Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Dolibarr Improper Authentication Vulnerability (CVE-2021-25956)
CVE-2021-25956
CWE-287
High
Grafana CVE-2023-4822 Vulnerability (CVE-2023-4822)
CVE-2023-4822
-
High
Apache Tomcat Deserialization of Untrusted Data Vulnerability (CVE-2021-25329)
CVE-2021-25329
CWE-502
High
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-25122)
CVE-2021-25122
CWE-200
High
OpenSSL Integer Overflow or Wraparound Vulnerability (CVE-2021-23840)
CVE-2021-23840
CWE-190
High
Pega Infinity Improper Restriction of XML External Entity Reference Vulnerability (CVE-2023-50168)
CVE-2023-50168
CWE-611
High
Squid Uncontrolled Recursion Vulnerability (CVE-2023-50269)
CVE-2023-50269
CWE-674
High
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-50721)
CVE-2023-50721
CWE-94
High
Joomla Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2021-26038)
CVE-2021-26038
CWE-754
High
Underscore.js Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-23358)
CVE-2021-23358
CWE-94
High
Lodash Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2021-23337)
CVE-2021-23337
CWE-138
High
PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-23214)
CVE-2021-23214
CWE-138
High
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-23163)
CVE-2021-23163
CWE-352
High
Joomla CVE-2021-23132 Vulnerability (CVE-2021-23132)
CVE-2021-23132
-
High
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-50722)
CVE-2023-50722
CWE-707
High
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-50723)
CVE-2023-50723
CWE-94
High
GeoServer Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-51444)
CVE-2023-51444
CWE-434
High
Coppermine Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-53868)
CVE-2023-53868
CWE-434
High
Joomla Improper Input Validation Vulnerability (CVE-2021-26036)
CVE-2021-26036
CWE-20
High
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-26070)
CVE-2021-26070
CWE-287
High
Rukovoditel Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2023-53913)
CVE-2023-53913
CWE-1236
High
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2021-27577)
CVE-2021-27577
CWE-444
High
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-27948)
CVE-2021-27948
CWE-138
High
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-27947)
CVE-2021-27947
CWE-138
High
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-27946)
CVE-2021-27946
CWE-138
High
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4225)
CVE-2023-4225
CWE-434
High
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-27890)
CVE-2021-27890
CWE-138
High
e107 Inadequate Encryption Strength Vulnerability (CVE-2021-27885)
CVE-2021-27885
CWE-326
High
Apache Traffic Server Remote DOS Attack (CVE-2021-27737)
CVE-2021-27737
-
High
Pega Infinity Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2021-27654)
CVE-2021-27654
CWE-640
High
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4226)
CVE-2023-4226
CWE-434
High
Grafana CVE-2021-27358 Vulnerability (CVE-2021-27358)
CVE-2021-27358
-
High
OpenSSL CVE-2023-4807 Vulnerability (CVE-2023-4807)
CVE-2023-4807
-
High
Kong Server Incorrect Authorization Vulnerability (CVE-2021-27306)
CVE-2021-27306
CWE-863
High
UAParser.js Other Vulnerability (CVE-2021-27292)
CVE-2021-27292
-
High
Beego Framework Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-27117)
CVE-2021-27117
CWE-59
High
Beego Framework Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-27116)
CVE-2021-27116
CWE-59
High
Grafana CVE-2023-4399 Vulnerability (CVE-2023-4399)
CVE-2023-4399
-
High
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2021-26690)
CVE-2021-26690
CWE-476
High
SharePoint CVE-2021-26420 Vulnerability (CVE-2021-26420)
CVE-2021-26420
-
High
SharePoint CVE-2021-26418 Vulnerability (CVE-2021-26418)
CVE-2021-26418
-
High
Jboss EAP Improper Initialization Vulnerability (CVE-2023-4503)
CVE-2023-4503
CWE-665
High
ProjectSend Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2023-53905)
CVE-2023-53905
CWE-1236
High
phpMyFAQ Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2023-53929)
CVE-2023-53929
CWE-1236
High
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-27973)
CVE-2021-27973
CWE-138
High
Envoy Proxy Improper Authentication Vulnerability (CVE-2021-21378)
CVE-2021-21378
CWE-287
High
WP Plugin Contact Form 7 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-6449)
CVE-2023-6449
CWE-434
High
Jenkins Missing Authorization Vulnerability (CVE-2021-21688)
CVE-2021-21688
CWE-862
High
Jenkins Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-21686)
CVE-2021-21686
CWE-59
High
Jenkins Session Fixation Vulnerability (CVE-2021-21671)
CVE-2021-21671
CWE-384
High
Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-21605)
CVE-2021-21605
CWE-22
High
Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2021-21604)
CVE-2021-21604
CWE-502
High
Wordpress Plugin Backup Migration Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-7002)
CVE-2023-7002
CWE-138
High
Ampache Improper Access Control Vulnerability (CVE-2021-21399)
CVE-2021-21399
CWE-284
High
XWiki Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-21380)
CVE-2021-21380
CWE-138
High
TYPO3 Uncontrolled Recursion Vulnerability (CVE-2021-21359)
CVE-2021-21359
CWE-674
High
Wordpress Plugin Backup Migration Files or Directories Accessible to External Parties Vulnerability (CVE-2023-6266)
CVE-2023-6266
CWE-552
High
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-21357)
CVE-2021-21357
CWE-434
High
TYPO3 Files or Directories Accessible to External Parties Vulnerability (CVE-2021-21355)
CVE-2021-21355
CWE-552
High
TYPO3 Cleartext Storage of Sensitive Information Vulnerability (CVE-2021-21339)
CVE-2021-21339
CWE-312
High
Microsoft SQL Server CVE-2024-0056 Vulnerability (CVE-2024-0056)
CVE-2024-0056
-
High
Plone CMS Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2024-0669)
CVE-2024-0669
CWE-1021
High
PostgreSQL CVE-2024-0985 Vulnerability (CVE-2024-0985)
CVE-2024-0985
-
High
PrestaShop Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2021-21302)
CVE-2021-21302
CWE-1236
High
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-10234)
CVE-2024-10234
CWE-707
High
jQuery Validation Uncontrolled Resource Consumption Vulnerability (CVE-2021-21252)
CVE-2021-21252
CWE-400
High
Wordpress Plugin Backup Migration CVE-2023-6271 Vulnerability (CVE-2023-6271)
CVE-2023-6271
-
High
EspoCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-5966)
CVE-2023-5966
CWE-434
High
ProjectSend Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2023-53930)
CVE-2023-53930
CWE-639
High
ReviveAdserver Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2021-22948)
CVE-2021-22948
CWE-327
High
Serendipity Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-53933)
CVE-2023-53933
CWE-434
High
Dotclear Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-53952)
CVE-2023-53952
CWE-434
High
MyBB Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-53979)
CVE-2023-53979
CWE-22
High
Joomla Improper Input Validation Vulnerability (CVE-2021-23131)
CVE-2021-23131
CWE-20
High
OpenSSL CVE-2023-5363 Vulnerability (CVE-2023-5363)
CVE-2023-5363
-
High