Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Known Vulnerabilities

This page lists 13509 vulnerabilities in this category.

Critical: 1465 High: 3387 Medium: 7907 Low: 748 Information: 2
Vulnerability Name
CVE
CWE
Severity
MySQL CVE-2021-35612 Vulnerability (CVE-2021-35612)
CVE-2021-35612
-
Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-44952)
CVE-2022-44952
CWE-707
Medium
MySQL CVE-2021-35608 Vulnerability (CVE-2021-35608)
CVE-2021-35608
-
Medium
MySQL CVE-2021-35607 Vulnerability (CVE-2021-35607)
CVE-2021-35607
-
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33513)
CVE-2021-33513
CWE-707
Medium
Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-48007)
CVE-2022-48007
CWE-707
Medium
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-44944)
CVE-2022-44944
CWE-707
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0507)
CVE-2023-0507
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0306)
CVE-2023-0306
CWE-707
Medium
Chamilo Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-32925)
CVE-2021-32925
CWE-200
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0308)
CVE-2023-0308
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0309)
CVE-2023-0309
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0310)
CVE-2023-0310
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0312)
CVE-2023-0312
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0313)
CVE-2023-0313
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0314)
CVE-2023-0314
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32809)
CVE-2021-32809
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32808)
CVE-2021-32808
CWE-707
Medium
OpenSSL Improper Certificate Validation Vulnerability (CVE-2023-0465)
CVE-2023-0465
CWE-295
Medium
OpenSSL Improper Certificate Validation Vulnerability (CVE-2023-0466)
CVE-2023-0466
CWE-295
Medium
PHP Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2023-0567)
CVE-2023-0567
CWE-916
Medium
Liferay Portal Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-33320)
CVE-2021-33320
CWE-770
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32768)
CVE-2021-32768
CWE-707
Medium
TYPO3 Insertion of Sensitive Information into Log File Vulnerability (CVE-2021-32767)
CVE-2021-32767
CWE-532
Medium
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-32732)
CVE-2021-32732
CWE-352
Medium
XWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-32731)
CVE-2021-32731
CWE-200
Medium
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-32730)
CVE-2021-32730
CWE-352
Medium
XWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-32729)
CVE-2021-32729
CWE-732
Medium
Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0594)
CVE-2023-0594
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32669)
CVE-2021-32669
CWE-707
Medium
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0606)
CVE-2023-0606
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32668)
CVE-2021-32668
CWE-707
Medium
ProjectSend Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0607)
CVE-2023-0607
CWE-707
Medium
TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32667)
CVE-2021-32667
CWE-707
Medium
Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32644)
CVE-2021-32644
CWE-707
Medium
Apache Tomcat Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2021-33037)
CVE-2021-33037
CWE-444
Medium
WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-4973)
CVE-2022-4973
CWE-707
Medium
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-33510)
CVE-2021-33510
CWE-918
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33332)
CVE-2021-33332
CWE-707
Medium
LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-48010)
CVE-2022-48010
CWE-707
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33508)
CVE-2021-33508
CWE-707
Medium
Zope Web Application Server Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) (CVE-2021-33507)
CVE-2021-33507
CWE-707
Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33507)
CVE-2021-33507
CWE-707
Medium
CubeCart Session Fixation Vulnerability (CVE-2021-33394)
CVE-2021-33394
CWE-384
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33339)
CVE-2021-33339
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33337)
CVE-2021-33337
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33336)
CVE-2021-33336
CWE-707
Medium
CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-48110)
CVE-2022-48110
CWE-707
Medium
Liferay DXP Incorrect Default Permissions Vulnerability (CVE-2021-33334)
CVE-2021-33334
CWE-276
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-33334)
CVE-2021-33334
CWE-276
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-33333)
CVE-2021-33333
CWE-276
Medium
Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-33331)
CVE-2021-33331
CWE-601
Medium
PHP Out-of-bounds Write Vulnerability (CVE-2022-4900)
CVE-2022-4900
CWE-787
Medium
Python Uncontrolled Resource Consumption Vulnerability (CVE-2022-48564)
CVE-2022-48564
CWE-400
Medium
OpenSSL Out-of-bounds Read Vulnerability (CVE-2022-4203)
CVE-2022-4203
CWE-125
Medium
Liferay DXP CVE-2021-33330 Vulnerability (CVE-2021-33330)
CVE-2021-33330
-
Medium
Liferay Portal CVE-2021-33330 Vulnerability (CVE-2021-33330)
CVE-2021-33330
-
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33328)
CVE-2021-33328
CWE-707
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-33327)
CVE-2021-33327
CWE-276
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33326)
CVE-2021-33326
CWE-707
Medium
osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-4271)
CVE-2022-4271
CWE-707
Medium
Liferay Portal Cleartext Storage of Sensitive Information Vulnerability (CVE-2021-33325)
CVE-2021-33325
CWE-312
Medium
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-33324)
CVE-2021-33324
CWE-276
Medium
OpenSSL Observable Discrepancy Vulnerability (CVE-2022-4304)
CVE-2022-4304
CWE-203
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-4407)
CVE-2022-4407
CWE-707
Medium
phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-4408)
CVE-2022-4408
CWE-707
Medium
MySQL CVE-2021-35643 Vulnerability (CVE-2021-35643)
CVE-2021-35643
-
Medium
MySQL CVE-2021-35644 Vulnerability (CVE-2021-35644)
CVE-2021-35644
-
Medium
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-32621)
CVE-2021-32621
CWE-94
Medium
Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42119)
CVE-2022-42119
CWE-707
Medium
Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42116)
CVE-2022-42116
CWE-707
Medium
Atlassian Jira CVE-2021-39122 Vulnerability (CVE-2021-39122)
CVE-2021-39122
-
Medium
Atlassian Jira CVE-2021-39121 Vulnerability (CVE-2021-39121)
CVE-2021-39121
-
Medium
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-39119)
CVE-2021-39119
CWE-287
Medium
Atlassian Jira Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-39118)
CVE-2021-39118
CWE-200
Medium