Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2
Vulnerability Name
CVE
CWE
Severity
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-36393)
CVE-2021-36393
CWE-138
Critical
Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-36392)
CVE-2021-36392
CWE-138
Critical
Joomla Session Fixation Vulnerability (CVE-2007-4188)
CVE-2007-4188
CWE-384
Critical
MediaWiki Improper Authentication Vulnerability (CVE-2021-36128)
CVE-2021-36128
CWE-287
Critical
MediaWiki Other Vulnerability (CVE-2021-36126)
CVE-2021-36126
-
Critical
ownCloud Improper Privilege Management Vulnerability (CVE-2021-35946)
CVE-2021-35946
CWE-269
Critical
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2021-39275)
CVE-2021-39275
CWE-787
Critical
WebLogic CVE-2021-35617 Vulnerability (CVE-2021-35617)
CVE-2021-35617
-
Critical
Apache Traffic Server Out-of-bounds Write Vulnerability (CVE-2021-35474)
CVE-2021-35474
CWE-787
Critical
Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35414)
CVE-2021-35414
CWE-707
Critical
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-35042)
CVE-2021-35042
CWE-138
Critical
Chamilo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-34187)
CVE-2021-34187
CWE-138
Critical
Dolibarr Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-33816)
CVE-2021-33816
CWE-94
Critical
Oracle HTTP Server Out-of-bounds Write Vulnerability (CVE-2021-39275)
CVE-2021-39275
CWE-787
Critical
PrestaShop Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-3110)
CVE-2021-3110
CWE-138
Critical
OpenSSL Numeric Errors Vulnerability (CVE-2007-4995)
CVE-2007-4995
-
Critical
PHP Other Vulnerability (CVE-2007-2844)
CVE-2007-2844
-
Critical
Oracle Application Server Other Vulnerability (CVE-2007-2130)
CVE-2007-2130
-
Critical
Oracle Database Server Other Vulnerability (CVE-2007-2130)
CVE-2007-2130
-
Critical
Apache HTTP Server Other Vulnerability (CVE-2021-42013)
CVE-2021-42013
-
Critical
silverstripeCMS Other Vulnerability (CVE-2007-2321)
CVE-2007-2321
-
Critical
Grafana Externally Controlled Reference to a Resource in Another Sphere Vulnerability (CVE-2021-41244)
CVE-2021-41244
CWE-610
Critical
Internet Information Services Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-2815)
CVE-2007-2815
CWE-264
Critical
ProjectSend Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-40887)
CVE-2021-40887
CWE-22
Critical
Python Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2021-3177)
CVE-2021-3177
CWE-120
Critical
Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-40438)
CVE-2021-40438
CWE-918
Critical
Oracle HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-40438)
CVE-2021-40438
CWE-918
Critical
PostgreSQL Other Vulnerability (CVE-2007-3279)
CVE-2007-3279
-
Critical
PostgreSQL Other Vulnerability (CVE-2007-3280)
CVE-2007-3280
-
Critical
Moodle Improper Input Validation Vulnerability (CVE-2021-3943)
CVE-2021-3943
CWE-20
Critical
OpenSSL Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2021-3711)
CVE-2021-3711
CWE-120
Critical
phpList Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2021-3188)
CVE-2021-3188
CWE-1236
Critical
Plone CMS Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-33509)
CVE-2021-33509
CWE-732
Critical
Frontaccounting Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2007-5117)
CVE-2007-5117
CWE-94
Critical
Oracle Application Server Other Vulnerability (CVE-2007-2122)
CVE-2007-2122
-
Critical
WebLogic Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2021-23450)
CVE-2021-23450
CWE-1321
Critical
