Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Known Vulnerabilities

This page lists 13509 vulnerabilities in this category.

Critical: 1465 High: 3387 Medium: 7907 Low: 748 Information: 2
Vulnerability Name
CVE
CWE
Severity
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1336)
CVE-2018-1336
CWE-835
High
Plone CMS Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-28736)
CVE-2020-28736
CWE-611
High
ReviveAdserver Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-7372)
CVE-2015-7372
CWE-22
High
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-28735)
CVE-2020-28735
CWE-918
High
IBM RTC Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-7440)
CVE-2015-7440
CWE-264
High
Plone CMS Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-28734)
CVE-2020-28734
CWE-611
High
Apache Tomcat Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1336)
CVE-2018-1336
CWE-835
High
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2018-1333)
CVE-2018-1333
CWE-400
High
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2018-1318)
CVE-2018-1318
CWE-20
High
Jenkins CVE-2015-7538 Vulnerability (CVE-2015-7538)
CVE-2015-7538
-
High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-7858)
CVE-2015-7858
CWE-138
High
Jenkins Insufficient Verification of Data Authenticity Vulnerability (CVE-2015-7539)
CVE-2015-7539
CWE-345
High
Ruby Improper Input Validation Vulnerability (CVE-2015-7551)
CVE-2015-7551
CWE-20
High
Three.js Uncontrolled Resource Consumption Vulnerability (CVE-2020-28496)
CVE-2020-28496
CWE-400
High
WebLogic Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2020-28491)
CVE-2020-28491
CWE-770
High
Ruby on Rails Resource Management Errors Vulnerability (CVE-2015-7581)
CVE-2015-7581
-
High
Apache HTTP Server Out-of-bounds Read Vulnerability (CVE-2018-1303)
CVE-2018-1303
CWE-125
High
WebLogic Incorrect Authorization Vulnerability (CVE-2018-1258)
CVE-2018-1258
CWE-863
High
GSAP CVE-2020-28478 Vulnerability (CVE-2020-28478)
CVE-2020-28478
-
High
Moodle Improper Input Validation Vulnerability (CVE-2018-1137)
CVE-2018-1137
CWE-20
High
Tornado Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-28476)
CVE-2020-28476
CWE-444
High
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-1133)
CVE-2018-1133
CWE-94
High
DataTables Prototype Pollution Vulnerability (CVE-2020-28458)
CVE-2020-28458
-
High
Moodle Improper Authentication Vulnerability (CVE-2018-1082)
CVE-2018-1082
CWE-287
High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-7857)
CVE-2015-7857
CWE-138
High
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-8623)
CVE-2015-8623
CWE-352
High
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-8624)
CVE-2015-8624
CWE-352
High
Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-28884)
CVE-2020-28884
CWE-138
High
PostgreSQL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2020-25694)
CVE-2020-25694
CWE-327
High
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-8994)
CVE-2015-8994
CWE-264
High
MediaWiki Improper Handling of Exceptional Conditions Vulnerability (CVE-2020-25869)
CVE-2020-25869
CWE-755
High
MediaWiki Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2020-25827)
CVE-2020-25827
CWE-307
High
Jboss EAP Reachable Assertion Vulnerability (CVE-2020-25710)
CVE-2020-25710
CWE-617
High
Moodle Improper Privilege Management Vulnerability (CVE-2020-25699)
CVE-2020-25699
CWE-269
High
Moodle CVE-2020-25698 Vulnerability (CVE-2020-25698)
CVE-2020-25698
-
High
PostgreSQL Arbitrary Code Execution Vulnerbality (CVE-2020-25696)
CVE-2020-25696
