Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11846)
CVE-2019-11846
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4903)
CVE-2011-4903
CWE-707
Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4319)
CVE-2011-4319
CWE-707
Medium
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1000862)
CVE-2018-1000862
CWE-200
Medium
TYPO3 Improper Input Validation Vulnerability (CVE-2011-4904)
CVE-2011-4904
CWE-20
Medium
MySQL CVE-2018-3285 Vulnerability (CVE-2018-3285)
CVE-2018-3285
-
Medium
Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2011-4907)
CVE-2011-4907
CWE-434
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4909)
CVE-2011-4909
CWE-707
Medium
Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11876)
CVE-2019-11876
CWE-707
Medium
MySQL CVE-2018-3278 Vulnerability (CVE-2018-3278)
CVE-2018-3278
-
Medium
PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11876)
CVE-2019-11876
CWE-707
Medium
MySQL CVE-2018-3284 Vulnerability (CVE-2018-3284)
CVE-2018-3284
-
Medium
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2011-4317)
CVE-2011-4317
CWE-20
Medium
Jenkins Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1000864)
CVE-2018-1000864
CWE-835
Medium
MySQL CVE-2018-3283 Vulnerability (CVE-2018-3283)
CVE-2018-3283
-
Medium
MySQL CVE-2018-3282 Vulnerability (CVE-2018-3282)
CVE-2018-3282
-
Medium
MySQL CVE-2018-3280 Vulnerability (CVE-2018-3280)
CVE-2018-3280
-
Medium
MySQL CVE-2018-3279 Vulnerability (CVE-2018-3279)
CVE-2018-3279
-
Medium
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5296)
CVE-2010-5296
CWE-264
Medium
Nginx Out-of-bounds Write Vulnerability (CVE-2011-4315)
CVE-2011-4315
CWE-787
Medium
Mailman Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5950)
CVE-2018-5950
CWE-707
Medium
ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-8896)
CVE-2017-8896
CWE-707
Medium
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1893)
CVE-2011-1893
CWE-707
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1587)
CVE-2011-1587
CWE-707
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9063)
CVE-2017-9063
CWE-707
Medium
Dotclear Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1584)
CVE-2011-1584
CWE-264
Medium
SharePoint Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-1892)
CVE-2011-1892
CWE-200
Medium
WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6944)
CVE-2018-6944
CWE-707
Medium
WebLogic Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2019-11358)
CVE-2019-11358
CWE-1321
Medium
Jolokia Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1000129)
CVE-2018-1000129
CWE-707
Medium
PHP Other Vulnerability (CVE-2011-0420)
CVE-2011-0420
-
Medium
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1000192)
CVE-2018-1000192
CWE-200
Medium
XOOPS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4565)
CVE-2011-4565
CWE-707
Medium
Ruby Numeric Errors Vulnerability (CVE-2011-0188)
CVE-2011-0188
-
Medium
Jenkins Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2018-1000193)
CVE-2018-1000193
CWE-138
Medium
Python Resource Management Errors Vulnerability (CVE-2011-1521)
CVE-2011-1521
-
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11199)
CVE-2019-11199
CWE-707
Medium
PHP Resource Management Errors Vulnerability (CVE-2011-1657)
CVE-2011-1657
-
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0047)
CVE-2011-0047
CWE-707
Medium
PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4544)
CVE-2011-4544
CWE-707
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1000170)
CVE-2018-1000170
CWE-707
Medium
Drupal Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2019-11358)
CVE-2019-11358
CWE-1321
Medium
Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2011-0419)
CVE-2011-0419
CWE-770
Medium
Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0013)
CVE-2011-0013
CWE-707
Medium
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4802)
CVE-2011-4802
CWE-138
Medium
ProjectSend Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7202)
CVE-2018-7202
CWE-707
Medium
MyBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-7305)
CVE-2018-7305
CWE-352
Medium
MediaWiki Improper Input Validation Vulnerability (CVE-2011-1579)
CVE-2011-1579
CWE-20
Medium
Joomla Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2019-11358)
CVE-2019-11358
CWE-1321
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7196)
CVE-2018-7196
CWE-707
Medium
jQuery Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2019-11358)
CVE-2019-11358
CWE-1321
Medium
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1582)
CVE-2011-1582
CWE-264
Medium
osTicket Integer Overflow or Wraparound Vulnerability (CVE-2018-7194)
CVE-2018-7194
CWE-190
Medium
MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1578)
CVE-2011-1578
CWE-707
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7192)
CVE-2018-7192
CWE-707
Medium
ZenCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4547)
CVE-2011-4547
CWE-707
Medium
Django Incorrect Regular Expression Vulnerability (CVE-2018-7536)
CVE-2018-7536
CWE-185
Medium
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1000169)
CVE-2018-1000169
CWE-200
Medium
PrestaShop Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-4545)
CVE-2011-4545
CWE-94
Medium
Django Incorrect Regular Expression Vulnerability (CVE-2018-7537)
CVE-2018-7537
CWE-185
Medium
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4814)
CVE-2011-4814
CWE-707
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7193)
CVE-2018-7193
CWE-707
Medium
Liferay Portal CVE-2011-1571 Vulnerability (CVE-2011-1571)
CVE-2011-1571
-
Medium
OpenSSL Resource Management Errors Vulnerability (CVE-2011-0014)
CVE-2011-0014
-
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6905)
CVE-2018-6905
CWE-707
Medium
phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7260)
CVE-2018-7260
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6377)
CVE-2018-6377
CWE-707
Medium
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000406)
CVE-2018-1000406
CWE-22
Medium
Python Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2018-1000117)
CVE-2018-1000117
CWE-119
Medium
Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1000407)
CVE-2018-1000407
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6380)
CVE-2018-6380
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6379)
CVE-2018-6379
CWE-707
Medium
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-11585)
CVE-2019-11585
CWE-601
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7723)
CVE-2018-7723
CWE-707
Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6378)
CVE-2018-6378
CWE-707
Medium