Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Known Vulnerabilities

This page lists 13509 vulnerabilities in this category.

Critical: 1465 High: 3387 Medium: 7907 Low: 748 Information: 2
Vulnerability Name
CVE
CWE
Severity
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29518)
CVE-2023-29518
CWE-138
High
XWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2023-29517)
CVE-2023-29517
CWE-200
High
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29516)
CVE-2023-29516
CWE-138
High
Oracle Database Server CVE-2006-1874 Vulnerability (CVE-2006-1874)
CVE-2006-1874
-
High
e107 Other Vulnerability (CVE-2010-2098)
CVE-2010-2098
-
High
Oracle Database Server Other Vulnerability (CVE-2006-1872)
CVE-2006-1872
-
High
Oracle Database Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2006-1868)
CVE-2006-1868
CWE-119
High
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29514)
CVE-2023-29514
CWE-138
High
Liferay DXP Incorrect Authorization Vulnerability (CVE-2024-38002)
CVE-2024-38002
CWE-863
High
phpMyAdmin Other Vulnerability (CVE-2006-1804)
CVE-2006-1804
-
High
Dolibarr Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37821)
CVE-2024-37821
CWE-94
High
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29512)
CVE-2023-29512
CWE-138
High
XWiki Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') Vulnerability (CVE-2023-29511)
CVE-2023-29511
CWE-707
High
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29510)
CVE-2023-29510
CWE-138
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37899)
CVE-2024-37899
CWE-94
High
Claroline Other Vulnerability (CVE-2006-1596)
CVE-2006-1596
-
High
PHP Resource Management Errors Vulnerability (CVE-2010-2225)
CVE-2010-2225
-
High
XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37901)
CVE-2024-37901
CWE-94
High
Claroline Other Vulnerability (CVE-2006-1594)
CVE-2006-1594
-
High
Liferay Portal Incorrect Authorization Vulnerability (CVE-2024-38002)
CVE-2024-38002
CWE-863
High
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29509)
CVE-2023-29509
CWE-94
High
axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-39338)
CVE-2024-39338
CWE-918
High
Django Improper Handling of Length Parameter Inconsistency Vulnerability (CVE-2024-39614)
CVE-2024-39614
CWE-130
High
Serendipity Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1916)
CVE-2010-1916
CWE-264
High
TYPO3 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2010-3668)
CVE-2010-3668
CWE-138
High
Nginx Out-of-bounds Read Vulnerability (CVE-2023-27727)
CVE-2023-27727
CWE-125
High
Internet Information Services Unchecked Return Value Vulnerability (CVE-2005-4360)
CVE-2005-4360
CWE-252
High
e107 Other Vulnerability (CVE-2005-4224)
CVE-2005-4224
-
High
Mailman Other Vulnerability (CVE-2005-4153)
CVE-2005-4153
-
High
MediaWiki Other Vulnerability (CVE-2005-4031)
CVE-2005-4031
-
High
Oracle Database Server CVE-2010-3600 Vulnerability (CVE-2010-3600)
CVE-2010-3600
-
High
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-40748)
CVE-2024-40748
CWE-707
High
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-27522)
CVE-2023-27522
-
High
Joomla Other Vulnerability (CVE-2024-40749)
CVE-2024-40749
-
High
Envoy Proxy CVE-2023-27496 Vulnerability (CVE-2023-27496)
CVE-2023-27496
-
High
TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-3662)
CVE-2010-3662
CWE-138
High
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2010-3663)
CVE-2010-3663
CWE-434
High
XWiki Improper Restriction of XML External Entity Reference Vulnerability (CVE-2023-27480)
CVE-2023-27480
CWE-611
High
Nginx CVE-2023-27729 Vulnerability (CVE-2023-27729)
CVE-2023-27729
-
High
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-27233)
CVE-2023-27233
CWE-138
High
Dotclear Other Vulnerability (CVE-2005-3963)
CVE-2005-3963
-
High
Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-40898)
CVE-2024-40898
CWE-918
High
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-26876)
CVE-2023-26876
CWE-138
High
PrestaShop Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-41651)
CVE-2024-41651
CWE-918
High
XWiki Other Vulnerability (CVE-2023-26478)
CVE-2023-26478
-
High
XWiki Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-26476)
CVE-2023-26476
CWE-307
High
XWiki Improper Privilege Management Vulnerability (CVE-2023-26475)
CVE-2023-26475
CWE-269
High
XWiki CVE-2023-26474 Vulnerability (CVE-2023-26474)
CVE-2023-26474
-
High
Jboss EAP Improper Input Validation Vulnerability (CVE-2010-3708)
CVE-2010-3708
CWE-20
High
Craft CMS Improper Authentication Vulnerability (CVE-2024-41800)
CVE-2024-41800
CWE-287
High
Joomla Other Vulnerability (CVE-2005-3772)
CVE-2005-3772
-
High
Nginx Out-of-bounds Read Vulnerability (CVE-2023-27728)
CVE-2023-27728
CWE-125
High
Nginx Out-of-bounds Read Vulnerability (CVE-2023-27730)
CVE-2023-27730
CWE-125
High
Oracle Application Server Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2006-0586)
CVE-2006-0586
CWE-138
High
phpMyAdmin Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3055)
CVE-2010-3055
CWE-264
High
Next.js Uncontrolled Resource Consumption Vulnerability (CVE-2024-39693)
CVE-2024-39693
CWE-400
High
Oracle Database Server Other Vulnerability (CVE-2006-0552)
CVE-2006-0552
-
High
Oracle Application Server Other Vulnerability (CVE-2006-0552)
CVE-2006-0552
-
High
Oracle Database Server Other Vulnerability (CVE-2006-0551)
CVE-2006-0551
-
High
Oracle Application Server CVE-2006-0435 Vulnerability (CVE-2006-0435)
CVE-2006-0435
-
High
Oracle HTTP Server CVE-2006-0435 Vulnerability (CVE-2006-0435)
CVE-2006-0435
-
High
Ruby Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2010-2489)
CVE-2010-2489
CWE-119
High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-2679)
CVE-2010-2679
CWE-138
High
Ruby Inefficient Regular Expression Complexity Vulnerability (CVE-2023-28756)
CVE-2023-28756
CWE-1333
High
Apache Tomcat Off-by-one Error Vulnerability (CVE-2023-28709)
CVE-2023-28709
CWE-193
High
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2023-28625)
CVE-2023-28625
CWE-476
High
Moodle Other Vulnerability (CVE-2006-0147)
CVE-2006-0147
-
High
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2006-0146)
CVE-2006-0146
CWE-138
High
Family Connections Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-3419)
CVE-2010-3419
CWE-94
High
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-28335)
CVE-2023-28335
CWE-352
High
Beego Framework Improper Certificate Validation Vulnerability (CVE-2024-40464)
CVE-2024-40464
CWE-295
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2006-0097)
CVE-2006-0097
CWE-119
High
Beego Framework Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2024-40465)
CVE-2024-40465
CWE-327
High
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-28329)
CVE-2023-28329
CWE-138
High
SharePoint CVE-2023-28288 Vulnerability (CVE-2023-28288)
CVE-2023-28288
-
High