Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Known Vulnerabilities

This page lists 13509 vulnerabilities in this category.

Critical: 1465 High: 3387 Medium: 7907 Low: 748 Information: 2
Vulnerability Name
CVE
CWE
Severity
GeoServer Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-51444)
CVE-2023-51444
CWE-434
High
Oracle JRE Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2024-21147)
CVE-2024-21147
CWE-200
High
WordPress Improper Authentication Vulnerability (CVE-2008-1930)
CVE-2008-1930
CWE-287
High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-1935)
CVE-2008-1935
CWE-138
High
Frontaccounting Other Vulnerability (CVE-2007-4279)
CVE-2007-4279
-
High
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-50723)
CVE-2023-50723
CWE-94
High
PHP Configuration Vulnerability (CVE-2008-5844)
CVE-2008-5844
-
High
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-6124)
CVE-2008-6124
CWE-138
High
e107 Other Vulnerability (CVE-2006-4548)
CVE-2006-4548
-
High
Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-36260)
CVE-2023-36260
CWE-138
High
phpMyAdmin Other Vulnerability (CVE-2006-6944)
CVE-2006-6944
-
High
phpMyFAQ Other Vulnerability (CVE-2006-6913)
CVE-2006-6913
-
High
phpMyFAQ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2006-6912)
CVE-2006-6912
CWE-138
High
Joomla Other Vulnerability (CVE-2006-6833)
CVE-2006-6833
-
High
PHP CVE-2009-3292 Vulnerability (CVE-2009-3292)
CVE-2009-3292
-
High
PHP CVE-2009-3293 Vulnerability (CVE-2009-3293)
CVE-2009-3293
-
High
Jenkins Integer Overflow or Wraparound Vulnerability (CVE-2023-36478)
CVE-2023-36478
CWE-190
High
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-36470)
CVE-2023-36470
CWE-138
High
XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-36469)
CVE-2023-36469
CWE-138
High
XWiki Incomplete Cleanup Vulnerability (CVE-2023-36468)
CVE-2023-36468
CWE-459
High
Microsoft SQL Server CVE-2023-36420 Vulnerability (CVE-2023-36420)
CVE-2023-36420
-
High
Microsoft SQL Server CVE-2023-36417 Vulnerability (CVE-2023-36417)
CVE-2023-36417
-
High
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26271)
CVE-2024-26271
CWE-352
High
Joomla Other Vulnerability (CVE-2006-7009)
CVE-2006-7009
-
High
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26271)
CVE-2024-26271
CWE-352
High
Apache Tomcat Credentials Management Errors Vulnerability (CVE-2009-3548)
CVE-2009-3548
-
High
TYPO3 Other Vulnerability (CVE-2006-6690)
CVE-2006-6690
-
High
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26272)
CVE-2024-26272
CWE-352
High
Django Inefficient Regular Expression Complexity Vulnerability (CVE-2023-36053)
CVE-2023-36053
CWE-1333
High
Envoy Proxy Incomplete Cleanup Vulnerability (CVE-2023-35945)
CVE-2023-35945
CWE-459
High
Envoy Proxy Use After Free Vulnerability (CVE-2023-35943)
CVE-2023-35943
CWE-416
High
PHP CVE-2009-3559 Vulnerability (CVE-2009-3559)
CVE-2009-3559
-
High
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-35811)
CVE-2023-35811
CWE-138
High
SugarCRM Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-35810)
CVE-2023-35810
CWE-138
High
SugarCRM CVE-2023-35809 Vulnerability (CVE-2023-35809)
CVE-2023-35809
-
High
SugarCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-35808)
CVE-2023-35808
CWE-434
High
Joomla Other Vulnerability (CVE-2006-7008)
CVE-2006-7008
-
High
Joomla Other Vulnerability (CVE-2006-7010)
CVE-2006-7010
-
High
XWiki CVE-2023-35166 Vulnerability (CVE-2023-35166)
CVE-2023-35166
-
High
Moodle Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-25978)
CVE-2024-25978
CWE-770
High
Oracle HTTP Server CVE-2007-0280 Vulnerability (CVE-2007-0280)
CVE-2007-0280
-
High
Oracle Application Server CVE-2007-0280 Vulnerability (CVE-2007-0280)
CVE-2007-0280
-
High
Liferay Portal Improper Restriction of XML External Entity Reference Vulnerability (CVE-2024-25606)
CVE-2024-25606
CWE-611
High
Liferay DXP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2024-25606)
CVE-2024-25606
CWE-611
High
Liferay DXP Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2024-25607)
CVE-2024-25607
CWE-916
High
Liferay Portal Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2024-25607)
CVE-2024-25607
CWE-916
High
Oracle Database Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2007-0272)
CVE-2007-0272
CWE-119
High
Apache HTTP Server Improper Locking Vulnerability (CVE-2009-2699)
CVE-2009-2699
CWE-667
High
WordPress Credentials Management Errors Vulnerability (CVE-2009-2762)
CVE-2009-2762
-
High
Squid Other Vulnerability (CVE-2024-25617)
CVE-2024-25617
-
High
WordPress Other Vulnerability (CVE-2007-0262)
CVE-2007-0262
-
High
SharePoint CVE-2023-36892 Vulnerability (CVE-2023-36892)
CVE-2023-36892
-
High
WordPress Other Vulnerability (CVE-2007-0233)
CVE-2007-0233
-
High
PHP Improper Input Validation Vulnerability (CVE-2009-3291)
CVE-2009-3291
CWE-20
High
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-25982)
CVE-2024-25982
CWE-352
High
SharePoint CVE-2023-36891 Vulnerability (CVE-2023-36891)
CVE-2023-36891
-
High
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2024-26142)
CVE-2024-26142
CWE-1333
High
SharePoint CVE-2023-36764 Vulnerability (CVE-2023-36764)
CVE-2023-36764
-
High
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-2933)
CVE-2009-2933
CWE-138
High
SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-2978)
CVE-2009-2978
CWE-138
High
SharePoint CVE-2023-36762 Vulnerability (CVE-2023-36762)
CVE-2023-36762
-
High
Microsoft SQL Server CVE-2023-36730 Vulnerability (CVE-2023-36730)
CVE-2023-36730
-
High
Apache Tomcat Other Vulnerability (CVE-2006-7197)
CVE-2006-7197
-
High
Python Uncontrolled Recursion Vulnerability (CVE-2023-36632)
CVE-2023-36632
CWE-674
High
Claroline Other Vulnerability (CVE-2006-7048)
CVE-2006-7048
-
High
Jetty Integer Overflow or Wraparound Vulnerability (CVE-2023-36478)
CVE-2023-36478
CWE-190
High
TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-3631)
CVE-2009-3631
CWE-94
High
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26272)
CVE-2024-26272
CWE-352
High
Joomla Other Vulnerability (CVE-2007-0374)
CVE-2007-0374
-
High
Oracle Database Server CVE-2006-5340 Vulnerability (CVE-2006-5340)
CVE-2006-5340
-
High
XWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-34467)
CVE-2023-34467
CWE-668
High
XWiki Improper Privilege Management Vulnerability (CVE-2023-34465)
CVE-2023-34465
CWE-269
High
osTicket Other Vulnerability (CVE-2006-5407)
CVE-2006-5407
-
High
phpMyFAQ Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2024-28105)
CVE-2024-28105
CWE-434
High
Liferay Portal Inefficient Regular Expression Complexity Vulnerability (CVE-2023-33950)
CVE-2023-33950
CWE-1333
High