnerability (CVE-2011-4582)
CVE-2011-4582
CWE-20
Medium
Jenkins Improper Input Validation Vulnerability (CVE-2018-1000068)
CVE-2018-1000068
CWE-20
Medium
Oracle HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-0197)
CVE-2019-0197
CWE-444
Medium
phpBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0544)
CVE-2011-0544
CWE-707
Medium
Apache HTTP Server Use After Free Vulnerability (CVE-2019-0196)
CVE-2019-0196
CWE-416
Medium
OpenSSL Resource Management Errors Vulnerability (CVE-2011-4577)
CVE-2011-4577
-
Medium
Elgg URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-11016)
CVE-2019-11016
CWE-601
Medium
Zikula Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-0535)
CVE-2011-0535
CWE-352
Medium
Apache Tomcat Resource Management Errors Vulnerability (CVE-2011-0534)
CVE-2011-0534
-
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-9861)
CVE-2018-9861
CWE-707
Medium
Apache Tomcat Other Vulnerability (CVE-2011-1183)
CVE-2011-1183
-
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4629)
CVE-2011-4629
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-0864)
CVE-2018-0864
CWE-707
Medium
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1184)
CVE-2011-1184
CWE-264
Medium
Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-0221)
CVE-2019-0221
CWE-707
Medium
Oracle Application Server Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2018-0735)
CVE-2018-0735
CWE-327
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-10404)
CVE-2019-10404
CWE-707
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-10405)
CVE-2019-10405
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-0558)
CVE-2019-0558
CWE-707
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-10406)
CVE-2019-10406
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-10102)
CVE-2018-10102
CWE-707
Medium
SugarCRM Improper Input Validation Vulnerability (CVE-2011-0745)
CVE-2011-0745
CWE-20
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-0557)
CVE-2019-0557
CWE-707
Medium
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1005)
CVE-2011-1005
CWE-264
Medium
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2011-0708)
CVE-2011-0708
CWE-119
Medium
Apache HTTP Server Use of Incorrectly-Resolved Name or Reference Vulnerability (CVE-2019-0220)
CVE-2019-0220
CWE-706
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-10909)
CVE-2019-10909
CWE-707
Medium
OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2018-0737)
CVE-2018-0737
CWE-327
Medium
Mailman Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0707)
CVE-2011-0707
CWE-707
Medium
OpenSSL Uncontrolled Recursion Vulnerability (CVE-2018-0739)
CVE-2018-0739
CWE-674
Medium
Roundcube Unspesificed Vulnerability (CVE-2019-10740)
CVE-2019-10740
-
Medium
Vanilla Forums Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1009)
CVE-2011-1009
CWE-707
Medium
Python Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-1015)
CVE-2011-1015
CWE-200
Medium
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-0701)
CVE-2011-0701
CWE-200
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4626)
CVE-2011-4626
CWE-707
Medium
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4627)
CVE-2011-4627
CWE-200
Medium
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4583)
CVE-2011-4583
CWE-264
Medium
Apache Traffic Server Integer Overflow or Wraparound Vulnerability (CVE-2018-9481)
CVE-2018-9481
CWE-190
Medium
PHP Use of Uninitialized Resource Vulnerability (CVE-2019-11038)
CVE-2019-11038
CWE-908
Medium
SharePoint CVE-2019-0562 Vulnerability (CVE-2019-0562)
CVE-2019-0562
-
Medium
MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9068)
CVE-2017-9068
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8156)
CVE-2018-8156
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0446)
CVE-2011-0446
CWE-707
Medium
MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9071)
CVE-2017-9071
CWE-707
Medium
PHP Out-of-bounds Read Vulnerability (CVE-2019-11047)
CVE-2019-11047
CWE-125
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8155)
CVE-2018-8155
CWE-707
Medium
MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9070)
CVE-2017-9070
CWE-707
Medium
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4718)
CVE-2011-4718
CWE-264
Medium
PHP Integer Overflow or Wraparound Vulnerability (CVE-2019-11048)
CVE-2019-11048
CWE-190
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8149)
CVE-2018-8149
CWE-707
Medium
OpenSSL Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1473)
CVE-2011-1473
CWE-264
Medium