Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
SharePoint CVE-2024-38228 Vulnerability (CVE-2024-38228)
CVE-2024-38228
-
High
Moodle Incomplete Cleanup Vulnerability (CVE-2024-38275)
CVE-2024-38275
CWE-459
High
Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-9937)
CVE-2019-9937
CWE-476
High
Sqlite Out-of-bounds Read Vulnerability (CVE-2019-9936)
CVE-2019-9936
CWE-125
High
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-38276)
CVE-2024-38276
CWE-352
High
Envoy Proxy Improper Input Validation Vulnerability (CVE-2019-9900)
CVE-2019-9900
CWE-20
High
phpBB Improper Input Validation Vulnerability (CVE-2019-9826)
CVE-2019-9826
CWE-20
High
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-9787)
CVE-2019-9787
CWE-352
High
Apache Tomcat Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-38286)
CVE-2024-38286
CWE-770
High
Drupal Deserialization of Untrusted Data Vulnerability (CVE-2019-6338)
CVE-2019-6338
CWE-502
High
LimeSurvey Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-42902)
CVE-2024-42902
CWE-94
High
Dolibarr Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-11825)
CVE-2020-11825
CWE-352
High
Python CVE-2019-17514 Vulnerability (CVE-2019-17514)
CVE-2019-17514
-
High
WordPress CVE-2019-17673 Vulnerability (CVE-2019-17673)
CVE-2019-17673
-
High
Play Framework Inadequate Encryption Strength Vulnerability (CVE-2019-17598)
CVE-2019-17598
CWE-326
High
Next.js Incorrect Authorization Vulnerability (CVE-2024-51479)
CVE-2024-51479
CWE-863
High
Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51484)
CVE-2024-51484
CWE-352
High
Apache Tomcat Session Fixation Vulnerability (CVE-2019-17563)
CVE-2019-17563
CWE-384
High
Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51485)
CVE-2024-51485
CWE-352
High
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-51486)
CVE-2024-51486
CWE-707
High
Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51487)
CVE-2024-51487
CWE-352
High
WebLogic Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-17359)
CVE-2019-17359
CWE-770
High
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2024-50305)
CVE-2024-50305
CWE-20
High
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17319)
CVE-2019-17319
CWE-138
High
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17318)
CVE-2019-17318
CWE-138
High
SugarCRM Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2019-17317)
CVE-2019-17317
CWE-915
High
SugarCRM Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2019-17316)
CVE-2019-17316
CWE-915
High
SugarCRM Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2019-17315)
CVE-2019-17315
CWE-915
High
SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17314)
CVE-2019-17314
CWE-22
High
SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17313)
CVE-2019-17313
CWE-22
High
SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17312)
CVE-2019-17312
CWE-22
High
SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17311)
CVE-2019-17311
CWE-22
High
WordPress Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2019-17675)
CVE-2019-17675
CWE-843
High
Nginx CVE-2023-27729 Vulnerability (CVE-2023-27729)
CVE-2023-27729
-
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17309)
CVE-2019-17309
CWE-94
High
Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2019-19343)
CVE-2019-19343
CWE-400
High
TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2019-19849)
CVE-2019-19849
CWE-502
High
TYPO3 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-19848)
CVE-2019-19848
CWE-22
High
Apache HTTP Server Improper Neutralization of Escape, Meta, or Control Sequences Vulnerability (CVE-2024-47252)
CVE-2024-47252
CWE-150
High
Next.js Uncontrolled Recursion Vulnerability (CVE-2024-47831)
CVE-2024-47831
CWE-674
High
Contao Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-19745)
CVE-2019-19745
CWE-434
High
Chamilo Deserialization of Untrusted Data Vulnerability (CVE-2024-47886)
CVE-2024-47886
CWE-502
High
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-48311)
CVE-2024-48311
CWE-352
High
Sqlite CVE-2019-19603 Vulnerability (CVE-2019-19603)
CVE-2019-19603
-
High
Piwigo Use of Insufficiently Random Values Vulnerability (CVE-2024-48928)
CVE-2024-48928
CWE-330
High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2019-19343)
CVE-2019-19343
CWE-400
High
Squid Out-of-bounds Write Vulnerability (CVE-2019-18676)
CVE-2019-18676
CWE-787
High
SharePoint CVE-2024-49068 Vulnerability (CVE-2024-49068)
CVE-2024-49068
-
High
PHP Out-of-bounds Read Vulnerability (CVE-2019-19246)
CVE-2019-19246
CWE-125
High
Sqlite CVE-2019-19244 Vulnerability (CVE-2019-19244)
CVE-2019-19244
-
High
SharePoint CVE-2024-49070 Vulnerability (CVE-2024-49070)
CVE-2024-49070
-
High
Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-19209)
CVE-2019-19209
CWE-138
High
Werkzeug WSGI Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-49767)
CVE-2024-49767
CWE-770
High
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2019-18838)
CVE-2019-18838
CWE-476
High
Envoy Proxy Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-18836)
CVE-2019-18836
CWE-835
High
Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-18679)
CVE-2019-18679
CWE-200
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17310)
CVE-2019-17310
CWE-94
High
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17308)
CVE-2019-17308
CWE-94
High
Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-19880)
CVE-2019-19880
CWE-476
High
Drupal Improper Handling of Case Sensitivity Vulnerability (CVE-2024-55634)
CVE-2024-55634
CWE-178
High
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-16869)
CVE-2019-16869
CWE-444
High
Nexus Repository Manager Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-16530)
CVE-2019-16530
CWE-434
High
Pega Infinity Exposure of Resource to Wrong Sphere Vulnerability (CVE-2019-16387)
CVE-2019-16387
CWE-668
High
Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-53907)
CVE-2024-53907
CWE-770
High
Ruby Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-16255)
CVE-2019-16255
CWE-94
High
Ruby Improper Authentication Vulnerability (CVE-2019-16201)
CVE-2019-16201
CWE-287
High
LimeSurvey Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2019-16187)
CVE-2019-16187
CWE-732
High
LimeSurvey Incorrect Default Permissions Vulnerability (CVE-2019-16186)
CVE-2019-16186
CWE-276
High
LimeSurvey Incorrect Default Permissions Vulnerability (CVE-2019-16185)
CVE-2019-16185
CWE-276
High
LimeSurvey Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-16177)
CVE-2019-16177
CWE-200
High
Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2024-53868)
CVE-2024-53868
-
High
LimeSurvey Improper Restriction of XML External Entity Reference Vulnerability (CVE-2019-16174)
CVE-2019-16174
CWE-611
High
phpBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-16108)
CVE-2019-16108
CWE-94
High
Python CVE-2019-16056 Vulnerability (CVE-2019-16056)
CVE-2019-16056
-
High
Python Out-of-bounds Read Vulnerability (CVE-2019-15903)
CVE-2019-15903
CWE-125
High