Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Known Vulnerabilities
This page lists
13509 vulnerabilities
in this category.
Critical: 1465
High: 3387
Medium: 7907
Low: 748
Information: 2
Vulnerability Name
CVE
CWE
Severity
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-7981)
CVE-2014-7981
CWE-138
High
Zenphoto Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-5593)
CVE-2020-5593
CWE-138
High
Joomla Improper Input Validation Vulnerability (CVE-2021-26036)
CVE-2021-26036
CWE-20
High
Dolibarr Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2021-25957)
CVE-2021-25957
CWE-640
High
Dolibarr Improper Authentication Vulnerability (CVE-2021-25956)
CVE-2021-25956
CWE-287
High
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-8420)
CVE-2020-8420
CWE-352
High
Oracle HTTP Server Use After Free Vulnerability (CVE-2019-0211)
CVE-2019-0211
CWE-416
High
Kong Server Incorrect Authorization Vulnerability (CVE-2021-27306)
CVE-2021-27306
CWE-863
High
silverstripeCMS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-12437)
CVE-2019-12437
CWE-352
High
Oracle JRE CVE-2014-0454 Vulnerability (CVE-2014-0454)
CVE-2014-0454
-
High
ownCloud Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-44537)
CVE-2021-44537
CWE-138
High
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-46147)
CVE-2021-46147
CWE-352
High
WordPress Inadequate Encryption Strength Vulnerability (CVE-2012-6707)
CVE-2012-6707
CWE-326
High
PleskLin Other Vulnerability (CVE-2013-0133)
CVE-2013-0133
-
High
PleskWin Other Vulnerability (CVE-2013-0133)
CVE-2013-0133
-
High
PHP Address Book Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-0135)
CVE-2013-0135
CWE-138
High
Ruby on Rails Improper Input Validation Vulnerability (CVE-2013-0156)
CVE-2013-0156
CWE-20
High
Django Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-45116)
CVE-2021-45116
CWE-668
High
Django Uncontrolled Resource Consumption Vulnerability (CVE-2021-45115)
CVE-2021-45115
CWE-400
High
LimeSurvey Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-44967)
CVE-2021-44967
CWE-434
High
MediaWiki Incorrect Default Permissions Vulnerability (CVE-2021-44858)
CVE-2021-44858
CWE-276
High
Apache Traffic Server Improper Authentication Vulnerability (CVE-2021-44759)
CVE-2021-44759
CWE-287
High
Django Improper Authentication Vulnerability (CVE-2021-44420)
CVE-2021-44420
CWE-287
High
ClipBucket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-6643)
CVE-2012-6643
CWE-138
High
Mailman Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-44227)
CVE-2021-44227
CWE-352
High
Oracle HTTP Server NULL Pointer Dereference Vulnerability (CVE-2021-44224)
CVE-2021-44224
CWE-476
High
Resin Application Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-44138)
CVE-2021-44138
CWE-22
High
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-44040)
CVE-2021-44040
CWE-20
High
Jenkins CVE-2013-0329 Vulnerability (CVE-2013-0329)
CVE-2013-0329
-
High
Ruby on Rails Other Vulnerability (CVE-2013-0333)
CVE-2013-0333
-
High
Nginx Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0337)
CVE-2013-0337
CWE-264
High
Atlassian Jira CVE-2021-43947 Vulnerability (CVE-2021-43947)
CVE-2021-43947
-
High
Oracle JRE CVE-2013-0351 Vulnerability (CVE-2013-0351)
CVE-2013-0351
-
High
Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-43944)
CVE-2021-43944
CWE-94
High
Atlassian Confluence Uncontrolled Search Path Element Vulnerability (CVE-2021-43940)
CVE-2021-43940
CWE-427
High
Envoy Proxy Use After Free Vulnerability (CVE-2021-43826)
CVE-2021-43826
CWE-416
High
MediaWiki CVE-2019-12472 Vulnerability (CVE-2019-12472)
CVE-2019-12472
-
High
MediaWiki Uncontrolled Resource Consumption Vulnerability (CVE-2021-46149)
CVE-2021-46149
CWE-400
High
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2021-43824)
CVE-2021-43824
CWE-476
High
YetiForce CRM Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-0269)
CVE-2022-0269
CWE-352
High
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-0813)
CVE-2022-0813
CWE-200
High
OpenSSL Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2022-0778)
CVE-2022-0778
CWE-835
High
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-5909)
CVE-2012-5909
CWE-138
High
Artifactory Deserialization of Untrusted Data Vulnerability (CVE-2022-0573)
CVE-2022-0573
CWE-502
High
phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-16993)
CVE-2019-16993
CWE-352
High
NuSOAP Improper Certificate Validation Vulnerability (CVE-2012-6071)
CVE-2012-6071
CWE-295
High
Squid Improper Input Validation Vulnerability (CVE-2019-12520)
CVE-2019-12520
CWE-20
High
Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2022-0538)
CVE-2022-0538
CWE-502
High
Oracle HTTP Server Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2022-0391)
CVE-2022-0391
CWE-138
High
Python Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2022-0391)
CVE-2022-0391
CWE-138
High
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-0335)
CVE-2022-0335
CWE-352
High
MediaWiki CVE-2019-12474 Vulnerability (CVE-2019-12474)
CVE-2019-12474
-
High
MediaWiki CVE-2019-12473 Vulnerability (CVE-2019-12473)
CVE-2019-12473
-
High
Oracle HTTP Server Out-of-bounds Write Vulnerability (CVE-2021-4034)
CVE-2021-4034
CWE-787
High
YOURLS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-0088)
CVE-2022-0088
CWE-352
High
OpenVPN AS Other Vulnerability (CVE-2021-4234)
CVE-2021-4234
-
High
UAParser.js Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-4229)
CVE-2021-4229
CWE-829
High
Oracle HTTP Server Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4185)
CVE-2021-4185
CWE-835
High
Oracle HTTP Server Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4184)
CVE-2021-4184
CWE-835
High
Oracle HTTP Server Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4182)
CVE-2021-4182
CWE-835
High
Oracle HTTP Server Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-4181)
CVE-2021-4181
CWE-138
High
Perl Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2012-6329)
CVE-2012-6329
CWE-94
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-6496)
CVE-2012-6496
CWE-138
High
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2021-4104)
CVE-2021-4104
CWE-502
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2021-4104)
CVE-2021-4104
CWE-502
High
OpenSSL Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4044)
CVE-2021-4044
CWE-835
High
Envoy Proxy Use After Free Vulnerability (CVE-2021-43825)
CVE-2021-43825
CWE-416
High
Oracle HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43818)
CVE-2021-43818
CWE-707
High
Jboss EAP Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2022-0853)
CVE-2022-0853
CWE-401
High
Ruby Other Vulnerability (CVE-2021-41817)
CVE-2021-41817
-
High
Masa CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-42183)
CVE-2021-42183
CWE-22
High
Mailman Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-42097)
CVE-2021-42097
CWE-352
High
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-12170)
CVE-2019-12170
CWE-434
High
Oracle JRE CVE-2013-1563 Vulnerability (CVE-2013-1563)
CVE-2013-1563
-
High
MediaWiki Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-42040)
CVE-2021-42040
CWE-835
High
«
1
...
24
25
26
...
181
»
