Platform
Solutions
Pricing
Why Invicti
Resources Library
Get a demo
Home
/
Web Application Vulnerabilities
/ Known Vulnerabilities
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
Known Vulnerabilities
This page lists
13509 vulnerabilities
in this category.
Critical: 1465
High: 3387
Medium: 7907
Low: 748
Information: 2
Vulnerability Name
CVE
CWE
Severity
PHP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2017-7963)
CVE-2017-7963
CWE-770
High
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-13587)
CVE-2020-13587
CWE-138
High
Liferay Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-13445)
CVE-2020-13445
CWE-138
High
Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-8156)
CVE-2019-8156
CWE-918
High
MongoDb Out-of-bounds Read Vulnerability (CVE-2017-14227)
CVE-2017-14227
CWE-125
High
Dolibarr Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-14240)
CVE-2017-14240
CWE-200
High
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-14251)
CVE-2017-14251
CWE-434
High
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-14508)
CVE-2017-14508
CWE-138
High
SugarCRM Improper Input Validation Vulnerability (CVE-2017-14509)
CVE-2017-14509
CWE-20
High
Grafana Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-13379)
CVE-2020-13379
CWE-918
High
Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2019-8159)
CVE-2019-8159
CWE-138
High
Apache Tomcat Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-12615)
CVE-2017-12615
CWE-434
High
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2020-13654)
CVE-2020-13654
CWE-116
High
WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-14719)
CVE-2017-14719
CWE-22
High
SharePoint Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-8742)
CVE-2017-8742
CWE-119
High
Piwigo Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-10679)
CVE-2017-10679
CWE-200
High
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-10680)
CVE-2017-10680
CWE-352
High
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-10681)
CVE-2017-10681
CWE-352
High
Ruby Improper Authentication Vulnerability (CVE-2017-10784)
CVE-2017-10784
CWE-287
High
Drupal Exposure of Resource to Wrong Sphere Vulnerability (CVE-2020-13670)
CVE-2020-13670
CWE-668
High
Seo Panel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-10839)
CVE-2017-10839
CWE-138
High
Magento CVE-2019-8137 Vulnerability (CVE-2019-8137)
CVE-2019-8137
-
High
Contao Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-10993)
CVE-2017-10993
CWE-22
High
PHP Uncontrolled Resource Consumption Vulnerability (CVE-2017-11142)
CVE-2017-11142
CWE-400
High
PHP Deserialization of Untrusted Data Vulnerability (CVE-2017-11143)
CVE-2017-11143
CWE-502
High
PHP Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2017-11144)
CVE-2017-11144
CWE-754
High
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-11145)
CVE-2017-11145
CWE-200
High
SharePoint Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-8743)
CVE-2017-8743
CWE-119
High
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-8569)
CVE-2017-8569
CWE-707
High
Jboss EAP CVE-2017-12189 Vulnerability (CVE-2017-12189)
CVE-2017-12189
-
High
SharePoint CVE-2017-8511 Vulnerability (CVE-2017-8511)
CVE-2017-8511
-
High
SharePoint CVE-2017-8509 Vulnerability (CVE-2017-8509)
CVE-2017-8509
-
High
SharePoint Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-8501)
CVE-2017-8501
CWE-119
High
Joomla Improper Certificate Validation Vulnerability (CVE-2017-11364)
CVE-2017-11364
CWE-295
High
Magento Deserialization of Untrusted Data Vulnerability (CVE-2019-8141)
CVE-2019-8141
CWE-502
High
Dot CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-11466)
CVE-2017-11466
CWE-434
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-11628)
CVE-2017-11628
CWE-119
High
ZenCart Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-11675)
CVE-2017-11675
CWE-94
High
Roundcube Improper Privilege Management Vulnerability (CVE-2017-8114)
CVE-2017-8114
CWE-269
High
Drupal Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2020-13664)
CVE-2020-13664
CWE-138
High
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-12165)
CVE-2017-12165
CWE-444
High
Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-12165)
CVE-2017-12165
CWE-444
High
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-13663)
CVE-2020-13663
CWE-352
High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2017-12174)
CVE-2017-12174
CWE-400
High
Cherokee NULL Pointer Dereference Vulnerability (CVE-2020-12845)
CVE-2020-12845
CWE-476
High
Perl Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2020-12723)
CVE-2020-12723
CWE-120
High
RubyGems Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-8322)
CVE-2019-8322
CWE-138
High
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-17774)
CVE-2017-17774
CWE-352
High
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-7561)
CVE-2017-7561
CWE-444
High
Magento CVE-2019-8229 Vulnerability (CVE-2019-8229)
CVE-2019-8229
-
High
WebLogic Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-11987)
CVE-2020-11987
CWE-918
High
PostgreSQL CVE-2017-7548 Vulnerability (CVE-2017-7548)
CVE-2017-7548
-
High
PostgreSQL CVE-2017-7547 Vulnerability (CVE-2017-7547)
CVE-2017-7547
-
High
Jboss EAP Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') Vulnerability (CVE-2017-7536)
CVE-2017-7536
CWE-470
High
Magento CVE-2019-8230 Vulnerability (CVE-2019-8230)
CVE-2019-8230
-
High
Ruby Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2017-17405)
CVE-2017-17405
CWE-138
High
Magento CVE-2019-8231 Vulnerability (CVE-2019-8231)
CVE-2019-8231
-
High
Nginx Integer Overflow or Wraparound Vulnerability (CVE-2017-7529)
CVE-2017-7529
CWE-190
High
Python Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2017-17522)
CVE-2017-17522
CWE-138
High
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7486)
CVE-2017-7486
CWE-200
High
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7484)
CVE-2017-7484
CWE-200
High
Dolibarr Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-11825)
CVE-2020-11825
CWE-352
High
MyBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-7566)
CVE-2017-7566
CWE-918
High
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-17827)
CVE-2017-17827
CWE-352
High
Dolibarr Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-17898)
CVE-2017-17898
CWE-200
High
Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7415)
CVE-2017-7415
CWE-200
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17916)
CVE-2017-17916
CWE-138
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17917)
CVE-2017-17917
CWE-138
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17919)
CVE-2017-17919
CWE-138
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17920)
CVE-2017-17920
CWE-138
High
MODX CVE-2017-7323 Vulnerability (CVE-2017-7323)
CVE-2017-7323
-
High
MODX Improper Certificate Validation Vulnerability (CVE-2017-7322)
CVE-2017-7322
CWE-295
High
RubyGems Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-8320)
CVE-2019-8320
CWE-22
High
Rukovoditel Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-11818)
CVE-2020-11818
CWE-352
High
RubyGems Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') Vulnerability (CVE-2019-8321)
CVE-2019-8321
CWE-707
High
«
1
...
36
37
38
...
181
»
