Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Known Vulnerabilities
This page lists
13509 vulnerabilities
in this category.
Critical: 1465
High: 3387
Medium: 7907
Low: 748
Information: 2
Vulnerability Name
CVE
CWE
Severity
Ruby Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-28966)
CVE-2021-28966
CWE-22
High
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-21357)
CVE-2021-21357
CWE-434
High
Ruby Improper Restriction of XML External Entity Reference Vulnerability (CVE-2021-28965)
CVE-2021-28965
CWE-611
High
Python URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-28861)
CVE-2021-28861
CWE-601
High
Ruby Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-6914)
CVE-2018-6914
CWE-22
High
Jetty Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-2080)
CVE-2015-2080
CWE-200
High
SharePoint CVE-2019-1035 Vulnerability (CVE-2019-1035)
CVE-2019-1035
-
High
MySQL Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5398)
CVE-2020-5398
CWE-707
High
Handlebars Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-20920)
CVE-2019-20920
CWE-94
High
OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-1789)
CVE-2015-1789
CWE-119
High
Oracle HTTP Server Out-of-bounds Read Vulnerability (CVE-2020-5360)
CVE-2020-5360
CWE-125
High
TCExam Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-20114)
CVE-2021-20114
CWE-200
High
OpenSSL Improper Input Validation Vulnerability (CVE-2014-3513)
CVE-2014-3513
CWE-20
High
TYPO3 Uncontrolled Recursion Vulnerability (CVE-2021-21359)
CVE-2021-21359
CWE-674
High
WebLogic Download of Code Without Integrity Check Vulnerability (CVE-2020-5398)
CVE-2020-5398
CWE-494
High
OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-8176)
CVE-2014-8176
CWE-119
High
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3514)
CVE-2014-3514
CWE-264
High
TYPO3 Improper Input Validation Vulnerability (CVE-2014-9509)
CVE-2014-9509
CWE-20
High
PHP CVE-2014-3515 Vulnerability (CVE-2014-3515)
CVE-2014-3515
-
High
Grafana Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-27962)
CVE-2021-27962
CWE-732
High
Envoy Proxy Improper Authentication Vulnerability (CVE-2021-21378)
CVE-2021-21378
CWE-287
High
Sqlite CVE-2019-19244 Vulnerability (CVE-2019-19244)
CVE-2019-19244
-
High
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3530)
CVE-2014-3530
CWE-200
High
jQuery Validation Uncontrolled Resource Consumption Vulnerability (CVE-2021-21252)
CVE-2021-21252
CWE-400
High
SharePoint CVE-2019-1034 Vulnerability (CVE-2019-1034)
CVE-2019-1034
-
High
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-27948)
CVE-2021-27948
CWE-138
High
Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-1814)
CVE-2015-1814
CWE-264
High
Dojo Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2020-5258)
CVE-2020-5258
CWE-1321
High
PHP Out-of-bounds Read Vulnerability (CVE-2015-2325)
CVE-2015-2325
CWE-125
High
Jenkins Uncontrolled Resource Consumption Vulnerability (CVE-2021-28165)
CVE-2021-28165
CWE-400
High
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-9402)
CVE-2020-9402
CWE-138
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3482)
CVE-2014-3482
CWE-138
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3483)
CVE-2014-3483
CWE-138
High
SharePoint Improper Input Validation Vulnerability (CVE-2019-1295)
CVE-2019-1295
CWE-20
High
FrontAccounting Cross-site Request Forgery (CSRF) Vulnerability (CVE-2018-7176)
CVE-2018-7176
-
High
MongoDb Incorrect Comparison Vulnerability (CVE-2019-20925)
CVE-2019-20925
CWE-697
High
Ruby Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-5247)
CVE-2020-5247
CWE-138
High
PrestaShop Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2021-21302)
CVE-2021-21302
CWE-1236
High
MySQL Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')Vulnerability (CVE-2020-5258)
CVE-2020-5258
CWE-138
High
OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-3512)
CVE-2014-3512
CWE-119
High
Handlebars Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-20922)
CVE-2019-20922
CWE-835
High
Jboss EAP Other Vulnerability (CVE-2014-3490)
CVE-2014-3490
-
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-8626)
CVE-2014-8626
CWE-119
High
Grafana Improper Authentication Vulnerability (CVE-2021-28148)
CVE-2021-28148
CWE-287
High
WebLogic Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2020-5258)
CVE-2020-5258
CWE-1321
High
PHPFusion Multiple SQL Injection Vulnerabilities (CVE-2014-8596)
CVE-2014-8596
-
High
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-27973)
CVE-2021-27973
CWE-138
High
Sqlite NULL Pointer Dereference Vulnerability (CVE-2020-9327)
CVE-2020-9327
CWE-476
High
Oracle JRE CVE-2014-2412 Vulnerability (CVE-2014-2412)
CVE-2014-2412
-
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-19209)
CVE-2019-19209
CWE-138
High
Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-9591)
CVE-2020-9591
CWE-200
High
Java Unspesificed Vulnerability (CVE-2018-2941)
CVE-2018-2941
-
High
Drupal CVE-2014-1475 Vulnerability (CVE-2014-1475)
CVE-2014-1475
-
High
Dotclear Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-1613)
CVE-2014-1613
CWE-94
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-10086)
CVE-2019-10086
CWE-502
High
SharePoint Out-of-bounds Write Vulnerability (CVE-2014-1761)
CVE-2014-1761
CWE-787
High
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-3167)
CVE-2015-3167
CWE-200
High
MediaWiki Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2014-9277)
CVE-2014-9277
CWE-138
High
Python Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-1912)
CVE-2014-1912
CWE-119
High
ownCloud Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-2044)
CVE-2014-2044
CWE-94
High
FluxBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-10029)
CVE-2014-10029
CWE-138
High
MediaWiki Resource Management Errors Vulnerability (CVE-2015-2942)
CVE-2015-2942
-
High
MySQL CVE-2014-6500 Vulnerability (CVE-2014-6500)
CVE-2014-6500
-
High
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-9240)
CVE-2014-9240
CWE-138
High
ownCloud Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-2051)
CVE-2014-2051
CWE-94
High
MediaWiki Resource Management Errors Vulnerability (CVE-2015-2937)
CVE-2015-2937
-
High
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2019-10081)
CVE-2019-10081
CWE-787
High
MediaWiki Resource Management Errors Vulnerability (CVE-2015-2936)
CVE-2015-2936
-
High
ownCloud Other Vulnerability (CVE-2014-2053)
CVE-2014-2053
-
High
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-10086)
CVE-2019-10086
CWE-502
High
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2019-10097)
CVE-2019-10097
CWE-787
High
ownCloud Other Vulnerability (CVE-2014-2054)
CVE-2014-2054
-
High
Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-19880)
CVE-2019-19880
CWE-476
High
Next.js Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-6184)
CVE-2018-6184
CWE-22
High
Zenphoto Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-36079)
CVE-2020-36079
CWE-434
High
«
1
...
20
21
22
...
181
»
