Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Oracle Database Server CVE-2012-0519 Vulnerability (CVE-2012-0519)
CVE-2012-0519
-
High
TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-3631)
CVE-2009-3631
CWE-94
High
Progress MOVEit Transfer SQL Injection
CVE-2023-34362
CWE-89
High
WordPress Other Vulnerability (CVE-2006-1012)
CVE-2006-1012
-
High
MinIO Information Disclosure (CVE-2023-28432)
CVE-2023-28432
CWE-200
High
phpMyAdmin Other Vulnerability (CVE-2007-1325)
CVE-2007-1325
-
High
Oracle JRE CVE-2012-0505 Vulnerability (CVE-2012-0505)
CVE-2012-0505
-
High
Oracle JRE CVE-2012-0503 Vulnerability (CVE-2012-0503)
CVE-2012-0503
-
High
PHP CVE-2009-3559 Vulnerability (CVE-2009-3559)
CVE-2009-3559
-
High
Ivanti EPMM API Authentication bypass (CVE-2023-35078/CVE-2023-35082)
CVE-2023-35082
CWE-287
High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-4094)
CVE-2008-4094
CWE-138
High
Oracle E-Business Suite Unauthenticated Remote Code Execution
CVE-2022-21587
CWE-94
High
Fortinet FortiNAC RCE via arbitrary file upload
CVE-2022-39952
CWE-73
High
Frontaccounting Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4037)
CVE-2009-4037
CWE-138
High
FastAdmin Path Traversal (CVE-2024-7928)
CVE-2024-7928
CWE-22
High
Dolibarr Information Disclosure (CVE-2023-33568)
CVE-2023-33568
CWE-552
High
CRMEB SQL Injection (CVE-2024-36837)
CVE-2024-36837
CWE-89
High
Drupal Incorrect Authorization Vulnerability (CVE-2011-2726)
CVE-2011-2726
CWE-863
High
e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4084)
CVE-2009-4084
CWE-138
High
CubeCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4060)
CVE-2009-4060
CWE-138
High
Frontaccounting Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4045)
CVE-2009-4045
CWE-138
High
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3747)
CVE-2008-3747
CWE-264
High
WooCommerce Payments Authentication Bypass and Privilege Escalation
CVE-2023-28121
CWE-287
High
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2007-1381)
CVE-2007-1381
CWE-119
High
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-4018)
CVE-2009-4018
CWE-264
High
Ampache Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-3929)
CVE-2008-3929
CWE-59
High
XOOPS CVE-2009-3963 Vulnerability (CVE-2009-3963)
CVE-2009-3963
-
High
MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-3965)
CVE-2008-3965
CWE-138
High
MyBB Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3967)
CVE-2008-3967
CWE-264
High
CubeCart Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-3904)
CVE-2009-3904
CWE-264
High
GeoServer SQLi (CVE-2023-25157)
CVE-2023-25157
CWE-89
High
ColdFusion CFC Deserialization RCE (CVE-2023-26359/CVE-2023-26360)
CVE-2023-26360
CWE-502
High
Grafana Snapshot Authentication Bypass (CVE-2021-39226)
CVE-2021-39226
CWE-287
High
MobileIron Log4Shell RCE
CVE-2021-44228
CWE-78
High
Lighttpd Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-4359)
CVE-2008-4359
CWE-200
High
SolarWinds Orion API Auth bypass (CVE-2020-10148)
CVE-2020-10148
CWE-287
High
Joomla Other Vulnerability (CVE-2006-1028)
CVE-2006-1028
-
High
Pentaho API Auth bypass (CVE-2021-31602)
CVE-2021-31602
CWE-863
High
Oracle ADF Faces 'Miracle' RCE (CVE-2022-21445)
CVE-2022-21445
CWE-502
High
Apache OFBiz Log4Shell RCE
CVE-2021-44228
CWE-78
High
node-serialize Insecure Deserialization
CVE-2017-5941
CWE-502
High
Fortinet Authentication bypass on administrative interface
CVE-2022-40684
CWE-288
High
VMware Horizon Log4Shell RCE
CVE-2021-44228
CWE-78
High
elFinder RCE (CVE-2021-32682)
CVE-2021-32682
CWE-22
High
TYPO3 Other Vulnerability (CVE-2007-1081)
CVE-2007-1081
-
High
BillQuick Web Suite SQL injection (CVE-2021-42258)
CVE-2021-42258
CWE-89
High
Apache Solr Log4Shell RCE
CVE-2021-44228
CWE-78
High
Apache Tomcat Credentials Management Errors Vulnerability (CVE-2009-3548)
CVE-2009-3548
-
High
Lighttpd Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-4360)
CVE-2008-4360
CWE-200
High
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2006-1049)
CVE-2006-1049
CWE-138
High
Ubiquiti Unifi Log4Shell RCE
CVE-2021-44228
CWE-78
High
VMware vCenter Log4Shell RCE
CVE-2021-44228
CWE-78
High
Citrix Gateway Open Redirect and XSS
CVE-2023-24487
CWE-79
High
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2165)
CVE-2013-2165
CWE-264
High
Code Evaluation (Apache Struts) S2-046
CVE-2017-5638
CWE-94
High
ZK Framework AuUploader Information Disclosure (CVE-2022-36537)
CVE-2022-36537
CWE-200
High
Strapi Cognito provider Authentication Bypass (CVE-2023-22893)
CVE-2023-22893
CWE-287
High
Ruby Resource Management Errors Vulnerability (CVE-2008-4310)
CVE-2008-4310
-
High
SAP NW DI SSRF vulnerability (CVE-2021-33690)
CVE-2021-33690
CWE-918
High
Qlik Sense Enterprise Auth Bypass (CVE-2023-41266)
CVE-2023-41266
CWE-20
High
Oracle Access Manager 'opensso' Deserialization RCE (CVE-2021-35587)
CVE-2021-35587
CWE-502
High
Openfire Path Traversal (CVE-2023-32315)
CVE-2023-32315
CWE-22
High
VMware Workspace ONE Access SSTI (CVE-2022-22954)
CVE-2022-22954
CWE-94
High
WordPress Improper Input Validation Vulnerability (CVE-2007-1277)
CVE-2007-1277
CWE-20
High
Apache Tomcat Improper Input Validation Vulnerability (CVE-2013-2185)
CVE-2013-2185
CWE-20
High
Jboss EAP Improper Input Validation Vulnerability (CVE-2013-2185)
CVE-2013-2185
CWE-20
High
OpenCms Chemistry XML External Entity (XXE) vulnerability (CVE-2023-42344)
CVE-2023-42344
CWE-611
High
OpenCms Chemistry Solr XML External Entity (XXE) vulnerability (CVE-2023-42346)
CVE-2023-42346
CWE-611
High
Metabase RCE (CVE-2023-38646)
CVE-2023-38646
CWE-20
High
Appwrite favicon SSRF (CVE-2023-27159)
CVE-2023-27159
CWE-918
High
Ghost CMS Theme Path Traversal (CVE-2023-32235)
CVE-2023-32235
CWE-22
High
Moodle Credentials Management Errors Vulnerability (CVE-2009-4304)
CVE-2009-4304
-
High
PHP Other Vulnerability (CVE-2007-1412)
CVE-2007-1412
-
High
e107 Other Vulnerability (CVE-2005-4224)
CVE-2005-4224
-
High
Moodle Improper Input Validation Vulnerability (CVE-2012-0801)
CVE-2012-0801
CWE-20
High