Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Known Vulnerabilities

This page lists 13509 vulnerabilities in this category.

Critical: 1465 High: 3387 Medium: 7907 Low: 748 Information: 2
Vulnerability Name
CVE
CWE
Severity
phpBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-1000419)
CVE-2017-1000419
CWE-918
High
Serendipity Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-1000129)
CVE-2017-1000129
CWE-138
High
PHP Out-of-bounds Read Vulnerability (CVE-2017-9118)
CVE-2017-9118
CWE-125
High
MODX Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-9069)
CVE-2017-9069
CWE-434
High
Jenkins Improper Authentication Vulnerability (CVE-2017-1000354)
CVE-2017-1000354
CWE-287
High
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-1000356)
CVE-2017-1000356
CWE-352
High
Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-8130)
CVE-2019-8130
CWE-138
High
MODX Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-9067)
CVE-2017-9067
CWE-22
High
Jenkins Improper Input Validation Vulnerability (CVE-2017-1000391)
CVE-2017-1000391
CWE-20
High
Jenkins Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2017-1000393)
CVE-2017-1000393
CWE-138
High
Jenkins Improper Input Validation Vulnerability (CVE-2017-1000394)
CVE-2017-1000394
CWE-20
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-14443)
CVE-2020-14443
CWE-138
High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-14384)
CVE-2020-14384
CWE-400
High
PostgreSQL Untrusted Search Path Vulnerability (CVE-2020-14350)
CVE-2020-14350
CWE-426
High
PostgreSQL Uncontrolled Search Path Element Vulnerability (CVE-2020-14349)
CVE-2020-14349
CWE-427
High
Moodle Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-9186)
CVE-2016-9186
CWE-434
High
Roundcube Unspesificed Vulnerability (CVE-2018-1000071)
CVE-2018-1000071
-
High
GlassFish CVE-2017-10391 Vulnerability (CVE-2017-10391)
CVE-2017-10391
-
High
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000863)
CVE-2018-1000863
CWE-22
High
Magento Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-15151)
CVE-2020-15151
-
High
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6606)
CVE-2016-6606
CWE-200
High
phpMyAdmin Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2016-6609)
CVE-2016-6609
CWE-138
High
TYPO3 Improper Input Validation Vulnerability (CVE-2020-15099)
CVE-2020-15099
CWE-20
High
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-6611)
CVE-2016-6611
CWE-138
High
TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2020-15098)
CVE-2020-15098
CWE-502
High
PrestaShop Other Vulnerability (CVE-2020-15082)
CVE-2020-15082
-
High
Magento CVE-2019-7915 Vulnerability (CVE-2019-7915)
CVE-2019-7915
-
High
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-6616)
CVE-2016-6616
CWE-138
High
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-6617)
CVE-2016-6617
CWE-138
High
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-6619)
CVE-2016-6619
CWE-138
High
WeBid Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-1000867)
CVE-2018-1000867
CWE-138
High
phpMyAdmin Server-Side Request Forgery (SSRF) Vulnerability (CVE-2016-6621)
CVE-2016-6621
CWE-918
High
OpenVPN AS Insufficient Session Expiration Vulnerability (CVE-2020-15074)
CVE-2020-15074
CWE-613
High
Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-7912)
CVE-2019-7912
CWE-434
High
phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-15072)
CVE-2020-15072
CWE-138
High
Squid Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-15049)
CVE-2020-15049
CWE-444
High
Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-7923)
CVE-2019-7923
CWE-918
High
Nexus Repository Manager Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-15012)
CVE-2020-15012
CWE-22
High
phpMyAdmin Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2016-6631)
CVE-2016-6631
CWE-138
High
phpMyAdmin CVE-2016-6633 Vulnerability (CVE-2016-6633)
CVE-2016-6633
-
High
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-6635)
CVE-2016-6635
CWE-352
High
MySQL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2016-6663)
CVE-2016-6663
CWE-362
High
MySQL Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2016-6664)
CVE-2016-6664
CWE-59
High
Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6668)
CVE-2016-6668
CWE-200
High
PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-14960)
CVE-2020-14960
CWE-138
High
Jboss EAP CVE-2016-6796 Vulnerability (CVE-2016-6796)
CVE-2016-6796
-
High
Apache Tomcat Incorrect Authorization Vulnerability (CVE-2016-6797)
CVE-2016-6797
CWE-863
High
Apache Tomcat Improper Input Validation Vulnerability (CVE-2016-6816)
CVE-2016-6816
CWE-20
High
Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-7913)
CVE-2019-7913
CWE-918
High
MediaWiki Improper Access Control Vulnerability (CVE-2016-6337)
CVE-2016-6337
CWE-284
High
Mailman Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-6893)
CVE-2016-6893
CWE-352
High
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-6289)
CVE-2016-6289
CWE-190
High
WordPress CVE-2016-5832 Vulnerability (CVE-2016-5832)
CVE-2016-5832
-
High
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-5835)
CVE-2016-5835
CWE-200
High
WordPress CVE-2016-5836 Vulnerability (CVE-2016-5836)
CVE-2016-5836
-
High
WordPress CVE-2016-5837 Vulnerability (CVE-2016-5837)
CVE-2016-5837
-
High
WordPress Credentials Management Errors Vulnerability (CVE-2016-5838)
CVE-2016-5838
-
High
WordPress CVE-2016-5839 Vulnerability (CVE-2016-5839)
CVE-2016-5839
-
High
PHP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-10546)
CVE-2018-10546
CWE-835
High
Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-7892)
CVE-2019-7892
CWE-918
High
PHP CVE-2016-6174 Vulnerability (CVE-2016-6174)
CVE-2016-6174
-
High
Perl CVE-2016-6185 Vulnerability (CVE-2016-6185)
CVE-2016-6185
-
High
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-6211)
CVE-2016-6211
CWE-264
High
Python Uncontrolled Search Path Element Vulnerability (CVE-2020-15523)
CVE-2020-15523
CWE-427
High
Magento CVE-2019-7895 Vulnerability (CVE-2019-7895)
CVE-2019-7895
-
High
Magento CVE-2019-7896 Vulnerability (CVE-2019-7896)
CVE-2019-7896
-
High
WeBid Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000882)
CVE-2018-1000882
CWE-22
High
phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-10188)
CVE-2018-10188
CWE-352
High
Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-7903)
CVE-2019-7903
CWE-94
High
Dolibarr Missing Authorization Vulnerability (CVE-2018-10092)
CVE-2018-10092
CWE-862
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-6297)
CVE-2016-6297
CWE-119
High
OpenSSL Improper Input Validation Vulnerability (CVE-2016-6302)
CVE-2016-6302
CWE-20
High
Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-7911)
CVE-2019-7911
CWE-918
High
OpenSSL Resource Management Errors Vulnerability (CVE-2016-6304)
CVE-2016-6304
-
High
OpenSSL Improper Input Validation Vulnerability (CVE-2016-6305)
CVE-2016-6305
CWE-20
High