Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Known Vulnerabilities
This page lists
13509 vulnerabilities
in this category.
Critical: 1465
High: 3387
Medium: 7907
Low: 748
Information: 2
Vulnerability Name
CVE
CWE
Severity
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-15252)
CVE-2020-15252
CWE-138
High
Frontaccounting Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-1000890)
CVE-2018-1000890
CWE-138
High
Ruby on Rails Improper Access Control Vulnerability (CVE-2016-6317)
CVE-2016-6317
CWE-284
High
MediaWiki Improper Access Control Vulnerability (CVE-2016-6331)
CVE-2016-6331
CWE-284
High
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6332)
CVE-2016-6332
CWE-200
High
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6335)
CVE-2016-6335
CWE-200
High
Apache Tomcat Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-6817)
CVE-2016-6817
CWE-119
High
WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-6896)
CVE-2016-6896
CWE-22
High
ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9127)
CVE-2016-9127
CWE-352
High
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000194)
CVE-2018-1000194
CWE-22
High
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-1000206)
CVE-2018-1000206
CWE-352
High
WebLogic CVE-2020-14820 Vulnerability (CVE-2020-14820)
CVE-2020-14820
-
High
Dot CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8600)
CVE-2016-8600
CWE-264
High
OpenSSL Uncontrolled Resource Consumption Vulnerability (CVE-2016-8610)
CVE-2016-8610
CWE-400
High
WebLogic Uncontrolled Resource Consumption Vulnerability (CVE-2016-8610)
CVE-2016-8610
CWE-400
High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2016-8610)
CVE-2016-8610
CWE-400
High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8656)
CVE-2016-8656
CWE-264
High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8657)
CVE-2016-8657
CWE-264
High
Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-7932)
CVE-2019-7932
CWE-94
High
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2016-8740)
CVE-2016-8740
-
High
Apache HTTP Server CVE-2016-8743 Vulnerability (CVE-2016-8743)
CVE-2016-8743
-
High
Apache Tomcat 7PK - Errors Vulnerability (CVE-2016-8745)
CVE-2016-8745
-
High
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-8747)
CVE-2016-8747
CWE-200
High
Joomla Improper Input Validation Vulnerability (CVE-2016-8870)
CVE-2016-8870
CWE-20
High
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-7919)
CVE-2016-7919
CWE-138
High
WebLogic Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2018-1000180)
CVE-2018-1000180
CWE-327
High
Jboss EAP Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2018-1000180)
CVE-2018-1000180
CWE-327
High
Gunicorn Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability (CVE-2018-1000164)
CVE-2018-1000164
CWE-707
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8903)
CVE-2016-8903
CWE-138
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8904)
CVE-2016-8904
CWE-138
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8905)
CVE-2016-8905
CWE-138
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8906)
CVE-2016-8906
CWE-138
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8907)
CVE-2016-8907
CWE-138
High
Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8908)
CVE-2016-8908
CWE-138
High
Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-7942)
CVE-2019-7942
CWE-94
High
Django Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9014)
CVE-2016-9014
CWE-264
High
RubyGems Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1000075)
CVE-2018-1000075
CWE-835
High
RubyGems Deserialization of Untrusted Data Vulnerability (CVE-2018-1000074)
CVE-2018-1000074
CWE-502
High
RubyGems Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2018-1000073)
CVE-2018-1000073
CWE-59
High
MySQL CVE-2020-14828 Vulnerability (CVE-2020-14828)
CVE-2020-14828
-
High
Dotclear Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-7902)
CVE-2016-7902
CWE-434
High
Moodle Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2016-7038)
CVE-2016-7038
CWE-640
High
PHP NULL Pointer Dereference Vulnerability (CVE-2016-7132)
CVE-2016-7132
CWE-476
High
PostgreSQL Improper Access Control Vulnerability (CVE-2016-7048)
CVE-2016-7048
CWE-284
High
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2016-7052)
CVE-2016-7052
CWE-476
High
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2016-7053)
CVE-2016-7053
CWE-476
High
OpenSSL Improper Access Control Vulnerability (CVE-2016-7054)
CVE-2016-7054
CWE-284
High
WebLogic CVE-2020-14883 Vulnerability (CVE-2020-14883)
CVE-2020-14883
-
High
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2016-7065)
CVE-2016-7065
CWE-502
High
Jboss EAP Permission Issues Vulnerability (CVE-2016-7066)
CVE-2016-7066
-
High
MySQL CVE-2020-14878 Vulnerability (CVE-2020-14878)
CVE-2020-14878
-
High
PHP Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2016-7125)
CVE-2016-7125
CWE-138
High
WordPress Improper Input Validation Vulnerability (CVE-2018-1000773)
CVE-2018-1000773
CWE-20
High
LimeSurvey Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000659)
CVE-2018-1000659
CWE-22
High
PHP NULL Pointer Dereference Vulnerability (CVE-2016-7130)
CVE-2016-7130
CWE-476
High
PHP NULL Pointer Dereference Vulnerability (CVE-2016-7131)
CVE-2016-7131
CWE-476
High
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-7133)
CVE-2016-7133
CWE-190
High
MODX Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2018-1000207)
CVE-2018-1000207
CWE-732
High
LimeSurvey Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-1000658)
CVE-2018-1000658
CWE-434
High
Jboss EAP XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2018-1000632)
CVE-2018-1000632
CWE-91
High
Django 7PK - Security Features Vulnerability (CVE-2016-7401)
CVE-2016-7401
-
High
Artifactory Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000623)
CVE-2018-1000623
CWE-22
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-7412)
CVE-2016-7412
CWE-119
High
MyBB Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2018-1000502)
CVE-2018-1000502
CWE-829
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-7416)
CVE-2016-7416
CWE-119
High
Artifactory Insufficiently Protected Credentials Vulnerability (CVE-2018-1000424)
CVE-2018-1000424
CWE-522
High
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1000410)
CVE-2018-1000410
CWE-200
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-7418)
CVE-2016-7418
CWE-119
High
Magento CVE-2019-7928 Vulnerability (CVE-2019-7928)
CVE-2019-7928
-
High
PHP Other Vulnerability (CVE-2016-7478)
CVE-2016-7478
-
High
Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-7930)
CVE-2019-7930
CWE-434
High
MODX Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1000208)
CVE-2018-1000208
CWE-22
High
Oracle JRE CVE-2017-10388 Vulnerability (CVE-2017-10388)
CVE-2017-10388
-
High
Drupal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-13671)
CVE-2020-13671
CWE-434
High
PHP NULL Pointer Dereference Vulnerability (CVE-2018-10548)
CVE-2018-10548
CWE-476
High
«
1
...
33
34
35
...
181
»