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-27903)
CVE-2021-27903
CWE-94
Critical
Pega Infinity Improper Authentication Vulnerability (CVE-2021-27651)
CVE-2021-27651
CWE-287
Critical
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2021-26691)
CVE-2021-26691
CWE-787
Critical
Atlassian Confluence Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-26084)
CVE-2021-26084
CWE-138
Critical
Internet Information Services Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-0075)
CVE-2008-0075
CWE-94
Critical
Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-25955)
CVE-2021-25955
CWE-707
Critical
Dojo Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2021-23450)
CVE-2021-23450
CWE-1321
Critical
WordPress Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2007-6013)
CVE-2007-6013
CWE-327
Critical
Handlebars Other Vulnerability (CVE-2021-23383)
CVE-2021-23383
-
Critical
Handlebars CVE-2021-23369 Vulnerability (CVE-2021-23369)
CVE-2021-23369
-
Critical
Oracle Database Server CVE-2008-0339 Vulnerability (CVE-2008-0339)
CVE-2008-0339
-
Critical
Oracle Database Server CVE-2008-0340 Vulnerability (CVE-2008-0340)
CVE-2008-0340
-
Critical
Oracle Application Server CVE-2008-0340 Vulnerability (CVE-2008-0340)
CVE-2008-0340
-
Critical
Oracle Database Server CVE-2008-0341 Vulnerability (CVE-2008-0341)
CVE-2008-0341
-
Critical
Oracle Database Server CVE-2008-0342 Vulnerability (CVE-2008-0342)
CVE-2008-0342
-
Critical
Telerik Web UI Missing Authorization Vulnerability (CVE-2021-28141)
CVE-2021-28141
CWE-862
Critical
Envoy Proxy Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-29492)
CVE-2021-29492
CWE-22
Critical
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-32615)
CVE-2021-32615
CWE-138
Critical
Oracle Application Server CVE-2007-5526 Vulnerability (CVE-2007-5526)
CVE-2007-5526
-
Critical
Ruby Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2021-31799)
CVE-2021-31799
CWE-138
Critical
MediaWiki Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2021-31556)
CVE-2021-31556
CWE-327
Critical
Beego Framework CVE-2021-30080 Vulnerability (CVE-2021-30080)
CVE-2021-30080
-
Critical
WebLogic CVE-2021-2397 Vulnerability (CVE-2021-2397)
CVE-2021-2397
-
Critical
WebLogic CVE-2021-2394 Vulnerability (CVE-2021-2394)
CVE-2021-2394
-
Critical
WebLogic CVE-2021-2382 Vulnerability (CVE-2021-2382)
CVE-2021-2382
-
Critical
Oracle Database Server CVE-2007-5530 Vulnerability (CVE-2007-5530)
CVE-2007-5530
-
Critical
Python Improper Input Validation Vulnerability (CVE-2021-29921)
CVE-2021-29921
CWE-20
Critical
Oracle Database Server CVE-2007-5531 Vulnerability (CVE-2007-5531)
CVE-2007-5531
-
Critical
WebLogic CVE-2021-2136 Vulnerability (CVE-2021-2136)
CVE-2021-2136
-
Critical
WebLogic CVE-2021-2135 Vulnerability (CVE-2021-2135)
CVE-2021-2135
-
Critical
WebLogic CVE-2021-2108 Vulnerability (CVE-2021-2108)
CVE-2021-2108
-
Critical
WebLogic CVE-2021-2075 Vulnerability (CVE-2021-2075)
CVE-2021-2075
-
Critical
WebLogic CVE-2021-2064 Vulnerability (CVE-2021-2064)
CVE-2021-2064
-
Critical
WebLogic CVE-2021-2047 Vulnerability (CVE-2021-2047)
CVE-2021-2047
-
Critical
Oracle Application Server Other Vulnerability (CVE-2007-2123)
CVE-2007-2123
-
Critical
Oracle Application Server Other Vulnerability (CVE-2007-2121)
CVE-2007-2121
-
Critical
Oracle Application Server Other Vulnerability (CVE-2006-5366)
CVE-2006-5366
-
Critical
Dot CMS Other Vulnerability (CVE-2022-26352)
CVE-2022-26352
-
Critical
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-28346)
CVE-2022-28346
CWE-138
Critical