Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Known Vulnerabilities
This page lists
13509 vulnerabilities
in this category.
Critical: 1465
High: 3387
Medium: 7907
Low: 748
Information: 2
Vulnerability Name
CVE
CWE
Severity
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2017-2670)
CVE-2017-2670
CWE-835
High
Drupal CVE-2017-6919 Vulnerability (CVE-2017-6919)
CVE-2017-6919
-
High
Perl Integer Overflow or Wraparound Vulnerability (CVE-2020-10878)
CVE-2020-10878
CWE-190
High
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-10804)
CVE-2020-10804
CWE-138
High
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-10802)
CVE-2020-10802
CWE-138
High
Moodle Improper Input Validation Vulnerability (CVE-2020-10738)
CVE-2020-10738
CWE-20
High
Python Incorrect Type Conversion or Cast Vulnerability (CVE-2020-10735)
CVE-2020-10735
CWE-704
High
PostgreSQL Untrusted Search Path Vulnerability (CVE-2020-10733)
CVE-2020-10733
CWE-426
High
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2020-10705)
CVE-2020-10705
CWE-770
High
Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2017-2608)
CVE-2017-2608
CWE-502
High
Undertow Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-10705)
CVE-2020-10705
CWE-119
High
WebLogic Other Vulnerability (CVE-2020-10673)
CVE-2020-10673
-
High
WebLogic Other Vulnerability (CVE-2020-10672)
CVE-2020-10672
-
High
Undertow Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2017-2670)
CVE-2017-2670
CWE-835
High
Dot CMS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-3187)
CVE-2017-3187
CWE-352
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-10969)
CVE-2020-10969
CWE-502
High
Dot CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-3189)
CVE-2017-3189
CWE-434
High
ownCloud Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-10252)
CVE-2020-10252
CWE-918
High
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-10241)
CVE-2020-10241
CWE-352
High
Joomla Missing Authorization Vulnerability (CVE-2020-10239)
CVE-2020-10239
CWE-862
High
GlassFish CVE-2017-3249 Vulnerability (CVE-2017-3249)
CVE-2017-3249
-
High
GlassFish Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-3250)
CVE-2017-3250
CWE-200
High
Joomla Exposure of Resource to Wrong Sphere Vulnerability (CVE-2020-10238)
CVE-2020-10238
CWE-668
High
WordPress Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-8942)
CVE-2019-8942
CWE-94
High
SharePoint CVE-2020-0980 Vulnerability (CVE-2020-0980)
CVE-2020-0980
-
High
MySQL Use After Free Vulnerability (CVE-2017-3302)
CVE-2017-3302
CWE-416
High
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-0974)
CVE-2020-0974
CWE-434
High
MySQL CVE-2017-3308 Vulnerability (CVE-2017-3308)
CVE-2017-3308
-
High
MySQL CVE-2017-3309 Vulnerability (CVE-2017-3309)
CVE-2017-3309
-
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-10968)
CVE-2020-10968
CWE-502
High
Python Uncontrolled Search Path Element Vulnerability (CVE-2017-20052)
CVE-2017-20052
CWE-427
High
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-0932)
CVE-2020-0932
CWE-434
High
concrete5 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-11476)
CVE-2020-11476
CWE-434
High
MySQL Improper Initialization Vulnerability (CVE-2020-11655)
CVE-2020-11655
CWE-665
High
Sqlite Improper Initialization Vulnerability (CVE-2020-11655)
CVE-2020-11655
CWE-665
High
Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-18113)
CVE-2017-18113
CWE-94
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-11620)
CVE-2020-11620
CWE-502
High
RubyGems Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-8324)
CVE-2019-8324
CWE-94
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-11619)
CVE-2020-11619
CWE-502
High
RubyGems Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-8325)
CVE-2019-8325
CWE-138
High
Drupal CVE-2017-6930 Vulnerability (CVE-2017-6930)
CVE-2017-6930
-
High
Moment.js Uncontrolled Resource Consumption Vulnerability (CVE-2017-18214)
CVE-2017-18214
CWE-400
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-18260)
CVE-2017-18260
CWE-138
High
Hiawatha Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-8358)
CVE-2019-8358
CWE-22
High
Ampache Deserialization of Untrusted Data Vulnerability (CVE-2017-18375)
CVE-2017-18375
CWE-502
High
IBM RTC Improper Restriction of XML External Entity Reference Vulnerability (CVE-2017-1103)
CVE-2017-1103
CWE-611
High
OpenVPN AS Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') Vulnerability (CVE-2020-11462)
CVE-2020-11462
CWE-776
High
Atlassian Jira Improper Authentication Vulnerability (CVE-2019-8443)
CVE-2019-8443
CWE-287
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-11113)
CVE-2020-11113
CWE-502
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-11112)
CVE-2020-11112
CWE-502
High
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-11111)
CVE-2020-11111
CWE-502
High
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2020-11080)
CVE-2020-11080
CWE-400
High
TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-11069)
CVE-2020-11069
CWE-352
High
TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2020-11067)
CVE-2020-11067
CWE-502
High
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-6926)
CVE-2017-6926
CWE-200
High
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2020-11057)
CVE-2020-11057
CWE-94
High
IBM RTC Inadequate Encryption Strength Vulnerability (CVE-2017-1701)
CVE-2017-1701
CWE-326
High
WordPress Missing Authentication for Critical Function Vulnerability (CVE-2020-11028)
CVE-2020-11028
CWE-306
High
WordPress Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2020-11027)
CVE-2020-11027
CWE-640
High
Drupal Improper Privilege Management Vulnerability (CVE-2017-6924)
CVE-2017-6924
CWE-269
High
phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-20030)
CVE-2017-20030
CWE-138
High
Atlassian Jira CVE-2019-8442 Vulnerability (CVE-2019-8442)
CVE-2019-8442
-
High
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-0971)
CVE-2020-0971
CWE-434
High
MySQL CVE-2017-3329 Vulnerability (CVE-2017-3329)
CVE-2017-3329
-
High
Open Resty Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-11724)
CVE-2020-11724
CWE-444
High
Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9514)
CVE-2019-9514
CWE-770
High
Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9517)
CVE-2019-9517
CWE-770
High
Drupal Incorrect Authorization Vulnerability (CVE-2017-6377)
CVE-2017-6377
CWE-863
High
Ruby Improper Input Validation Vulnerability (CVE-2017-6181)
CVE-2017-6181
CWE-20
High
Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9517)
CVE-2019-9517
CWE-770
High
Serendipity Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-5475)
CVE-2017-5475
CWE-352
High
Serendipity Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-5476)
CVE-2017-5476
CWE-352
High
b2evolution Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-5480)
CVE-2017-5480
CWE-22
High
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9517)
CVE-2019-9517
CWE-770
High
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-5489)
CVE-2017-5489
CWE-352
High
«
1
...
34
35
36
...
181
»
