Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Known Vulnerabilities

This page lists 13509 vulnerabilities in this category.

Critical: 1465 High: 3387 Medium: 7907 Low: 748 Information: 2
Vulnerability Name
CVE
CWE
Severity
Sqlite Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2015-3717)
CVE-2015-3717
CWE-120
High
qdPM Sensitive Information Disclosure Vulnerability (CVE-2015-3881)
CVE-2015-3881
-
High
Oracle JRE CVE-2018-2814 Vulnerability (CVE-2018-2814)
CVE-2018-2814
-
High
MediaWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2020-35475)
CVE-2020-35475
CWE-116
High
Envoy mishandles dropped and truncated datagrams Issue (CVE-2020-35471)
CVE-2020-35471
-
High
Envoy Wrong DOWNSTREAM_REMOTE_ADDRESS logged Issue (CVE-2020-35470)
CVE-2020-35470
-
High
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2020-35452)
CVE-2020-35452
CWE-787
High
Python Out-of-bounds Write Vulnerability (CVE-2018-25032)
CVE-2018-25032
CWE-787
High
WebLogic CVE-2020-2867 Vulnerability (CVE-2020-2867)
CVE-2020-2867
-
High
WebLogic CVE-2019-2890 Vulnerability (CVE-2019-2890)
CVE-2019-2890
-
High
PHP Other Vulnerability (CVE-2015-6832)
CVE-2015-6832
-
High
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-2160)
CVE-2020-2160
CWE-352
High
Magento Improper Input Validation Vulnerability (CVE-2015-6497)
CVE-2015-6497
CWE-20
High
ownCloud Resource Management Errors Vulnerability (CVE-2015-6500)
CVE-2015-6500
-
High
Jenkins Use of Insufficiently Random Values Vulnerability (CVE-2020-2099)
CVE-2020-2099
CWE-330
High
Chamilo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-20329)
CVE-2018-20329
CWE-138
High
Oracle Database Server CVE-2019-2799 Vulnerability (CVE-2019-2799)
CVE-2019-2799
-
High
MySQL CVE-2019-2800 Vulnerability (CVE-2019-2800)
CVE-2019-2800
-
High
Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-6659)
CVE-2015-6659
CWE-138
High
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-6728)
CVE-2015-6728
CWE-352
High
Python Improper Privilege Management Vulnerability (CVE-2020-29396)
CVE-2020-29396
CWE-269
High
Rukovoditel Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-20166)
CVE-2018-20166
CWE-434
High
PHP Use After Free Vulnerability (CVE-2015-6831)
CVE-2015-6831
CWE-416
High
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-20151)
CVE-2018-20151
CWE-200
High
PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-6833)
CVE-2015-6833
CWE-22
High
Jboss EAP Other Vulnerability (CVE-2019-9513)
CVE-2019-9513
-
High
MySQL CVE-2019-2822 Vulnerability (CVE-2019-2822)
CVE-2019-2822
-
High
PHP Other Vulnerability (CVE-2015-6836)
CVE-2015-6836
-
High
PHP Other Vulnerability (CVE-2015-6837)
CVE-2015-6837
-
High
PHP Other Vulnerability (CVE-2015-6838)
CVE-2015-6838
-
High
MediaWiki Insufficiently Protected Credentials Vulnerability (CVE-2020-29005)
CVE-2020-29005
CWE-522
High
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-29004)
CVE-2020-29004
CWE-352
High
IBM WebSEAL Use of Hard-coded Credentials Vulnerability (CVE-2018-1887)
CVE-2018-1887
CWE-798
High
IBM WebSEAL CVE-2018-1850 Vulnerability (CVE-2018-1850)
CVE-2018-1850
-
High
Plone CMS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-7293)
CVE-2015-7293
CWE-352
High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-7297)
CVE-2015-7297
CWE-138
High
Drupal CVE-2020-28949 Vulnerability (CVE-2020-28949)
CVE-2020-28949
-
High