-
High
MySQL CVE-2016-0546 Vulnerability (CVE-2016-0546)
CVE-2016-0546
-
High
WebLogic CVE-2016-0572 Vulnerability (CVE-2016-0572)
CVE-2016-0572
-
High
WebLogic CVE-2016-0573 Vulnerability (CVE-2016-0573)
CVE-2016-0573
-
High
WebLogic CVE-2016-0574 Vulnerability (CVE-2016-0574)
CVE-2016-0574
-
High
WebLogic CVE-2016-0577 Vulnerability (CVE-2016-0577)
CVE-2016-0577
-
High
PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-25695)
CVE-2020-25695
CWE-138
High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-25644)
CVE-2020-25644
CWE-400
High
Moodle Improper Input Validation Vulnerability (CVE-2019-3847)
CVE-2019-3847
CWE-20
High
Moodle Uncontrolled Resource Consumption Vulnerability (CVE-2020-25630)
CVE-2020-25630
CWE-400
High
Moodle Improper Access Control Vulnerability (CVE-2020-25629)
CVE-2020-25629
CWE-284
High
Ruby Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-25613)
CVE-2020-25613
CWE-444
High
Squid Improper Input Validation Vulnerability (CVE-2020-25097)
CVE-2020-25097
CWE-20
High
Envoy Proxy CVE-2020-25018 Vulnerability (CVE-2020-25018)
CVE-2020-25018
-
High
Envoy Proxy Other Vulnerability (CVE-2020-25017)
CVE-2020-25017
-
High
concrete5 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-24986)
CVE-2020-24986
CWE-434
High
PrestaShop CVE-2018-19125 Vulnerability (CVE-2018-19125)
CVE-2018-19125
-
High
PrestaShop Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-19124)
CVE-2018-19124
CWE-22
High
PHP-Fusion Improper Privilege Management Vulnerability (CVE-2020-24949)
CVE-2020-24949
CWE-269
High
Squid Improper Input Validation Vulnerability (CVE-2020-24606)
CVE-2020-24606
CWE-20
High
Django Incorrect Default Permissions Vulnerability (CVE-2020-24584)
CVE-2020-24584
CWE-276
High
Django Incorrect Default Permissions Vulnerability (CVE-2020-24583)
CVE-2020-24583
CWE-276
High
Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-24554)
CVE-2020-24554
CWE-601
High
MyBB Insertion of Sensitive Information into Log File Vulnerability (CVE-2015-8977)
CVE-2015-8977
CWE-532
High
Python Improper Encoding or Escaping of Output Vulnerability (CVE-2020-26116)
CVE-2020-26116
CWE-116
High
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8625)
CVE-2015-8625
CWE-200
High
Dotclear Improper Access Control Vulnerability (CVE-2015-8832)
CVE-2015-8832
CWE-284
High
WebERP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-19435)
CVE-2018-19435
CWE-138
High
Play Framework Out-of-bounds Write Vulnerability (CVE-2020-27196)
CVE-2020-27196
CWE-787
High
WebERP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-19434)
CVE-2018-19434
CWE-138
High
Apache Tomcat Integer Overflow or Wraparound Vulnerability (CVE-2015-8751)
CVE-2015-8751
CWE-190
High
PHP Deserialization of Untrusted Data Vulnerability (CVE-2018-19396)
CVE-2018-19396
CWE-502
High
PHP NULL Pointer Dereference Vulnerability (CVE-2018-19395)
CVE-2018-19395
CWE-476
High
Play Framework Uncontrolled Recursion Vulnerability (CVE-2020-26883)
CVE-2020-26883
CWE-674
High
Play Framework Uncontrolled Recursion Vulnerability (CVE-2020-26882)
CVE-2020-26882
CWE-674
High
WordPress Improper Input Validation Vulnerability (CVE-2020-26596)
CVE-2020-26596
CWE-20
High
TYPO3 Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-26228)
CVE-2020-26228
CWE-312
High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-8769)
CVE-2015-8769
CWE-138
High
PrestaShop CVE-2020-26224 Vulnerability (CVE-2020-26224)
CVE-2020-26224
-
High
Oracle HTTP Server Out-of-bounds Read Vulnerability (CVE-2020-26185)
CVE-2020-26185
CWE-125
High