Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-30130)
CVE-2023-30130
CWE-94
High
OpenSSL Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2023-0286)
CVE-2023-0286
CWE-843
High
PrestaShop Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-30151)
CVE-2023-30151
CWE-138
High
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2023-0217)
CVE-2023-0217
CWE-476
High
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-30179)
CVE-2023-30179
CWE-94
High
Dolibarr Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-30253)
CVE-2023-30253
CWE-138
High
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2023-0216)
CVE-2023-0216
CWE-476
High
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-30537)
CVE-2023-30537
CWE-94
High
Python Uncontrolled Resource Consumption Vulnerability (CVE-2022-45061)
CVE-2022-45061
CWE-400
High
Perl Improper Certificate Validation Vulnerability (CVE-2023-31484)
CVE-2023-31484
CWE-295
High
Undertow Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2023-1108)
CVE-2023-1108
CWE-835
High
SharePoint CVE-2023-33157 Vulnerability (CVE-2023-33157)
CVE-2023-33157
-
High
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-41927)
CVE-2022-41927
CWE-352
High
Microsoft SQL Server CVE-2023-32028 Vulnerability (CVE-2023-32028)
CVE-2023-32028
-
High
Nginx Out-of-bounds Write Vulnerability (CVE-2022-41742)
CVE-2022-41742
CWE-787
High
Nginx Out-of-bounds Write Vulnerability (CVE-2022-41741)
CVE-2022-41741
CWE-787
High
XWiki Incorrect Authorization Vulnerability (CVE-2023-32069)
CVE-2023-32069
CWE-863
High
IBMHttpServer Observable Discrepancy Vulnerability (CVE-2023-32342)
CVE-2023-32342
CWE-203
High
Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-32679)
CVE-2023-32679
CWE-138
High
SharePoint CVE-2023-33130 Vulnerability (CVE-2023-33130)
CVE-2023-33130
-
High
SharePoint CVE-2023-33134 Vulnerability (CVE-2023-33134)
CVE-2023-33134
-
High
Lighttpd Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2022-41556)
CVE-2022-41556
CWE-401
High
XWiki Missing Authorization Vulnerability (CVE-2022-41930)
CVE-2022-41930
CWE-862
High
SharePoint CVE-2023-33159 Vulnerability (CVE-2023-33159)
CVE-2023-33159
-
High
SharePoint CVE-2023-33160 Vulnerability (CVE-2023-33160)
CVE-2023-33160
-
High
Django Other Vulnerability (CVE-2022-41323)
CVE-2022-41323
-
High
SharePoint CVE-2023-33165 Vulnerability (CVE-2023-33165)
CVE-2023-33165
-
High
Squid Out-of-bounds Read Vulnerability (CVE-2022-41318)
CVE-2022-41318
CWE-125
High
SharePoint CVE-2022-41062 Vulnerability (CVE-2022-41062)
CVE-2022-41062
-
High
SharePoint CVE-2022-41061 Vulnerability (CVE-2022-41061)
CVE-2022-41061
-
High
SharePoint CVE-2022-41038 Vulnerability (CVE-2022-41038)
CVE-2022-41038
-
High
SharePoint CVE-2022-41037 Vulnerability (CVE-2022-41037)
CVE-2022-41037
-
High
XWiki Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') Vulnerability (CVE-2022-41928)
CVE-2022-41928
CWE-707
High
XWiki Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') Vulnerability (CVE-2022-41931)
CVE-2022-41931
CWE-707
High
SharePoint CVE-2022-44693 Vulnerability (CVE-2022-44693)
CVE-2022-44693
-
High
Liferay Portal Inefficient Regular Expression Complexity Vulnerability (CVE-2022-42124)
CVE-2022-42124
CWE-1333
High
SharePoint CVE-2022-44690 Vulnerability (CVE-2022-44690)
CVE-2022-44690
-
High
Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-43288)
CVE-2022-43288
CWE-138
High
LimeSurvey Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-43279)
CVE-2022-43279
CWE-138
High
Perl Improper Certificate Validation Vulnerability (CVE-2023-31486)
CVE-2023-31486
CWE-295
High
Python CVE-2022-42919 Vulnerability (CVE-2022-42919)
CVE-2022-42919
-
High
Magento Improper Input Validation Vulnerability (CVE-2022-42344)
CVE-2022-42344
CWE-20
High
Apache Tomcat Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2022-42252)
CVE-2022-42252
-
High
Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42125)
CVE-2022-42125
CWE-22
High
Liferay DXP Inefficient Regular Expression Complexity Vulnerability (CVE-2022-42124)
CVE-2022-42124
CWE-1333
High
Liferay DXP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42123)
CVE-2022-42123
CWE-22
High
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-41934)
CVE-2022-41934
CWE-116
High
Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-42123)
CVE-2022-42123
CWE-22
High
Microsoft SQL Server CVE-2023-32025 Vulnerability (CVE-2023-32025)
CVE-2023-32025
-
High
Liferay DXP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42121)
CVE-2022-42121
CWE-138
High
Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42121)
CVE-2022-42121
CWE-138
High
Microsoft SQL Server CVE-2023-32026 Vulnerability (CVE-2023-32026)
CVE-2023-32026
-
High
Microsoft SQL Server CVE-2023-32027 Vulnerability (CVE-2023-32027)
CVE-2023-32027
-
High
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-42029)
CVE-2022-42029
CWE-434
High
XWiki Missing Authorization Vulnerability (CVE-2022-41937)
CVE-2022-41937
CWE-862
High
XWiki Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2022-41936)
CVE-2022-41936
CWE-359
High
phpMyFAQ Weak Password Requirements Vulnerability (CVE-2023-0793)
CVE-2023-0793
CWE-521
High
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2023-1108)
CVE-2023-1108
CWE-835
High
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-40407)
CVE-2022-40407
CWE-434
High
Apache Tomcat Off-by-one Error Vulnerability (CVE-2023-28709)
CVE-2023-28709
CWE-193
High
Moodle CVE-2023-23923 Vulnerability (CVE-2023-23923)
CVE-2023-23923
-
High
Joomla Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-23755)
CVE-2023-23755
CWE-307
High
Microsoft SQL Server CVE-2023-23384 Vulnerability (CVE-2023-23384)
CVE-2023-23384
-
High
SharePoint CVE-2023-28288 Vulnerability (CVE-2023-28288)
CVE-2023-28288
-
High
Multiple SugarCRM Products Remote Code Execution Vulnerability (CVE-2023-22952)
CVE-2023-22952
-
High
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22795)
CVE-2023-22795
CWE-1333
High
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-28329)
CVE-2023-28329
CWE-138
High
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-28335)
CVE-2023-28335
CWE-352
High
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2023-28625)
CVE-2023-28625
CWE-476
High
Ruby Inefficient Regular Expression Complexity Vulnerability (CVE-2023-28756)
CVE-2023-28756
CWE-1333
High
Python Improper Input Validation Vulnerability (CVE-2023-24329)
CVE-2023-24329
CWE-20
High
Ruby Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22795)
CVE-2023-22795
CWE-1333
High
XWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-29208)
CVE-2023-29208
CWE-668
High
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29209)
CVE-2023-29209
CWE-94
High
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29210)
CVE-2023-29210
CWE-94
High