Plone CMS Improper Input Validation Vulnerability (CVE-2015-7318)
CVE-2015-7318
CWE-20
High
Drupal Deserialization of Untrusted Data Vulnerability (CVE-2020-28948)
CVE-2020-28948
CWE-502
High
Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-28885)
CVE-2020-28885
CWE-138
High
SugarCRM Incomplete List of Disallowed Inputs Vulnerability (CVE-2015-5946)
CVE-2015-5946
CWE-184
High
Artifactory Insufficiently Protected Credentials Vulnerability (CVE-2020-2165)
CVE-2020-2165
CWE-522
High
WebLogic CVE-2020-2828 Vulnerability (CVE-2020-2828)
CVE-2020-2828
-
High
Moodle 7PK - Security Features Vulnerability (CVE-2015-5267)
CVE-2015-5267
-
High
Oracle JRE CVE-2020-2816 Vulnerability (CVE-2020-2816)
CVE-2020-2816
-
High
Oracle JRE CVE-2020-2805 Vulnerability (CVE-2020-2805)
CVE-2020-2805
-
High
Oracle Database Server CVE-2015-4873 Vulnerability (CVE-2015-4873)
CVE-2015-4873
-
High
Oracle JRE CVE-2020-2803 Vulnerability (CVE-2020-2803)
CVE-2020-2803
-
High
Oracle HTTP Server Improper Restriction of XML External Entity Reference Vulnerability (CVE-2018-20843)
CVE-2018-20843
CWE-611
High
WebLogic CVE-2020-2798 Vulnerability (CVE-2020-2798)
CVE-2020-2798
-
High
Highcharts JS Incorrect Regular Expression Vulnerability (CVE-2018-20801)
CVE-2018-20801
CWE-185
High
PHP Out-of-bounds Read Vulnerability (CVE-2018-20783)
CVE-2018-20783
CWE-125
High
Django Resource Management Errors Vulnerability (CVE-2015-5143)
CVE-2015-5143
-
High
Django Resource Management Errors Vulnerability (CVE-2015-5145)
CVE-2015-5145
-
High
Oracle Database Server CVE-2019-2776 Vulnerability (CVE-2019-2776)
CVE-2019-2776
-
High
PrestaShop Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-20717)
CVE-2018-20717
CWE-94
High
Oracle Database Server CVE-2020-2735 Vulnerability (CVE-2020-2735)
CVE-2020-2735
-
High
Jenkins Improper Access Control Vulnerability (CVE-2015-5325)
CVE-2015-5325
CWE-284
High
Python Other Vulnerability (CVE-2015-5652)
CVE-2015-5652
-
High
WebLogic CVE-2020-2549 Vulnerability (CVE-2020-2549)
CVE-2020-2549
-
High
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5338)
CVE-2015-5338
CWE-352
High
Sqlite Integer Overflow or Wraparound Vulnerability (CVE-2018-20506)
CVE-2018-20506
CWE-190
High
Apache Tomcat Other Vulnerability (CVE-2015-5346)
CVE-2015-5346
-
High
Apache Tomcat Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5351)
CVE-2015-5351
CWE-352
High
Oracle Database Server CVE-2020-2518 Vulnerability (CVE-2020-2518)
CVE-2020-2518
-
High
Roundcube Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5383)
CVE-2015-5383
CWE-200
High
Sqlite Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-20505)
CVE-2018-20505
CWE-138
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-5590)
CVE-2015-5590
CWE-119
High
Craft CMS Missing Encryption of Sensitive Data Vulnerability (CVE-2018-20465)
CVE-2018-20465
CWE-311
High
Zenphoto Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-5591)
CVE-2015-5591
CWE-138
High
Oracle Database Server CVE-2020-2511 Vulnerability (CVE-2020-2511)
CVE-2020-2511
-
High
Oracle Database Server CVE-2020-2510 Vulnerability (CVE-2020-2510)
CVE-2020-2510
-
High
Python Integer Overflow or Wraparound Vulnerability (CVE-2018-20406)
CVE-2018-20406
CWE-190
High
Lighttpd Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-19052)
CVE-2018-19052
CWE-22
High
Moodle Improper Privilege Management Vulnerability (CVE-2019-3849)
CVE-2019-3849
CWE-269
High