Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
phpMyAdmin v3.5.2.2 backdoor
CVE-2012-5159
CWE-95
High
OpenX 2.8.10 backdoor
CVE-2013-4211
CWE-95
High
Unrestricted file upload vulnerability in ofc_upload_image.php
CVE-2009-4140
CWE-434
High
Drupal Other Vulnerability (CVE-2006-2831)
CVE-2006-2831
-
High
MySQL Other Vulnerability (CVE-2006-2753)
CVE-2006-2753
-
High
Oracle JRE CVE-2013-2448 Vulnerability (CVE-2013-2448)
CVE-2013-2448
-
High
Nginx memory disclosure with specially crafted HTTP backend responses
CVE-2012-1180
CWE-416
High
Oracle E-Business Suite SSRF (CVE-2017-10246)
CVE-2017-10246
CWE-918
High
Oracle Database Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2007-0272)
CVE-2007-0272
CWE-119
High
Varnish Cache Other Vulnerability (CVE-2013-4090)
CVE-2013-4090
-
High
vBulletin customer number disclosure
CVE-2013-6129
CWE-200
High
Joomla Other Vulnerability (CVE-2007-0374)
CVE-2007-0374
-
High
Telerik Web UI Insecure Direct Object Reference
CVE-2017-11357
CWE-78
High
Telerik Web UI RadAsyncUpload Deserialization
CVE-2019-18935
CWE-78
High
PHP Other Vulnerability (CVE-2006-4433)
CVE-2006-4433
-
High
VirtueMart access control bypass
-
CWE-287
High
Total.js Directory Traversal (CVE-2019-8903)
CVE-2019-8903
CWE-22
High
Apache Unomi MVEL RCE (CVE-2020-13942)
CVE-2020-13942
CWE-20
High
Oracle WebLogic Remote Code Execution via IIOP
CVE-2020-2551
CWE-502
High
Umbraco CMS remote code execution
-
CWE-94
High
Umbraco CMS TemplateService remote code execution
CVE-2013-4793
CWE-94
High
Citrix ADC/Gateway Unauthenticated Remote Code Execution
CVE-2019-19781
CWE-22
High
Oracle HTTP Server Other Vulnerability (CVE-2006-5350)
CVE-2006-5350
-
High
Oracle HTTP Server Other Vulnerability (CVE-2006-5346)
CVE-2006-5346
-
High
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2006-20001)
CVE-2006-20001
CWE-787
High
timthumb.php remote code execution
CVE-2011-4106
CWE-20
High
Telerik Web UI Unrestricted File Upload (CVE-2014-2217)
CVE-2014-2217
CWE-78
High
Struts2/XWork remote command execution (S2-014)
CVE-2013-2115
CWE-94
High
Citrix XenMobile Server Path Traversal
CVE-2020-8209
CWE-22
High
Oracle JRE CVE-2013-2394 Vulnerability (CVE-2013-2394)
CVE-2013-2394
-
High
F5 BIG-IP Traffic Management User Interface (TMUI) RCE
CVE-2020-5902
CWE-78
High
Multiple critical vulnerabilities in Apache Struts2
CVE-2012-0393
CWE-917
High
Oracle Database Server CVE-2006-5342 Vulnerability (CVE-2006-5342)
CVE-2006-5342
-
High
Grafana avatar SSRF
CVE-2020-13379
CWE-78
High
Unauthenticated Remote Code Execution via JSONWS in Liferay 7.2.0 CE GA1
CVE-2020-7961
CWE-78
High
MobileIron Remote Code Execution via LogService
CVE-2020-15505
CWE-78
High
Nette framework PHP code injection via callback
CVE-2020-15227
CWE-94
High
Apache Struts 2 ClassLoader manipulation and denial of service
CVE-2014-0114
CWE-701
High
Apache Struts 2 ClassLoader manipulation and denial of service (S2-020)
CVE-2014-0050
CWE-701
High
Openfire Admin Console Full Read SSRF
CVE-2019-18394
CWE-918
High
Telerik Web UI Unrestricted File Upload (CVE-2017-11317)
CVE-2017-11317
CWE-78
High
Vanilla Forums Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3613)
CVE-2011-3613
CWE-200
High
Ektron CMS unauthenticated code execution and Local File Read
CVE-2012-5358
CWE-20
High
Oracle HTTP Server CVE-2007-0280 Vulnerability (CVE-2007-0280)
CVE-2007-0280
-
High
Ektron CMS multiple vulnerabilities
-
CWE-434
High
Ektron CMS400.NET ContentRatingGraph.aspx SQL injection
CVE-2008-5122
CWE-89
High
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-5625)
CVE-2008-5625
CWE-264
High
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-5624)
CVE-2008-5624
CWE-264
High
Drupal Other Vulnerability (CVE-2006-5476)
CVE-2006-5476
-
High
Serendipity Other Vulnerability (CVE-2006-2495)
CVE-2006-2495
-
High
Oracle HTTP Server Other Vulnerability (CVE-2007-0279)
CVE-2007-0279
-
High
Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2013-4115)
CVE-2013-4115
CWE-119
High
Drupal 7 arbitrary PHP code execution and information disclosure
CVE-2012-4554
CWE-434
High
Ruby on Rails DoubleTap RCE (CVE-2019-5420)
CVE-2019-5420
CWE-502
High
SAP IGS XXE (CVE-2018-2392, CVE-2018-2393)
CVE-2018-2393
CWE-611
High
OpenSSL Improper Authentication Vulnerability (CVE-2009-0653)
CVE-2009-0653
CWE-287
High
Oracle Application Server CVE-2007-0280 Vulnerability (CVE-2007-0280)
CVE-2007-0280
-
High
SAP NetWeaver RECON CVE-2020-6287
CVE-2020-6287
CWE-287
High
phpMyAdmin Improper Input Validation Vulnerability (CVE-2009-1149)
CVE-2009-1149
CWE-20
High
Drupal core 7.x SQL injection vulnerability
CVE-2014-3704
CWE-89
High
Joomla Inadequate Encryption Strength Vulnerability (CVE-2011-3629)
CVE-2011-3629
CWE-326
High
CKEditor 4.0.1 cross-site scripting vulnerability
-
CWE-79
High
PHP Other Vulnerability (CVE-2006-5465)
CVE-2006-5465
-
High
PostgreSQL Other Vulnerability (CVE-2006-2314)
CVE-2006-2314
-
High
PostgreSQL Other Vulnerability (CVE-2006-2313)
CVE-2006-2313
-
High
Zend Framework local file disclosure via XXE injection
CVE-2015-5161
CWE-611
High
ZenCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-2254)
CVE-2009-2254
CWE-138
High
Zabbix 2.0.8 SQL injection
CVE-2013-5743
CWE-89
High
osTicket Other Vulnerability (CVE-2006-5407)
CVE-2006-5407
-
High
WordPress OptimizePress unrestricted file upload
CVE-2013-7102
CWE-20
High
WooFramework shortcode exploit
-
CWE-95
High
WebLogic Server Side Request Forgery
CVE-2014-4242
CWE-918
High
Mailman Other Vulnerability (CVE-2006-2191)
CVE-2006-2191
-
High
DNN (DotNetNuke) CMS Cookie Deserialization RCE CVE-2017-9822
CVE-2017-9822
CWE-502
High
Cisco Adaptive Security Appliance (ASA) Path Traversal CVE-2020-3452
CVE-2020-3452
CWE-20
High