Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Known Vulnerabilities
This page lists
13509 vulnerabilities
in this category.
Critical: 1465
High: 3387
Medium: 7907
Low: 748
Information: 2
Vulnerability Name
CVE
CWE
Severity
MediaWiki Credentials Management Errors Vulnerability (CVE-2015-8626)
CVE-2015-8626
-
Critical
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-26935)
CVE-2020-26935
CWE-138
Critical
Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8707)
CVE-2015-8707
CWE-200
Critical
phpMyAdmin Cryptographic Issues Vulnerability (CVE-2008-7252)
CVE-2008-7252
-
Critical
Oracle Database Server CVE-2009-1020 Vulnerability (CVE-2009-1020)
CVE-2009-1020
-
Critical
Chamilo Improper Handling of Case Sensitivity Vulnerability (CVE-2023-3545)
CVE-2023-3545
CWE-178
Critical
Oracle Application Server CVE-2008-7233 Vulnerability (CVE-2008-7233)
CVE-2008-7233
-
Critical
PHP Other Vulnerability (CVE-2015-6835)
CVE-2015-6835
-
Critical
WebLogic CVE-2020-2546 Vulnerability (CVE-2020-2546)
CVE-2020-2546
-
Critical
Ruby on Rails Improper Authentication Vulnerability (CVE-2009-2422)
CVE-2009-2422
CWE-287
Critical
PHP Improper Input Validation Vulnerability (CVE-2015-5589)
CVE-2015-5589
CWE-20
Critical
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-37277)
CVE-2023-37277
CWE-352
Critical
MediaWiki CVE-2023-37303 Vulnerability (CVE-2023-37303)
CVE-2023-37303
-
Critical
Sqlite CVE-2015-5895 Vulnerability (CVE-2015-5895)
CVE-2015-5895
-
Critical
Oracle HTTP Server Improper Input Validation Vulnerability (CVE-2020-29508)
CVE-2020-29508
CWE-20
Critical
Oracle HTTP Server Improper Input Validation Vulnerability (CVE-2020-29507)
CVE-2020-29507
CWE-20
Critical
Oracle HTTP Server Other Vulnerability (CVE-2020-29506)
CVE-2020-29506
-
Critical
Oracle Database Server CVE-2009-1992 Vulnerability (CVE-2009-1992)
CVE-2009-1992
-
Critical
Oracle Database Server CVE-2009-1985 Vulnerability (CVE-2009-1985)
CVE-2009-1985
-
Critical
Oracle Database Server CVE-2009-1979 Vulnerability (CVE-2009-1979)
CVE-2009-1979
-
Critical
PHP Other Vulnerability (CVE-2015-6834)
CVE-2015-6834
-
Critical
GlassFish Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-7182)
CVE-2015-7182
CWE-119
Critical
Chamilo Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-3533)
CVE-2023-3533
CWE-22
Critical
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-38888)
CVE-2023-38888
CWE-707
Critical
PrestaShop Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-39524)
CVE-2023-39524
CWE-138
Critical
PrestaShop Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-39525)
CVE-2023-39525
CWE-22
Critical
PrestaShop Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-39526)
CVE-2023-39526
CWE-138
Critical
PrestaShop CVE-2023-39529 Vulnerability (CVE-2023-39529)
CVE-2023-39529
-
Critical
PrestaShop Improper Input Validation Vulnerability (CVE-2023-39530)
CVE-2023-39530
CWE-20
Critical
ownCloud Improper Input Validation Vulnerability (CVE-2020-28645)
CVE-2020-28645
CWE-20
Critical
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2015-7501)
CVE-2015-7501
CWE-502
Critical
Grafana Authentication Bypass by Spoofing Vulnerability (CVE-2023-3128)
CVE-2023-3128
CWE-290
Critical
Chamilo Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-3368)
CVE-2023-3368
CWE-138
Critical
ownCloud Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2015-7698)
CVE-2015-7698
CWE-138
Critical
phpMyAdmin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-1151)
CVE-2009-1151
CWE-94
Critical
ownCloud Improper Input Validation Vulnerability (CVE-2015-7699)
CVE-2015-7699
CWE-20
Critical
phpMyAdmin Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-7251)
CVE-2008-7251
CWE-264
Critical
CrushFTP Server Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2023-43177)
CVE-2023-43177
CWE-913
Critical
OpenSSL Out-of-bounds Write Vulnerability (CVE-2016-2182)
CVE-2016-2182
CWE-787
Critical
GibbonEdu CVE-2023-45878 Vulnerability (CVE-2023-45878)
CVE-2023-45878
-
Critical
WordPress Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2016-10045)
CVE-2016-10045
CWE-138
Critical
Joomla Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2016-10045)
CVE-2016-10045
CWE-138
Critical
Serendipity Improper Access Control Vulnerability (CVE-2016-10082)
CVE-2016-10082
CWE-284
Critical
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-45136)
CVE-2023-45136
CWE-707
Critical
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-22452)
CVE-2020-22452
CWE-138
Critical
Piwigo Improper Access Control Vulnerability (CVE-2016-10105)
CVE-2016-10105
CWE-284
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-10160)
CVE-2016-10160
CWE-119
Critical
SharePoint Integer Overflow or Wraparound Vulnerability (CVE-2008-4019)
CVE-2008-4019
CWE-190
Critical
phpList Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-22249)
CVE-2020-22249
CWE-434
Critical
Serendipity Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-10752)
CVE-2016-10752
CWE-434
Critical
qdPM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-45856)
CVE-2023-45856
CWE-434
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-1283)
CVE-2016-1283
CWE-119
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-1903)
CVE-2016-1903
CWE-119
Critical
Artifactory Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-10036)
CVE-2016-10036
CWE-434
Critical
Oracle Database Server Improper Input Validation Vulnerability (CVE-2020-1953)
CVE-2020-1953
CWE-20
Critical
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-1944)
CVE-2020-1944
CWE-444
Critical
Apache Tomcat Other Vulnerability (CVE-2020-1938)
CVE-2020-1938
-
Critical
Undertow Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-1745)
CVE-2020-1745
CWE-200
Critical
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-46731)
CVE-2023-46731
CWE-94
Critical
OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-2108)
CVE-2016-2108
CWE-119
Critical
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-2141)
CVE-2016-2141
CWE-264
Critical
OpenSSL Integer Overflow or Wraparound Vulnerability (CVE-2016-2177)
CVE-2016-2177
CWE-190
Critical
WebLogic Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2008-3257)
CVE-2008-3257
CWE-119
Critical
OpenVPN AS Use After Free Vulnerability (CVE-2023-46850)
CVE-2023-46850
CWE-416
Critical
Dotclear Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3232)
CVE-2008-3232
CWE-94
Critical
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3225)
CVE-2008-3225
CWE-264
Critical
phpBB CVE-2008-3224 Vulnerability (CVE-2008-3224)
CVE-2008-3224
-
Critical
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-45134)
CVE-2023-45134
CWE-707
Critical
WordPress Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') Vulnerability (CVE-2016-10033)
CVE-2016-10033
CWE-707
Critical
PHP Other Vulnerability (CVE-2015-8835)
CVE-2015-8835
-
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2008-5557)
CVE-2008-5557
CWE-119
Critical
PHP Other Vulnerability (CVE-2015-8866)
CVE-2015-8866
-
Critical
PHP Other Vulnerability (CVE-2015-8876)
CVE-2015-8876
-
Critical
PHP Other Vulnerability (CVE-2015-8880)
CVE-2015-8880
-
Critical
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-8974)
CVE-2015-8974
CWE-138
Critical
«
1
2
3
4
...
181
»
