Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-5379)
CVE-2023-5379
CWE-770
High
Open Resty Off-by-one Error Vulnerability (CVE-2021-23017)
CVE-2021-23017
CWE-193
High
Nginx Off-by-one Error Vulnerability (CVE-2021-23017)
CVE-2021-23017
CWE-193
High
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-5539)
CVE-2023-5539
CWE-94
High
Ruby on Rails Other Vulnerability (CVE-2021-22904)
CVE-2021-22904
-
High
Jenkins Missing Authorization Vulnerability (CVE-2021-21695)
CVE-2021-21695
CWE-862
High
Ruby on Rails CVE-2021-22902 Vulnerability (CVE-2021-22902)
CVE-2021-22902
-
High
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-5540)
CVE-2023-5540
CWE-94
High
Ruby on Rails Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2021-22885)
CVE-2021-22885
CWE-209
High
Ruby on Rails Uncontrolled Resource Consumption Vulnerability (CVE-2021-22880)
CVE-2021-22880
CWE-400
High
Squid Improper Handling of Exceptional Conditions Vulnerability (CVE-2023-5824)
CVE-2023-5824
CWE-755
High
PHP Out-of-bounds Write Vulnerability (CVE-2021-21703)
CVE-2021-21703
CWE-787
High
PHP NULL Pointer Dereference Vulnerability (CVE-2021-21702)
CVE-2021-21702
CWE-476
High
PostgreSQL Integer Overflow or Wraparound Vulnerability (CVE-2023-5869)
CVE-2023-5869
CWE-190
High
EspoCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-5965)
CVE-2023-5965
CWE-434
High
Grafana Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-27962)
CVE-2021-27962
CWE-732
High
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4224)
CVE-2023-4224
CWE-434
High
MySQL CVE-2021-35610 Vulnerability (CVE-2021-35610)
CVE-2021-35610
-
High
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-32566)
CVE-2021-32566
CWE-20
High
Envoy Proxy Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2021-32780)
CVE-2021-32780
CWE-754
High
Envoy Proxy Incorrect Authorization Vulnerability (CVE-2021-32779)
CVE-2021-32779
CWE-863
High
Envoy Proxy Excessive Iteration Vulnerability (CVE-2021-32778)
CVE-2021-32778
CWE-834
High
Envoy Proxy Incorrect Authorization Vulnerability (CVE-2021-32777)
CVE-2021-32777
CWE-863
High
Zope Web Application Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-32674)
CVE-2021-32674
CWE-22
High
OpenVPN AS Divide By Zero Vulnerability (CVE-2023-46849)
CVE-2023-46849
CWE-369
High
Plone CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-32633)
CVE-2021-32633
CWE-22
High
Zope Web Application Server Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-32633)
CVE-2021-32633
CWE-22
High
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-32567)
CVE-2021-32567
CWE-20
High
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2021-32565)
CVE-2021-32565
CWE-444
High
Envoy Proxy Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2021-32781)
CVE-2021-32781
CWE-119
High
Moodle Uncontrolled Resource Consumption Vulnerability (CVE-2021-32476)
CVE-2021-32476
CWE-400
High
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-32474)
CVE-2021-32474
CWE-138
High
Ruby Inadequate Encryption Strength Vulnerability (CVE-2021-32066)
CVE-2021-32066
CWE-326
High
MongoDb Out-of-bounds Write Vulnerability (CVE-2021-32040)
CVE-2021-32040
CWE-787
High
MongoDb Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-32036)
CVE-2021-32036
CWE-770
High
Jboss EAP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2021-32027)
CVE-2021-32027
CWE-119
High
PostgreSQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2021-32027)
CVE-2021-32027
CWE-119
High
SharePoint CVE-2021-31964 Vulnerability (CVE-2021-31964)
CVE-2021-31964
-
High
SharePoint CVE-2021-31963 Vulnerability (CVE-2021-31963)
CVE-2021-31963
-
High
Squid Incorrect Conversion between Numeric Types Vulnerability (CVE-2023-46848)
CVE-2023-46848
CWE-681
High
Zope Web Application Server Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2021-32811)
CVE-2021-32811
CWE-915
High
SharePoint CVE-2021-31948 Vulnerability (CVE-2021-31948)
CVE-2021-31948
-
High
Seo Panel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-34117)
CVE-2021-34117
CWE-138
High
SugarCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-46815)
CVE-2023-46815
CWE-434
High
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35413)
CVE-2021-35413
CWE-707
High
MediaWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-35197)
CVE-2021-35197
CWE-668
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-46816)
CVE-2023-46816
CWE-94
High
Oracle HTTP Server NULL Pointer Dereference Vulnerability (CVE-2021-34798)
CVE-2021-34798
CWE-476
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2021-34520)
CVE-2021-34520
CWE-502
High
SharePoint CVE-2021-34468 Vulnerability (CVE-2021-34468)
CVE-2021-34468
-
High
SharePoint CVE-2021-34467 Vulnerability (CVE-2021-34467)
CVE-2021-34467
-
High
Squid Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2023-46847)
CVE-2023-46847
CWE-120
High
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-33926)
CVE-2021-33926
CWE-918
High
Apache HTTP Server Other Vulnerability (CVE-2021-33193)
CVE-2021-33193
-
High
Ruby Interpretation Conflict Vulnerability (CVE-2021-33621)
CVE-2021-33621
CWE-436
High
Django Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-33571)
CVE-2021-33571
CWE-918
High
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-33511)
CVE-2021-33511
CWE-918
High
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-33338)
CVE-2021-33338
CWE-352
High
Liferay Portal Incorrect Authorization Vulnerability (CVE-2021-33335)
CVE-2021-33335
CWE-863
High
Liferay Portal Cleartext Storage of Sensitive Information Vulnerability (CVE-2021-33323)
CVE-2021-33323
CWE-312
High
Liferay Portal Insufficient Session Expiration Vulnerability (CVE-2021-33322)
CVE-2021-33322
CWE-613
High
Liferay Portal Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2021-33321)
CVE-2021-33321
CWE-640
High
Django Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-33203)
CVE-2021-33203
CWE-22
High
SharePoint Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-31950)
CVE-2021-31950
CWE-918
High
Chamilo Improper Input Validation Vulnerability (CVE-2021-31933)
CVE-2021-31933
CWE-20
High
Grafana Improper Authentication Vulnerability (CVE-2021-28148)
CVE-2021-28148
CWE-287
High
Python URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-28861)
CVE-2021-28861
CWE-601
High
Chamilo Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-4221)
CVE-2023-4221
CWE-138
High
IBM RTC Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-29844)
CVE-2021-29844
CWE-918
High
IBM RTC Improper Privilege Management Vulnerability (CVE-2021-29774)
CVE-2021-29774
CWE-269
High
Chamilo Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-4222)
CVE-2023-4222
CWE-138
High
Envoy Proxy Reachable Assertion Vulnerability (CVE-2021-29258)
CVE-2021-29258
CWE-617
High
Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-29053)
CVE-2021-29053
CWE-138
High
Liferay Portal Improper Authentication Vulnerability (CVE-2021-29047)
CVE-2021-29047
CWE-287
High
Ruby Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-28966)
CVE-2021-28966
CWE-22
High