Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Magento Incorrect Authorization Vulnerability (CVE-2020-9587)
CVE-2020-9587
CWE-863
High
WebLogic CVE-2024-21182 Vulnerability (CVE-2024-21182)
CVE-2024-21182
-
High
WebLogic CVE-2024-21183 Vulnerability (CVE-2024-21183)
CVE-2024-21183
-
High
Oracle Database Server CVE-2024-21184 Vulnerability (CVE-2024-21184)
CVE-2024-21184
-
High
WebLogic CVE-2024-21234 Vulnerability (CVE-2024-21234)
CVE-2024-21234
-
High
WebLogic CVE-2024-21260 Vulnerability (CVE-2024-21260)
CVE-2024-21260
-
High
MySQL CVE-2024-21272 Vulnerability (CVE-2024-21272)
CVE-2024-21272
-
High
WebLogic CVE-2024-21274 Vulnerability (CVE-2024-21274)
CVE-2024-21274
-
High
Apache Traffic Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-9494)
CVE-2020-9494
CWE-119
High
WebLogic CVE-2024-21175 Vulnerability (CVE-2024-21175)
CVE-2024-21175
-
High
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-9490)
CVE-2020-9490
CWE-444
High
Apache Tomcat Deserialization of Untrusted Data Vulnerability (CVE-2020-9484)
CVE-2020-9484
CWE-502
High
Apache Traffic Server Uncontrolled Resource Consumption Vulnerability (CVE-2020-9481)
CVE-2020-9481
CWE-400
High
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-9402)
CVE-2020-9402
CWE-138
High
Sqlite NULL Pointer Dereference Vulnerability (CVE-2020-9327)
CVE-2020-9327
CWE-476
High
silverstripeCMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-9280)
CVE-2020-9280
CWE-434
High
SharePoint CVE-2024-21426 Vulnerability (CVE-2024-21426)
CVE-2024-21426
-
High
AngularJS Inefficient Regular Expression Complexity Vulnerability (CVE-2024-21490)
CVE-2024-21490
CWE-1333
High
Angular Inefficient Regular Expression Complexity Vulnerability (CVE-2024-21490)
CVE-2024-21490
CWE-1333
High
Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-9591)
CVE-2020-9591
CWE-200
High
Oracle JRE Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2024-21147)
CVE-2024-21147
CWE-200
High
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2020-8663)
CVE-2020-8663
CWE-400
High
TCExam Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-20114)
CVE-2021-20114
CWE-200
High
PHP Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2024-11234)
CVE-2024-11234
CWE-138
High
PHP Use After Free Vulnerability (CVE-2024-11235)
CVE-2024-11235
CWE-416
High
Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2021-21015)
CVE-2021-21015
CWE-138
High
Drupal Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2024-11941)
CVE-2024-11941
CWE-835
High
Jetty Improper Resource Shutdown or Release Vulnerability (CVE-2024-13009)
CVE-2024-13009
CWE-404
High
IBM RTC Improper Restriction of XML External Entity Reference Vulnerability (CVE-2021-20502)
CVE-2021-20502
CWE-611
High
IBM WebSEAL Insufficiently Protected Credentials Vulnerability (CVE-2021-20439)
CVE-2021-20439
CWE-522
High
Grafana CVE-2024-1442 Vulnerability (CVE-2024-1442)
CVE-2024-1442
-
High
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-20187)
CVE-2021-20187
CWE-94
High
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2024-1635)
CVE-2024-1635
CWE-400
High
MySQL CVE-2024-21090 Vulnerability (CVE-2024-21090)
CVE-2024-21090
-
High
Oracle JRE CVE-2024-20918 Vulnerability (CVE-2024-20918)
CVE-2024-20918
-
High
WebLogic CVE-2024-20927 Vulnerability (CVE-2024-20927)
CVE-2024-20927
-
High
WebLogic CVE-2024-20931 Vulnerability (CVE-2024-20931)
CVE-2024-20931
-
High
Microsoft SQL Server Elevation of Privilege Vulnerability (CVE-2021-1636)
CVE-2021-1636
-
High
Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-9757)
CVE-2020-9757
CWE-138
High
Oracle JRE CVE-2024-20932 Vulnerability (CVE-2024-20932)
CVE-2024-20932
-
High
Oracle JRE CVE-2024-20952 Vulnerability (CVE-2024-20952)
CVE-2024-20952
-
High
WebLogic CVE-2024-21006 Vulnerability (CVE-2024-21006)
CVE-2024-21006
-
High
WebLogic Missing Authentication for Critical Function Vulnerability (CVE-2024-21007)
CVE-2024-21007
CWE-306
High
Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-8774)
CVE-2020-8774
CWE-707
High
Opencart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-21514)
CVE-2024-21514
CWE-138
High
Dojo Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2020-5258)
CVE-2020-5258
CWE-1321
High
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21690)
CVE-2024-21690
CWE-707
High
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-7238)
CVE-2020-7238
CWE-444
High
WebLogic Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2020-7226)
CVE-2020-7226
CWE-770
High
PHP Out-of-bounds Read Vulnerability (CVE-2020-7067)
CVE-2020-7067
CWE-125
High
Atlassian Confluence Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-21677)
CVE-2024-21677
CWE-22
High
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21678)
CVE-2024-21678
CWE-707
High
PHP Out-of-bounds Write Vulnerability (CVE-2020-7065)
CVE-2020-7065
CWE-787
High
PHP NULL Pointer Dereference Vulnerability (CVE-2020-7062)
CVE-2020-7062
CWE-476
High
Atlassian Confluence CVE-2024-21683 Vulnerability (CVE-2024-21683)
CVE-2024-21683
-
High
Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21686)
CVE-2024-21686
CWE-707
High
TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-22188)
CVE-2024-22188
CWE-94
High
Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-21674)
CVE-2024-21674
CWE-94
High
Jetty Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-22201)
CVE-2024-22201
CWE-770
High
Drupal Other Vulnerability (CVE-2024-22362)
CVE-2024-22362
-
High
silverstripeCMS CVE-2020-6164 Vulnerability (CVE-2020-6164)
CVE-2020-6164
-
High
TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5745)
CVE-2020-5745
CWE-707
High
Zenphoto Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-5593)
CVE-2020-5593
CWE-138
High
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-5504)
CVE-2020-5504
CWE-138
High
MySQL Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5398)
CVE-2020-5398
CWE-707
High
WebLogic Download of Code Without Integrity Check Vulnerability (CVE-2020-5398)
CVE-2020-5398
CWE-494
High
Oracle HTTP Server Out-of-bounds Read Vulnerability (CVE-2020-5360)
CVE-2020-5360
CWE-125
High
qdPM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-7246)
CVE-2020-7246
CWE-22
High
Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-21673)
CVE-2024-21673
CWE-94
High
Squid Improper Input Validation Vulnerability (CVE-2020-8517)
CVE-2020-8517
CWE-20
High
Apache Tomcat Incorrect Default Permissions Vulnerability (CVE-2020-8022)
CVE-2020-8022
CWE-276
High
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-8450)
CVE-2020-8450
CWE-119
High
Squid Exposure of Resource to Wrong Sphere Vulnerability (CVE-2020-8449)
CVE-2020-8449
CWE-668
High
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-8420)
CVE-2020-8420
CWE-352
High
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-8419)
CVE-2020-8419
CWE-352
High