Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29211)
CVE-2023-29211
CWE-94
High
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29212)
CVE-2023-29212
CWE-94
High
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-29213)
CVE-2023-29213
CWE-352
High
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29214)
CVE-2023-29214
CWE-94
High
Microsoft SQL Server CVE-2023-29349 Vulnerability (CVE-2023-29349)
CVE-2023-29349
-
High
Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-23969)
CVE-2023-23969
CWE-770
High
Django Uncontrolled Resource Consumption Vulnerability (CVE-2023-24580)
CVE-2023-24580
CWE-400
High
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22792)
CVE-2023-22792
CWE-1333
High
XWiki Other Vulnerability (CVE-2023-26478)
CVE-2023-26478
-
High
Nginx Out-of-bounds Read Vulnerability (CVE-2023-27727)
CVE-2023-27727
CWE-125
High
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-27522)
CVE-2023-27522
-
High
Envoy Proxy CVE-2023-27496 Vulnerability (CVE-2023-27496)
CVE-2023-27496
-
High
Nginx Out-of-bounds Read Vulnerability (CVE-2023-27730)
CVE-2023-27730
CWE-125
High
Jenkins Incorrect Authorization Vulnerability (CVE-2023-27899)
CVE-2023-27899
CWE-863
High
XWiki Improper Restriction of XML External Entity Reference Vulnerability (CVE-2023-27480)
CVE-2023-27480
CWE-611
High
Jenkins Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-27900)
CVE-2023-27900
CWE-770
High
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-27233)
CVE-2023-27233
CWE-138
High
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-26876)
CVE-2023-26876
CWE-138
High
Jenkins Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-27901)
CVE-2023-27901
CWE-770
High
SharePoint Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-24955)
CVE-2023-24955
CWE-94
High
XWiki Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-26476)
CVE-2023-26476
CWE-307
High
XWiki Improper Privilege Management Vulnerability (CVE-2023-26475)
CVE-2023-26475
CWE-269
High
XWiki CVE-2023-26474 Vulnerability (CVE-2023-26474)
CVE-2023-26474
-
High
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2023-26472)
CVE-2023-26472
CWE-116
High
XWiki CVE-2023-26471 Vulnerability (CVE-2023-26471)
CVE-2023-26471
-
High
XWiki Out-of-bounds Write Vulnerability (CVE-2023-26470)
CVE-2023-26470
CWE-787
High
IBMHttpServer Improper Input Validation Vulnerability (CVE-2023-26281)
CVE-2023-26281
CWE-20
High
Werkzeug WSGI Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-25577)
CVE-2023-25577
CWE-770
High
PrestaShop Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-25170)
CVE-2023-25170
CWE-352
High
Microsoft SQL Server CVE-2023-29356 Vulnerability (CVE-2023-29356)
CVE-2023-29356
-
High
XWiki Other Vulnerability (CVE-2023-29507)
CVE-2023-29507
-
High
Grafana CVE-2023-1387 Vulnerability (CVE-2023-1387)
CVE-2023-1387
-
High
Microsoft SQL Server CVE-2023-21718 Vulnerability (CVE-2023-21718)
CVE-2023-21718
-
High
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29519)
CVE-2023-29519
CWE-138
High
WebLogic CVE-2023-21842 Vulnerability (CVE-2023-21842)
CVE-2023-21842
-
High
WebLogic CVE-2023-21841 Vulnerability (CVE-2023-21841)
CVE-2023-21841
-
High
WebLogic CVE-2023-21839 Vulnerability (CVE-2023-21839)
CVE-2023-21839
-
High
WebLogic CVE-2023-21838 Vulnerability (CVE-2023-21838)
CVE-2023-21838
-
High
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29521)
CVE-2023-29521
CWE-138
High
WebLogic CVE-2023-21837 Vulnerability (CVE-2023-21837)
CVE-2023-21837
-
High
SharePoint CVE-2023-21744 Vulnerability (CVE-2023-21744)
CVE-2023-21744
-
High
SharePoint CVE-2023-21742 Vulnerability (CVE-2023-21742)
CVE-2023-21742
-
High
SharePoint CVE-2023-21717 Vulnerability (CVE-2023-21717)
CVE-2023-21717
-
High
WebLogic CVE-2023-21931 Vulnerability (CVE-2023-21931)
CVE-2023-21931
-
High
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29522)
CVE-2023-29522
CWE-138
High
Microsoft SQL Server CVE-2023-21713 Vulnerability (CVE-2023-21713)
CVE-2023-21713
-
High
Microsoft SQL Server CVE-2023-21705 Vulnerability (CVE-2023-21705)
CVE-2023-21705
-
High
Microsoft SQL Server CVE-2023-21704 Vulnerability (CVE-2023-21704)
CVE-2023-21704
-
High
Microsoft SQL Server CVE-2023-21528 Vulnerability (CVE-2023-21528)
CVE-2023-21528
-
High
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29523)
CVE-2023-29523
CWE-138
High
phpMyFAQ Improper Privilege Management Vulnerability (CVE-2023-1762)
CVE-2023-1762
CWE-269
High
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29524)
CVE-2023-29524
CWE-138
High
MongoDb Improper Certificate Validation Vulnerability (CVE-2023-1409)
CVE-2023-1409
CWE-295
High
Oracle JRE CVE-2023-21930 Vulnerability (CVE-2023-21930)
CVE-2023-21930
-
High
WebLogic CVE-2023-21964 Vulnerability (CVE-2023-21964)
CVE-2023-21964
-
High
WordPress Uncontrolled Resource Consumption Vulnerability (CVE-2023-22622)
CVE-2023-22622
CWE-400
High
WebLogic CVE-2023-22108 Vulnerability (CVE-2023-22108)
CVE-2023-22108
-
High
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29509)
CVE-2023-29509
CWE-94
High
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29510)
CVE-2023-29510
CWE-138
High
Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-22526)
CVE-2023-22526
CWE-94
High
Atlassian Confluence Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-22522)
CVE-2023-22522
CWE-138
High
XWiki Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') Vulnerability (CVE-2023-29511)
CVE-2023-29511
CWE-707
High
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29512)
CVE-2023-29512
CWE-138
High
Atlassian Confluence CVE-2023-22512 Vulnerability (CVE-2023-22512)
CVE-2023-22512
-
High
Atlassian Confluence CVE-2023-22508 Vulnerability (CVE-2023-22508)
CVE-2023-22508
-
High
Atlassian Confluence CVE-2023-22505 Vulnerability (CVE-2023-22505)
CVE-2023-22505
-
High
MySQL CVE-2023-22102 Vulnerability (CVE-2023-22102)
CVE-2023-22102
-
High
WebLogic CVE-2023-21979 Vulnerability (CVE-2023-21979)
CVE-2023-21979
-
High
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29514)
CVE-2023-29514
CWE-138
High
WebLogic CVE-2023-22101 Vulnerability (CVE-2023-22101)
CVE-2023-22101
-
High
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29516)
CVE-2023-29516
CWE-138
High
WebLogic CVE-2023-22086 Vulnerability (CVE-2023-22086)
CVE-2023-22086
-
High
XWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2023-29517)
CVE-2023-29517
CWE-200
High
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29518)
CVE-2023-29518
CWE-138
High
Oracle HTTP Server CVE-2023-22019 Vulnerability (CVE-2023-22019)
CVE-2023-22019
-
High